aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch41
-rw-r--r--mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch65
-rw-r--r--mcp/patches/patches.list2
-rw-r--r--mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas.yml14
-rw-r--r--mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j252
5 files changed, 94 insertions, 80 deletions
diff --git a/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch b/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
new file mode 100644
index 000000000..f2141862c
--- /dev/null
+++ b/mcp/patches/0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
@@ -0,0 +1,41 @@
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+: Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+:
+: All rights reserved. This program and the accompanying materials
+: are made available under the terms of the Apache License, Version 2.0
+: which accompanies this distribution, and is available at
+: http://www.apache.org/licenses/LICENSE-2.0
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+Date: Tue, 22 May 2018 19:56:47 +0200
+Subject: [PATCH] server: Fix generate_dhparams j2 var manipulation
+
+Fixes: 621ee472
+
+Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+---
+ nginx/server.sls | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/nginx/server.sls b/nginx/server.sls
+index 79287c4..f8c9305 100644
+--- a/nginx/server.sls
++++ b/nginx/server.sls
+@@ -78,14 +78,14 @@ nginx_service:
+ - require:
+ - pkg: nginx_packages
+
+-{%- set generate_dhparams = False %}
++{%- set generate_dhparams = { 'enabled': False } %}
+ {%- for site_name, site in server.get('site', {}).iteritems() %}
+ {%- if site.get('ssl', {}).get('enabled') and site.ssl.get('mode', 'secure') == 'secure' %}
+- {%- set generate_dhparams = True %}
++ {%- do generate_dhparams.update({ 'enabled': True }) %}
+ {%- endif %}
+ {%- endfor %}
+
+-{%- if generate_dhparams %}
++{%- if generate_dhparams['enabled'] %}
+ nginx_generate_dhparams:
+ cmd.run:
+ - name: openssl dhparam -out /etc/ssl/dhparams.pem 2048
diff --git a/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch b/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch
deleted file mode 100644
index 4a81786b2..000000000
--- a/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
-: Copyright (c) 2018 Mirantis Inc., Enea AB and others.
-:
-: All rights reserved. This program and the accompanying materials
-: are made available under the terms of the Apache License, Version 2.0
-: which accompanies this distribution, and is available at
-: http://www.apache.org/licenses/LICENSE-2.0
-::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
-From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
-Date: Sat, 19 Aug 2017 02:03:01 +0200
-Subject: [PATCH] maas: module: Obtain fabric ID from CIDR
-
-MaaS subnet update requires specifying the correct fabric via reclass,
-which we used to hardcode in our OPNFV reclass model to fabric-2.
-However, fabric index numbers are not deterministic, so the old
-method is unreliable.
-
-Update MaaS custom py module to determine fabric name/ID on the
-fly, based on CIDR matching (assuming we don't have CIDR conflicts).
-
-This change maintains backwards compatibility:
-- if fabric is specified via reclass model, it will be used as-is;
-- if fabric is not specified via reclass model, we try to deduce it
- based on CIDR; if no match is found, the old default ('') is used;
-
-Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
-Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com>
----
-
-diff --git a/_modules/maas.py b/_modules/maas.py
---- a/_modules/maas.py
-+++ b/_modules/maas.py
-@@ -126,6 +126,8 @@
-
- def process_single(name, config_data):
- self._update = False
-+ if isinstance(config_data, dict) and 'name' in config_data:
-+ name = config_data['name']
- try:
- data = self.fill_data(name, config_data, **extra)
- if data is None:
-@@ -198,7 +198,8 @@
- def fill_data(self, name, subnet, fabrics):
- data = {
- 'name': name,
-- 'fabric': str(fabrics[subnet.get('fabric', '')]),
-+ 'fabric': str(fabrics[subnet.get('fabric',
-+ self._get_fabric_from_cidr(subnet.get('cidr')))]),
- 'cidr': subnet.get('cidr'),
- 'gateway_ip': subnet['gateway_ip'],
- }
-@@ -215,6 +216,13 @@
- self._process_iprange(res_json['id'])
- return response
-
-+ def _get_fabric_from_cidr(self, cidr):
-+ subnets = json.loads(self._maas.get(u'api/2.0/subnets/').read())
-+ for subnet in subnets:
-+ if subnet['cidr'] == cidr:
-+ return subnet['vlan']['fabric']
-+ return ''
-+
- def _process_iprange(self, subnet_id):
- ipranges = json.loads(self._maas.get(u'api/2.0/ipranges/').read())
- LOG.warn('all %s ipranges %s', subnet_id, ipranges)
diff --git a/mcp/patches/patches.list b/mcp/patches/patches.list
index 6a6e7a361..3cdc646a0 100644
--- a/mcp/patches/patches.list
+++ b/mcp/patches/patches.list
@@ -5,10 +5,10 @@
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
+/usr/share/salt-formulas/env: 0001-server-Fix-generate_dhparams-j2-var-manipulation.patch
/usr/share/salt-formulas/env: 0002-maas-region-skip-credentials-update.patch
/usr/share/salt-formulas/env: 0003-maas-region-force-artifact-download.patch
/usr/share/salt-formulas/env: 0004-network.dpdk-Move-ifcfg-br-prv-to-interfaces.u.patch
-/usr/share/salt-formulas/env: 0005-maas-module-Obtain-fabric-ID-from-CIDR.patch
/usr/share/salt-formulas/env: 0006-maas-module-Add-VLAN-DHCP-enable-support.patch
/usr/share/salt-formulas/env: 0007-network.interface-Fix-ifup-OVS-port-with-route.patch
/usr/share/salt-formulas/env: 0008-Handle-extra-environment-variables.patch
diff --git a/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas.yml b/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas.yml
index e83de35cd..238ae95a3 100644
--- a/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas.yml
+++ b/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas.yml
@@ -41,20 +41,6 @@ parameters:
enable_third_party_drivers: true
network_discovery: 'enabled'
default_min_hwe_kernel: ${_param:hwe_kernel}
- subnets:
- opnfv_maas_pxe:
- name: ${_param:opnfv_infra_maas_pxe_network_address}/24
- cidr: ${_param:opnfv_infra_maas_pxe_network_address}/24
- gateway_ip: ${_param:single_address}
- iprange:
- start: ${_param:opnfv_infra_maas_pxe_start_address}
- end: ${_param:opnfv_infra_maas_pxe_end_address}
- type: dynamic
- vlans:
- untagged:
- vid: 0
- dhcp_on: true
- primary_rack: ${_param:infra_maas_node01_hostname}
cluster:
saltstack_repo_xenial: "http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2016.11/ xenial main"
linux:
diff --git a/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j2
index cff6d9b30..335b9c747 100644
--- a/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-pike-common-ha/infra/maas_pdf.yml.j2
@@ -6,11 +6,63 @@
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
---
+{%- set cluster_arch = [] %}
+{%- for node in conf.nodes %}
+ {%- if node.node.arch not in cluster_arch %}
+ {%- do cluster_arch.append(node.node.arch) %}
+ {%- endif %}
+{%- endfor %}
+{%- set net_admin = [conf.idf.net_config.admin.network,
+ conf.idf.net_config.admin.mask] | join("/") %}
parameters:
maas:
region:
+ subnets:
+ {{ net_admin }}:
+ name: {{ net_admin }}
+ cidr: {{ net_admin }}
+ gateway_ip: ${_param:single_address}
+ iprange:
+ start: ${_param:opnfv_infra_maas_pxe_start_address}
+ end: ${_param:opnfv_infra_maas_pxe_end_address}
+ type: dynamic
+ vlans:
+ untagged:
+ vid: 0
+ dhcp_on: true
+ primary_rack: ${_param:infra_maas_node01_hostname}
sshprefs:
- '{{ conf.MAAS_SSH_KEY }}'
+{%- if 'aarch64' in cluster_arch %}
+ package_repositories:
+ armband:
+ name: armband
+ enabled: '1'
+ url: 'http://linux.enea.com/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}'
+ distributions: '${_param:openstack_version}-armband'
+ components: 'main'
+ arches: 'arm64'
+ key: &armband_key |
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
+ Version: GnuPG v2.0.14 (GNU/Linux)
+
+ mQENBFagAroBCADWboNIjuF6lB1mWv2+EbvqY3lKl5mLKhr2DnSUkKeHUPBv8gNM
+ qK8Q00AMIyPiyEhgjA+dWizZ+5aBgxoiY7oMeLJ2Xym36U/8SYq2BWd3SGCbMNoz
+ SJDxDUSM/HFVs6atF1M3DY9oN65hSVnu4uy5Tu6asf6k4rhAyk0z4+pRcPBCu2vq
+ mnGi3COM/+9PShrEKeVOx5W2vRJywUFuq8EDvQnRoJ0GvM28JiJIanw17YwIPxhg
+ BKZVpZjan5X+ihVMXwA2h/G/FS5Omhd50RqV6LWSYs94VJJgYqHx8UMm7izcxI+P
+ ct3IcbD195bPbJ+SbuiFe45ZLsdY1MyGiU2BABEBAAG0K0VuZWEgQXJtYmFuZCBE
+ ZXZvcHMgVGVhbSA8YXJtYmFuZEBlbmVhLmNvbT6JATgEEwECACICGwMGCwkIBwMC
+ BhUIAgkKCwQWAgMBAh4BAheABQJaY3bYAAoJEN6rkLp5irHRoQMH/0PYl0A/6eWw
+ nQ/szhEFrr76Ln6wA4vEO+PiuWj9kTkZM2NaCnkisrIuHSPIVvOLfFmztbE6sKGe
+ t+a2b7Jqw48DZ/gq508aZE4Q307ookxdCOrzIu/796hFO34yXg3sqZoJh3VmKIjY
+ 4DL8yG1iAiQ5vOw3IFWQnATwIZUgaCcjmE7HGap+9ePuJfFuQ8mIG5cy28t8qocx
+ AB/B2tucfBMwomYxKqgbLI5AG7iSt58ajvrrNa9f8IX7Ihj/jiuXhUwX+geEp98K
+ IWVI1ftEthZvfBpZW4BS98J4z//dEPi31L4jb9RQXq3afF2RpXchDeUN85bW45nu
+ W/9PMAlgE/U=
+ =m+zE
+ -----END PGP PUBLIC KEY BLOCK-----
+{%- endif %}
machines:
{%- set pxe_interface = conf.idf.net_config.admin.interface %}
{#- We only support exactly 5 nodes for now, hardcoded order #}