fuel.git
6 years ago[baremetal] Retire example pod_config.yaml 15/51615/2
Alexandru Avadanii [Sat, 3 Feb 2018 17:12:54 +0000 (18:12 +0100)]
[baremetal] Retire example pod_config.yaml

It is easier to just generate the `pod_config.yaml` file than to
maintain it, so let's remove it.

While at it, link sample PDF/IDF inside pharos git submodule, so we
don't have to pass a different lab-config URI to use the sample.

To generate pod_config.yml for the sample PDF/IDF:
$ ./ci/deploy.sh -l local -p pod1 -s os-odl-nofeature-ha -d
$ cat mcp/deploy/images/pod_config.yml

JIRA: FUEL-322

Change-Id: If5898f92ef54bebc31d57f9632959e9093a89250
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[PDF] pod1: Refresh PDF, IDF examples 13/51613/2
Alexandru Avadanii [Sat, 3 Feb 2018 17:09:28 +0000 (18:09 +0100)]
[PDF] pod1: Refresh PDF, IDF examples

Sync latest changes from pharos git repo for our sample PDF/IDF:
- move net_config from PDF to IDF;
- minor cleanup;

JIRA: FUEL-322

Change-Id: If6865ac61a4942a1dd5daf7081fd8faa67e0e7bf
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "[baremetal] Fix: wrong nic name idf index"
Alexandru Avadanii [Sat, 3 Feb 2018 16:43:08 +0000 (16:43 +0000)]
Merge "[baremetal] Fix: wrong nic name idf index"

6 years ago[baremetal] Fix: wrong nic name idf index 97/51497/1
Guillermo Herrero [Fri, 2 Feb 2018 14:43:56 +0000 (15:43 +0100)]
[baremetal] Fix: wrong nic name idf index

This was only affecting pod deployments with
different board models, under the current limited
support:
- 3 KVMs will be same model and have the same NIC names
- 2 Compute nodes will be the same model and have same NIC names

For the computes nodes, br-mesh NIC name was wrong due
to incorrect idf mapping

Change-Id: I9685b35cb23b03be9fc0e6fe16c0712a9ad70e19
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
6 years agoMerge "deploy.sh: Disable net.bridge.bridge-nf-call"
Michael Polenchuk [Fri, 2 Feb 2018 07:57:23 +0000 (07:57 +0000)]
Merge "deploy.sh: Disable net.bridge.bridge-nf-call"

6 years agoRevert "[FN VMs] remove graphics" 81/51481/1
Alexandru Avadanii [Thu, 1 Feb 2018 23:10:03 +0000 (00:10 +0100)]
Revert "[FN VMs] remove graphics"

RHEL family virtualization tools reserve 02:00 PCI slot for VGA, even
if 'nographics' is specified when creating the VM (in case the user
wants to later hook a video card, which usually *requires* PCI slot2).

Debian systems do not follow this rule (tested with libvirt 1.x, 2.x,
3.x), hence 1st NIC lands on PCI slot 2 (and get eth name 'ens2').

To align the behavior across all possible jumpserver distros, bring
back the virtio video.

This reverts commit 738f6c3b68d1179de1ff790f9e72c25f10874da4.

Change-Id: Ifd855c12e04aec1ff0ab047b13f8081365741889
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agodeploy.sh: Disable net.bridge.bridge-nf-call 77/51477/2
Alexandru Avadanii [Thu, 1 Feb 2018 19:34:53 +0000 (20:34 +0100)]
deploy.sh: Disable net.bridge.bridge-nf-call

JIRA: FUEL-334

Change-Id: I6d2499053dcfb7f99593fcd5c948b569bdcb9c9b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] Allow MaaS timeouts to be set via IDF 71/51471/2
Alexandru Avadanii [Thu, 1 Feb 2018 17:10:23 +0000 (18:10 +0100)]
[baremetal] Allow MaaS timeouts to be set via IDF

Bump Pharos git submodule to pick up support for MaaS timeout
parameterization, as well as new IDF for lf-pod2.

Drop arch-specific MaaS timeouts, as they are now configurable
on a per-POD basis.

Sample usage (via IDF):

idf:
  fuel:
    maas:
      # MaaS timeouts (in minutes)
      timeout_comissioning: 10
      timeout_deploying: 15

Change-Id: I8fafa336b0bc64d705f6c2e40fc3dfb85672fb15
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoTurn off Retpoline and KPTI protection 95/51395/2
Michael Polenchuk [Wed, 31 Jan 2018 10:38:16 +0000 (14:38 +0400)]
Turn off Retpoline and KPTI protection

Based on Canonical research (https://goo.gl/QJykMa) there is
low-risk of attack for private clouds environments, therefore
turn off the related kernel patches & regain performance back.

Change-Id: I661fa127241e327b07d21a29d58d584997607123
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoMerge "[patch] Group APT calls for salt formula install"
Michael Polenchuk [Wed, 31 Jan 2018 08:21:04 +0000 (08:21 +0000)]
Merge "[patch] Group APT calls for salt formula install"

6 years agoMerge "[VCP] Catch 'no response' when adding ssh auth key"
Michael Polenchuk [Wed, 31 Jan 2018 08:20:16 +0000 (08:20 +0000)]
Merge "[VCP] Catch 'no response' when adding ssh auth key"

6 years ago[VCP] Catch 'no response' when adding ssh auth key 73/51373/1
Alexandru Avadanii [Tue, 30 Jan 2018 23:56:35 +0000 (00:56 +0100)]
[VCP] Catch 'no response' when adding ssh auth key

On rare occassions, one or more minions might fail to respond in due
time, so catch 'no reponse' using `wait_for`.

Change-Id: I8e6b0dc44a39e79c2874ff9a657e152620ba3f13
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[patch] Group APT calls for salt formula install 33/51333/4
Alexandru Avadanii [Tue, 30 Jan 2018 00:25:06 +0000 (01:25 +0100)]
[patch] Group APT calls for salt formula install

When installing salt-formula-* on cfg01, we used to call APT for
each package. Instead, handle them all at once.

While at it, stop using colored output on terminals that don't
support it (e.g. 'vt220' used by OPNFV Jenkins).

Change-Id: Ib8f2cee9638c43cdf648487bf05b07cd49802d3e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoUpdate reclass system model 47/51347/1
Michael Polenchuk [Tue, 30 Jan 2018 09:36:09 +0000 (13:36 +0400)]
Update reclass system model

Get the latest reclass system model to be in sync with salt
formulas code. Adjust keystone v3 admin endpoint patch.

Change-Id: Ia7ce6187b875cc9e18af2784ef1eb5df1c145c7d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years ago[patch] Point neutron opendaylight configs to pike 15/51315/3
Michael Polenchuk [Mon, 29 Jan 2018 16:12:17 +0000 (20:12 +0400)]
[patch] Point neutron opendaylight configs to pike

Change-Id: I3fae38da88b170b84ea926abf93da8b178e9ca8a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoMerge "deploy.sh: Retire `-B` argument"
Alexandru Avadanii [Mon, 29 Jan 2018 16:11:07 +0000 (16:11 +0000)]
Merge "deploy.sh: Retire `-B` argument"

6 years agoMerge "[FN VMs] remove graphics"
Alexandru Avadanii [Mon, 29 Jan 2018 16:10:11 +0000 (16:10 +0000)]
Merge "[FN VMs] remove graphics"

6 years agoMerge "[cfg01] apt.conf.d: Dpkg::Use-Pty: 0"
Michael Polenchuk [Mon, 29 Jan 2018 09:29:02 +0000 (09:29 +0000)]
Merge "[cfg01] apt.conf.d: Dpkg::Use-Pty: 0"

6 years ago[FN VMs] remove graphics 79/51279/1
Alexandru Avadanii [Mon, 29 Jan 2018 01:46:13 +0000 (02:46 +0100)]
[FN VMs] remove graphics

Since VCP VMs (created via salt formula) do not have a video
controller defined in their domain XMLs, network devices end on
different PCI slots and hence have different names assigned
(ens2+ vs foundation node VMs, which start with ens3).

To align network interface names for VMs on jumpserver vs kvm nodes,
and reduce confusion, remove the video controller from FN VMs.

This allows some cleanup:
- drop extra AArch64 args from virt-install;
- unify 'opnfv_vcp_vm_*' and 'opnfv_fn_vm_*' variables;

Change-Id: I0d108b00914b3eaaa03b67c652174f8ed4573118
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[cfg01] apt.conf.d: Dpkg::Use-Pty: 0 53/51153/2
Alexandru Avadanii [Thu, 25 Jan 2018 23:31:17 +0000 (00:31 +0100)]
[cfg01] apt.conf.d: Dpkg::Use-Pty: 0

This will silence all 'Reading database ...' noise during Salt formula
installation.

Change-Id: I734d727194e276443db1e1581f40ec494562196e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agodeploy.sh: Retire `-B` argument 43/51243/2
Alexandru Avadanii [Fri, 26 Jan 2018 01:03:31 +0000 (02:03 +0100)]
deploy.sh: Retire `-B` argument

All bridge information should be defined via IDF.
Keeping `-B` support in deploy.sh only creates confusion.
While at it, remove automatic bridge detection based on network addr.

Change-Id: Id8b54e4887a97092daed5beb31fde4edd13057f1
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "lib.sh: Reduce useless wget dot reporting"
Alexandru Avadanii [Fri, 26 Jan 2018 17:04:40 +0000 (17:04 +0000)]
Merge "lib.sh: Reduce useless wget dot reporting"

6 years ago[ovs/dpdk] Configure vxlan for baremetal scenario 97/51197/1
Michael Polenchuk [Fri, 26 Jan 2018 13:52:31 +0000 (17:52 +0400)]
[ovs/dpdk] Configure vxlan for baremetal scenario

* switch ovs/dpdk scenario from vlan to vxlan mode
* force br-ex interface to mitigate race with incorrect state
* remove dpdk packages list (already in upstream)

Change-Id: Ib827cef2d67879fd2a86d286ca2118b22493274d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agolib.sh: Reduce useless wget dot reporting 49/51149/1
Alexandru Avadanii [Thu, 25 Jan 2018 22:30:30 +0000 (23:30 +0100)]
lib.sh: Reduce useless wget dot reporting

Downloading the base image (usually a few hundred MB) outputs a lot
of useless dots to show progress. Switch to 1M per dot (from 1K).

Change-Id: I8c525cad0b46e8ba3a7f6da4dd7f8277a49df91f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] Fix openstack_compute_pdf yaml err 47/51147/1
Alexandru Avadanii [Thu, 25 Jan 2018 20:59:57 +0000 (21:59 +0100)]
[baremetal] Fix openstack_compute_pdf yaml err

Fixes: 7c79115

Change-Id: I62f52382b297b1aa9cfc37f74f04a00872ead1ef
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "Add support for different public network netmask"
Alexandru Avadanii [Thu, 25 Jan 2018 18:33:54 +0000 (18:33 +0000)]
Merge "Add support for different public network netmask"

6 years agoMerge "[lab-config] Use Pharos submodule by default"
Alexandru Avadanii [Thu, 25 Jan 2018 18:33:21 +0000 (18:33 +0000)]
Merge "[lab-config] Use Pharos submodule by default"

6 years agoMerge "Horizon: Fix and reload missing css in Pike"
Alexandru Avadanii [Thu, 25 Jan 2018 16:41:53 +0000 (16:41 +0000)]
Merge "Horizon: Fix and reload missing css in Pike"

6 years ago[lab-config] Use Pharos submodule by default 69/50869/4
Alexandru Avadanii [Sat, 20 Jan 2018 20:41:05 +0000 (21:41 +0100)]
[lab-config] Use Pharos submodule by default

- switch from securedlab to pharos as lab-config structure;
- accomodate the move net_config from PDF to IDF in j2 templates;

Change-Id: Ib04e4fb384568a6efd9e78a080857b663521ae88
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "deploy.sh: Retire simplest scenario fallback"
Alexandru Avadanii [Wed, 24 Jan 2018 15:49:32 +0000 (15:49 +0000)]
Merge "deploy.sh: Retire simplest scenario fallback"

6 years agoRectify ODL repository apt key 11/51011/1
Michael Polenchuk [Tue, 23 Jan 2018 09:47:20 +0000 (13:47 +0400)]
Rectify ODL repository apt key

Change-Id: Iaa917be9f8f86c328ce4d503923a0d7cca680434
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agodeploy.sh: Retire simplest scenario fallback 07/51007/1
Alexandru Avadanii [Tue, 23 Jan 2018 17:25:11 +0000 (18:25 +0100)]
deploy.sh: Retire simplest scenario fallback

Previously, when a requested scenario was missing, we used to default
to the simplest scenario.
Now that we have a critical mass of scenario definitions, retire
this fallback mechanism.

Change-Id: I3ba6b04290806ff78b3ec22b90fa054d45602869
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoHorizon: Fix and reload missing css in Pike 15/50915/4
ting wu [Mon, 22 Jan 2018 09:09:52 +0000 (10:09 +0100)]
Horizon: Fix and reload missing css in Pike

The horizon in Pike release is broken due to missing
the static content. This workaround is to:

- create a missing symbolic link.
  The link is defined as an alias in the apache configuraion
- collecting and compressing static assets
- add single "Default" theme as AVAILABLE_THEMES
- restart apache2 service
- apply the workaround to Salt states
 'openstack_ha' and 'openstack_noha'

JIRA: FUEL-324

Change-Id: Idd70165f1be8d31967a3ab518323e6f3e8406624
Signed-off-by: ting wu <ting.wu@enea.com>
6 years ago[baremetal] Fix ocata reference 55/50955/1
Alexandru Avadanii [Mon, 22 Jan 2018 18:39:42 +0000 (19:39 +0100)]
[baremetal] Fix ocata reference

Previous cherry-pick failed to rename 'ocata' to 'pike'.

JIRA: FUEL-317

Change-Id: Ic1a1145e0652f2a7d15980399232631cf3fc5080
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] Add upstream (lab) proxy support 45/50945/1
Alexandru Avadanii [Sat, 20 Jan 2018 18:56:47 +0000 (19:56 +0100)]
[baremetal] Add upstream (lab) proxy support

If upstream proxy is defined in IDF, propagate it to pillar data:
- linux:system:proxy:keyserver:http(s) for cfg01, mas01;
- maas:region:upstream_proxy for mas01;

Sample IDF config:

idf:
  fuel:
    network:
      upstream_proxy:
        address: 10.0.2.2
        port: 3128

JIRA: FUEL-317

Change-Id: I12be815e1b4564227fb09c20ce06cd71e7d433b6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoAdd support for different public network netmask 17/50417/14
Guillermo Herrero [Thu, 11 Jan 2018 12:23:28 +0000 (13:23 +0100)]
Add support for different public network netmask

 - Remove hardcoded /24 mask

 - Use PDF as source for public network, with reclass params:
   opnfv_net_public, _mask, _gw, _pool_start, _pool_end

 JIRA: FUEL-315

Change-Id: Idf3a4ed8f63f58fa90d9c1dcb7751ef3b1c9bd36
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
6 years agoMerge "reclass: apt_mk_version: stable"
Michael Polenchuk [Mon, 22 Jan 2018 09:22:02 +0000 (09:22 +0000)]
Merge "reclass: apt_mk_version: stable"

6 years agoMerge "[baremetal] Fix cmp proto dhcp on PXE/admin"
Michael Polenchuk [Mon, 22 Jan 2018 09:19:01 +0000 (09:19 +0000)]
Merge "[baremetal] Fix cmp proto dhcp on PXE/admin"

6 years ago[patch] system.repo: Add keyserver proxy support 87/50887/1
Alexandru Avadanii [Mon, 22 Jan 2018 01:10:03 +0000 (02:10 +0100)]
[patch] system.repo: Add keyserver proxy support

Instead of defining a http proxy for all salt-minion traffic, which
also includes some Openstack API accesses we can't filter (no_proxy
is not yet supported), add & leverage support for proxy configuration
during APT keyserver access / key download.

JIRA: FUEL-331

Change-Id: I9470807633596c610cfafb141b139ddda2ff096b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] Fix cmp proto dhcp on PXE/admin 79/50879/1
Alexandru Avadanii [Sun, 21 Jan 2018 17:28:03 +0000 (18:28 +0100)]
[baremetal] Fix cmp proto dhcp on PXE/admin

Although we properly filter the PXE/admin interface in the common
openstack_compute_pdf.yml.j2 template and use DHCP instead of manual
setup, we failed to do the same in scenario-specific overrides
(ODL, OVS), so we end up with 'proto: manual' on PXE/admin on cmp
nodes.

The fix is trivial and reuses the mechanism in the common class in
scenario-specific templates (if interface is PXE/admin, use 'DHCP'
instead of 'manual').

This solves the issue of broken connectivity to Salt master after
cmp reboot.

Change-Id: I1953d03343190acb2efcab4412a3d37e130b0ea9
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoreclass: apt_mk_version: stable 75/50875/3
Alexandru Avadanii [Sun, 21 Jan 2018 02:35:46 +0000 (03:35 +0100)]
reclass: apt_mk_version: stable

Although previous commit d1b6119 changed the first reference of
apt-mk repos to 'stable' from 'nightly', it missed the cluster model.

This fixes redeploys with `-f`, which fail due to conflicts between
already installed 'stable' packages and 'nightly' ones.

Fixes: d1b6119

Change-Id: I854bac86feaaa61da0b68d158e270eec1ee0ccb7
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoGet back to the GA kernel 37/50837/1
Michael Polenchuk [Fri, 19 Jan 2018 12:27:06 +0000 (16:27 +0400)]
Get back to the GA kernel

- openvswitch 2.8 officially supports kernel versions from 3.10 to 4.12
- ODL baremetal scenario is acting up with floating/public SNAT
  flow under hwe edge kernel 4.13

Change-Id: I099d528b3b1c2ea34f8f856cd60f809f90defea6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoINFO: Add Guillermo as Fuel committer 85/50785/1
Alexandru Avadanii [Thu, 18 Jan 2018 17:00:13 +0000 (18:00 +0100)]
INFO: Add Guillermo as Fuel committer

Change-Id: Ibdd21a1fd07ee8e05d3dffb89048f7430543da97
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoSetup mongodb master primarily 49/50649/1
Michael Polenchuk [Mon, 15 Jan 2018 15:04:56 +0000 (19:04 +0400)]
Setup mongodb master primarily

Initiate mongodb master at first to avoid race conditaion with
unwanted master election which causes cluster setup failure.

Change-Id: I6d2f75f3f002849cac3a5f52a7dcfb4646b7822a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoRetry cinder volume state 89/50489/1
Michael Polenchuk [Fri, 12 Jan 2018 10:37:10 +0000 (14:37 +0400)]
Retry cinder volume state

The service of cinder-volume restarts too quickly after package
installation with default/incorrect configuration and goes over restart
threshold, so systemd stops attempt to restart any further causing
state faulure. To fix it properly the RestartSec (i.e. restart delay)
param should be added into cinder-volume.service unit.

Change-Id: Ic8591e8ef52a3d439122f276d275e56bd2442ce6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoMerge "docs: AArch64: Jumpserver min libvirt version"
Alexandru Avadanii [Thu, 11 Jan 2018 17:26:24 +0000 (17:26 +0000)]
Merge "docs: AArch64: Jumpserver min libvirt version"

6 years agodocs: AArch64: Jumpserver min libvirt version 63/50363/4
ting wu [Wed, 10 Jan 2018 12:20:07 +0000 (13:20 +0100)]
docs: AArch64: Jumpserver min libvirt version

 - For the Jumpserver configuration
   Add bridge config
   Add Armband repository list
   Add minimum libvirt version requirement
 - Fix various typo
 - Add option -S, -D in deploy script

JIRA: ARMBAND-337

Change-Id: Ic62819dbb28699cf8a2dba81b7d65a39e3f0b011
Signed-off-by: ting wu <ting.wu@enea.com>
6 years ago[baremetal] Disable dhcp offered routes 03/50403/1
Michael Polenchuk [Thu, 11 Jan 2018 10:53:46 +0000 (14:53 +0400)]
[baremetal] Disable dhcp offered routes

Prevent dhcp client from setting an unwanted
default routes on compute nodes.

Change-Id: I2529491bbc977647e5f457d5f1ba88b0cc4372ee
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoMerge "[centos jump] Add missing dependency for nbd build"
Alexandru Avadanii [Mon, 8 Jan 2018 22:51:53 +0000 (22:51 +0000)]
Merge "[centos jump] Add missing dependency for nbd build"

6 years ago[centos jump] Add missing dependency for nbd build 61/50261/1
Alexandru Avadanii [Mon, 8 Jan 2018 22:00:36 +0000 (23:00 +0100)]
[centos jump] Add missing dependency for nbd build

Change-Id: Icb23d2e6d3bb6e49b54e2d51cc8a35cb03702fcd
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agolib.sh: base image: Prevent using incomplete img 57/50257/1
Alexandru Avadanii [Mon, 8 Jan 2018 16:57:56 +0000 (17:57 +0100)]
lib.sh: base image: Prevent using incomplete img

In case the previous deploy attempt already copied the base image
as the VCP image in order to perform offline operations and failed,
leaving an incomplete image in place, current code might try to use
it instead of building it from scratch.

Use the hash-agnostic link names as checkpoints for successful image
handling.

Change-Id: I1e99e515e18ba1dec534c520811c127b2b528afe
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agolib.sh: Fix `modprobe -f` on Ubuntu 43/50243/1
Alexandru Avadanii [Mon, 8 Jan 2018 15:47:18 +0000 (16:47 +0100)]
lib.sh: Fix `modprobe -f` on Ubuntu

For some reason, `modprobe -f` for a clean nbd module (from vanilla
Ubuntu) fails with exec format error randomly, while a simple
`modprobe` works.

Change-Id: I79785e510cab757e2482baf442054be984c24019
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMaaS: Set commission/deploy timeouts via reclass 61/50161/2
Alexandru Avadanii [Sun, 7 Jan 2018 19:20:36 +0000 (20:20 +0100)]
MaaS: Set commission/deploy timeouts via reclass

Allow end-users to easily change the MaaS commissioning/deploying
timeouts by simply editing the reclass model.
While at it, use arch-specific values and bump deploy timeout on
AArch64 to 20 minutes instead of 15.

Change-Id: I37ae434ecebdd64effb007baa06c722b1db15c66
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agolib.sh: Fix stop condition in wait_for 59/50159/2
Alexandru Avadanii [Sun, 7 Jan 2018 18:22:18 +0000 (19:22 +0100)]
lib.sh: Fix stop condition in wait_for

Change-Id: Ida693b6dd328db283d6992ac33500f4dd1a73eb8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agosalt.sh: Fix linux state apply on cfg01 55/50155/2
Alexandru Avadanii [Sat, 6 Jan 2018 20:30:12 +0000 (21:30 +0100)]
salt.sh: Fix linux state apply on cfg01

cfg01 does not repond or is not connected while trying to apply
linux state via salt.sh, use wait_for macro to account for this.

JIRA: ARMBAND-315

Change-Id: I2d4c63d43f806b65f9ce327f4a00a6334be88750
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agolib.sh: Extend wait_for function to catch no resp 51/50151/2
Alexandru Avadanii [Sun, 31 Dec 2017 18:35:17 +0000 (19:35 +0100)]
lib.sh: Extend wait_for function to catch no resp

wait_for function should be able to also check for minions that did
not return or not respond, in addition to the return code.
To keep it backwards compatible, condition the new check on the max
attempt number being specified in decimal format (e.g. '10.0' unlike
old '10').

Change-Id: If2512cf9121cdd795638efe7362ef0485d4e8d91
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agouser-data.template: Remove salt-minion install 53/50153/2
Alexandru Avadanii [Sat, 6 Jan 2018 20:13:31 +0000 (21:13 +0100)]
user-data.template: Remove salt-minion install

salt-minion is now pre-provisioned inside the image using qemu-nbd.
Revert "lib.sh: Limit envsubst to certain variables"

This reverts commit 3a76d07dbd409b781abdb8520f55a1b20edf07db.
Change-Id: Icceb8bcf439e28ab01c7731c3602c1113290454d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agolib.sh: Cache base image(s) between deploys 57/50157/2
Alexandru Avadanii [Sun, 7 Jan 2018 00:07:15 +0000 (01:07 +0100)]
lib.sh: Cache base image(s) between deploys

Fingerprint and re-use base image artifacts.

Change-Id: Ic7a73c04e27d25addd50e4e9880619a0028956d3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agodeploy.sh: Print sysinfo 47/50147/2
Alexandru Avadanii [Sat, 6 Jan 2018 18:27:04 +0000 (19:27 +0100)]
deploy.sh: Print sysinfo

JIRA: FUEL-323

Change-Id: I0dcbcfbedc7e9ef013ca50dcc08f804323f91701
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "[baremetal] ODL: Move ODL VCP VM to kvm02"
Alexandru Avadanii [Fri, 5 Jan 2018 20:17:08 +0000 (20:17 +0000)]
Merge "[baremetal] ODL: Move ODL VCP VM to kvm02"

6 years ago[baremetal] ODL: Move ODL VCP VM to kvm02 27/50127/1
Alexandru Avadanii [Fri, 5 Jan 2018 18:11:43 +0000 (19:11 +0100)]
[baremetal] ODL: Move ODL VCP VM to kvm02

Balance VM distribution on the 3 kvm nodes, as kvm02 has 4 VCP VMs
while kvm{01,03} have 5 VCP VMs each (without ODL).
Instead of spawning the ODL VCP VM on kvm03, move it to kvm02.

Change-Id: Id03b9453ee7c15cd6785c0bc073a38b87034aede
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agodeploy.sh: Silence cleanup output 25/50125/1
Alexandru Avadanii [Fri, 5 Jan 2018 03:21:01 +0000 (04:21 +0100)]
deploy.sh: Silence cleanup output

Cleanup sequence might print some warnings/errors that are misleading
for new users, so let's silence them.
While at it, remove unused `cleanup` function stub.

Change-Id: Ic4225f7d4b701cd15d96e1bfc5eecfe2c4291eb6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[centos jump] nbd build: Fix REQ_TYPE_SPECIAL 59/50059/1
Alexandru Avadanii [Thu, 4 Jan 2018 21:47:35 +0000 (22:47 +0100)]
[centos jump] nbd build: Fix REQ_TYPE_SPECIAL

Change-Id: Ia514418d2aae1b4f7e752d4610fa6c9829c67e51
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[centos jump] Add nbd build support 97/49997/6
Alexandru Avadanii [Thu, 4 Jan 2018 04:48:28 +0000 (05:48 +0100)]
[centos jump] Add nbd build support

RHEL distros do not maintain nbd, so add a best-effort function
to build it on the fly.

Change-Id: Ie0419f0fed8a0b12f6b878b3093d6ca34f72d140
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agorequirements_rpm: Add epel-release, nbd 91/49991/1
Alexandru Avadanii [Wed, 3 Jan 2018 23:32:56 +0000 (00:32 +0100)]
requirements_rpm: Add epel-release, nbd

qemu-nbd requires the 'nbd' kernel module, which is not available
by default on CentOS 7, but is available from EPEL repo.

Change-Id: I3e8f722d31a97293b077115499a97c93a4751917
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] Switch VCP base image to UCA 77/49977/2
Alexandru Avadanii [Wed, 3 Jan 2018 22:41:32 +0000 (23:41 +0100)]
[baremetal] Switch VCP base image to UCA

Since Mirantis prebuilt image comes with salt-minion 2016.3 instead
of 2016.11 and upgrading it leads to a hard to break catch-22, use
the Ubuntu cloud archive image we already download for FN VMs and
pre-install:
- a newer kernel (hwe-edge);
- salt-minion (2016.11);
This also implicitly aligns the image handling on AArch64 and x86_64.

Change-Id: I86d1c777449d37bdd0348936a598e3ffe9d265af
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoRevert "patches: Drop salt ver sync patch, now upstream" 69/49969/1
Alexandru Avadanii [Wed, 3 Jan 2018 19:08:06 +0000 (20:08 +0100)]
Revert "patches: Drop salt ver sync patch, now upstream"

Unlike nightly dist, stable/2017.12 distributions of salt formulas
repo do not yet include this change, so bring it back.

This reverts commit 8fbafdf8a665fb8fff4d6f9f14c343e109c122ec.

Change-Id: I7f7011750d385a28f4653faeeb74edb1cac1bcf2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] curtin: Bump salt-minion to 2016.11 49/49949/2
Alexandru Avadanii [Wed, 3 Jan 2018 16:43:43 +0000 (17:43 +0100)]
[baremetal] curtin: Bump salt-minion to 2016.11

By default, MaaS formula will install Salt minion 2016.3 via curtin
on physical nodes. 2016.3 does not properly support proxy_host
config option, causing timeouts during `linux.system.repo` SLS apply.

Change-Id: I3d6245f0d4b425170c43b3b62a21ad9acc6cb97e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] Retire mas01 NAT 45/49845/3
Alexandru Avadanii [Tue, 2 Jan 2018 04:36:07 +0000 (05:36 +0100)]
[baremetal] Retire mas01 NAT

Isolate networks by retiring NAT on mas01; also cutting direct
internet access from cluster nodes that are not facing the public
network (prx, cmp).

NOTE: Since we are removing mas01 NAT, VCP VMs (except prx which have
public IPs) and kvm nodes (cmp also have public IPs) will no longer
have direct internet connectivity.
Cluster deployment and operations will work without it, but if it is
required for different reasons, the MaaS proxy could be enabled by
uncommenting the /etc/enviroment section in:
- cluster.baremetal-mcp-pike-common-ha.include.proxy.yml

JIRA: FUEL-317

Change-Id: I5ed8b420296b27df34a54ec1ebd7b7cf58041425
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[patch] Use keystoneclient to check project ID 73/49873/2
Alexandru Avadanii [Wed, 3 Jan 2018 00:03:42 +0000 (01:03 +0100)]
[patch] Use keystoneclient to check project ID

Another prerequisite for decoupling public network from Openstack
internal management network (upstream won't fix it for Pike):
- port fix from [1] for using the internal network when connecting
  to keystone during project ID validation in nova, instead of
  going through public endpoint (and using SSL).

[1] https://bugs.launchpad.net/nova/+bug/1716344

Change-Id: Ic9a307df9af78fcd58cbcc07b5e62a7e07cc8d7d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[patch] keystone: Use v3 for admin endpoint 43/49843/3
Alexandru Avadanii [Tue, 2 Jan 2018 04:45:42 +0000 (05:45 +0100)]
[patch] keystone: Use v3 for admin endpoint

Now that v2 API is obsolete, also switch 'admin' endpoint to v3
(previously it was kept back for OCL compatibility).

Change-Id: I9775d59d5e6b93d7351157f7550a0dd7114bee2f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "[baremetal] heat: Switch metadata API URL to mgmt"
Alexandru Avadanii [Tue, 2 Jan 2018 19:06:00 +0000 (19:06 +0000)]
Merge "[baremetal] heat: Switch metadata API URL to mgmt"

6 years agoMerge "[baremetal] prx: Add management network VIP"
Alexandru Avadanii [Tue, 2 Jan 2018 19:04:40 +0000 (19:04 +0000)]
Merge "[baremetal] prx: Add management network VIP"

6 years ago[patch] Fix OVS ifup workaround 71/49871/1
Alexandru Avadanii [Tue, 2 Jan 2018 18:11:24 +0000 (19:11 +0100)]
[patch] Fix OVS ifup workaround

Do not assume routes are on the same OVS port as the one currently
being configured. Instead, apply the `unless` ifup condition for
any OVS port.

Change-Id: Iea8084f9e50401d300feb7ed16f90b430680cac5
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] heat: Switch metadata API URL to mgmt 41/49841/1
Alexandru Avadanii [Tue, 2 Jan 2018 04:33:19 +0000 (05:33 +0100)]
[baremetal] heat: Switch metadata API URL to mgmt

Prepare for decoupling management from public (drop mas01 NAT):
- ctl: change heat URLs to use new management VIP instead of public;

Change-Id: I8e220ee37bd4177c3afd58a9ee401f815d046706
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] prx: Add management network VIP 33/49833/2
Alexandru Avadanii [Tue, 2 Jan 2018 04:30:39 +0000 (05:30 +0100)]
[baremetal] prx: Add management network VIP

Include `openstack_web_public_vip` class for setting up the
old VIP in the public network, use old class for mgmt VIP.
Also change the generic hostname 'prx' to point inside mgmt net.

Change-Id: Iff69394f16ede290d149a26b054a85371f00f8e0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agodocs: diagrams: Add PXE/admin on cfg01 31/49831/1
Alexandru Avadanii [Mon, 1 Jan 2018 19:42:20 +0000 (21:42 +0200)]
docs: diagrams: Add PXE/admin on cfg01

Refresh diagrams to reflect that the internal network is not used
anymore on jumpserver after PXE/admin was hooked to cfg01.

Change-Id: I4c162d59824e182bc76c0a395742050544e95291
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] MaaS: Enable HTTP proxy 57/49157/10
Alexandru Avadanii [Sun, 17 Dec 2017 18:34:18 +0000 (19:34 +0100)]
[baremetal] MaaS: Enable HTTP proxy

Instead of using NAT on the mas01 node for all cluster node outgoing
traffic, use the MaaS built-in proxy for APT traffic to leverage its
caching capabilities too.
Also enable the proxy for salt minions, so they can access public
keyservers et al.
Cleanup public DNS from kvm nodes, interferes with MaaS proxy.

Add example config for global env proxy, but don't enable it:
- default environment settings - /etc/environment (via reclass);

The MaaS proxy will not be used (at least for now) on nodes:
- cfg01;
- mas01;

NOTE: We can't yet drop the maas.pxe_nat state completely, as certain
Openstack services are still accessed via public addresses from ctl
nodes.

JIRA: FUEL-317
JIRA: FUEL-318

Change-Id: I6c5f6872bb94afb838580571080e808bc262fc68
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[baremetal] cmp: Add missing public gw (default) 91/49791/2
Alexandru Avadanii [Sat, 30 Dec 2017 22:04:17 +0000 (23:04 +0100)]
[baremetal] cmp: Add missing public gw (default)

When we dropped the default gw via mas01 NAT, we uncovered a bug,
compute nodes do not have the proper public gw set up and used
to reach public network via mas01, slowing everything down.
Add gw similar to prx nodes.

Fixes: d4ab072

Change-Id: I4343c31c376a7a223670cdd623366454396d8d92
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agosalt: Use apt-mk 'stable' distribution 77/49777/1
Alexandru Avadanii [Sat, 30 Dec 2017 15:18:41 +0000 (16:18 +0100)]
salt: Use apt-mk 'stable' distribution

'nightly' repo dist from apt-mk is broken, so switch to 'stable'.

Change-Id: Ie12dfc2a499910b8b98a63886ba16044e66435f5
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "[netconfig] APT: Prefer ipv4 connections over ipv6"
Alexandru Avadanii [Fri, 29 Dec 2017 13:22:21 +0000 (13:22 +0000)]
Merge "[netconfig] APT: Prefer ipv4 connections over ipv6"

6 years ago[netconfig] APT: Prefer ipv4 connections over ipv6 33/49733/2
Alexandru Avadanii [Thu, 28 Dec 2017 14:32:43 +0000 (15:32 +0100)]
[netconfig] APT: Prefer ipv4 connections over ipv6

Ubuntu prefers ipv6 connections therefore in some networks, this
breaks software updates (it does a AAAA DNS lookup before A record
lookups). Let's prefer old style ipv4 connections over the new ipv6 in
order to save some processing and resource utilization.

Based on previous work from [1] (but without /etc/gai.conf, only APT).

[1] https://review.openstack.org/#/c/462502/

JIRA: FUEL-321

Change-Id: Ic3dff3baa1c0be9ac95972557d6a2d26641bfe1b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[maas] artifact sync: improve barrier condition 51/49751/1
Alexandru Avadanii [Fri, 29 Dec 2017 01:58:25 +0000 (02:58 +0100)]
[maas] artifact sync: improve barrier condition

Simplify wait condition for MaaS service up, since it's fragile
and often adds extra time when not really needed.
Instead, retry starting boot image import right away.

Change-Id: I131d6c82127449cecf6685d4cc7484a366e658c6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "[patch] haproxy hostname parameterization upstream"
Alexandru Avadanii [Thu, 28 Dec 2017 15:01:31 +0000 (15:01 +0000)]
Merge "[patch] haproxy hostname parameterization upstream"

6 years ago[patch] haproxy hostname parameterization upstream 29/49729/2
Alexandru Avadanii [Thu, 28 Dec 2017 13:43:45 +0000 (14:43 +0100)]
[patch] haproxy hostname parameterization upstream

PR [1] was merged upstream.

[1] https://github.com/Mirantis/reclass-system-salt-model/pull/298

Change-Id: I335ac265b0b0b625c2f488755c5d11710ab354c2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[patch] Use keystone v3 endpoints by default 19/49719/1
Michael Polenchuk [Thu, 28 Dec 2017 09:22:58 +0000 (13:22 +0400)]
[patch] Use keystone v3 endpoints by default

Change-Id: I98fc378fbec3679acf5bad4c089972340daea92c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoMerge "lib.sh: Add delay after `kpartx -av`"
Alexandru Avadanii [Wed, 27 Dec 2017 16:53:34 +0000 (16:53 +0000)]
Merge "lib.sh: Add delay after `kpartx -av`"

6 years agolib.sh: Add delay after `kpartx -av` 03/49703/1
Alexandru Avadanii [Wed, 27 Dec 2017 16:22:55 +0000 (17:22 +0100)]
lib.sh: Add delay after `kpartx -av`

On rare occassions, mapper bindings created by kpartx take longer
to show up, leading to errors when we try to mount them on.
Bring back the hardcoded delay to bypass such issues.

Change-Id: Ib386c04fc55cd85235a2156dba08fda378e4cdfd
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years agoMerge "patches: Squash maas region changes"
Alexandru Avadanii [Wed, 27 Dec 2017 15:57:57 +0000 (15:57 +0000)]
Merge "patches: Squash maas region changes"

6 years ago[ovn] Inject ovn central options 89/49689/1
Michael Polenchuk [Wed, 27 Dec 2017 13:17:13 +0000 (17:17 +0400)]
[ovn] Inject ovn central options

Change-Id: Ib9021ee3ca15c05cc137ae42c263383acb4393bd
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agopatches: Squash maas region changes 67/49667/1
Alexandru Avadanii [Tue, 26 Dec 2017 23:35:15 +0000 (00:35 +0100)]
patches: Squash maas region changes

When re-deploying with `-f` flag, `patch -R` cannot cleanly revert
maas region changes with overlapping context lines, so squash them
into a single file.

Change-Id: I87dae72a12fea833e9e6729de21d4ce5f262695e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
6 years ago[ovn] Mend state name of openstack 23/49623/1
Michael Polenchuk [Mon, 25 Dec 2017 09:36:51 +0000 (13:36 +0400)]
[ovn] Mend state name of openstack

* rename openstack state name with noha suffix
* increase vcpus for compute nodes

Change-Id: I03386c4c1c92d329d847aa506589823e57644ef4
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoMerge "[ovn] Weed out gateway node from reclass storage"
Alexandru Avadanii [Fri, 22 Dec 2017 16:31:04 +0000 (16:31 +0000)]
Merge "[ovn] Weed out gateway node from reclass storage"

6 years ago[vcp] Catch 'no response' of salt minion as well 57/49557/1
Michael Polenchuk [Fri, 22 Dec 2017 13:53:36 +0000 (17:53 +0400)]
[vcp] Catch 'no response' of salt minion as well

Salt minion could return 'no response' and cause an
unconfigured state of the vcp node(s), so catch this output after linux
state as well. Also clean up excess route on proxy nodes.

Change-Id: I3183fa09ff41a8f027ee789869bdae0c3962ab8f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years ago[ovn] Weed out gateway node from reclass storage 37/49537/1
Michael Polenchuk [Fri, 22 Dec 2017 08:45:36 +0000 (12:45 +0400)]
[ovn] Weed out gateway node from reclass storage

Change-Id: I87efd87f8ac05ed9b3189e5dba80748e07c86d5d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoBring in ovn based scenario 35/47335/3
Michael Polenchuk [Thu, 16 Nov 2017 11:39:11 +0000 (15:39 +0400)]
Bring in ovn based scenario

OVN based scenario doesn't require conventional gateway
node since connectivity to external networks and routing
occurs on compute nodes.

Change-Id: I81e0d497170d5ffb067adf13b0e46290525f26a6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years ago[maas] Adjust deployment order/timeouts 59/49359/1
Michael Polenchuk [Wed, 20 Dec 2017 12:27:58 +0000 (16:27 +0400)]
[maas] Adjust deployment order/timeouts

Change-Id: I9dbb51ce2387450e4ae19f8b3444f5e52cfdc71d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years ago[dpdk] Remove user/group setting for ovs rundir 85/49285/3
Michael Polenchuk [Tue, 19 Dec 2017 11:35:35 +0000 (15:35 +0400)]
[dpdk] Remove user/group setting for ovs rundir

The proper patches have been merged into upstream (nova/neutron
formulas, system reclass) to use a separate dir for vhost_user sockets.

Change-Id: Iba8d8a9a05c5ab681b5b5ffbea786dca92704c82
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
6 years agoMerge "[baremetal] MaaS: Reduce timeout values"
Alexandru Avadanii [Tue, 19 Dec 2017 18:09:52 +0000 (18:09 +0000)]
Merge "[baremetal] MaaS: Reduce timeout values"

6 years agoSet libvirt unix_sock_group as an option 93/49293/1
Michael Polenchuk [Tue, 19 Dec 2017 13:59:53 +0000 (17:59 +0400)]
Set libvirt unix_sock_group as an option

Updated libvirt formula now supports group
name as an option for unix socket parameter.

Change-Id: I683e38971fe6c939fd09e95b805d611ddc596f28
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>