Alexandru Avadanii [Tue, 4 Sep 2018 14:15:01 +0000 (14:15 +0000)]
 
Merge "[scenario] Factor out common nodes, states"
Alexandru Avadanii [Mon, 3 Sep 2018 12:51:29 +0000 (12:51 +0000)]
 
Merge "[docker] Fix untagged mgmt by default"
Michael Polenchuk [Thu, 30 Aug 2018 11:34:59 +0000 (15:34 +0400)]
 
[odl/dpdk] Make dedicated public network scheme
In order to avoid TCP connection checksum issue (i.e. TX offloading
on ovs bridges) add linux bridge connected with ovs public bridge.
Change-Id: I4d266dd92756d5326dfa3d74fe2f376b26415812
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Sun, 2 Sep 2018 02:40:43 +0000 (04:40 +0200)]
 
[docker] Fix untagged mgmt by default
JIRA: FUEL-383
Change-Id: Ie635965cff3538d6e786f2b76fa4d175d1be1773
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 1 Sep 2018 21:49:08 +0000 (23:49 +0200)]
 
[scenario] Factor out common nodes, states
Make the bulk of scenario files static again by shifting out all
common virtual nodes (mas01) and states (virtual_init, maas etc.)
to default.yaml(.j2).
This allows us to parse scenario-specific data during first j2
expansion, preparing for the new Pharos installer adapter that
relies on `conf.virtual.nodes.control` length to construct the
proper list of MaaS node definitions (kvm{01,02,03} vs {ctl01,gtw01}).
Change-Id: I666ab5bd6bb2a42f98646af51950f6b9fffa0e8b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 1 Sep 2018 16:05:08 +0000 (18:05 +0200)]
 
[docker] Cleanup, minor fixes, formula bump
* ship prebuilt salt master conf for better readability:
  - enable x509.sign_remote_certificate (for prx VCP nodes);
* refactor Salt master CA handling:
  - preinstall `salt_minion_dependency_packages` and
   `salt_minion_reclass_dependencies` inside docker image;
  - persistent /etc/pki;
  - run salt.minion on cfg01 to generate master keys;
* bump container formulas to 1 Sep 2018 versions or newer:
  - inject date into Docker makefile, forcing a fresh fetch of all
    salt formulas from upstream git repos;
* workaround broken salt-formula-designate's meta/sphinx.yml:
  - the DEB package version of salt-formula-designate uses `cmd.shell`
    to query dpkg on the minion, while the git repo version still
    uses `cmd.run`, running into parsing issues;
  - temporarily disable sphinx metadata generation for designate until
    upstream git repo syncs with the DEB version;
* upstream: salt-formula-salt AArch64 salt.control.virt support:
  - retire salt-formula-salt git submodule and related patches;
* skip installing reclass distro package (already installed via pip
  inside the container);
* limit initial pillar_refresh call to nodes on jumphost;
* remove unused salt-formula-nova git submodule;
JIRA: FUEL-383
Change-Id: I883b825e556f887a5e31f8a43676dcd8ece6dfde
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 1 Sep 2018 00:40:44 +0000 (02:40 +0200)]
 
[AArch64] vcp: Fix up vcp_nodes awk query conflict
JIRA: FUEL-404
Change-Id: I12acc90cdb17ecc090a993e1be41d13ad81dbb9d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 31 Aug 2018 17:42:59 +0000 (19:42 +0200)]
 
[docker] Cleanup hosts file on redeploy
JIRA: FUEL-383
Change-Id: Ib01e78951403fbec2e0f588ae5a577bcbad1bd75
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 31 Aug 2018 16:31:09 +0000 (18:31 +0200)]
 
[docker] Use distro docker-compose if not broken
While at it, use explicit `docker-compose pull` call to maintain
backwards compatibility with older docker-compose (1.8.0 on aarch64).
JIRA: FUEL-383
Change-Id: I0f6ac4fb59c0a286ac99a1a0dc4484d00f3837fe
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Wed, 29 Aug 2018 10:41:15 +0000 (14:41 +0400)]
 
[noha] Align MTU settings
* shift MTU from public bridge to physical interface
* add neutron related settings
Change-Id: Ia57d1ca7976968d6e7ee23f58a0abae1a1a256c0
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Sat, 25 Aug 2018 21:57:09 +0000 (23:57 +0200)]
 
[AArch64] salt.control.virt support
Salt relies on a limiting libvirt_domain j2 template to generate the
XML it passes to libvirt for salt.control managed virtual machines.
For AArch64, we need to set up 3 XML nodes in a non-default way:
1. UEFI firmware (AAVMF) should be enabled by passing a pflash loader;
2. CPU mode should be 'host-passthrough';
3. QEMU machine type should be 'virt';
To allow configuring the above using pillar data:
- virtng module: implement functionality similar to upstream changes:
  * 
219b84a512 virt module: Allow NVRAM unlinking on DOM undefine
    in develop, not in 2018.2;
  * 
9cace9adb9 Add support to virt for libvirt loader
    in develop, not in 2018.2;
- virtng module: extend it with:
  * pass virt machine type to vm;
  * pass cpu_mode to vm;
JIRA: ARMBAND-404
Change-Id: Ib2123e7170991b3dfbdb42bd1a2baa5a4360b200
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 29 Aug 2018 20:04:20 +0000 (22:04 +0200)]
 
[AArch64] Align armband repo name with MaaS nodes
curtin generates armband_3.list, which we aligned in the reclass
model before, but not in the defaults yml used by cfg01/VCP VMs.
Change-Id: Ibe8d5b79465b508e41c20ec08a98a96a1510da8d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 25 Aug 2018 02:14:40 +0000 (04:14 +0200)]
 
Add noifupdown for all br-floating
Since we reboot all nodes, applying the network configuration via
Salt before reboot is pointless and creates a race condition with
OVS.
While at it, add `--ignore-errors` to ifup call for OVS bridge to
prevent a race condition during linux.network state apply.
Change-Id: I22fe0afaffecd7b850a6b77d7b810ed296bfc9ca
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Guillermo Herrero [Mon, 24 Jul 2017 22:58:32 +0000 (00:58 +0200)]
 
[salt-formulas] Add & enable armband formula
AArch64 specific formula, mostly tweaking nova conf / installing
virtualization layer prerequisites:
- install qemu-efi;
- install vgabios;
- fix missing link for vgabios binary blob;
- nova conf: cpu_model=cortex-a57 (only for virtual deploys);
- nova conf: virt_type=qemu (only for virtual deploys);
- nova compute conf: virt_type=qemu (only for virtual deploys);
- nova conf: pointer_model=ps2mouse since AArch64 has no USB tablet;
[1] https://github.com/openstack/nova/commit/
f0f0953
Change-Id: I40515bdbd941850b103a86d51b347cc8610f5741
Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com>
Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 22 Aug 2018 22:25:51 +0000 (00:25 +0200)]
 
[deploy.sh] Cleanup deploy arguments, rework -ff
* refactor & extend `-f` deploy argument;
* retire INFRA_CREATION_ONLY env var, duplicated by
  NO_DEPLOY_ENVIRONMENT;
* `-F` and `-e` deploy arguments are now equivalent;
JIRA: FUEL-383
Change-Id: Ifc1527fa1e7d7486d1b7600772e2c5de34b1e52c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 18 Aug 2018 05:05:29 +0000 (07:05 +0200)]
 
[submodule] Cleanup: Retire scripts sub & patches
Salt bootstrap scripts are no longer used directly, so it is now safe
to retire the whole git submodule and its related patches.
JIRA: FUEL-383
Change-Id: I1fbdfe4fbd4930bfb3c999a3a68033d12565682b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 18 Aug 2018 01:46:13 +0000 (03:46 +0200)]
 
[docker] Switch to containerized Salt Master
* Refactor OPNFV salt-formulas mechanism to resemble upstream git
  structure:
  - git submodules: add new submodule for each formula we patch;
  - create salt-formula-x directories for OPNFV formulas;
  - move mcp/metadata/service contents to their each formula subdir;
  - use `make patches-import` for patches previously handled by
    patch.sh;
  - retire patch.sh
* states: add virtual_init:
  - mostly based on old salt.sh, which is now obsolete;
  - exclude salt-master service restart (it would kill the container);
* scenarios: cleanup (rm cfg01 virtual node def), adopt virtual_init;
* reclass: align our model with prebuilt container's Salt config:
  - drop linux:network pillar data (handled by Docker);
  - stop applying linux.system state on cfg01;
  - align salt user homedir;
  - drop salt-formula packages (preprovisioned);
* minor plumbing in deploy.sh and lib.sh;
JIRA: FUEL-383
Change-Id: I28708a9b399d3f19012212c71966ebda9d6fc0ac
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 10 Aug 2018 14:52:43 +0000 (16:52 +0200)]
 
[docker] Add docker-compose definitions
Add configuration items for bringing up the Salt master Docker
container using docker-compose:
- mount <storage dir>/hosts as /etc/hosts
- mount <storage dir>/salt as /etc/salt:
  * semi-persistent generated Salt information;
- mount <storage dir>/nodes as /srv/salt/reclass/nodes:
  * semi-persistent generated reclass node data storage;
- mount Fuel@OPNFV git repo in /root/fuel;
- mount all other previously rsynced artifacts;
- hook container to 3 networks/bridges: mcpcontrol, PXE/admin and
  management:
  * container IP addresses are managed by Docker, so no DHCP is used;
- override upstream entrypoint.sh by mounting our own version on top;
  * run-time patch Salt to fix certain init system interactions due
    to 'Tini' looking like Upstart but behaving a bit differently;
  * work around directory traversal issues in Salt/reclass by using
    extensive `cp` (to be later mitigated at container build time);
  * overwrite reclass.system with our own version (patched), later to
    fetched pre-patched during container build;
  * overwrite salt-formulas with our patched versions;
  * create missing links for salt-formulas-* packages (e.g. gnocchi)
    which are not available as git repos upstream;
- add mcp.rsa.pub to 'ubuntu' user's authorized_keys for SSH login
  to master node to remain backwards compatible;
- mount configuration files for semi-persistent state preservation
  at container destroy/rebuild (using '-f' deploy argument);
JIRA: FUEL-383
Change-Id: Ie17e578a7ebeb071b1c0e0a49ad58ffa6bbc89bb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 18 Aug 2018 00:10:36 +0000 (02:10 +0200)]
 
[lib.sh] Add veth pair handling support
Upcoming docker integration requires special care for network
interfaces Docker will hook to, so virsh networks can be mixed with
Docker networks.
We'll use veth pair(s) to hook together the Docker network(s) to their
counterpart virsh-managed Linux bridge(s).
JIRA: FUEL-383
Change-Id: I1a714dc8be73e79539d85bacac311d1ed05cc18d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 28 Aug 2018 22:00:26 +0000 (00:00 +0200)]
 
[jump vnet] Workaround MTU set race condition
Older libvirt (1.x, 2.x, even older 3.x) try to enforce their own MTU
(1500), overriding it back to 1500 after the udev rule finished.
Delay link modification with 1 second and extend its patten to also
include libvirt's own tap interfaces (<network name>-nic).
Change-Id: I3050c11de7f376df02cbf203e9106b61c560683f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 27 Aug 2018 02:58:03 +0000 (04:58 +0200)]
 
[jump vnet] Fix udev rule event for older libvirt
Older libvirt seems to raise 'change' events instead of 'add',
so the MTU bump of the libvirt managed tap interfaces was not
properly applied.
Change-Id: Ie1a4f1c4f235ad4f83bf9ee218a40dcedc1ce914
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 25 Aug 2018 01:09:48 +0000 (03:09 +0200)]
 
[build.sh] Fix quotes, missing deb arch for repo
JIRA: FUEL-383
Change-Id: Ie4374d44993bd738b90e9b6e357014d0c5657da0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 24 Aug 2018 22:43:56 +0000 (00:43 +0200)]
 
[build.sh] Use pipenv run instead of shell
JIRA: FUEL-383
Change-Id: Ia1b58f9e7eefd9f3efc4b5241ec496c545ccee25
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 24 Aug 2018 15:52:59 +0000 (17:52 +0200)]
 
[build.sh] Add local python bin dir to PATH
JIRA: FUEL-383
Change-Id: I5596ed6139317d72fceae3af89e71181aefbd6a3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 24 Aug 2018 15:19:24 +0000 (17:19 +0200)]
 
[build.sh] Enable push, minor fixes
* default to enable pushing to public docker registry;
* fix prerequisites path;
* fix unknown terminal in Jenkins jobs;
JIRA: FUEL-383
Change-Id: Ie27dfbca6965c218475060da390a82921799b044
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Fri, 24 Aug 2018 10:38:16 +0000 (14:38 +0400)]
 
[noha] Get OVS 2.9 & DPDK 17.11 from UCA repo
Align all noha scenarios to install OVS 2.9 which doesn't drop
packets on bridge with netdev datapath type at initial stage.
Change-Id: Iab204828ac7acefcb26647cdbc27805871904f2c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Thu, 23 Aug 2018 15:34:36 +0000 (15:34 +0000)]
 
Merge changes from topic 'docker-build'
* changes:
  [docker build] Install OpenSSH server
  [submodule] Add docker-salt-formulas, ci/build.sh
  [deploy.sh] Install Docker if not present
  [jump req] Add build/deploy specific requirements
Alexandru Avadanii [Tue, 21 Aug 2018 23:38:31 +0000 (01:38 +0200)]
 
[docker build] Install OpenSSH server
While at it, create the 'ubuntu' user with passwordless sudo
and preinstall salt-formula-gnocchi (missing git repo workaround),
as well as various useful packages (e.g. net-tools).
JIRA: FUEL-383
Change-Id: I5902c37110331acfd3fd4fccb92104de7b5ece6b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 23 Aug 2018 14:18:52 +0000 (14:18 +0000)]
 
Merge "[odl/dpdk] Set pubilic bridge datapath_type=netdev"
Alexandru Avadanii [Thu, 23 Aug 2018 14:14:01 +0000 (14:14 +0000)]
 
Merge "[patch] AArch64: reclass system arch tweaks"
Michael Polenchuk [Thu, 23 Aug 2018 13:16:51 +0000 (17:16 +0400)]
 
[odl/dpdk] Set pubilic bridge datapath_type=netdev
In order to handle floating IPs related flows properly
the public bridge requires netdev datapath type to be set
explicitly in DPDK mode since OpenDaylight only manages
patches between integration bridge and the public one.
Change-Id: I868747dc501e9124cbecd4eb1234f74e8edd4edf
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Wed, 22 Aug 2018 13:55:45 +0000 (13:55 +0000)]
 
Merge ".gitignore refresh, fold common expressions"
Alexandru Avadanii [Wed, 22 Aug 2018 13:18:22 +0000 (15:18 +0200)]
 
[patch] AArch64: reclass system arch tweaks
Armband has been carrying a few arch-enablement patches that are
required for the default reclass system classes to work as expected
on AArch64 systems.
Change-Id: I1f96c062eb3f9dcabb8513aadd1ea41be4fbc098
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Wed, 22 Aug 2018 11:53:56 +0000 (15:53 +0400)]
 
[odl/dpdk] Use untagged iface for tenant network
Change-Id: Id35d4cbee9b4ce0a7b78e2935b03c2def68bc123
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Tue, 21 Aug 2018 20:12:48 +0000 (22:12 +0200)]
 
.gitignore refresh, fold common expressions
Change-Id: I5346ee523b40f1a249394d59dbbe4d3d85c692cb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 19 Aug 2018 15:52:02 +0000 (17:52 +0200)]
 
[submodule] Add docker-salt-formulas, ci/build.sh
- add new git submodule pointing to upstream docker build scripts;
- add patch extending Docker tags with an '-(arch)' suffix,
  aligning with OPNFV tagging requiremnts;
- add <ci/build.sh> wrapper for starting Docker builds;
- install build-specific distro package requirements, as well as
  pip-managed packages (e.g. pipenv);
JIRA: FUEL-383
Change-Id: Id4fc886206d7eaf7e6d02810380f2391609ba405
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 19 Aug 2018 22:11:02 +0000 (00:11 +0200)]
 
[deploy.sh] Install Docker if not present
JIRA: FUEL-383
Change-Id: I19d27ca59a3f24d1bd66e39457a6ca267bccce19
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 19 Aug 2018 21:28:03 +0000 (23:28 +0200)]
 
[jump req] Add build/deploy specific requirements
Add support for different prerequisites depending on the current
operation (docker build or cluster deploy).
Leverage the new support to pre-install upcoming deps:
- python-pip (build);
- docker-compose (deploy);
JIRA: FUEL-383
Change-Id: Ic3e6062b1943e3584f0b1f80d2e33b8812defced
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 21 Aug 2018 14:49:51 +0000 (14:49 +0000)]
 
Merge "[noha] ctl01: Enable jumbo frames"
Alexandru Avadanii [Tue, 21 Aug 2018 14:49:35 +0000 (14:49 +0000)]
 
Merge "[deploy.sh] Prefix and export more env vars"
Cristina Pauna [Mon, 20 Aug 2018 14:51:44 +0000 (17:51 +0300)]
 
[ha][noha] Add vpp scenario placeholder
- dummy copy of os-nosdn-nofeature-ha masquerading as
os-nosdn-vpp-ha scenario placeholder
- dummy copy of os-nosdn-nofeature-noha masquerading as
os-nosdn-vpp-noha scenario placeholder
Change-Id: I63a302c98e6e176a480fbc110012ac66749ee88f
Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
Michael Polenchuk [Tue, 21 Aug 2018 07:32:49 +0000 (11:32 +0400)]
 
Turn off glance signatures verification
Change-Id: I61ee8e19e783437dce7a9ddd666cd60e9d22a2e1
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Mon, 20 Aug 2018 14:56:19 +0000 (16:56 +0200)]
 
[noha] dpdk: Skip creating private vlan iface
For DPDK scenarios, the private VLAN Linux interface should not
be created, as it interferes with OVS configuration.
Change-Id: I7eff6031a7cd5e50296e5d36084d7d50d6f3beae
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Mon, 20 Aug 2018 06:26:15 +0000 (10:26 +0400)]
 
Define missing interface MTU for ODL node
Change-Id: Ib442f98b2601800360bc9b4ec01da892b50e7f1a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Sun, 19 Aug 2018 20:38:18 +0000 (22:38 +0200)]
 
[deploy.sh] Prefix and export more env vars
Upcoming support for containerized Salt Master node requires access
to certain variables during j2 interpolation, so also export:
- MCP_STORAGE_DIR;
- MCP_REPO_ROOT_PATH;
JIRA: FUEL-383
Change-Id: I584c0bf8133b5ae6178d97da5b44d345e45a0222
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 17 Aug 2018 23:30:10 +0000 (23:30 +0000)]
 
Merge "[AArch64] VCP VMs: Switch back to 4.4.x LTS kernel"
Alexandru Avadanii [Fri, 17 Aug 2018 15:20:13 +0000 (17:20 +0200)]
 
[AArch64] VCP VMs: Switch back to 4.4.x LTS kernel
JIRA: ARMBAND-398
Change-Id: I329346755348525f00602d7f89af295c141a20d5
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 17 Aug 2018 17:47:03 +0000 (19:47 +0200)]
 
[noha] ctl01: Enable jumbo frames
Now that host vnet MTU has been bumped to 9000, we can safely enable
jumbo frames in ctl01 VM without breaking nova compute discovery.
JIRA: FUEL-336
Change-Id: I30bf333c18f3f0de2ce37fc7ae99df9b99f3a5e9
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 1 Aug 2018 20:56:13 +0000 (22:56 +0200)]
 
[scripts] Leverage upstream arm64 bootstrap supp
bootstrap-salt.sh now has arm64 support [1], so drop our obsoleted
workaround.
JIRA: ARMBAND-399
[1] https://github.com/saltstack/salt-bootstrap/pull/1251
Change-Id: I8b06520b2c41564ed2eda338e7633ce1637bb866
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 17 Aug 2018 15:48:51 +0000 (15:48 +0000)]
 
Merge "[reclass] Set banner_company_name: OPNFV"
Alexandru Avadanii [Fri, 17 Aug 2018 12:51:05 +0000 (12:51 +0000)]
 
Merge "[noha] Parameterize network configuration"
Alexandru Avadanii [Thu, 16 Aug 2018 15:37:06 +0000 (15:37 +0000)]
 
Merge "Fix barbican integration on compute nodes"
Alexandru Avadanii [Sat, 4 Aug 2018 05:29:15 +0000 (07:29 +0200)]
 
[noha] Parameterize network configuration
- odl01: Use a bridge for br-ctl to allow tagged mgmt;
- ctl01: Use bridges for br-ctl, br-ext;
- ctl01: Use mtu 1500 since jumbo frames seems to break nova cell
  discovery;
JIRA: FUEL-382
Change-Id: I9bf48711930cac77a089e4d7b7ba98924dd161ee
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Delia Popescu [Mon, 13 Aug 2018 13:28:49 +0000 (16:28 +0300)]
 
Fix barbican integration on compute nodes
Locally overwriting barbican_integration_enable
on compute nodes does not work.
Set barbican_integration_enable to true by default.
Disable barbican_integration at openstack_control side.
While at it, enable barbican on ha scenarios too.
JIRA: FUNCTEST-981
Change-Id: I3c8df5d4078f73f32f3605dec5a7a365fa386019
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
Michael Polenchuk [Wed, 15 Aug 2018 10:07:32 +0000 (14:07 +0400)]
 
Turn off default apache ports
Change-Id: I0377615ff19e39aca74b90d2ff7e7b2cd5cd6ccb
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Tue, 14 Aug 2018 11:30:43 +0000 (11:30 +0000)]
 
Merge "[states] virtual control plane: dist_upgrade=True"
Alexandru Avadanii [Tue, 14 Aug 2018 11:29:31 +0000 (11:29 +0000)]
 
Merge "[jump] Enable jumbo frames for vnet devices"
Alexandru Avadanii [Mon, 13 Aug 2018 17:10:50 +0000 (19:10 +0200)]
 
[jump] Enable jumbo frames for vnet devices
By default, vnet devices have a MTU of 1500 on the host side, causing
issue with larger packets traversing the bridges between guest VMs
when guest VMs have jumbo frames enabled.
JIRA: FUEL-336
JIRA: FUEL-367
JIRA: FUEL-382
[1] http://linuxaleph.blogspot.com/2013/01/
    how-to-network-jumbo-frames-to-kvm-guest.html
[2] https://packetpushers.net/udev/
Change-Id: I941ac9cf764e3b3fa2d6463be5363b5459775f29
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 13 Aug 2018 15:56:28 +0000 (17:56 +0200)]
 
[reclass] Set banner_company_name: OPNFV
Change-Id: I493fd49cb2b4bcd976873cd9297de3f90a74acf1
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 13 Aug 2018 15:23:12 +0000 (17:23 +0200)]
 
[states] virtual control plane: dist_upgrade=True
Change-Id: I9c5c6cf564245d497d5916cc7f902ac277105bc6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 13 Aug 2018 14:08:38 +0000 (16:08 +0200)]
 
[reclass] noifupdown for cluster nodes PXE/admin
Instead of applying PXE/admin static IPs via Salt right away,
delay the transition from DHCP until after node reboot to avoid
duplicate IPs and networking issues during deployment.
Change-Id: I8a12d78a6b42edc9bcf9eb9ebc9590e2af5ec52c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 5 Aug 2018 04:37:12 +0000 (06:37 +0200)]
 
[noha] Add mas01 reclass inheritance
While at it, move openstack_version param to the common include dir.
JIRA: FUEL-382
Change-Id: I5e7ebb18a95672f066126d3afd28f13395a3149f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 6 Aug 2018 21:30:29 +0000 (23:30 +0200)]
 
[IDF] infra VMs: Allow trunking mgmt network
Due to design limitations in idf.net_config, for a hybrid POD we need
to trunk certain network segments for the VMs running on the
jumpserver, including mgmt network going to cfg01, mas01.
Add mgmt VLAN support for cfg01, mas01 gated by a flag in IDF:
  idf.fuel.jumphost.trunks.mgmt: True
JIRA: FUEL-338
Change-Id: I6903f9b70e5f8a88618bce28e21c7c0631a05065
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Thu, 9 Aug 2018 09:49:13 +0000 (13:49 +0400)]
 
Update Salt version to 2017.7
Salt 2016.x has a bug with states ordering coming from 'include'
statement. Glance/Heat DB sync is applied before package setup
although clearly specified 'require' in state.
Change-Id: Ic5f7ce4a7623fb208c0a5ba366802b7e02fa8b9f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Guillermo Herrero [Wed, 8 Aug 2018 12:36:28 +0000 (14:36 +0200)]
 
[ha] Fix openstack_ha ovn setup
Fix targeting for neutron.compute sls for ovn computes,
avoiding interaction with ovs dpdk scenarios.
JIRA: FUEL-329
Change-Id: Iffb07f6f0d4dc8071437adf59d4cd6982113b998
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
Alexandru Avadanii [Wed, 8 Aug 2018 13:22:12 +0000 (13:22 +0000)]
 
Merge "[maas] Adopt node role from scenario definitions"
Alexandru Avadanii [Wed, 8 Aug 2018 13:21:58 +0000 (13:21 +0000)]
 
Merge changes from topic 'baremetal-noha'
* changes:
  [scenarios] noha: Add MaaS VM, state to scenarios
  [states] baremetal_init: dist_upgrade=True
Alexandru Avadanii [Wed, 8 Aug 2018 11:03:17 +0000 (11:03 +0000)]
 
Merge changes from topic 'baremetal-noha'
* changes:
  [states] baremetal_init: Parameterize kvm hosts
  [scenarios] Differentiate virtual node roles
Alexandru Avadanii [Wed, 8 Aug 2018 07:47:42 +0000 (07:47 +0000)]
 
Merge "Enable barbican itegration on compute nodes"
Alexandru Avadanii [Tue, 7 Aug 2018 13:19:13 +0000 (13:19 +0000)]
 
Merge changes from topics 'baremetal-noha', 'move-maas-classes'
* changes:
  [noha] cinder: Align VG name with HA scenarios
  [reclass] Move system.single class to common
  [maas] Add reclass storage definitions for all
  [reclass] Move MaaS classes to common dir for NOHA
Delia Popescu [Tue, 7 Aug 2018 08:43:11 +0000 (11:43 +0300)]
 
Enable barbican itegration on compute nodes
Configure barbican for cinder-volumes and nova-compute
to use encrypted volumes
Disable default glance image signature verification with
barbican enabled
JIRA: FUNCTEST-981
Change-Id: I35660234526780a2277e459f3fa21a67d96ce7d7
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
Alexandru Avadanii [Sun, 5 Aug 2018 05:44:09 +0000 (07:44 +0200)]
 
[maas] Adopt node role from scenario definitions
Instead of hardcoding kvm hostnames in maas machine definitions,
read node roles/hostnames from current scenario and map them
accodingly.
JIRA: FUEL-382
Change-Id: I15d52e299e0353971f8d0c7da853c571ad5410da
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 4 Aug 2018 16:10:13 +0000 (18:10 +0200)]
 
[scenarios] noha: Add MaaS VM, state to scenarios
JIRA: FUEL-382
Change-Id: Ib1f905bec87ce2afe643b4aa3b0201d7100be16d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 6 Aug 2018 22:06:27 +0000 (00:06 +0200)]
 
[states] baremetal_init: dist_upgrade=True
JIRA: FUEL-382
Change-Id: I9ace928ec5e04bee7ea9cfe1593b205802d7058a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 4 Aug 2018 16:32:45 +0000 (18:32 +0200)]
 
[states] baremetal_init: Parameterize kvm hosts
Instead of hardcoding the 'kvm' hostnames, use new targeting
mechanism based on scenario-specific node names, preparing for
baremetal noha scenario integration.
JIRA: FUEL-382
Change-Id: If336aa1ac130749e4df7bffaf27a55513dd4f267
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 5 Aug 2018 17:36:01 +0000 (19:36 +0200)]
 
[scenarios] Differentiate virtual node roles
Split scenario yaml definitions for virtual.nodes based on node
role ('infra', 'control' or 'compute'), to be leveraged later to
contruct node lists based on said role.
This moves the responsability of filtering node names in scenario
files (based on 'virtual' or 'baremetal' type) to xdf_data.sh.j2,
simplifying scenario templates.
By keeping all nodes (both virtual and baremetal) in scenario files,
we can later determine the role (and implicitly the hostname) for a
MaaS-managed node based on its index in the virtual.nodes.control
structure.
JIRA: FUEL-382
Change-Id: I1f83a307631f4166ee1c57ef598c44876b962f97
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 6 Aug 2018 17:16:31 +0000 (19:16 +0200)]
 
[ha] Bind cinder volume I/O on mgmt network
JIRA: FUEL-367
Change-Id: I9a4171d2616af5ae1bafbf1740fd7c7f97c1768e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 5 Aug 2018 17:20:04 +0000 (19:20 +0200)]
 
[noha] cinder: Align VG name with HA scenarios
Prepare for MaaS integration in NOHA scenarios by aligning cinder
VG naming across all scenarios.
JIRA: FUEL-382
Change-Id: I0cd7accf573ae0904efddd7aa67d880f2a6deb71
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 5 Aug 2018 07:57:44 +0000 (09:57 +0200)]
 
[reclass] Move system.single class to common
Include system.linux.system.single class globally in the common
section, preparing for MaaS NOHA node definition.
JIRA: FUEL-382
Change-Id: Icdfb2a90f356cd537631abe653950c0c30020551
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 5 Aug 2018 04:24:54 +0000 (06:24 +0200)]
 
[maas] Add reclass storage definitions for all
Reclass storage definitions for mas01 node should be added to all
ha/noha scenarios, only when/if baremetal cluster nodes are involved.
JIRA: FUEL-382
Change-Id: I455b07894b68eb89903df94352159ea6519275b0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 4 Aug 2018 16:46:48 +0000 (18:46 +0200)]
 
[reclass] Move MaaS classes to common dir for NOHA
Prepare for reusing MaaS-related reclass classes for NOHA scenarios.
JIRA: FUEL-338
Change-Id: Ic8ddd5915563f58643ef8c7ac4055a1000db7d45
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 6 Aug 2018 13:54:33 +0000 (13:54 +0000)]
 
Merge "[lib.sh] Reset virtual nodes after MaaS install"
Alexandru Avadanii [Mon, 6 Aug 2018 12:33:24 +0000 (14:33 +0200)]
 
[patch] Rebase keyserver patch for disabled repos
Rebase patch on top of upstream commit [1].
[1] https://github.com/salt-formulas/salt-formula-linux/commit/
45cf452d
Change-Id: Id44eab58150ff69140f630352a299633cdb4f4ac
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 2 Aug 2018 00:59:12 +0000 (02:59 +0200)]
 
[lib.sh] Reset virtual nodes after MaaS install
For hybrid PODs (e.g. x86_64 jumpserver + control nodes, aarch64
baremetal compute nodes), the virtual nodes rely on MaaS DHCP to be
up when the OS boots, so issue a `virsh reset` accordingly.
Instead of checking for online nodes using `test.ping`, use
`saltutil.sync_all` to also sync Salt state modules to the virtual
nodes (usually handled by baremetal_init state in HA deploys).
JIRA: FUEL-338
Change-Id: If689d057dc4438102c3a7428a97b9638e21bfdc5
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 2 Aug 2018 15:32:27 +0000 (17:32 +0200)]
 
[lib.sh] Support older jumpserver libvirt
`virsh undefine` argument `--nvram` is only supported by newer
versions of libvirt.
Although this is mandatory for AArch64, for x86_64 this is not a
blocker (since we don't enable OVMF for the VMs on the jumpserver).
Change-Id: I3a82bc54b36228980a41d77a463a7558a685c03d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 2 Aug 2018 15:37:45 +0000 (17:37 +0200)]
 
[states] openstack_ha: Retry rabbitmq state
For hybrid deployments, the first run of rabbitmq:server sls might
lead to 'no response' and a retry of the whole `openstack_ha` state.
JIRA: FUEL-338
Change-Id: I7ec663f9babc8c55d2c8a2b31a6e674452f04166
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 3 Aug 2018 13:39:53 +0000 (13:39 +0000)]
 
Merge "[ha] AArch64: Add missing GPG key for armband repo"
Alexandru Avadanii [Fri, 3 Aug 2018 11:59:12 +0000 (13:59 +0200)]
 
[patch] Rebase keyserver support for update logic
Change-Id: Iad2502e876600ba966a38f2df3e71bd579f80e8f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 2 Aug 2018 14:12:27 +0000 (16:12 +0200)]
 
[ha] AArch64: Add missing GPG key for armband repo
In a regular baremetal HA scenario, all cluster nodes are provisioned
via MaaS, which also adds the Enea GPG key to the APT keyring.
However, for a hybrid deployment, virtual nodes are not provisioned
by MaaS, so the GPG key should be added to reclass pillar data
explicitly for Salt to be able to import it.
JIRA: FUEL-338
Change-Id: I333b7c373bdbc631c0f54ac549f97ab889dec77c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 2 Aug 2018 14:03:56 +0000 (14:03 +0000)]
 
Merge "[ha] Add OVN scenario"
Guillermo Herrero [Tue, 22 May 2018 12:42:02 +0000 (14:42 +0200)]
 
[ha] Add OVN scenario
JIRA: FUEL-329
Change-Id: I46c7dbc791441c6b069a0d56373ff98a32a57e60
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
Alexandru Avadanii [Wed, 1 Aug 2018 21:45:16 +0000 (23:45 +0200)]
 
[maas] Allow more than two compute nodes
Change-Id: Ie023bfe7b322a49a8b525e7926518c94899c67ce
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Fri, 27 Jul 2018 11:36:15 +0000 (15:36 +0400)]
 
[ovn/noha] Simplify net scheme on compute nodes
Also install OVS 2.9 from UCA repository to get the latest code/fixes.
Change-Id: I09d6da67d28033bc0e64eef27fffb368d262d7f4
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Mon, 30 Jul 2018 12:25:37 +0000 (12:25 +0000)]
 
Merge "[odl/noha] Simplify net scheme on compute nodes"
Michael Polenchuk [Mon, 30 Jul 2018 09:11:03 +0000 (13:11 +0400)]
 
[patch] Rebase keyserver proxy support
https://github.com/salt-formulas/salt-formula-linux/commit/
f27f436
Change-Id: I9662dcff23c363430b6a04808f4e03617a10c160
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Fri, 27 Jul 2018 11:08:59 +0000 (15:08 +0400)]
 
[odl/noha] Simplify net scheme on compute nodes
Align external network scheme of computes with gateway node
to setup just ovs bridge with physical port plugged in.
Change-Id: Ie7919abc8c1f0a0905764b6354f29ad68d3c6557
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Fri, 27 Jul 2018 06:20:32 +0000 (10:20 +0400)]
 
[noha] Bind cinder volume I/O on mgmt network
iSCSI read/write ops are acting up on interface/network (pxe/admin
is chosen by default) with jumbo frames enabled, so configure iSCSI
daemon to listen on management network.
Change-Id: I3b643b151ba0abffe5cfe2ba7417010020eb07ae
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Thu, 26 Jul 2018 06:41:29 +0000 (06:41 +0000)]
 
Revert "[salt master] Disable broken _orchestration.conf"
This reverts commit 
8ac1c0fa491ab5de2eaf128374f9c73202df1751.
Upstream commit has been reverted,
Change-Id: I3b20edd450034dc79ef15b46c1ff845f81aaf981
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Thu, 26 Jul 2018 04:40:37 +0000 (04:40 +0000)]
 
Merge "Bring in Barbican service onboard"
Alexandru Avadanii [Wed, 25 Jul 2018 22:08:28 +0000 (00:08 +0200)]
 
[salt master] Disable broken _orchestration.conf
The new orchestration configuration file includes multiple
fragments from all installed formulas; breaking due to an unguarded
dependency include in keystone formula meta/salt.yml.
Temporarily disable the new config generation until fixed upstream.
Change-Id: I8476e5b60b531f08f779df2826b23cd42a043d9b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>