** While the regional support is valid, we will not be using this in openshift. Regional support
requires that each api have its own endpoint. Only one api is associated with an endpoint, and managing
this access will be difficult and unnessary at this time.
The agent-ui service was previously updated to 'Type=notify' to improve startup ordering and reliability.
However, the lack of container monitor '--sdnotify=conmon' flag, resulted in UI URL to be not displayed on the TUI.
Without this flag, agent-ui systemd waits for a readiness signal which never comes and the service remains in 'activating' state.
This causes the TUI availability check to fail, making the user only see "Waiting for services" instead of UI URL
( even though the UI is already avaialble via the usual URL)
This commit adds the missing flag, ensuring the notification handshake between the container running UI and the agent-ui systemd completes successfully and unblocking the TUI. This commit also fixes the stale dependency in agent-register-infraenv related to agent-ui systemd naming.
The changes done here will update the RHCOS 4.21 bootimage metadata and
address the following issues:
OCPBUGS-61669: [4.21] coreos-boot-disk link not working with multipath on early boot
OCPBUGS-65669: Cannot use auto-forward kargs (like ip=) with coreos-installer (iso|pxe) customize
OCPBUGS-65684: Ignition fails with crypto/ecdh: invalid random source in FIPS 140-only mode
OCPBUGS-68354: Using multipath on the sysroot will fail to boot if less than 2 paths are present
This change was generated using:
plume cosa2stream \
--target data/data/coreos/rhcos.json \
--distro rhcos \
--no-signatures \
--name rhel-9.6 \
--url https://rhcos.mirror.openshift.com/art/storage/prod/streams \
x86_64=9.6.20251212-1 \
aarch64=9.6.20251212-1 \
s390x=9.6.20251212-1 \
ppc64le=9.6.20251212-1
Signed-off-by: Tiago Bueno <tiago.bueno@gmail.com>
** Ensure that the feature is backwards compatible for original XPN cases. The new field
firewallRulesManagement is an explicit setting of whether the user has the firewall rules
or not. In old versions this did not exist but XPN installs did not need firewall rules.
Now we will default to checking permissions when no field value is provided. If the rules
do not exist, the rules management is set to unmanaged.
GP3 volumes have the ability to configure throughput from 125 MiB/s to
2000 MiB/s. This allows the ability to set this at install time in the
install-config.
https://issues.redhat.com/browse/CORS-4212
Installations using ABI/assisted with 16GiB of RAM on the bootstrap node
were failing with "no space left on device" during bootstrapping. The
live ISO environment uses a tmpfs mounted at /var that is sized at 50%
of available RAM. On systems with 16GiB of RAM, this provides only 8GiB
of tmpfs space.
At the beginning of the bootstrap process, node-image-pull.sh creates an
ostree checkout underneath /var/ostree-container. When this is added to
the regular disk space usage of the later parts of the bootstrap, the
peak tmpfs usage hits around 9.4GiB.
This fix creates a separate 4GiB tmpfs for /var/ostree-container, so
that it is not subject to the limits on the size of /var.
GP3 volumes have the ability to configure throughput from 125 MiB/s to
2000 MiB/s. This allows the ability to set this at install time in the
install-config.
https://issues.redhat.com/browse/CORS-4212
pkg/types/gcp/platform.go:
Add FirewallManagementPolicy. The policy will indicate whether the cluster or user
will manage the firewall rules.
Add validation to ensure that a network is provided when the install config
is set to Unmanaged to FirewallManagement.
pkg/types/gcp/metadata.go:
Add the management policy to the metadata so that the bootstrap destroy process
knows whether to delete the bootstrap firewall rules or not.
Achieved by bumping the library itself:
pushd cluster-api/providers/openstack
go get -u sigs.k8s.io/cluster-api-provider-openstack@latest
go mod tidy
go mod vendor
popd
Followed by the assets:
pushd <path-to-upstream-capo-repo>
git checkout v0.13.0
make release-manifests
popd
cp <path-to-upstream-capo-repo>/out/infrastructure-components.yaml \
data/data/cluster-api/openstack-infrastructure-components.yaml
This has the side effect of bumping golang to 1.24.
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This is split out from CAPO starting with CAPO v0.12.0. Start deploying it manually
in preparation for a CAPO bump.
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Adding support to install multiple NAT gateways per subnet in
the specific zones they need to be in.
Also, allowing the users to bring their own subnets.
(NAT gateways on BYO subnets are not supported by CAPZ, it just
creates a dummy NAT gateway and doesn't attach it to the subnet).
Pull in the most recent version which includes the v1beta2 API required
by CAPO v0.13.x (and likely others in the future).
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
