ting wu [Wed, 10 Jan 2018 12:20:07 +0000 (13:20 +0100)]
 
docs: AArch64: Jumpserver min libvirt version
 - For the Jumpserver configuration
   Add bridge config
   Add Armband repository list
   Add minimum libvirt version requirement
 - Fix various typo
 - Add option -S, -D in deploy script
JIRA: ARMBAND-337
Change-Id: Ic62819dbb28699cf8a2dba81b7d65a39e3f0b011
Signed-off-by: ting wu <ting.wu@enea.com>
Alexandru Avadanii [Mon, 8 Jan 2018 22:51:53 +0000 (22:51 +0000)]
 
Merge "[centos jump] Add missing dependency for nbd build"
Alexandru Avadanii [Mon, 8 Jan 2018 22:00:36 +0000 (23:00 +0100)]
 
[centos jump] Add missing dependency for nbd build
Change-Id: Icb23d2e6d3bb6e49b54e2d51cc8a35cb03702fcd
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 8 Jan 2018 16:57:56 +0000 (17:57 +0100)]
 
lib.sh: base image: Prevent using incomplete img
In case the previous deploy attempt already copied the base image
as the VCP image in order to perform offline operations and failed,
leaving an incomplete image in place, current code might try to use
it instead of building it from scratch.
Use the hash-agnostic link names as checkpoints for successful image
handling.
Change-Id: I1e99e515e18ba1dec534c520811c127b2b528afe
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 8 Jan 2018 15:47:18 +0000 (16:47 +0100)]
 
lib.sh: Fix `modprobe -f` on Ubuntu
For some reason, `modprobe -f` for a clean nbd module (from vanilla
Ubuntu) fails with exec format error randomly, while a simple
`modprobe` works.
Change-Id: I79785e510cab757e2482baf442054be984c24019
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 7 Jan 2018 19:20:36 +0000 (20:20 +0100)]
 
MaaS: Set commission/deploy timeouts via reclass
Allow end-users to easily change the MaaS commissioning/deploying
timeouts by simply editing the reclass model.
While at it, use arch-specific values and bump deploy timeout on
AArch64 to 20 minutes instead of 15.
Change-Id: I37ae434ecebdd64effb007baa06c722b1db15c66
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 7 Jan 2018 18:22:18 +0000 (19:22 +0100)]
 
lib.sh: Fix stop condition in wait_for
Change-Id: Ida693b6dd328db283d6992ac33500f4dd1a73eb8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 6 Jan 2018 20:30:12 +0000 (21:30 +0100)]
 
salt.sh: Fix linux state apply on cfg01
cfg01 does not repond or is not connected while trying to apply
linux state via salt.sh, use wait_for macro to account for this.
JIRA: ARMBAND-315
Change-Id: I2d4c63d43f806b65f9ce327f4a00a6334be88750
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 31 Dec 2017 18:35:17 +0000 (19:35 +0100)]
 
lib.sh: Extend wait_for function to catch no resp
wait_for function should be able to also check for minions that did
not return or not respond, in addition to the return code.
To keep it backwards compatible, condition the new check on the max
attempt number being specified in decimal format (e.g. '10.0' unlike
old '10').
Change-Id: If2512cf9121cdd795638efe7362ef0485d4e8d91
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 6 Jan 2018 20:13:31 +0000 (21:13 +0100)]
 
user-data.template: Remove salt-minion install
salt-minion is now pre-provisioned inside the image using qemu-nbd.
Revert "lib.sh: Limit envsubst to certain variables"
This reverts commit 
3a76d07dbd409b781abdb8520f55a1b20edf07db.
Change-Id: Icceb8bcf439e28ab01c7731c3602c1113290454d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 7 Jan 2018 00:07:15 +0000 (01:07 +0100)]
 
lib.sh: Cache base image(s) between deploys
Fingerprint and re-use base image artifacts.
Change-Id: Ic7a73c04e27d25addd50e4e9880619a0028956d3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 6 Jan 2018 18:27:04 +0000 (19:27 +0100)]
 
deploy.sh: Print sysinfo
JIRA: FUEL-323
Change-Id: I0dcbcfbedc7e9ef013ca50dcc08f804323f91701
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 5 Jan 2018 20:17:08 +0000 (20:17 +0000)]
 
Merge "[baremetal] ODL: Move ODL VCP VM to kvm02"
Alexandru Avadanii [Fri, 5 Jan 2018 18:11:43 +0000 (19:11 +0100)]
 
[baremetal] ODL: Move ODL VCP VM to kvm02
Balance VM distribution on the 3 kvm nodes, as kvm02 has 4 VCP VMs
while kvm{01,03} have 5 VCP VMs each (without ODL).
Instead of spawning the ODL VCP VM on kvm03, move it to kvm02.
Change-Id: Id03b9453ee7c15cd6785c0bc073a38b87034aede
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 5 Jan 2018 03:21:01 +0000 (04:21 +0100)]
 
deploy.sh: Silence cleanup output
Cleanup sequence might print some warnings/errors that are misleading
for new users, so let's silence them.
While at it, remove unused `cleanup` function stub.
Change-Id: Ic4225f7d4b701cd15d96e1bfc5eecfe2c4291eb6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 4 Jan 2018 21:47:35 +0000 (22:47 +0100)]
 
[centos jump] nbd build: Fix REQ_TYPE_SPECIAL
Change-Id: Ia514418d2aae1b4f7e752d4610fa6c9829c67e51
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 4 Jan 2018 04:48:28 +0000 (05:48 +0100)]
 
[centos jump] Add nbd build support
RHEL distros do not maintain nbd, so add a best-effort function
to build it on the fly.
Change-Id: Ie0419f0fed8a0b12f6b878b3093d6ca34f72d140
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 3 Jan 2018 23:32:56 +0000 (00:32 +0100)]
 
requirements_rpm: Add epel-release, nbd
qemu-nbd requires the 'nbd' kernel module, which is not available
by default on CentOS 7, but is available from EPEL repo.
Change-Id: I3e8f722d31a97293b077115499a97c93a4751917
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 3 Jan 2018 22:41:32 +0000 (23:41 +0100)]
 
[baremetal] Switch VCP base image to UCA
Since Mirantis prebuilt image comes with salt-minion 2016.3 instead
of 2016.11 and upgrading it leads to a hard to break catch-22, use
the Ubuntu cloud archive image we already download for FN VMs and
pre-install:
- a newer kernel (hwe-edge);
- salt-minion (2016.11);
This also implicitly aligns the image handling on AArch64 and x86_64.
Change-Id: I86d1c777449d37bdd0348936a598e3ffe9d265af
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 3 Jan 2018 19:08:06 +0000 (20:08 +0100)]
 
Revert "patches: Drop salt ver sync patch, now upstream"
Unlike nightly dist, stable/2017.12 distributions of salt formulas
repo do not yet include this change, so bring it back.
This reverts commit 
8fbafdf8a665fb8fff4d6f9f14c343e109c122ec.
Change-Id: I7f7011750d385a28f4653faeeb74edb1cac1bcf2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 3 Jan 2018 16:43:43 +0000 (17:43 +0100)]
 
[baremetal] curtin: Bump salt-minion to 2016.11
By default, MaaS formula will install Salt minion 2016.3 via curtin
on physical nodes. 2016.3 does not properly support proxy_host
config option, causing timeouts during `linux.system.repo` SLS apply.
Change-Id: I3d6245f0d4b425170c43b3b62a21ad9acc6cb97e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 2 Jan 2018 04:36:07 +0000 (05:36 +0100)]
 
[baremetal] Retire mas01 NAT
Isolate networks by retiring NAT on mas01; also cutting direct
internet access from cluster nodes that are not facing the public
network (prx, cmp).
NOTE: Since we are removing mas01 NAT, VCP VMs (except prx which have
public IPs) and kvm nodes (cmp also have public IPs) will no longer
have direct internet connectivity.
Cluster deployment and operations will work without it, but if it is
required for different reasons, the MaaS proxy could be enabled by
uncommenting the /etc/enviroment section in:
- cluster.baremetal-mcp-pike-common-ha.include.proxy.yml
JIRA: FUEL-317
Change-Id: I5ed8b420296b27df34a54ec1ebd7b7cf58041425
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 3 Jan 2018 00:03:42 +0000 (01:03 +0100)]
 
[patch] Use keystoneclient to check project ID
Another prerequisite for decoupling public network from Openstack
internal management network (upstream won't fix it for Pike):
- port fix from [1] for using the internal network when connecting
  to keystone during project ID validation in nova, instead of
  going through public endpoint (and using SSL).
[1] https://bugs.launchpad.net/nova/+bug/
1716344
Change-Id: Ic9a307df9af78fcd58cbcc07b5e62a7e07cc8d7d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 2 Jan 2018 04:45:42 +0000 (05:45 +0100)]
 
[patch] keystone: Use v3 for admin endpoint
Now that v2 API is obsolete, also switch 'admin' endpoint to v3
(previously it was kept back for OCL compatibility).
Change-Id: I9775d59d5e6b93d7351157f7550a0dd7114bee2f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 2 Jan 2018 19:06:00 +0000 (19:06 +0000)]
 
Merge "[baremetal] heat: Switch metadata API URL to mgmt"
Alexandru Avadanii [Tue, 2 Jan 2018 19:04:40 +0000 (19:04 +0000)]
 
Merge "[baremetal] prx: Add management network VIP"
Alexandru Avadanii [Tue, 2 Jan 2018 18:11:24 +0000 (19:11 +0100)]
 
[patch] Fix OVS ifup workaround
Do not assume routes are on the same OVS port as the one currently
being configured. Instead, apply the `unless` ifup condition for
any OVS port.
Change-Id: Iea8084f9e50401d300feb7ed16f90b430680cac5
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 2 Jan 2018 04:33:19 +0000 (05:33 +0100)]
 
[baremetal] heat: Switch metadata API URL to mgmt
Prepare for decoupling management from public (drop mas01 NAT):
- ctl: change heat URLs to use new management VIP instead of public;
Change-Id: I8e220ee37bd4177c3afd58a9ee401f815d046706
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 2 Jan 2018 04:30:39 +0000 (05:30 +0100)]
 
[baremetal] prx: Add management network VIP
Include `openstack_web_public_vip` class for setting up the
old VIP in the public network, use old class for mgmt VIP.
Also change the generic hostname 'prx' to point inside mgmt net.
Change-Id: Iff69394f16ede290d149a26b054a85371f00f8e0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 1 Jan 2018 19:42:20 +0000 (21:42 +0200)]
 
docs: diagrams: Add PXE/admin on cfg01
Refresh diagrams to reflect that the internal network is not used
anymore on jumpserver after PXE/admin was hooked to cfg01.
Change-Id: I4c162d59824e182bc76c0a395742050544e95291
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sun, 17 Dec 2017 18:34:18 +0000 (19:34 +0100)]
 
[baremetal] MaaS: Enable HTTP proxy
Instead of using NAT on the mas01 node for all cluster node outgoing
traffic, use the MaaS built-in proxy for APT traffic to leverage its
caching capabilities too.
Also enable the proxy for salt minions, so they can access public
keyservers et al.
Cleanup public DNS from kvm nodes, interferes with MaaS proxy.
Add example config for global env proxy, but don't enable it:
- default environment settings - /etc/environment (via reclass);
The MaaS proxy will not be used (at least for now) on nodes:
- cfg01;
- mas01;
NOTE: We can't yet drop the maas.pxe_nat state completely, as certain
Openstack services are still accessed via public addresses from ctl
nodes.
JIRA: FUEL-317
JIRA: FUEL-318
Change-Id: I6c5f6872bb94afb838580571080e808bc262fc68
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 30 Dec 2017 22:04:17 +0000 (23:04 +0100)]
 
[baremetal] cmp: Add missing public gw (default)
When we dropped the default gw via mas01 NAT, we uncovered a bug,
compute nodes do not have the proper public gw set up and used
to reach public network via mas01, slowing everything down.
Add gw similar to prx nodes.
Fixes: 
d4ab072
Change-Id: I4343c31c376a7a223670cdd623366454396d8d92
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 30 Dec 2017 15:18:41 +0000 (16:18 +0100)]
 
salt: Use apt-mk 'stable' distribution
'nightly' repo dist from apt-mk is broken, so switch to 'stable'.
Change-Id: Ie12dfc2a499910b8b98a63886ba16044e66435f5
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 29 Dec 2017 13:22:21 +0000 (13:22 +0000)]
 
Merge "[netconfig] APT: Prefer ipv4 connections over ipv6"
Alexandru Avadanii [Thu, 28 Dec 2017 14:32:43 +0000 (15:32 +0100)]
 
[netconfig] APT: Prefer ipv4 connections over ipv6
Ubuntu prefers ipv6 connections therefore in some networks, this
breaks software updates (it does a AAAA DNS lookup before A record
lookups). Let's prefer old style ipv4 connections over the new ipv6 in
order to save some processing and resource utilization.
Based on previous work from [1] (but without /etc/gai.conf, only APT).
[1] https://review.openstack.org/#/c/462502/
JIRA: FUEL-321
Change-Id: Ic3dff3baa1c0be9ac95972557d6a2d26641bfe1b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 29 Dec 2017 01:58:25 +0000 (02:58 +0100)]
 
[maas] artifact sync: improve barrier condition
Simplify wait condition for MaaS service up, since it's fragile
and often adds extra time when not really needed.
Instead, retry starting boot image import right away.
Change-Id: I131d6c82127449cecf6685d4cc7484a366e658c6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 28 Dec 2017 15:01:31 +0000 (15:01 +0000)]
 
Merge "[patch] haproxy hostname parameterization upstream"
Alexandru Avadanii [Thu, 28 Dec 2017 13:43:45 +0000 (14:43 +0100)]
 
[patch] haproxy hostname parameterization upstream
PR [1] was merged upstream.
[1] https://github.com/Mirantis/reclass-system-salt-model/pull/298
Change-Id: I335ac265b0b0b625c2f488755c5d11710ab354c2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Thu, 28 Dec 2017 09:22:58 +0000 (13:22 +0400)]
 
[patch] Use keystone v3 endpoints by default
Change-Id: I98fc378fbec3679acf5bad4c089972340daea92c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Wed, 27 Dec 2017 16:53:34 +0000 (16:53 +0000)]
 
Merge "lib.sh: Add delay after `kpartx -av`"
Alexandru Avadanii [Wed, 27 Dec 2017 16:22:55 +0000 (17:22 +0100)]
 
lib.sh: Add delay after `kpartx -av`
On rare occassions, mapper bindings created by kpartx take longer
to show up, leading to errors when we try to mount them on.
Bring back the hardcoded delay to bypass such issues.
Change-Id: Ib386c04fc55cd85235a2156dba08fda378e4cdfd
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 27 Dec 2017 15:57:57 +0000 (15:57 +0000)]
 
Merge "patches: Squash maas region changes"
Michael Polenchuk [Wed, 27 Dec 2017 13:17:13 +0000 (17:17 +0400)]
 
[ovn] Inject ovn central options
Change-Id: Ib9021ee3ca15c05cc137ae42c263383acb4393bd
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Tue, 26 Dec 2017 23:35:15 +0000 (00:35 +0100)]
 
patches: Squash maas region changes
When re-deploying with `-f` flag, `patch -R` cannot cleanly revert
maas region changes with overlapping context lines, so squash them
into a single file.
Change-Id: I87dae72a12fea833e9e6729de21d4ce5f262695e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Mon, 25 Dec 2017 09:36:51 +0000 (13:36 +0400)]
 
[ovn] Mend state name of openstack
* rename openstack state name with noha suffix
* increase vcpus for compute nodes
Change-Id: I03386c4c1c92d329d847aa506589823e57644ef4
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Fri, 22 Dec 2017 16:31:04 +0000 (16:31 +0000)]
 
Merge "[ovn] Weed out gateway node from reclass storage"
Michael Polenchuk [Fri, 22 Dec 2017 13:53:36 +0000 (17:53 +0400)]
 
[vcp] Catch 'no response' of salt minion as well
Salt minion could return 'no response' and cause an
unconfigured state of the vcp node(s), so catch this output after linux
state as well. Also clean up excess route on proxy nodes.
Change-Id: I3183fa09ff41a8f027ee789869bdae0c3962ab8f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Fri, 22 Dec 2017 08:45:36 +0000 (12:45 +0400)]
 
[ovn] Weed out gateway node from reclass storage
Change-Id: I87efd87f8ac05ed9b3189e5dba80748e07c86d5d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Thu, 16 Nov 2017 11:39:11 +0000 (15:39 +0400)]
 
Bring in ovn based scenario
OVN based scenario doesn't require conventional gateway
node since connectivity to external networks and routing
occurs on compute nodes.
Change-Id: I81e0d497170d5ffb067adf13b0e46290525f26a6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Wed, 20 Dec 2017 12:27:58 +0000 (16:27 +0400)]
 
[maas] Adjust deployment order/timeouts
Change-Id: I9dbb51ce2387450e4ae19f8b3444f5e52cfdc71d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Tue, 19 Dec 2017 11:35:35 +0000 (15:35 +0400)]
 
[dpdk] Remove user/group setting for ovs rundir
The proper patches have been merged into upstream (nova/neutron
formulas, system reclass) to use a separate dir for vhost_user sockets.
Change-Id: Iba8d8a9a05c5ab681b5b5ffbea786dca92704c82
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Tue, 19 Dec 2017 18:09:52 +0000 (18:09 +0000)]
 
Merge "[baremetal] MaaS: Reduce timeout values"
Michael Polenchuk [Tue, 19 Dec 2017 13:59:53 +0000 (17:59 +0400)]
 
Set libvirt unix_sock_group as an option
Updated libvirt formula now supports group
name as an option for unix socket parameter.
Change-Id: I683e38971fe6c939fd09e95b805d611ddc596f28
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Mon, 18 Dec 2017 21:12:23 +0000 (22:12 +0100)]
 
[baremetal] MaaS: Reduce timeout values
`maas_fixup` is already re-entrant, so we can execute it more than
once during a commissioning/deploy cycle. Reduce the timeout waiting
for all nodes to reach a stable state, so nodes stuck in 'Ready'
state instead of reaching 'Deploying' get dealt with sooner (~5 min
vs old 30 min).
While at it, let `maas_fixup` handle machine deploy as well, so we
can catch nodes stuck in 'Ready' state and re-trigger the deploy.
Change-Id: Id24cc97b17489835c5846288639a9a6032bd320a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 18 Dec 2017 15:39:01 +0000 (15:39 +0000)]
 
Merge "states: networks: Use role-based addressing"
Alexandru Avadanii [Mon, 18 Dec 2017 15:37:31 +0000 (15:37 +0000)]
 
Merge "[baremetal] cleanup: Remove unused gtw node data"
Alexandru Avadanii [Mon, 18 Dec 2017 15:35:56 +0000 (15:35 +0000)]
 
Merge "[baremetal] Move salt master IP to PXE/admin"
Michael Polenchuk [Mon, 18 Dec 2017 13:28:12 +0000 (17:28 +0400)]
 
[maas] Set edge hwe kernel as a default minimum
Change-Id: I360dcb675c90b6f20687979ebc493afe6682c821
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Mon, 18 Dec 2017 08:38:21 +0000 (08:38 +0000)]
 
Merge "salt.sh: Use salt-call to apply linux sls on cfg01"
Michael Polenchuk [Mon, 18 Dec 2017 08:25:15 +0000 (08:25 +0000)]
 
Merge "[baremetal] MaaS: Fix DHCP dynamic reserved range"
Michael Polenchuk [Mon, 18 Dec 2017 07:23:20 +0000 (07:23 +0000)]
 
Merge "ci/deploy.sh: maas: cleanup_uefi on env erase"
Alexandru Avadanii [Sat, 16 Dec 2017 22:29:54 +0000 (23:29 +0100)]
 
[baremetal] Move salt master IP to PXE/admin
Use PXE/admin network for salt traffic from/to all minions
except cfg01, mas01.
This allows us to drop the route to admin net from cfg01.
Change-Id: Ic2526f1ff77afe5d92ced900971f4c8f78d2d8a2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 18 Dec 2017 03:39:01 +0000 (04:39 +0100)]
 
salt.sh: Use salt-call to apply linux sls on cfg01
Also, retry applying linux high state up to twice, due to rare
spurious failures with 'No reponse' status.
Change-Id: Ic7839a5c9501673cb127412136afb91e05f87a7e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 16 Dec 2017 20:11:26 +0000 (21:11 +0100)]
 
[baremetal] MaaS: Fix DHCP dynamic reserved range
- patch MaaS to default to `DHCP` instead of `AUTO` for physical
  PXE interfaces (all IPs will be handed out by MaaS DHCP *inside* the
  defined dynamic DHCP IP range);
- reduce range to silence bogus MaaS warning about address exhaustion;
- regenerate pod_config.yml.example to reflect the changes;
- drop `opnfv_infra_maas_pxe_address` (duplicate of
  `opnfv_infra_maas_node01_deploy_address`);
- add `opnfv_infra_config_pxe_address` for future usage;
- while at it, fix missing patch copyright;
JIRA: FUEL-316
Change-Id: I81fad333e77f7c8508cd2b2b267c7b39c130e3e1
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 16 Dec 2017 18:18:45 +0000 (19:18 +0100)]
 
[baremetal] cleanup: Remove unused gtw node data
Change-Id: I48f73caa0f7cae532d4d9b3f68e1d8de59f8dd9e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 16 Dec 2017 17:55:02 +0000 (18:55 +0100)]
 
states: networks: Use role-based addressing
JIRA: FUEL-310
Change-Id: Ice6d6bbb2d2ee8e21f2757b02056873d1a030ea3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 9 Dec 2017 01:39:33 +0000 (02:39 +0100)]
 
ci/deploy.sh: maas: cleanup_uefi on env erase
Running `ci/deploy.sh -EE` should also perform an UEFI boot option
cleanup, otherwise we risk booting the previously installed OS.
While at it, reduce delay between nodes removal and fix a rare failure
for `-EE` when no nodes are defined in MaaS.
Change-Id: I789ffd3e22545921216f7d5ee3509c76354542eb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 4 Dec 2017 21:33:53 +0000 (22:33 +0100)]
 
[baremetal] Move VCP iface config to own yml
- move linux.network.interface definitions to their own classes, which
  also removes the previous requirement of defining {dhcp,single}_nic
  parameters in classes that don't actually use them;
- drop now useless {dhcp,single}_nic parameters;
- expand linux_{dhcp,single}_interface macros, since they cause issues
  with reclass dict-merge while attempting to override sub-vars (i.e.
  it's not possible to set 'enabled: false' via reclass interpolation);
JIRA: FUEL-310
Change-Id: I29d921f545e761de335a60e242a4523d13b06c78
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 14 Dec 2017 17:17:37 +0000 (17:17 +0000)]
 
Merge "patches: Drop salt ver sync patch, now upstream"
Alexandru Avadanii [Thu, 14 Dec 2017 17:10:27 +0000 (17:10 +0000)]
 
Merge "[baremetal] idf support for different board types"
Alexandru Avadanii [Thu, 14 Dec 2017 16:51:48 +0000 (16:51 +0000)]
 
Merge "Add tutorial for reclass-doc tool in documentation"
Alexandru Avadanii [Thu, 14 Dec 2017 16:47:55 +0000 (17:47 +0100)]
 
patches: Drop salt ver sync patch, now upstream
Upstream pull request [1] was merged, drop out patch.
[1] https://github.com/salt-formulas/salt-formula-salt/pull/64
Change-Id: I7aac66349a4bec718f7821b75dbad711cd6acd58
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 14 Dec 2017 16:23:03 +0000 (16:23 +0000)]
 
Merge "Update release notes for 5.1"
Michael Polenchuk [Sat, 25 Nov 2017 16:41:20 +0000 (17:41 +0100)]
 
Return back repo with glusterfs
Glusterfs 3.11 package from UCA repo has the bug#875651, which
causes package instalation error due to timeout of glustereventsd
service startup. Therefore get the latest version from PPA repo.
Change-Id: Ia47d969e758c8689508dfd6b7fd2725514ea88c5
Co-Authored-By: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Guillermo Herrero [Thu, 14 Dec 2017 10:36:35 +0000 (11:36 +0100)]
 
[baremetal] idf support for different board types
This modification enables having different models of target nodes
but restricts them to two groups of the same kind assuming:
 - 3 KVMs will be same model and have the same NIC names
 - 2 Compute nodes will be the same model and have same NIC names
This is an ad-hoc change for arm-pod7. Will work for all other setups
but the jinja2 logic should be evetually extended to support a per
board approach, allowing any board to be any kind
Change-Id: Ie994d661e3dbe5b9a33d290a850a6152cf320c86
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
Michael Polenchuk [Thu, 14 Dec 2017 08:07:30 +0000 (08:07 +0000)]
 
Merge "[baremetal] Upgrade packages on kvm, cmp nodes too"
Alexandru Avadanii [Thu, 14 Dec 2017 02:05:20 +0000 (03:05 +0100)]
 
Revert "Horizon: service: Default to v2 API"
Pike Horizon packages contain the fix for full v3 compatibility.
Also update the reclass models to use v3 API.
JIRA: FUEL-284
This reverts commit 
68ff467c4c2d9d0f201e2912c97616402f8109a3.
Change-Id: I7795197100a67f892889eefce73252ec90d289cc
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Thu, 14 Dec 2017 01:33:28 +0000 (02:33 +0100)]
 
[baremetal] Upgrade packages on kvm, cmp nodes too
MaaS installs a few packages via curtin, which don't get upgraded
later, even if we add extra repos (it will be the case for novcp).
Perform a package upgrade on all baremetal nodes, as it's also a
good security practice.
JIRA: FUEL-310
Change-Id: Ib365e42a0d2f65813fc9bef516326ec89fe407de
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 13 Dec 2017 19:59:46 +0000 (20:59 +0100)]
 
deploy.sh: Fix missing space in dependencies list
Change-Id: I4d41ff8b9f7c1b59a2c1a400b9335f17b8c542be
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Wed, 13 Dec 2017 19:29:02 +0000 (19:29 +0000)]
 
Merge "deploy.sh: Factor out pkg deps into yaml files"
Alexandru Avadanii [Sun, 20 Aug 2017 16:18:53 +0000 (18:18 +0200)]
 
patches: libvirt: Use "libvirt" unix_sock_group
Now that libvirt 3.6 is used on kvm nodes (via UCA repos), which
by default uses "libvirt" group for socket ownership,
change old "libvirtd" in salt-formula-libvirt's:
- libvirt/files/libvirtd.conf.Debian
This allows us to remove the manual group creation from VCP state
file, which was not re-entrant (failed if group already existed).
Change-Id: Id61fecd82daec1c0716ff4796b79dce47d096c3a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Wed, 13 Dec 2017 12:00:29 +0000 (16:00 +0400)]
 
[baremetal] Link br-ex as ovs port
Add br-ex and physical public interface
as ports directly to ovs bridge.
Change-Id: I12c078d3e286af7c5fa3078cc055905c03cf600b
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Charalampos Kominos [Thu, 7 Dec 2017 10:19:04 +0000 (11:19 +0100)]
 
Add tutorial for reclass-doc tool in documentation
JIRA: FUEL-293
Change-Id: I2612e8d63875dca4d05f8c30db24a5ae84cc8dea
Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com>
Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
Cristina Pauna [Wed, 13 Dec 2017 15:17:49 +0000 (17:17 +0200)]
 
Update release notes for 5.1
The release notes are updated with relevant Jira filters and
changes since 5.0
Change-Id: If14cb0369ced899d17608ef43e93b848e8b2a5c8
Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
Alexandru Avadanii [Tue, 12 Dec 2017 22:07:56 +0000 (23:07 +0100)]
 
AArch64: Move to pike-armband repo
Armband restructured its repos to support UCA-only virtual deploys,
propagate the change to our base image pre-build. Drop apt-mk repos,
should only be added later by Salt, when MCP repos are also present.
JIRA: ARMBAND-338
Change-Id: Ieafa6d3fb0599679341053187b4a7d778af86428
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Sat, 9 Dec 2017 17:20:16 +0000 (18:20 +0100)]
 
deploy.sh: Factor out pkg deps into yaml files
Instead of hardcoding the packages to install on the jumphost at
deploy time in `ci/deploy.sh`, move the requirements list to a
dedicated yaml file, so it is decoupled from actual code.
While at it, add missing deps:
- ipxe-qemu (AArch64 Ubuntu only);
Change-Id: I9ee5c0796b70f9d29427d608b6415333c8841e1e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Tue, 12 Dec 2017 15:51:22 +0000 (15:51 +0000)]
 
Merge "[baremetal] Move all MaaS PXE net config to PDF"
Alexandru Avadanii [Tue, 12 Dec 2017 15:42:14 +0000 (15:42 +0000)]
 
Merge "[baremetal] Fixup pike deployment (2)"
Michael Polenchuk [Tue, 12 Dec 2017 09:00:30 +0000 (13:00 +0400)]
 
[baremetal] Fixup pike deployment (2)
* align dpdk packages list
* add missing libvirtd group to vcp host nodes
Change-Id: Ideab2b16ca0561035b225e58bf3d0c5653d303bb
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Tue, 12 Dec 2017 08:48:28 +0000 (12:48 +0400)]
 
[baremetal] Set public vlan tag on ovs port
Change-Id: Ia5a34d8d8a9649fc911198fed86aee51071ba568
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Alexandru Avadanii [Mon, 11 Dec 2017 19:40:11 +0000 (19:40 +0000)]
 
Merge "AArch64: s/ocata/pike/g in scenario defaults"
Alexandru Avadanii [Mon, 11 Dec 2017 18:56:54 +0000 (19:56 +0100)]
 
AArch64: s/ocata/pike/g in scenario defaults
We hard set some repo URLs used for base image pre-building, so bump
those to Pike, now that Armband repos for Pike are populated.
JIRA: ARMBAND-335
Change-Id: Ibd7267b628985a3c7a33d9d8a93c824077c69f10
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Fri, 8 Dec 2017 00:20:47 +0000 (01:20 +0100)]
 
[baremetal] Move all MaaS PXE net config to PDF
- s/opnfv_maas_pxe_/opnfv_infra_maas_pxe_/g to align with other vars;
- patches: pharos: Add MaaS PXE network to installer adapter;
- runtime.yml{,.template}: move to installer adapter, update
  pod_config.yml example;
- drop MAAS_PXE_NETWORK global env var, now read strictly from PDF;
JIRA: FUEL-313
Change-Id: I46d7510bd53fba7890c411d36bc28fd6ff6f3648
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 11 Dec 2017 18:15:15 +0000 (19:15 +0100)]
 
patches: pharos: Bump & drop upstream patches
All our staged patches for Pharos repo are now upstream, so bump
the git submodule and remove the patch files.
Change-Id: I0d68eb3bdd9abfa286c3640acc1f13ce6100801d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Alexandru Avadanii [Mon, 11 Dec 2017 17:41:37 +0000 (17:41 +0000)]
 
Merge "[baremetal] cleanup: Parameterize VCP hostnames"
Alexandru Avadanii [Mon, 11 Dec 2017 17:15:05 +0000 (17:15 +0000)]
 
Merge "[baremetal] Fixup pike deployment"
Alexandru Avadanii [Mon, 11 Dec 2017 17:11:48 +0000 (17:11 +0000)]
 
Merge "pod_config: cleanup: Drop infra_compute_*_address"
Alexandru Avadanii [Sun, 10 Dec 2017 19:24:01 +0000 (20:24 +0100)]
 
[baremetal] cleanup: Parameterize VCP hostnames
We already define the hostnames in a central location
(openstack_init), so use the reclass params instead of hardcodes.
Also handle hardcoded hostnames in system.haproxy.proxy.listen
and system.mongodb.server.cluster.
This will also simplify later changes for novcp scenarios.
JIRA: FUEL-310
Change-Id: I2a8b4cd1fcb61a7c63f9047123d985bb688dca0a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Michael Polenchuk [Mon, 11 Dec 2017 15:13:25 +0000 (15:13 +0000)]
 
Revert "Bring in newer glusterfs for mtime unsplit brain"
Since the uca/pike repo has version of 3.11
This reverts commit 
8a867449217151f59766a74c6165ffc26c7f50b4.
Change-Id: I5cc0d94b4a1b53b987fab03bc20466ee3c3eb8b2
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Michael Polenchuk [Mon, 11 Dec 2017 15:30:17 +0000 (19:30 +0400)]
 
[baremetal] Fixup pike deployment
* up glusterfs.client state before actual volume usage
* handle keystone server state
* specify suitable nova packages list for uca repo
  (consoleproxy vs novncproxy)
* upgrade vcp nodes to get proper cryptography
  library for keystone
* align service names for libvirt & glusterfs
Change-Id: Iaeb7d147e6d407bbeaec2d40fd81037c939c3fe0
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>