17 files changed, 260 insertions, 17 deletions
diff --git a/deploy/adapters/ansible/kubernetes/ansible-kubernetes.yml b/deploy/adapters/ansible/kubernetes/ansible-kubernetes.yml
index 68dec5c2..094c6488 100755
--- a/deploy/adapters/ansible/kubernetes/ansible-kubernetes.yml
+++ b/deploy/adapters/ansible/kubernetes/ansible-kubernetes.yml
@@ -35,7 +35,10 @@
   remote_user: root
   max_fail_percentage: 0
   roles:
-    - kargo
+    - role: kargo
+      when: opencontrail is not defined
+    - role: install-k8s-opencontrail
+      when: opencontrail is defined and opencontrail == "Enable"
 
 - hosts: kube_master
   remote_user: root
diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars-aarch64.yml b/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars-aarch64.yml
index c1357bf4..2e31cbdb 100644
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars-aarch64.yml
+++ b/deploy/adapters/ansible/kubernetes/roles/kargo/files/extra-vars-aarch64.yml
@@ -3,7 +3,7 @@
 
 # roles/download/defaults/main.yml
 etcd_version: v3.2.4-arm64
-flannel_version: "v0.8.0-arm64"
+flannel_version: "v0.9.1-arm64"
 flannel_cni_image_repo: "linaro/flannel-cni-arm64"
 hyperkube_image_repo: "gcr.io/google-containers/hyperkube-arm64"
 hyperkube_image_tag: "{{ kube_version }}"
diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml b/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml
index b9d9c234..0e253129 100644
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml
+++ b/deploy/adapters/ansible/kubernetes/roles/kargo/tasks/main.yml
@@ -125,13 +125,26 @@
     regexp: '^#loadbalancer_apiserver_localhost: true'
     line: 'loadbalancer_apiserver_localhost: true'
 
+- name: enable http proxy
+  lineinfile:
+    dest: /opt/kargo_k8s/inventory/group_vars/all.yml
+    regexp: '^#http_proxy:'
+    line: 'http_proxy: {{ http_proxy }}'
+  when: http_proxy != ''
+
+- name: enable https proxy
+  lineinfile:
+    dest: /opt/kargo_k8s/inventory/group_vars/all.yml
+    regexp: '^#https_proxy:'
+    line: 'https_proxy: {{ https_proxy }}'
+  when: https_proxy !=''
+
 - name: use the user name and password login the dashboard
   lineinfile:
     dest: /opt/kargo_k8s/inventory/group_vars/k8s-cluster.yml
     regexp: '^#kube_basic_auth: false'
     line: 'kube_basic_auth: true'
 
-
 - name: add vip to ssl keys
   lineinfile:
     dest: /opt/kargo_k8s/inventory/group_vars/k8s-cluster.yml
diff --git a/deploy/adapters/ansible/kubernetes/roles/kargo/vars/main.yml b/deploy/adapters/ansible/kubernetes/roles/kargo/vars/main.yml
index 21287b02..80490955 100644
--- a/deploy/adapters/ansible/kubernetes/roles/kargo/vars/main.yml
+++ b/deploy/adapters/ansible/kubernetes/roles/kargo/vars/main.yml
@@ -4,3 +4,6 @@ apiserver_loadbalancer_domain_name: "{{ public_vip.ip  }}"
 vipaddress: "{{ public_vip.ip  }}"
 exlb_port: 8383
 kubelet_fail_swap_on: false
+
+http_proxy: "{{ proxy }}"
+https_proxy: "{{ proxy }}"
diff --git a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/RedHat.yml b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/RedHat.yml
index 5b434dbe..d32cf238 100644
--- a/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/RedHat.yml
+++ b/deploy/adapters/ansible/kubernetes/roles/setup-k8s-network/tasks/RedHat.yml
@@ -56,6 +56,9 @@
 - name: restart the network
   shell: systemctl restart network
 
+- name: install python lib
+  shell: yum install -y python-yaml python-netaddr
+
 - name: make sure python lib exist
   action: "{{ ansible_pkg_mgr }} name={{ item }} state=present"
   with_items:
diff --git a/deploy/adapters/ansible/kubernetes/roles/sriov/templates/cni-sriov-rbac.yml.j2 b/deploy/adapters/ansible/kubernetes/roles/sriov/templates/cni-sriov-rbac.yml.j2
index 1298aeaa..0ce663b1 100644
--- a/deploy/adapters/ansible/kubernetes/roles/sriov/templates/cni-sriov-rbac.yml.j2
+++ b/deploy/adapters/ansible/kubernetes/roles/sriov/templates/cni-sriov-rbac.yml.j2
@@ -11,7 +11,7 @@ metadata:
   namespace: "{{system_namespace}}"
 ---
 kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: sriov
 rules:
@@ -36,7 +36,7 @@ rules:
       - patch
 ---
 kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: sriov
 roleRef:
diff --git a/deploy/adapters/ansible/kubernetes/roles/sriov/templates/cni-sriov.yml.j2 b/deploy/adapters/ansible/kubernetes/roles/sriov/templates/cni-sriov.yml.j2
index 90c7f28c..3a9e819b 100644
--- a/deploy/adapters/ansible/kubernetes/roles/sriov/templates/cni-sriov.yml.j2
+++ b/deploy/adapters/ansible/kubernetes/roles/sriov/templates/cni-sriov.yml.j2
@@ -4,13 +4,20 @@
 # which accompanies this distribution, and is available at
 # http://www.apache.org/licenses/LICENSE-2.0
 ---
-apiVersion: extensions/v1beta1
-kind: ThirdPartyResource
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
 metadata:
   name: network.kubernetes.com
-description: "A specification of a Network obj in the kubernetes"
-versions:
-- name: v1
+spec:
+  group: kubernetes.com
+  version: v1
+  scope: Namespaced
+  names:
+    plural: networks
+    singular: network
+    kind: Network
+    shortNames:
+    - net
 ---
 apiVersion: v1
 kind: ServiceAccount
@@ -43,7 +50,7 @@ data:
       }
     }
 ---
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
 kind: DaemonSet
 metadata:
   name: kube-flannel-ds
diff --git a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
index f025d80e..dd45bd1a 100644
--- a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
+++ b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2
@@ -26,6 +26,7 @@ haproxy_keepalived_internal_vip_cidr: "{{ internal_vip.ip }}/32"
 haproxy_keepalived_external_interface: br-external
 haproxy_keepalived_internal_interface: br-mgmt
 keepalived_ping_address: "{{ ntp_server }}"
+lxc_host_machine_volume_size: 16
 
 cinder_cinder_conf_overrides:
   oslo_middleware:
@@ -77,3 +78,4 @@ security_ntp_servers:
   - {{ ntp_server }}
 
 tacker_etc_dir: "/etc/tacker"
+nova_spicehtml5_git_repo: https://gitlab.freedesktop.org/spice/spice-html5.git
diff --git a/deploy/adapters/cobbler/kickstarts/default16-aarch64.seed b/deploy/adapters/cobbler/kickstarts/default16-aarch64.seed
index 13dae5c6..e3e11f36 100644
--- a/deploy/adapters/cobbler/kickstarts/default16-aarch64.seed
+++ b/deploy/adapters/cobbler/kickstarts/default16-aarch64.seed
@@ -41,7 +41,24 @@ d-i partman-auto/disk string /dev/sda
 d-i partman-auto/method string regular
 d-i partman-lvm/device_remove_lvm boolean true
 d-i partman-md/device_remove_md boolean true
-d-i partman-auto/choose_recipe select atomic
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+
+d-i partman-auto/choose_recipe select efi-root
+d-i partman-auto/expert_recipe string               \
+    efi-root ::                                     \
+        512 512 512 fat32                           \
+            $primary{ } $lvmignore{ }               \
+            method{ efi } format{ }                 \
+        .                                           \
+        4096 4096 -1 ext4                           \
+            method{ format } format{ }              \
+            use_filesystem{ } filesystem{ ext4 }    \
+            mountpoint{ / }                         \
+        .
+
+d-i partman-basicfilesystems/no_swap boolean false
+
 d-i partman/confirm_write_new_label boolean true
 d-i partman/choose_partition select finish
 d-i partman/confirm boolean true
diff --git a/deploy/compass_conf/flavor/kubernetes.conf b/deploy/compass_conf/flavor/kubernetes.conf
index e7e8ffc8..2e808a83 100755
--- a/deploy/compass_conf/flavor/kubernetes.conf
+++ b/deploy/compass_conf/flavor/kubernetes.conf
@@ -4,8 +4,6 @@ FLAVORS = [{
     'display_name': 'ansible-kubernetes',
     'template': 'ansible-kubernetes.tmpl',
     'roles': [
-        'kube_master', 'etcd', 'kube_node', 'ha', 'storage_master', 'storage_node'
+        'kube_master', 'etcd', 'kube_node', 'ha', 'storage_master', 'storage_node', 'opencontrail'
     ],
 }]
-
-
diff --git a/deploy/compass_conf/role/kubernetes_ansible.conf b/deploy/compass_conf/role/kubernetes_ansible.conf
index 3e79cbb9..87bbaf56 100755
--- a/deploy/compass_conf/role/kubernetes_ansible.conf
+++ b/deploy/compass_conf/role/kubernetes_ansible.conf
@@ -12,6 +12,10 @@ ROLES = [{
     'display_name': 'kube node',
     'description': 'kube Node'
 }, {
+    'role': 'opencontrail',
+    'display_name': 'opencontrail node',
+    'description': 'opencontrail node'
+},{
     'role': 'ha',
     'display_name': 'ha',
     'description': 'ha'
diff --git a/deploy/compass_conf/templates/ansible_installer/kubernetes/vars/ansible-kubernetes.tmpl b/deploy/compass_conf/templates/ansible_installer/kubernetes/vars/ansible-kubernetes.tmpl
index 0d529561..669eaca0 100644
--- a/deploy/compass_conf/templates/ansible_installer/kubernetes/vars/ansible-kubernetes.tmpl
+++ b/deploy/compass_conf/templates/ansible_installer/kubernetes/vars/ansible-kubernetes.tmpl
@@ -45,6 +45,10 @@ external_cidr: "{{ ip_settings[inventory_hostname]['external']['cidr'] }}"
 public_net_info: "{{ network_cfg.public_net_info }}"
 host_ip_settings: "{{ ip_settings[inventory_hostname] }}"
 
+proxy: $getVar('http_proxy', '')
+#set no_proxy = ','.join($getVar('no_proxy', []))
+ignore_proxy: $no_proxy
+
 ntp_server: $ntp_server
 internal_vip:
   ip: $network_cfg["internal_vip"]["ip"]
diff --git a/deploy/compass_vm.sh b/deploy/compass_vm.sh
index 17171578..2f909b60 100755
--- a/deploy/compass_vm.sh
+++ b/deploy/compass_vm.sh
@@ -181,6 +181,34 @@ function recover_compass() {
     log_info "launch_compass exit"
 }
 
+function launch_harbor() {
+    local harbor_install_dir=$WORK_DIR/installer
+
+    if [[ ! -d $harbor_install_dir ]]; then
+        mkdir -p $harbor_install_dir
+    fi
+
+    local harbor_cfg=$harbor_install_dir/harbor/harbor.cfg
+    local harbor_docker_compose=$harbor_install_dir/harbor/docker-compose.yml
+    rm -f $WORK_DIR/cache/harbor-offline-installer-v$HABOR_VERSION.tgz
+    curl --connect-timeout 10 -o $WORK_DIR/cache/harbor-offline-installer-v$HABOR_VERSION.tgz  $HABOR_DOWNLOAD_URL
+    tar -zxf $WORK_DIR/cache/harbor-offline-installer-v$HABOR_VERSION.tgz -C $harbor_install_dir
+
+    sed "s/^hostname = .*/hostname = $INSTALL_IP/g" -i $harbor_cfg
+    sed "s/80:80/8080:80/g" -i $harbor_docker_compose
+    sed "s/443:443/8443:443/g" -i $harbor_docker_compose
+    cd $harbor_install_dir/harbor/
+    sudo ./prepare
+    if [ -n "$(docker-compose -f $harbor_docker_compose ps -q)"  ]
+    then
+        log_info "stopping existing Harbor instance ..."
+        docker-compose -f $harbor_docker_compose down -v
+        log_info "remove the odler harbor images ..."
+        sudo docker images | grep 'vmware' | awk '{print $3;}' | xargs docker rmi -f
+    fi
+    ./install.sh
+}
+
 function _check_hosts_reachable() {
     retry=0
 
diff --git a/deploy/conf/base.conf b/deploy/conf/base.conf
index 274847ae..76eb1491 100644
--- a/deploy/conf/base.conf
+++ b/deploy/conf/base.conf
@@ -17,8 +17,8 @@ export EXPANSION=${EXPANSION:-"false"}
 
 export NETWORK_MAPPING=${NETWORK_MAPPING:-"install=${MANAGEMENT_INTERFACE}"}
 
-export PROXY=""
-export IGNORE_PROXY=""
+export PROXY=${LOCAL_PROXY:-""}
+export IGNORE_PROXY=${LOCAL_NO_PROXY:-""}
 export SEARCH_PATH="ods.com"
 export SERVER_CREDENTIAL="root=root"
 export LOCAL_REPO_URL=""
diff --git a/deploy/conf/hardware_environment/huawei-pod8/network-sriov.yml b/deploy/conf/hardware_environment/huawei-pod8/network-sriov.yml
new file mode 100644
index 00000000..a256101b
--- /dev/null
+++ b/deploy/conf/hardware_environment/huawei-pod8/network-sriov.yml
@@ -0,0 +1,127 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+# Copyright (C) 2018, ARM Limited and contributors.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+---
+nic_mappings: []
+bond_mappings: []
+
+provider_net_mappings:
+  - name: br-provider
+    network: physnet
+    interface: eth1
+    type: ovs
+    role:
+      - controller
+
+sys_intf_mappings:
+  - name: mgmt
+    interface: eth0
+    type: normal
+    vlan_tag: None
+    role:
+      - controller
+      - compute
+
+  - name: sriov
+    interface: eth1
+    type: normal
+    vlan_tag: 1401
+    role:
+      - controller
+      - compute
+
+  - name: storage
+    interface: eth1
+    type: normal
+    vlan_tag: 1402
+    role:
+      - controller
+      - compute
+
+  - name: external
+    interface: eth1
+    type: normal
+    vlan_tag: None
+    role:
+      - controller
+      - compute
+
+ip_settings:
+  - name: mgmt
+    ip_ranges:
+      - - "10.1.0.50"
+        - "10.1.0.100"
+    dhcp_ranges:
+      - - "10.1.0.2"
+        - "10.1.0.49"
+    cidr: "10.1.0.0/24"
+    gw: "10.1.0.1"
+    role:
+      - controller
+      - compute
+
+  - name: sriov
+    ip_ranges:
+      - - "172.16.1.2"
+        - "172.16.1.250"
+    cidr: "172.16.1.0/24"
+    role:
+      - controller
+      - compute
+
+  - name: storage
+    ip_ranges:
+      - - "172.16.2.1"
+        - "172.16.2.50"
+    cidr: "172.16.2.0/24"
+    role:
+      - controller
+      - compute
+
+  - name: external
+    ip_ranges:
+      - - "172.30.14.10"
+        - "172.30.14.50"
+    cidr: "172.30.14.0/24"
+    gw: "172.30.14.1"
+    role:
+      - controller
+      - compute
+
+internal_vip:
+  ip: 10.1.0.222
+  netmask: "24"
+  interface: mgmt
+
+public_vip:
+  ip: 172.30.14.222
+  netmask: "24"
+  interface: external
+
+onos_nic: eth2
+tenant_net_info:
+  type: vxlan
+  range: "1:1000"
+  provider_network: None
+
+public_net_info:
+  enable: "True"
+  network: ext-net
+  type: flat
+  segment_id: 10
+  subnet: ext-subnet
+  provider_network: physnet
+  router: router-ext
+  enable_dhcp: "False"
+  no_gateway: "False"
+  external_gw: "172.30.14.1"
+  floating_ip_cidr: "172.30.14.0/24"
+  floating_ip_start: "172.30.14.100"
+  floating_ip_end: "172.30.14.200"
diff --git a/deploy/conf/vm_environment/k8-ocl-nofeature-noha.yml b/deploy/conf/vm_environment/k8-ocl-nofeature-noha.yml
new file mode 100644
index 00000000..fd7bfda0
--- /dev/null
+++ b/deploy/conf/vm_environment/k8-ocl-nofeature-noha.yml
@@ -0,0 +1,27 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+---
+TYPE: virtual
+FLAVOR: cluster
+
+plugins:
+  - opencontrail: "Enable"
+
+hosts:
+  - name: host1
+    roles:
+      - kube_master
+      - etcd
+      - opencontrail
+      - ha
+
+  - name: host2
+    roles:
+      - kube_node
diff --git a/deploy/launch.sh b/deploy/launch.sh
index 76e8f254..8a009003 100755
--- a/deploy/launch.sh
+++ b/deploy/launch.sh
@@ -90,6 +90,13 @@ else
     log_info "deploy host macs: $machines"
 fi
 
+if [[ "$DEPLOY_HARBOR" == "true" ]]; then
+   if ! launch_harbor;then
+       log_error "launch_harbor failed"
+       exit 1
+   fi
+fi
+
 if [[ "$REDEPLOY_HOST" != "true" ]]; then
     if ! set_compass_machine; then
         log_error "set_compass_machine fail"