summaryrefslogtreecommitdiffstats
path: root/lib
AgeCommit message (Collapse)AuthorFilesLines
2018-07-31Use metadata IP instead of FQDNTim Rozet1-0/+11
There is an issue with loss of external network connectivity that prevents cloud init to instances working. This becomes a big problem with snapshots where there is no external network connectivity. Cloud init fails because each request takes over 30 seconds to get a response. This is because in the background neutron metadata agent is proxying the request to nova metadata agent with an HTTP GET using the FQDN. For whatever reason, a DNS lookup happens even though the entry exists for the FQDN in /etc/hosts and waits 30 seconds until timing out. After this timeout, a 200 OK is sent and metadata works. This patch modifies the config file for metadata to use nova metadata server's internal IP rather than FQDN as there is no option in OOO to use IPs instead of FQDN. Change-Id: I6960181a227d0002c99aeae5112f59807dc41d7a Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-07-26Disable undercloud as containers for nowTim Rozet2-2/+2
Upstream has moved to install undercloud as containers which breaks our post undercloud configuration for some services. Disable it for now and then move to it gracefully in a future patch. Change-Id: I0cd1a8ddac4ba92734750265d2a16d3ef008f236 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-07-26Merge "Remove obsolete Ceph tags"Tim Rozet1-29/+16
2018-07-26Remove obsolete Ceph tagsRicardo Noriega1-29/+16
This patch removes the logic to use an specific tag for Ceph containers. We will use whatever docker image TripleO upstream uses. For aarch64, an ansible task will replace the tag to pull the proper container image. This patch also refactors the preparation of the local registry. In Queens, there is no need to execute twice the overcloud container image prepare command. JIRA: APEX-622 Change-Id: I947d931609e58505675bb460a59d08c1d10d1d0b Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2018-07-24Open port 8101 on controllers for karafTim Rozet1-0/+15
By default 8101 (karaf shell) is blocked on controllers. In Apex we advertise in our user guide (and tools scripts) the ability to connect to karaf shell. It is also required to run CSIT. This patch opens the port when ODL is deployed. Change-Id: Ib3ece41f19607bafc329d9de390cf774766a26cd Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-07-20Fixes for snapshotsTim Rozet1-0/+6
With deploying snapshots with a new ODL, we currently bring down the docker container and bring up the tar.gz distro of ODL on the Overcloud host itself (not rebuilding/using container). Therefore we need java installed so that ODL can run on the host. In the future this may change, but it works well and keeps things simple for now. Additionally, there was a change upstream to make the opendaylight container docker restart policy "unless-stopped" which means it will no longer restart automatically when docker is stopped/started. Therefore on first snapshot bring up (without the previously mentioned ODL reinstallation) the container does not start, and snapshot deployment fails. This patch includes a change to the restart policy to always restart it. Change-Id: Icc712ba147e578a28e371313154ae3190676f0dc Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-07-18Add param for ODL password into overcloudrcTim Rozet1-0/+14
Recent changes upstream have removed the default 'admin' ODL password and now password is randomly generated: https://review.openstack.org/#/c/578505/ So in OPNFV we now store the password in overcloudrc as SDN_CONTROLLER_PASSWORD variable. Also includes minor fixes to unittests. Change-Id: Iabe7e4f902442c80af99ba1603a3927cf13d0393 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-07-06Add support for kubernetes deploymentZenghui Shi4-3/+16
This patch adds capability to deploy kubernetes cluster instead of openstack. Kubernetes will be deployed using kubespray and is run after TripleO bookstraps overcloud nodes. JIRA: APEX-574 Change-Id: If9c171620c933a052b719e7112a50e22bbab667f Signed-off-by: Feng Pan <fpan@redhat.com> Signed-off-by: Zenghui Shi <zshi@redhat.com>
2018-07-06Fix neutron-opendaylight-sriov.yaml pathFeng Pan2-2/+2
In latest THT upstream, environment file neutron-opendaylight-sriov.yaml was moved to services folder. Updating references in Apex to avoid deploy failure. Change-Id: I7065e0d8e13c9add9ead282db2244a27c177e5a4 Signed-off-by: Feng Pan <fpan@redhat.com>
2018-06-19Merge "Fixes Ceph PG calculation"Feng Pan1-0/+8
2018-06-18Fixes Ceph PG calculationTim Rozet1-0/+8
Baremetal deployments were failing because the ceph PG size was exceeding the max allowed. Virtual was still working because we lower the number of pools and pg/osd. This patch changes the values to a number which should work for both virtual and baremetal. Also includes a fix which adds the controllers back as OSDs and a few other cleanup issues. JIRA: APEX-614 JIRA: APEX-569 Change-Id: I2ad65727ecdcaa0454eb53d25e32b7f1a53cd3a4 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-06-18Fetch mistral logs from undercloudTim Rozet1-3/+18
/var/lib/mistral path contains logs for when ansible is invoked by TripleO for Ceph configuration as well as config download. This patch now archives and fetches that directory. Logs in previous releases like Queens store the Ceph logs in /var/log/mistral. Change-Id: I50c43e55efaa5dbcf8b7fb00b0e11cd3288fdd05 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-05-30Configure NAT with baremetal when necessaryTim Rozet1-1/+1
We currently only enable NAT on undercloud for virtual deployments. However, there could be a case where a baremetal deployment also needs NAT as it is not using an interface on the overcloud nodes with external access. Therefore this patch changes the behavior to configure NAT when the gateway of either the external or admin (when external is disabled) network matches an IP assigned to the undercloud. JIRA: APEX-605 Change-Id: I9c79af371913e6e5f0d39b433f68205bc7e106c5 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-05-25Remove pacmeaker workaroundTim Rozet1-27/+0
There was a compatibility issue with the centos 7.4/7.5 between the host pacemaker version and container. Now that containers have moved to 7.5 we should not need this workaround anymore. Change-Id: I9632c65e87687d4f36130719c6df9af2e913eed8 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-05-21Migrates master to use direct upstreamTim Rozet4-6/+51
We now move master to deploy from upstream. That means we do not need to build undercloud/overcloud images anymore. Changes-Include: - Remove bash build scripts as we do not need to build anything other than the python package anymore - Remove building images or iso from build.py - Remove building of images and iso from Makefile - Rename/refactor deploy settings files for nosdn and odl. The new convention is that the typical scenario names we use will deploy master. We also support n-1 OS, so in that case we use the branch name for the "feature" in the scenario name: os-odl-queens-noha. - Tacker/Congress are disabled in settings files until we fix that with upstream. Containers are now enabled by default. - Disable TLS for undercloud (was changed upstream to default enabled) - Fix environments docker directory for master THT (was changed upstream) - Includes fix for LP#1768901 - Includes workaround for LP#1770692 - Moves to docker.io for container images as it is more stable and should contain the same images - Removes the term 'common' from apex packaging for referencing the Python Apex package Change-Id: If6b433860b3ff882686c78d0f24a2f0c52b9b57a Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-04-09Fix functional issues after nosdn deploymentTim Rozet1-0/+17
After deploying with nosdn, it looks like there is some out of state issue between the services. First guess looks like something is going on with the services and timing of registering to each other through rabbit. Simply restarting the services seems to sync them back up correctly. Change-Id: I417911067c841725ee12eb9354e5759054724e01 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-04-04Adds the ability to fetch logs from deploymentTim Rozet2-0/+38
Usage: opnfv-pyutil --fetch-logs python3 utils.py --fetch-logs --lib-dir ../lib Eventually all utils.sh functions will be migrated here. Note there is no support here for containers. Will be added later. Change-Id: I223b8592ad09e0370e287ee2801072db31f9aa12 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-03-16Enables containerized overcloud deploymentsTim Rozet3-56/+140
Changes Include: - For upstream deployments, Docker local registry will be updated with latest current RDO containers, regular deployments will use latest stable - Upstream container images will then be patched/modified and then re-uploaded into local docker registry with 'apex' tag - Deployment command modified to deploy with containers - Adds a --no-fetch deployment argument to disable pulling latest from upstream, and instead using what already exists in cache - Moves Undercloud NAT setup to just after undercloud is installed. This provides internet during overcloud install which is now required for upstream container deployments. - Creates loop device for Ceph deployment when no device is provided in deploy settings (for container deployment only) - Updates NIC J2 template to use the new format in OOO since the os-apply-config method is now deprecated in > Queens JIRA: APEX-566 JIRA: APEX-549 Change-Id: I0652c194c059b915a942ac7401936e8f5c69d1fa Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-03-16Merge "Adding SRIOV scenario"Tim Rozet2-0/+11
2018-03-15Adding SRIOV scenarioRicardo Noriega2-0/+11
This scenario should enable SRIOV interfaces to be used by Neutron. Only will be supported in baremetal deployments with SRIOV capable NICs. The name of the interface must be known in advance and the physnet of the SRIOV network is set as nfv_sriov. Change-Id: Ie4295413e0be2197bd9ada4f887f6b47cd486765 Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2018-03-12Adds OS_REGION_NAME into overcloudrc filesTim Rozet1-0/+15
Although this is not required to be able to access overcloud, it is required by some tests in Functest. JIRA: APEX-570 Change-Id: I45deaa8061f1be44ce80eed4810537eaf6841803 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-03-07Merge "Adding libguestfs-tools as dependency"Feng Pan1-0/+1
2018-02-16Add http(s)_proxy handling to apexDan Radez1-0/+12
JIRA: APEX-512 Change-Id: I875bd99203b425e448e7a3f64eb9a8f99d03ddaf Signed-off-by: Dan Radez <dradez@redhat.com>
2018-02-15Ensures v4/v6 iptables filters are loadedTim Rozet1-0/+6
We configure host iptables to open different ports for VBMC. This may fail if the iptables filters are not loaded. JIRA: APEX-521 Change-Id: Ia33032c29aba3555551e39b4f819087aeafe05d9 Signed-off-by: Tim Rozet <trozet@redhat.com>
2018-02-15Adding libguestfs-tools as dependencyRicardo Noriega1-0/+1
Needed for virt-customize the images Change-Id: Ide3fff2c6b850047add6eeed4082c518c36e6e74 Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
2018-02-07Allow disabling ipxe for provisioningDan Radez1-3/+0
JIRA: APEX-535 Change-Id: I52d17e962fc4a504db1ddbc20df0ac56a208f34b Signed-off-by: Dan Radez <dradez@redhat.com>
2018-01-31wrapping up deploy items for aarchDan Radez1-0/+2
Change-Id: Ib5f4715d851dc91be6a57fcb5d18a0557a7b0c7f Signed-off-by: Dan Radez <dradez@redhat.com>
2017-12-05Make introspection optionalDan Radez1-5/+3
- exposes new option to end users to skip introspection - moves the logic to decide to introspect or not into python JIRA: APEX-536 Change-Id: Ieaff11362ff8f906daa98d301d3d473ad549d08f Signed-off-by: Dan Radez <dradez@redhat.com>
2017-12-02Merge "Fix nested kvm detection and enablement"Tim Rozet1-11/+17
2017-11-30Fix nested kvm detection and enablementFeng Pan1-11/+17
- Fix ansible kvm_intel kernel module reload when trying to enable nested kvm - Add "--libvirt-type qemu" to deploy command when nested kvm is not enabled. JIRA: APEX-514 Change-Id: I0e659b1c99b5732854d723e1cb049845cb60ef37 Signed-off-by: Feng Pan <fpan@redhat.com>
2017-11-30Fixes inserting ceph OSD into compute roleTim Rozet1-1/+9
The lineinfile was not actually inserting the CephOSD line because it was already present later in the file (regardless of 'insertbefore'). Therefore we can fix it by simply removing the CephOSD line before we try to set it, since we do not need it in the storage role anyway. Change-Id: I8c8d9b6baccfc77ea582fab6ad438b02293f96fb Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-11-28Fixes upstream deploymentsTim Rozet1-0/+8
There was an issue with patching the overcloud where the patch binary is missing, making it impossible to apply patches. This change install patch now on the image. Also, although deployments were successful, storage was not working. This is because by default upstream does not apply Ceph OSDs to compute nodes for hyperconverged Ceph, but we use this as our standard deployment in Apex. This patch inserts CephOSD into the default Compute role. Note: we normally override role's services in regular Apex deployments so we do not hit this issue there. Change-Id: I5bddda4784dc00148395863ae0990343a4159602 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-11-17Removes using https with rdo-releaseTim Rozet1-1/+1
We dont need to use https with rdo-release and it can cause issues for ansible. Change-Id: I081228a05d68f987fa02480bcd1bf216573550f1 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-11-16Migrates Apex to PikeTim Rozet1-0/+16
JIRA: APEX-544 Change-Id: Ibee2068e782da75268ed76beb36ccb5dcd1847d6 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-11-07Fixes dependency install of env group Virtualization HostTim Rozet1-1/+1
Virtualization Host env group started failing for users with centos 7.4 and according to Ansible guide the correct format for env groups should be "@^" prefix: http://docs.ansible.com/ansible/latest/yum_module.html JIRA: APEX-539 Change-Id: I3f71ce4462b33ad0772963869db4ea3c0f6e9e51 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-11-06Adds ability to deploy from upstream openstackTim Rozet1-1/+9
To deploy with upstream openstack branch, use new deploy setting 'os_version'. A default scenario file for nosdn with pike has been included in this patch. If 'os_version' is a version other than the default version for this OPNFV release, then upstream is used. In order to use upstream with the current OS version use '--upstream' argument to the deploy command, to force an upstream deployment. Also include '-e upstream-environment.yaml' to use default upstream deployment settings. Supports nosdn and odl-nofeature deployments. Change-Id: Ic07e308827b449637b4e86cdd086434e4de2fb69 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-10-18Adapt zrpcd to work for Carbon/Nitrogentomsou1-6/+6
It updates the quagga tar.gz file which is used to install zrpcd/quagga. The new rpms are compiled with thrift-version 4 Zrpcd is installed as a process. Additional changes takwqe place adopting the installation and checking of zrpcd process Note that an extra patch is needed to update or remove the building procedure, which is present within the project but not used actually. JIRA: APEX-508 Change-Id: If6da075d2aafdb8c2ecfc599f595a7201490aa23 Signed-off-by: tomsou <soth@intracom-telecom.com>
2017-10-11Increase ssh timeout and add retry for AnsibleTim Rozet1-0/+6
Several users have experienced random disconnections from the undercloud during deployment. This should help to stop deployments from aborting. Change-Id: Idb7619d493b329944f21ea6641f6826a8fcc3907 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-10-03This config is no longer neededDan Radez1-1/+0
it is setting and unescaped default value which ended up setting an invalid value. removing it uses the default which accomplishes what this was originally attempting to put into place. Change-Id: I03660921860adf7625e17d2c4a3ba07b62d0f3f0 Signed-off-by: Dan Radez <dradez@redhat.com>
2017-09-29Adds Calipso scenarioTim Rozet1-0/+38
Change-Id: Icc8a23e49c9ccc011481f6b97599d4f75873ebb1 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-09-25Applies Tacker upstream patches and fixes fernet dir permsTim Rozet1-1/+3
We need a couple patches to Tacker upstream that we will not get now that our images are frozen in RDO. We should remove them on upgrade to Pike. Also this patch fixes the permissions on the fernet keys dir so that the Tacker group can write. Change-Id: I6468356f1d16d3b8ab58d46f653431e29960e190 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-09-22Fixes Tacker auth and fernet keys dirTim Rozet1-0/+6
Tacker authtoken was missing password which is now added in the tht patch. Tacker also needs 'etc/tacker/vim/fernet_keys' in order to be able to create VIMs. The real fix to this missing directory is to the rpm itself: https://review.rdoproject.org/r/#/c/9725/ However in this patch we ensure it is created in Ansible because RDO images are frozen in for now in Apex so we would not pick up new RDO packages. apex-tripleo-heat-templates: I2b347cbc4595e6651b0d4be032cb862fde72e15f Change-Id: I76959cbfd581b9fec69749ccbcbcb39dc959a883 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-09-21Revert "Adds Calipso scenario"Tim Rozet1-4/+0
This reverts commit 433961f8c0b816f19aa858654261fa87d2f02a19. Change-Id: Ic8a14d2e0ad8d1006625af401fde2f365890650b Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-09-20Adds Calipso scenarioTim Rozet1-0/+4
Calipso uses docker containers and is post deployment feature that can be used to monitor pieces of the stack. This patch installs it to the undercloud rather than the jumphost as it is easier to manage for cleanup and dependencies. Change-Id: Ie2dacc4f14b391a864fafb2e75ebcd15facb19f1 Signed-off-by: Tim Rozet <trozet@redhat.com>
2017-09-11Dup owner, changing to groupDan Radez1-1/+1
Change-Id: I8ca1501949a0e272e928c6b31b08eba2519951ec Signed-off-by: Dan Radez <dradez@redhat.com>
2017-09-07Merge "Skip introspection for aarch64 BM deployments"Tim Rozet1-4/+6
2017-09-06Enabling the aarch check for deploymentDan Radez1-1/+1
Change-Id: Ic5f1fc8a61f74f7aa6b2fabf67169c601a603367 Signed-off-by: Dan Radez <dradez@redhat.com>
2017-09-06Skip introspection for aarch64 BM deploymentsDan Radez1-4/+6
Change-Id: I630e90065f9cc76ef42ca9b23aea920c2493b53f Signed-off-by: Dan Radez <dradez@redhat.com>
2017-09-01Merge "Adds Undercloud retry and log fetch"Feng Pan1-4/+16
2017-08-31Adds Undercloud retry and log fetchTim Rozet1-4/+16
Retry to install the undercloud if it fails due to sometimes failing. Also copy undercloud log over to host temp dir. Change-Id: I50f98c4f0d52fa6bb56d9dcd0766bbe745160452 Signed-off-by: Tim Rozet <trozet@redhat.com>