Comment 5 for bug 1812432

Reviewed: https://review.openstack.org/632814
Committed: https://git.openstack.org/cgit/openstack/stx-upstream/commit/?id=679b884c76fe00c649cb143bddcf42b3e16b0d85
Submitter: Zuul
Branch: f/stein

commit cf672440526fa0b3d4d27c9868523dedd294a0cb
Author: Don Penney <email address hidden>
Date: Wed Jan 23 11:47:26 2019 -0500

    Update master stx-ceilometer to use panko-5.0.0

    This commit updates the master docker image file for
    ceilometer to specify install of panko-5.0.0 explicitly.

    Depends-On: I854b75577b6dbc3f0a8171190f5a1aa839412dc8
    Change-Id: I4db80c4bcaaa09046285e9ee0af34db1be54a606
    Story: 2004520
    Task: 29047
    Signed-off-by: Don Penney <email address hidden>

commit 6e74844f720eee4bd6d7b4067d3b6db3b40caa49
Author: Gerry Kopec <email address hidden>
Date: Wed Jan 9 20:52:05 2019 -0500

    Update helm charts to support cold migration

    To enable cold migration, need to update nova charts in openstack-helm
    and helm-toolkit chart in openstack-helm-infra. These changes build
    on existing upstream components which attempt to add a second container
    to the nova-compute pod which creates a sshd process listening on port
    8022.

    Nova chart changes include:
    - Fix bug in ssh-config mapping so config file is generated properly in
      /root/.ssh/config in nova-compute container.
    - Move private key from sshd container to nova-compute container.
    - Map private and public ssh keys to new configmap-ssh which will
      default to acceptable file permissions (400) for ssh. Keys will be
      provided in overrides.
    - Add additional config to /etc/ssh/sshd_config to allow passwordless
      root logins over appropriate subnet passed in from overrides. This
      is the same as what is done in nova puppet currently.
    - Remove chmods from sshd bash script as they are failing. Function is
      replaced by configmap-ssh.

    To enable cold migration in nova helm chart, we need to allow multiple
    containers within the same daemonset pod. This requires a patch to
    the helm-toolkit _daemonset_overrides template to remove upstream
    restriction. This issue is tracked upstream by storyboard 2003876.

    These changes should be upstreamed but may require further refinement.

    Story: 2003909
    Task: 28927
    Change-Id: Id789ba051cec019e8b7564c713cf1b5296ecf9f6
    Signed-off-by: Gerry Kopec <email address hidden>

commit 9e649fabd82b062fe6fdea3e5b0e93385d48e361
Author: Don Penney <email address hidden>
Date: Fri Jan 18 16:03:45 2019 -0500

    Add e2fsprogs to stx-nova package list

    This update adds e2fsprogs to the pike and master docker
    image build directives files for stx-nova, to provide the
    mkfs utilities required for ephemeral storage support.

    Change-Id: If9b901696169d7d157a37d6b96f7b8c4db0a24a5
    Closes-Bug: 1812432
    Signed-off-by: Don Penney <email address hidden>

commit 2462f3015a5601a9398400beef2fadc56cbaa89f
Author: Tao Liu <email address hidden>
Date: Sat Jan 12 23:21:53 2019 -0500

    Clean up the stale files

    The keystone-api pod gets stuck in CrashLoopBackOff on
    AIO-SX lock/unlock attempt.

    When Kubernetes decides to kill the keystone-api pod due to readiness
    probe failure or other reasons, it calls the preStop hook immediately
    before the container is terminated. This hook starts a graceful
    shutdown process which includes removing pid, shared memory segment
    and wsgi sock files. If the container is not terminated within the
    grace period, a SIGKILL is sent, and the container is forced to shut
    down.

    When the container was forced to terminate without clean up, the
    stale files were left behind. On the restart, the application
    detected the file existed, and treated it as configuration failure,
    hence the exit. As a result, the pod went into a crash loop.

    This update removes any stale files when the pod starts.

    Story: 2004520
    Task: 28392

    Change-Id: I613a0db674de9578b3f9d1fa781a1612d9caf214
    Signed-off-by: Tao Liu <email address hidden>