Alexandru Avadanii [Wed, 26 Sep 2018 14:29:46 +0000 (14:29 +0000)]
Merge "[reclass] Ensure pxe_admin_address is set for all"
Michael Polenchuk [Wed, 26 Sep 2018 12:02:56 +0000 (12:02 +0000)]
Merge "[lib.sh] Split into multiple files for readability"
Alexandru Avadanii [Tue, 25 Sep 2018 18:16:23 +0000 (20:16 +0200)]
[reclass] Ensure pxe_admin_address is set for all
Some nodes did not rely on the _param:pxe_admin_address internal
reclass param, although all of them do have an IP address in the
PXE/admin network segment.
Ensure all nodes define this param, so we can query all nodes with:
$ salt '*' pillar.item _param:pxe_admin_address
JIRA: FUEL-394
Change-Id: I7575934752c8b459c52af8a8c98c2b0327756428
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 26 Sep 2018 11:53:20 +0000 (11:53 +0000)]
Merge "[AArch64] noha: Add armband repo prio"
Michael Polenchuk [Wed, 26 Sep 2018 05:48:40 +0000 (05:48 +0000)]
Merge "[minion] Set tcp_keepalive for flaky networks"
Alexandru Avadanii [Tue, 25 Sep 2018 18:19:59 +0000 (18:19 +0000)]
Merge "[docs] Use https links"
Alexandru Avadanii [Tue, 25 Sep 2018 14:48:41 +0000 (16:48 +0200)]
[AArch64] noha: Add armband repo prio
Previously, only HA scenarios required the Armband repository
configuration (including its higher repo prio pinning), since NOHA
scenarios were not supported on baremetal.
With multiarch hybrid POD support landing, the same repo prio should
be set for NOHA scenarios.
Change-Id: I676ee262e270ce4689c44c245967badebc2efe2c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Guillermo Herrero [Mon, 24 Sep 2018 12:02:04 +0000 (14:02 +0200)]
[reclass] Consolidate all passwords
JIRA: FUEL-378
Change-Id: I00832d697d83c374628fa9d759c125e0b6ca64cf
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
Alexandru Avadanii [Sat, 25 Aug 2018 21:57:09 +0000 (23:57 +0200)]
[minion] Set tcp_keepalive for flaky networks
Workaround issues like [1]. Requires bumping formulas for
salt-formula-salt support of tcp_keepalive_* params.
[1] https://github.com/saltstack/salt/issues/38157
Change-Id: I7093437fb696809f73a24b10144c6321d0f1be32
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 22 Sep 2018 16:29:31 +0000 (18:29 +0200)]
[lib.sh] Split into multiple files for readability
lib.sh got pretty big over time, making it hard to maintain.
Since most of the functions defined now in lib.sh are only required
during build/deploy and not in state files, move them to a new file.
While at it, prepare for running build/deploy as non-root and
set a default connection string for virsh instead of using
user specific config in ~/.config/libvirt/libvirt.conf, which
caused end user experience issues in the past.
Change-Id: Id8c2a8139e4bfdb99af2b0fad73b911ffa18ebea
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 20 Sep 2018 18:02:45 +0000 (20:02 +0200)]
[repos] Replace keyserver accesses with pillar GPG
JIRA: FUEL-392
Change-Id: Ia21840c7561a14a5eeed3d08bf89eb2dbf9acc3a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 23 Sep 2018 15:18:40 +0000 (17:18 +0200)]
[odl] Create openflowplugin.cfg if not present
Salt's `ini.options_present` expects the file to be present.
Change-Id: Ib62b324ae0bd154a35b8a80e4ab2ec0002bc6bce
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 21 Sep 2018 19:53:20 +0000 (21:53 +0200)]
[build] Use python -m pip workaround
pipenv depends on pip, which conflicts with some distro versions of
pip, see bug [1].
While at it, workaround lib64 issues on CentOS by passing
`--always-copy` when creating the venv [2].
[1] https://github.com/pyenv/pyenv/issues/1141
[2] https://github.com/pypa/pipenv/issues/1929
Change-Id: I6af1a5fdbe8d37f75ab8b09b050449ad432191ad
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 13 Sep 2018 00:04:51 +0000 (02:04 +0200)]
[docs] Use https links
Change-Id: Ieca3791520ed8c67943c34fe3ca94337f0511792
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 21 Sep 2018 14:50:13 +0000 (16:50 +0200)]
[deploy] Collect logs only if cluster is deployed
Change-Id: Iaa60008e234a506b05e7b5249c85fd1d6fa63d56
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 21 Sep 2018 14:00:28 +0000 (14:00 +0000)]
Merge "[state] virtual_init: Limit to mas01 on baremetal"
Alexandru Avadanii [Fri, 21 Sep 2018 13:33:15 +0000 (13:33 +0000)]
Merge "[infra] Bind mas01 mcpcontrol DHCP to MAAS_IP"
Alexandru Avadanii [Fri, 21 Sep 2018 12:00:32 +0000 (12:00 +0000)]
Merge "[odl] Turn off OF statistics polling"
Alexandru Avadanii [Fri, 21 Sep 2018 11:59:40 +0000 (11:59 +0000)]
Merge "Rotate keystone fernet keys on shared filesystem"
Michael Polenchuk [Fri, 21 Sep 2018 10:48:06 +0000 (14:48 +0400)]
[odl] Turn off OF statistics polling
OpenDaylight polls OF statistics (usually superfluous) by default
which could affect performance in large scale deployments.
Also mask service only if package is installed.
Change-Id: I2f7a1da85dd5e04502f08be146bcc2ba946a631e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Fri, 21 Sep 2018 07:26:22 +0000 (11:26 +0400)]
Enable IPv6 back for proxy/nginx node
Change-Id: I2af8a06f5637238c4512b5a117d899fec7cb2e50
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Fri, 21 Sep 2018 06:14:58 +0000 (10:14 +0400)]
Rotate keystone fernet keys on shared filesystem
Change-Id: I38def56c2f276eca61f12558a03aa2693cc032f3
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Thu, 20 Sep 2018 23:13:16 +0000 (01:13 +0200)]
[maas] Override broken default main_archive URL
Upstream reclass.system introduced a regression for us in [1].
[1] https://github.com/Mirantis/reclass-system-salt-model/commit/
99490e7d
Change-Id: I5cedcbb5c528a8bf59b4f917b422ed433d2ceea3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 20 Sep 2018 17:05:14 +0000 (19:05 +0200)]
[state] virtual_init: Limit to mas01 on baremetal
`virtual_init` state file tries to ping all FN VMs, but that won't
work on hybrid PODs since all FN VMs but mas01 require MaaS DHCP to
be already configured (i.e. FN VMs in question will be reset after
mas01 is fully configured).
Limit virtual node queries in `virtual_init` to mas01 VM, as the rest
of FN VMs will be handled via `baremetal_init` state.
While at it, move _param:apt_mk_version def to common reclass to
avoid an undef reference in NOHA hybrid deployments; set MCP_VCP to
0 for non-HA scenarios.
JIRA: FUEL-385
Change-Id: I582bca6864e9bfed23baf26f9b66e6e95e986c58
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 20 Sep 2018 13:57:08 +0000 (15:57 +0200)]
[infra] Bind mas01 mcpcontrol DHCP to MAAS_IP
Bring back MAAS_IP global env var and use it for mas01 VM IP addr
in mcpcontrol network to prevent salt minion signature change.
Partially-reverts:
b666bc50
Change-Id: I5c7668393fe66287bd3ecdc75dd3195d5a89a8f3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 20 Sep 2018 13:15:37 +0000 (15:15 +0200)]
[maas] Fix class ordering for ipv6.disable dup
Include class disabling IPv6 first, so our override is last.
Change-Id: I91f8cb48ab2eaef54eb98705fc97ab9910c3666f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 20 Sep 2018 11:58:40 +0000 (11:58 +0000)]
Merge "[docs] Fix build warnings, minor alignments"
Alexandru Avadanii [Thu, 20 Sep 2018 11:18:57 +0000 (11:18 +0000)]
Merge "[maas] Enable back IPv6 for MaaS node"
Alexandru Avadanii [Thu, 20 Sep 2018 08:23:51 +0000 (12:23 +0400)]
[maas] Enable back IPv6 for MaaS node
IPv6 has been disabled recently by default to reduce the attack
surface of the system, however MaaS rackd service relies on other
libraries that require an INET6 socket by design.
Change-Id: I6c633e9790e75d53437f400790d0e528f0a792b3
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Thu, 20 Sep 2018 08:23:51 +0000 (12:23 +0400)]
Enable back IPv6 for OVN based scenario
IPv6 has been disabled recently by default to reduce the attack
surface of the system, however OVN/Geneve kernel-based tunnels
require it to function properly.
[https://www.mail-archive.com/ovs-discuss@openvswitch.org/msg03639.html]
Change-Id: Ife86dfad77e7899bd28f83a49c361cd8a623597c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Fri, 14 Sep 2018 09:45:25 +0000 (13:45 +0400)]
[noha] Bring in OpenDaylight SFC scenario
- bump formulas baseline during docker build;
- refresh patches;
Change-Id: I0a54863f57344c5f8897dc981f704c4d265c5522
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Wed, 19 Sep 2018 12:12:23 +0000 (12:12 +0000)]
Merge "Update system reclass model"
Alexandru Avadanii [Wed, 19 Sep 2018 11:27:16 +0000 (11:27 +0000)]
Merge "Use common way to detect dpdk feature"
Michael Polenchuk [Wed, 19 Sep 2018 11:03:09 +0000 (11:03 +0000)]
Merge "[cleanup] Move default storage dir to /var/lib"
Michael Polenchuk [Wed, 19 Sep 2018 06:55:55 +0000 (10:55 +0400)]
Update system reclass model
In order to get tacker definitions and latest changes.
Change-Id: Ib5bf5034f140e708fb596dd4b622f0b2bdee8a59
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Wed, 19 Sep 2018 07:52:15 +0000 (11:52 +0400)]
Use common way to detect dpdk feature
Change-Id: I55a3c10f275079b11b7456b28a2c846cb33c204a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Tue, 18 Sep 2018 18:30:24 +0000 (20:30 +0200)]
[docs] Fix build warnings, minor alignments
- adopt NOTE tags;
- switch some NOTE tags to WARNING;
- use ``markup`` for all paths;
Change-Id: If1bda281fd5cbef0b94110b59e02f41c443b0fb9
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Tue, 18 Sep 2018 13:11:46 +0000 (17:11 +0400)]
Make docker isolation chain go first
Restart docker service to refresh FORWARD chain
and insert docker related rules on top.
Change-Id: I971840f5979636c4ea8ae4d66a82982c24aa5f66
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Stamatis Katsaounis [Mon, 17 Sep 2018 09:14:26 +0000 (12:14 +0300)]
[nosdn-noha] Meet EPA testcases requirements - pt2
JIRA: FUEL-385
After successfully merging patch
https://gerrit.opnfv.org/gerrit/#/c/61417/ a user can deploy
os-nosdn-nofeature-noha scenario with numa topologies on compute nodes.
In order to be able to run the EPA testcases, there are still some
requirements (see [1]):
- Testcases expect compute nodes to have hugepages enabled
- Testcases expect compute nodes to have cgroup-tools package
installed
- Testcases expect to have NUMATopologyFilter added to
enabled_filters in /etc/nova/nova.conf of the controller node
This patch tries to meet the above requirements. First, it installs
the cgroup-tools package on compute nodes. Secondly, it overrides the
default enabled_filters of openstack nova salt package by appending
NUMATopologyFilter in the end (see [2], [3]).
Reference links:
[1] https://docs.google.com/document/d/1sT63M6fnurn4rgYTiUd8ILuXORtx0oHA8Qe-nPeCr2Y/edit
[2] https://github.com/salt-formulas/salt-formula-nova/blob/master/README.rst#custom-scheduler-filters
[3] https://github.com/salt-formulas/salt-formula-nova/blob/master/metadata/service/control/single.yml#L20
Change-Id: I24eb86c53574c80ceb33ecd1bfcb9ef2727d4263
Signed-off-by: Stamatis Katsaounis <mokats@intracom-telecom.com>
Dimitrios Markou [Fri, 14 Sep 2018 13:55:06 +0000 (16:55 +0300)]
Bug fix : Increase NUMA nodes RAM
Each compute node has 16 GB of RAM but those GBs are splited wrongly
to each NUMA node (4 GB instead of 8 GB).
JIRA: FUEL-387
Change-Id: Ibe784727c8a262b41add04ad3a41c70f25ded684
Signed-off-by: Dimitrios Markou <mardim@intracom-telecom.com>
Michael Polenchuk [Thu, 13 Sep 2018 10:19:52 +0000 (14:19 +0400)]
[ha] Get OVS 2.9 & DPDK 17.11 from UCA repo
* to be compatible with HWE kernel
* make neutron balancing to RR back
* turn off glance v1 api support (doesn't relevant for now)
Change-Id: I916aae10f523be339c20de32218ce03c245afe72
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Wed, 12 Sep 2018 17:53:55 +0000 (19:53 +0200)]
[docker] Relax verify check for docker pull
JIRA: FUEL-383
Change-Id: I9203aa8d20def5b78d261f8c6847ddc576f0feb7
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 12 Sep 2018 15:11:39 +0000 (15:11 +0000)]
Merge "[docs] Update documentation on scenarios for MS6"
Alexandru Avadanii [Wed, 12 Sep 2018 13:24:07 +0000 (13:24 +0000)]
Merge "[cleanup] FN VMs: Fold user-data templates"
Cristina Pauna [Tue, 11 Sep 2018 14:55:12 +0000 (17:55 +0300)]
[docs] Update documentation on scenarios for MS6
Added/updated the scenario files for the scenarios we support in Gambia
Change-Id: Ib463e3122999e0cf554599fb8637c20cf77b825d
Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
Alexandru Avadanii [Tue, 11 Sep 2018 04:13:03 +0000 (06:13 +0200)]
[cleanup] Move default storage dir to /var/lib
Since we switched to dockerized Salt master and mounting the full
contents of the current git repo inside cfg01's /root/fuel dir,
exposing temporary deploy artifacts should be avoided, i.e. the
default temporary storage location (configurable via '-S' deploy arg)
should be moved outside the git repo.
JIRA: FUEL-383
Change-Id: I32f7197b018fd853867de42f5618650ac9022dc9
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 11 Sep 2018 04:59:03 +0000 (06:59 +0200)]
[cleanup] FN VMs: Fold user-data templates
While at it, retire obsolete MAAS_IP global variable and let mas01
VM get a DHCP address from virsh-managed mcpcontrol network.
Change-Id: Ifd85dbcab10894a5d0d675d37f0c35f09776d9b4
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Tue, 11 Sep 2018 11:33:06 +0000 (15:33 +0400)]
Update OpenDaylight version to Fluorine
Change-Id: Ie8ec7c94b2831dce88bde39c7fe219faaad21c5e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Mon, 10 Sep 2018 15:42:04 +0000 (15:42 +0000)]
Merge "[nosdn-noha] Meet EPA testcases requirements (NUMA)"
Alexandru Avadanii [Mon, 10 Sep 2018 14:56:30 +0000 (14:56 +0000)]
Merge "[submodule] Bump Pharos for maas:machines sync"
Dimitrios Markou [Mon, 27 Aug 2018 11:27:21 +0000 (14:27 +0300)]
[nosdn-noha] Meet EPA testcases requirements (NUMA)
Install in a local directory a newer version of virt-manager
to workaround obsolete Ubuntu versions lacking --cpu cellN.* support.
This change only affects CPU cfg of virtual compute nodes in
nosdn-nofeature-noha scenarios with:
- set default cpu_topology to dual socket (2 cores, 2 sockets,
2 threads);
- bump default RAM to 16GB;
- define 2 NUMA cells, each with half the resources;
To keep the old behavior available (single socket), a new deploy
argument has been added (`-m`). The RAM change is not configurable
via deploy args.
NOTE: The CPU topology for virtual nodes should later be read from
PDF instead of hardcoding it on a per-scenario basis in the installer.
NOTE: Default 'ram' unit is MiB, while cellN.memory default unit is
'KiB'.
JIRA: FUEL-385
Change-Id: I7ca268b0a2052524cb7187a5cf9b6fa8a382c9f9
Signed-off-by: Dimitrios Markou <mardim@intracom-telecom.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 10 Sep 2018 01:26:46 +0000 (03:26 +0200)]
[docker] Add MCP_DOCKER_TAG env var
Allow skipping docker pull for verify jobs by setting the new env
var to 'verify'.
JIRA: FUEL-383
Change-Id: If8e2f66b5ccdac5c3911eeabfc2ba9c0eba61093
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 9 Sep 2018 06:54:17 +0000 (08:54 +0200)]
[ovn-ha] ctl: neutron: Add msg cluster pillar
`system.neutron.control.cluster`, unlike
`system.neutron.control.openvswitch.cluster` does not provide
neutron:server:message_queue:members pillar data, letting it
default to the wrong values (single rabbit instance on the same node).
This led to neutron.conf on ctl nodes using:
`transport_url=rabbit://openstack:***@172.16.10.35:5672//openstack`
instead of
`transport_url=rabbit://openstack:***@172.16.10.28:5672,...//openstack`
Change-Id: Iad4b709d555b2bafafeb75fdecb831f7d4f5a504
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 7 Sep 2018 12:52:30 +0000 (12:52 +0000)]
Merge "Update docs to new format"
Michael Polenchuk [Fri, 7 Sep 2018 06:54:50 +0000 (10:54 +0400)]
[odl] Create parent directories for dhcp config
Change-Id: I7d16bcd42a059817d7a4e6b06490e03001354f4f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Fri, 7 Sep 2018 04:42:14 +0000 (04:42 +0000)]
Merge "[opendaylight] Support built-in DHCP service"
Alexandru Avadanii [Fri, 31 Aug 2018 00:16:08 +0000 (02:16 +0200)]
[submodule] Bump Pharos for maas:machines sync
Drop duplicate maas:machines definitions which could cause conflicts
in rare corner cases.
Slightly refactor j2 template expansion to make `conf.virtual.nodes`
available during first stage.
Change-Id: I04d56e346b12c6eb97da5c0c0ab1e3446e5fc1b8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Thu, 6 Sep 2018 09:08:31 +0000 (13:08 +0400)]
[dpdk] Check whether public bridge exists
Change-Id: I5aad512b5761deaa30522b6939bf245ecb1ec681
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Cristina Pauna [Thu, 6 Sep 2018 06:01:30 +0000 (09:01 +0300)]
Update docs to new format
Change-Id: I023b7f47245691fe7377e53ca0bda15098c2978a
Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
Guillermo Herrero [Wed, 5 Sep 2018 14:12:12 +0000 (14:12 +0000)]
Merge "[ha] Fix ovn-ha scenario"
Guillermo Herrero [Mon, 3 Sep 2018 12:08:07 +0000 (14:08 +0200)]
[ha] Fix ovn-ha scenario
openstack/control.yml
-redefine database host ip inherited from
system.neutron.control.cluster
Change-Id: Ic8e61c61c7ebb17f31e0c53f8d9e3a013f8a3e9e
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
Michael Polenchuk [Tue, 14 Aug 2018 12:12:14 +0000 (16:12 +0400)]
[opendaylight] Support built-in DHCP service
Change-Id: I448aa7f076e2c2d641a5326947852b3333728460
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Wed, 5 Sep 2018 05:38:02 +0000 (05:38 +0000)]
Merge "[noha] Set MTU on tenant/private dpdk interface"
Alexandru Avadanii [Tue, 4 Sep 2018 14:15:01 +0000 (14:15 +0000)]
Merge "[scenario] Factor out common nodes, states"
Michael Polenchuk [Tue, 4 Sep 2018 10:31:03 +0000 (14:31 +0400)]
[noha] Set MTU on tenant/private dpdk interface
Enable jumbo frames on tenant/private interface as well so that
an instance can get the DHCP response from gateway node.
Change-Id: I9407fa67e9e0cdbe50335e4430748b0e45ba841a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Mon, 3 Sep 2018 12:51:29 +0000 (12:51 +0000)]
Merge "[docker] Fix untagged mgmt by default"
Michael Polenchuk [Thu, 30 Aug 2018 11:34:59 +0000 (15:34 +0400)]
[odl/dpdk] Make dedicated public network scheme
In order to avoid TCP connection checksum issue (i.e. TX offloading
on ovs bridges) add linux bridge connected with ovs public bridge.
Change-Id: I4d266dd92756d5326dfa3d74fe2f376b26415812
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Sun, 2 Sep 2018 02:40:43 +0000 (04:40 +0200)]
[docker] Fix untagged mgmt by default
JIRA: FUEL-383
Change-Id: Ie635965cff3538d6e786f2b76fa4d175d1be1773
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 1 Sep 2018 21:49:08 +0000 (23:49 +0200)]
[scenario] Factor out common nodes, states
Make the bulk of scenario files static again by shifting out all
common virtual nodes (mas01) and states (virtual_init, maas etc.)
to default.yaml(.j2).
This allows us to parse scenario-specific data during first j2
expansion, preparing for the new Pharos installer adapter that
relies on `conf.virtual.nodes.control` length to construct the
proper list of MaaS node definitions (kvm{01,02,03} vs {ctl01,gtw01}).
Change-Id: I666ab5bd6bb2a42f98646af51950f6b9fffa0e8b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 1 Sep 2018 16:05:08 +0000 (18:05 +0200)]
[docker] Cleanup, minor fixes, formula bump
* ship prebuilt salt master conf for better readability:
- enable x509.sign_remote_certificate (for prx VCP nodes);
* refactor Salt master CA handling:
- preinstall `salt_minion_dependency_packages` and
`salt_minion_reclass_dependencies` inside docker image;
- persistent /etc/pki;
- run salt.minion on cfg01 to generate master keys;
* bump container formulas to 1 Sep 2018 versions or newer:
- inject date into Docker makefile, forcing a fresh fetch of all
salt formulas from upstream git repos;
* workaround broken salt-formula-designate's meta/sphinx.yml:
- the DEB package version of salt-formula-designate uses `cmd.shell`
to query dpkg on the minion, while the git repo version still
uses `cmd.run`, running into parsing issues;
- temporarily disable sphinx metadata generation for designate until
upstream git repo syncs with the DEB version;
* upstream: salt-formula-salt AArch64 salt.control.virt support:
- retire salt-formula-salt git submodule and related patches;
* skip installing reclass distro package (already installed via pip
inside the container);
* limit initial pillar_refresh call to nodes on jumphost;
* remove unused salt-formula-nova git submodule;
JIRA: FUEL-383
Change-Id: I883b825e556f887a5e31f8a43676dcd8ece6dfde
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 1 Sep 2018 00:40:44 +0000 (02:40 +0200)]
[AArch64] vcp: Fix up vcp_nodes awk query conflict
JIRA: FUEL-404
Change-Id: I12acc90cdb17ecc090a993e1be41d13ad81dbb9d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 31 Aug 2018 17:42:59 +0000 (19:42 +0200)]
[docker] Cleanup hosts file on redeploy
JIRA: FUEL-383
Change-Id: Ib01e78951403fbec2e0f588ae5a577bcbad1bd75
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 31 Aug 2018 16:31:09 +0000 (18:31 +0200)]
[docker] Use distro docker-compose if not broken
While at it, use explicit `docker-compose pull` call to maintain
backwards compatibility with older docker-compose (1.8.0 on aarch64).
JIRA: FUEL-383
Change-Id: I0f6ac4fb59c0a286ac99a1a0dc4484d00f3837fe
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Wed, 29 Aug 2018 10:41:15 +0000 (14:41 +0400)]
[noha] Align MTU settings
* shift MTU from public bridge to physical interface
* add neutron related settings
Change-Id: Ia57d1ca7976968d6e7ee23f58a0abae1a1a256c0
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Sat, 25 Aug 2018 21:57:09 +0000 (23:57 +0200)]
[AArch64] salt.control.virt support
Salt relies on a limiting libvirt_domain j2 template to generate the
XML it passes to libvirt for salt.control managed virtual machines.
For AArch64, we need to set up 3 XML nodes in a non-default way:
1. UEFI firmware (AAVMF) should be enabled by passing a pflash loader;
2. CPU mode should be 'host-passthrough';
3. QEMU machine type should be 'virt';
To allow configuring the above using pillar data:
- virtng module: implement functionality similar to upstream changes:
*
219b84a512 virt module: Allow NVRAM unlinking on DOM undefine
in develop, not in 2018.2;
*
9cace9adb9 Add support to virt for libvirt loader
in develop, not in 2018.2;
- virtng module: extend it with:
* pass virt machine type to vm;
* pass cpu_mode to vm;
JIRA: ARMBAND-404
Change-Id: Ib2123e7170991b3dfbdb42bd1a2baa5a4360b200
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 29 Aug 2018 20:04:20 +0000 (22:04 +0200)]
[AArch64] Align armband repo name with MaaS nodes
curtin generates armband_3.list, which we aligned in the reclass
model before, but not in the defaults yml used by cfg01/VCP VMs.
Change-Id: Ibe8d5b79465b508e41c20ec08a98a96a1510da8d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 25 Aug 2018 02:14:40 +0000 (04:14 +0200)]
Add noifupdown for all br-floating
Since we reboot all nodes, applying the network configuration via
Salt before reboot is pointless and creates a race condition with
OVS.
While at it, add `--ignore-errors` to ifup call for OVS bridge to
prevent a race condition during linux.network state apply.
Change-Id: I22fe0afaffecd7b850a6b77d7b810ed296bfc9ca
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Guillermo Herrero [Mon, 24 Jul 2017 22:58:32 +0000 (00:58 +0200)]
[salt-formulas] Add & enable armband formula
AArch64 specific formula, mostly tweaking nova conf / installing
virtualization layer prerequisites:
- install qemu-efi;
- install vgabios;
- fix missing link for vgabios binary blob;
- nova conf: cpu_model=cortex-a57 (only for virtual deploys);
- nova conf: virt_type=qemu (only for virtual deploys);
- nova compute conf: virt_type=qemu (only for virtual deploys);
- nova conf: pointer_model=ps2mouse since AArch64 has no USB tablet;
[1] https://github.com/openstack/nova/commit/
f0f0953
Change-Id: I40515bdbd941850b103a86d51b347cc8610f5741
Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com>
Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 22 Aug 2018 22:25:51 +0000 (00:25 +0200)]
[deploy.sh] Cleanup deploy arguments, rework -ff
* refactor & extend `-f` deploy argument;
* retire INFRA_CREATION_ONLY env var, duplicated by
NO_DEPLOY_ENVIRONMENT;
* `-F` and `-e` deploy arguments are now equivalent;
JIRA: FUEL-383
Change-Id: Ifc1527fa1e7d7486d1b7600772e2c5de34b1e52c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 18 Aug 2018 05:05:29 +0000 (07:05 +0200)]
[submodule] Cleanup: Retire scripts sub & patches
Salt bootstrap scripts are no longer used directly, so it is now safe
to retire the whole git submodule and its related patches.
JIRA: FUEL-383
Change-Id: I1fbdfe4fbd4930bfb3c999a3a68033d12565682b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 18 Aug 2018 01:46:13 +0000 (03:46 +0200)]
[docker] Switch to containerized Salt Master
* Refactor OPNFV salt-formulas mechanism to resemble upstream git
structure:
- git submodules: add new submodule for each formula we patch;
- create salt-formula-x directories for OPNFV formulas;
- move mcp/metadata/service contents to their each formula subdir;
- use `make patches-import` for patches previously handled by
patch.sh;
- retire patch.sh
* states: add virtual_init:
- mostly based on old salt.sh, which is now obsolete;
- exclude salt-master service restart (it would kill the container);
* scenarios: cleanup (rm cfg01 virtual node def), adopt virtual_init;
* reclass: align our model with prebuilt container's Salt config:
- drop linux:network pillar data (handled by Docker);
- stop applying linux.system state on cfg01;
- align salt user homedir;
- drop salt-formula packages (preprovisioned);
* minor plumbing in deploy.sh and lib.sh;
JIRA: FUEL-383
Change-Id: I28708a9b399d3f19012212c71966ebda9d6fc0ac
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 10 Aug 2018 14:52:43 +0000 (16:52 +0200)]
[docker] Add docker-compose definitions
Add configuration items for bringing up the Salt master Docker
container using docker-compose:
- mount <storage dir>/hosts as /etc/hosts
- mount <storage dir>/salt as /etc/salt:
* semi-persistent generated Salt information;
- mount <storage dir>/nodes as /srv/salt/reclass/nodes:
* semi-persistent generated reclass node data storage;
- mount Fuel@OPNFV git repo in /root/fuel;
- mount all other previously rsynced artifacts;
- hook container to 3 networks/bridges: mcpcontrol, PXE/admin and
management:
* container IP addresses are managed by Docker, so no DHCP is used;
- override upstream entrypoint.sh by mounting our own version on top;
* run-time patch Salt to fix certain init system interactions due
to 'Tini' looking like Upstart but behaving a bit differently;
* work around directory traversal issues in Salt/reclass by using
extensive `cp` (to be later mitigated at container build time);
* overwrite reclass.system with our own version (patched), later to
fetched pre-patched during container build;
* overwrite salt-formulas with our patched versions;
* create missing links for salt-formulas-* packages (e.g. gnocchi)
which are not available as git repos upstream;
- add mcp.rsa.pub to 'ubuntu' user's authorized_keys for SSH login
to master node to remain backwards compatible;
- mount configuration files for semi-persistent state preservation
at container destroy/rebuild (using '-f' deploy argument);
JIRA: FUEL-383
Change-Id: Ie17e578a7ebeb071b1c0e0a49ad58ffa6bbc89bb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 18 Aug 2018 00:10:36 +0000 (02:10 +0200)]
[lib.sh] Add veth pair handling support
Upcoming docker integration requires special care for network
interfaces Docker will hook to, so virsh networks can be mixed with
Docker networks.
We'll use veth pair(s) to hook together the Docker network(s) to their
counterpart virsh-managed Linux bridge(s).
JIRA: FUEL-383
Change-Id: I1a714dc8be73e79539d85bacac311d1ed05cc18d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 28 Aug 2018 22:00:26 +0000 (00:00 +0200)]
[jump vnet] Workaround MTU set race condition
Older libvirt (1.x, 2.x, even older 3.x) try to enforce their own MTU
(1500), overriding it back to 1500 after the udev rule finished.
Delay link modification with 1 second and extend its patten to also
include libvirt's own tap interfaces (<network name>-nic).
Change-Id: I3050c11de7f376df02cbf203e9106b61c560683f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 27 Aug 2018 02:58:03 +0000 (04:58 +0200)]
[jump vnet] Fix udev rule event for older libvirt
Older libvirt seems to raise 'change' events instead of 'add',
so the MTU bump of the libvirt managed tap interfaces was not
properly applied.
Change-Id: Ie1a4f1c4f235ad4f83bf9ee218a40dcedc1ce914
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 25 Aug 2018 01:09:48 +0000 (03:09 +0200)]
[build.sh] Fix quotes, missing deb arch for repo
JIRA: FUEL-383
Change-Id: Ie4374d44993bd738b90e9b6e357014d0c5657da0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 24 Aug 2018 22:43:56 +0000 (00:43 +0200)]
[build.sh] Use pipenv run instead of shell
JIRA: FUEL-383
Change-Id: Ia1b58f9e7eefd9f3efc4b5241ec496c545ccee25
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 24 Aug 2018 15:52:59 +0000 (17:52 +0200)]
[build.sh] Add local python bin dir to PATH
JIRA: FUEL-383
Change-Id: I5596ed6139317d72fceae3af89e71181aefbd6a3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 24 Aug 2018 15:19:24 +0000 (17:19 +0200)]
[build.sh] Enable push, minor fixes
* default to enable pushing to public docker registry;
* fix prerequisites path;
* fix unknown terminal in Jenkins jobs;
JIRA: FUEL-383
Change-Id: Ie27dfbca6965c218475060da390a82921799b044
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Fri, 24 Aug 2018 10:38:16 +0000 (14:38 +0400)]
[noha] Get OVS 2.9 & DPDK 17.11 from UCA repo
Align all noha scenarios to install OVS 2.9 which doesn't drop
packets on bridge with netdev datapath type at initial stage.
Change-Id: Iab204828ac7acefcb26647cdbc27805871904f2c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Thu, 23 Aug 2018 15:34:36 +0000 (15:34 +0000)]
Merge changes from topic 'docker-build'
* changes:
[docker build] Install OpenSSH server
[submodule] Add docker-salt-formulas, ci/build.sh
[deploy.sh] Install Docker if not present
[jump req] Add build/deploy specific requirements
Alexandru Avadanii [Tue, 21 Aug 2018 23:38:31 +0000 (01:38 +0200)]
[docker build] Install OpenSSH server
While at it, create the 'ubuntu' user with passwordless sudo
and preinstall salt-formula-gnocchi (missing git repo workaround),
as well as various useful packages (e.g. net-tools).
JIRA: FUEL-383
Change-Id: I5902c37110331acfd3fd4fccb92104de7b5ece6b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 23 Aug 2018 14:18:52 +0000 (14:18 +0000)]
Merge "[odl/dpdk] Set pubilic bridge datapath_type=netdev"
Alexandru Avadanii [Thu, 23 Aug 2018 14:14:01 +0000 (14:14 +0000)]
Merge "[patch] AArch64: reclass system arch tweaks"
Michael Polenchuk [Thu, 23 Aug 2018 13:16:51 +0000 (17:16 +0400)]
[odl/dpdk] Set pubilic bridge datapath_type=netdev
In order to handle floating IPs related flows properly
the public bridge requires netdev datapath type to be set
explicitly in DPDK mode since OpenDaylight only manages
patches between integration bridge and the public one.
Change-Id: I868747dc501e9124cbecd4eb1234f74e8edd4edf
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Wed, 22 Aug 2018 13:55:45 +0000 (13:55 +0000)]
Merge ".gitignore refresh, fold common expressions"
Alexandru Avadanii [Wed, 22 Aug 2018 13:18:22 +0000 (15:18 +0200)]
[patch] AArch64: reclass system arch tweaks
Armband has been carrying a few arch-enablement patches that are
required for the default reclass system classes to work as expected
on AArch64 systems.
Change-Id: I1f96c062eb3f9dcabb8513aadd1ea41be4fbc098
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Wed, 22 Aug 2018 11:53:56 +0000 (15:53 +0400)]
[odl/dpdk] Use untagged iface for tenant network
Change-Id: Id35d4cbee9b4ce0a7b78e2935b03c2def68bc123
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Tue, 21 Aug 2018 20:12:48 +0000 (22:12 +0200)]
.gitignore refresh, fold common expressions
Change-Id: I5346ee523b40f1a249394d59dbbe4d3d85c692cb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 19 Aug 2018 15:52:02 +0000 (17:52 +0200)]
[submodule] Add docker-salt-formulas, ci/build.sh
- add new git submodule pointing to upstream docker build scripts;
- add patch extending Docker tags with an '-(arch)' suffix,
aligning with OPNFV tagging requiremnts;
- add <ci/build.sh> wrapper for starting Docker builds;
- install build-specific distro package requirements, as well as
pip-managed packages (e.g. pipenv);
JIRA: FUEL-383
Change-Id: Id4fc886206d7eaf7e6d02810380f2391609ba405
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>