diff options
Diffstat (limited to 'mcp/patches')
30 files changed, 355 insertions, 660 deletions
diff --git a/mcp/patches/0001-opendaylight-formula-neutron.patch b/mcp/patches/0001-opendaylight-formula-neutron.patch deleted file mode 100644 index 4bd161700..000000000 --- a/mcp/patches/0001-opendaylight-formula-neutron.patch +++ /dev/null @@ -1,135 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Michael Polenchuk <mpolenchuk@mirantis.com> -Date: Thu, 29 Jun 2017 12:05:25 +0400 -Subject: [PATCH] Bring in opendaylight support - -Change-Id: Ie9073fafccba336f94b1996bd85c98d7a7f5060b - -diff --git a/neutron/files/pike/dhcp_agent.ini b/neutron/files/pike/dhcp_agent.ini -index d327e64..739dddf 100644 ---- a/neutron/files/pike/dhcp_agent.ini -+++ b/neutron/files/pike/dhcp_agent.ini -@@ -1,3 +1,8 @@ -+{%- if pillar.neutron.gateway is defined %} -+{%- from "neutron/map.jinja" import gateway as neutron with context %} -+{%- else %} -+{%- from "neutron/map.jinja" import compute as neutron with context %} -+{%- endif %} - [DEFAULT] - - # -@@ -48,6 +53,7 @@ enable_isolated_metadata = True - # this value will force the DHCP server to append specific host routes to the DHCP request. If this option is set, then the metadata service - # will be activated for all the networks. (boolean value) - #force_metadata = false -+{% if neutron.backend.router is defined %}force_metadata = True{% endif %} - - # Allows for serving metadata requests coming from a dedicated metadata access network whose CIDR is 169.254.169.254/16 (or larger prefix), - # and is connected to a Neutron router from which the VMs send metadata:1 request. In this case DHCP Option 121 will not be injected in VMs, -diff --git a/neutron/files/pike/ml2_conf.ini b/neutron/files/pike/ml2_conf.ini -index b61e313..02da3b1 100644 ---- a/neutron/files/pike/ml2_conf.ini -+++ b/neutron/files/pike/ml2_conf.ini -@@ -134,7 +134,8 @@ tenant_network_types = {{ server.backend.tenant_network_types }} - {%- for mechanism_name, mechanism in server.get('backend', {}).get('mechanism', []).items() %} - {%- do mechanism_drivers.append(mechanism.get('driver')) if 'driver' in mechanism %} - {%- endfor %} --{%- if "vxlan" in server.backend.tenant_network_types %} -+{%- set opendaylight_enabled = true if 'opendaylight' in mechanism_drivers|join else false %} -+{%- if "vxlan" in server.backend.tenant_network_types and not opendaylight_enabled %} - {%- do mechanism_drivers.append('l2population') %} - {%- endif %} - mechanism_drivers = {{ ','.join(mechanism_drivers) }} -@@ -311,3 +312,11 @@ ovn_nb_connection = tcp:{{ server.controller_vip }}:6641 - ovn_sb_connection = tcp:{{ server.controller_vip }}:6642 - ovn_l3_scheduler = leastloaded - {%- endif %} -+ -+{%- if opendaylight_enabled %} -+[ml2_odl] -+port_binding_controller = pseudo-agentdb-binding -+url = http://{{ server.backend.host }}:{{ server.backend.rest_api_port }}/controller/nb/v2/neutron -+username = {{ server.backend.user }} -+password = {{ server.backend.password }} -+{%- endif %} -diff --git a/neutron/files/pike/neutron-generic.conf.Debian b/neutron/files/pike/neutron-generic.conf.Debian -index 123386d..d77f6c8 100644 ---- a/neutron/files/pike/neutron-generic.conf.Debian -+++ b/neutron/files/pike/neutron-generic.conf.Debian -@@ -37,7 +37,7 @@ auth_strategy = keystone - - core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin - --service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.metering.metering_plugin.MeteringPlugin -+service_plugins = {{ neutron.backend.get('router', 'router')}}, metering - - {% endif %} - -@@ -668,7 +668,7 @@ root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf - # needs to execute commands in Dom0 in the hypervisor of XenServer, this item - # should be set to 'xenapi_root_helper', so that it will keep a XenAPI session - # to pass commands to Dom0. (string value) --root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf -+#root_helper_daemon = <None> - - # Seconds between nodes reporting state to server; should be less than - # agent_down_time, best if it is half or less than agent_down_time. (floating -@@ -2092,3 +2092,8 @@ heartbeat_rate = 2 - # Sets the list of available ciphers. value should be a string in the OpenSSL - # cipher list format. (string value) - #ciphers = <None> -+ -+{%- if neutron.backend.ovsdb_connection is defined %} -+[ovs] -+ovsdb_connection = {{ neutron.backend.ovsdb_connection }} -+{%- endif %} -diff --git a/neutron/files/pike/neutron-server.conf.Debian b/neutron/files/pike/neutron-server.conf.Debian -index 79376a2..a7a4645 100644 ---- a/neutron/files/pike/neutron-server.conf.Debian -+++ b/neutron/files/pike/neutron-server.conf.Debian -@@ -50,7 +50,7 @@ core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin - {% set l3_plugin = 'networking_ovn.l3.l3_ovn.OVNL3RouterPlugin' %} - {% endif %} - --service_plugins ={{ l3_plugin }}, neutron.services.metering.metering_plugin.MeteringPlugin -+service_plugins = {{ server.backend.get('router', l3_plugin)}}, metering - {%- if server.lbaas is defined -%},lbaasv2{%- endif -%} - {%- if fwaas.get('enabled', False) -%},{{ fwaas[fwaas.api_version]['service_plugin'] }}{%- endif -%} - {%- if server.get('qos', 'True') -%},neutron.services.qos.qos_plugin.QoSPlugin{%- endif -%} -@@ -703,7 +703,7 @@ root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf - # needs to execute commands in Dom0 in the hypervisor of XenServer, this item - # should be set to 'xenapi_root_helper', so that it will keep a XenAPI session - # to pass commands to Dom0. (string value) --root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf -+#root_helper_daemon = <None> - - # Seconds between nodes reporting state to server; should be less than - # agent_down_time, best if it is half or less than agent_down_time. (floating -@@ -2245,3 +2245,8 @@ username = {{ server.identity.user }} - password = {{ server.identity.password }} - auth_url=http://{{ server.identity.host }}:35357 - {%- endif %} -+ -+{%- if server.backend.ovsdb_connection is defined %} -+[ovs] -+ovsdb_connection = {{ server.backend.ovsdb_connection }} -+{%- endif %} -diff --git a/neutron/gateway.sls b/neutron/gateway.sls -index 81513d8..7ec9b91 100644 ---- a/neutron/gateway.sls -+++ b/neutron/gateway.sls -@@ -32,6 +32,7 @@ neutron_gateway_packages: - /etc/neutron/dhcp_agent.ini: - file.managed: - - source: salt://neutron/files/{{ gateway.version }}/dhcp_agent.ini -+ - template: jinja - - require: - - pkg: neutron_gateway_packages - diff --git a/mcp/patches/0002-maas-region-skip-credentials-update.patch b/mcp/patches/0002-maas-region-skip-credentials-update.patch index 11e8befb8..1d226e4cd 100644 --- a/mcp/patches/0002-maas-region-skip-credentials-update.patch +++ b/mcp/patches/0002-maas-region-skip-credentials-update.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/0003-maas-region-force-artifact-download.patch b/mcp/patches/0003-maas-region-force-artifact-download.patch index 6e6c18fba..b61a3d1b8 100644 --- a/mcp/patches/0003-maas-region-force-artifact-download.patch +++ b/mcp/patches/0003-maas-region-force-artifact-download.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch b/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch deleted file mode 100644 index a4fb44b05..000000000 --- a/mcp/patches/0004-maas-region-use-authorized_keys-1st-entry.patch +++ /dev/null @@ -1,45 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Charalampos Kominos <Charalampos.Kominos@enea.com> -Date: Sat, 5 Aug 2017 02:03:01 +0200 -Subject: [PATCH] maas: region: use authorized_keys 1st entry - -MaaS custom py modules accepts the "sshprefs" variable via pillar, -however we want to read it from ~ubuntu/.ssh/authorized_keys. - -Bypass the py module and call MaaS CLI directly, passing the first -authorized key, which should be mcp.rsa.pub. - -Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com> ---- - -diff --git a/maas/region.sls b/maas/region.sls ---- a/maas/region.sls -+++ b/maas/region.sls -@@ -242,12 +242,16 @@ - - require: - - module: maas_config - --{%- if region.get('sshprefs', False) %} - maas_sshprefs: -- module.run: -- - name: maas.process_sshprefs -+# NOTE(armband): maas.process_sshprefs also works, but we need to read the key -+# from authorized_keys. Should be reworked at some point. -+# module.run: -+# - name: maas.process_sshprefs -+# - require: -+ cmd.run: -+ - name: "maas login {{ region.admin.username }} http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && SSH_KEY=$(cat authorized_keys | head -1) && (maas opnfv sshkeys read | grep -q \"$SSH_KEY\" || maas opnfv sshkeys create \"key=$SSH_KEY\")" -+ - cwd: "/home/ubuntu/.ssh" - - require: - - module: maas_config --{%- endif %} - - {%- endif %} diff --git a/mcp/patches/0004-network.dpdk-Move-ifcfg-br-prv-to-interfaces.u.patch b/mcp/patches/0004-network.dpdk-Move-ifcfg-br-prv-to-interfaces.u.patch new file mode 100644 index 000000000..180a9ddee --- /dev/null +++ b/mcp/patches/0004-network.dpdk-Move-ifcfg-br-prv-to-interfaces.u.patch @@ -0,0 +1,41 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Sun, 25 Feb 2018 03:43:49 +0100 +Subject: [PATCH] network.dpdk: Move ifcfg-br-prv to interfaces.u + +Workaround for Upstream-Bug: +https://github.com/saltstack/salt/issues/40262 + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + linux/network/dpdk.sls | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls +index 05fe05f..cc0ff9e 100644 +--- a/linux/network/dpdk.sls ++++ b/linux/network/dpdk.sls +@@ -128,7 +128,7 @@ linux_network_dpdk_bridge_interface_{{ interface_name }}: + After=openvswitch-switch.service + + {# enforce ip address and mtu for ovs dpdk br-prv #} +-/etc/network/interfaces.d/ifcfg-{{ interface_name }}: ++/etc/network/interfaces.u/ifcfg-{{ interface_name }}: + file.managed: + - contents: | + auto {{ interface_name }} +@@ -138,6 +138,7 @@ linux_network_dpdk_bridge_interface_{{ interface_name }}: + {%- if interface.mtu is defined %} + mtu {{ interface.mtu }} + {%- endif %} ++ - makedirs: True + - require: + - file: /etc/systemd/system/ifup@{{ interface_name }}.service.d/override.conf + diff --git a/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch b/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch index 4c626badf..4a81786b2 100644 --- a/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch +++ b/mcp/patches/0005-maas-module-Obtain-fabric-ID-from-CIDR.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/0006-maas-module-Add-VLAN-DHCP-enable-support.patch b/mcp/patches/0006-maas-module-Add-VLAN-DHCP-enable-support.patch index 8d4a72c9a..d2f531168 100644 --- a/mcp/patches/0006-maas-module-Add-VLAN-DHCP-enable-support.patch +++ b/mcp/patches/0006-maas-module-Add-VLAN-DHCP-enable-support.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/0007-network.interface-Fix-ifup-OVS-port-with-route.patch b/mcp/patches/0007-network.interface-Fix-ifup-OVS-port-with-route.patch index 49b2b88cc..2a5e29e9e 100644 --- a/mcp/patches/0007-network.interface-Fix-ifup-OVS-port-with-route.patch +++ b/mcp/patches/0007-network.interface-Fix-ifup-OVS-port-with-route.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/0008-Handle-extra-environment-variables.patch b/mcp/patches/0008-Handle-extra-environment-variables.patch new file mode 100644 index 000000000..8df3227f2 --- /dev/null +++ b/mcp/patches/0008-Handle-extra-environment-variables.patch @@ -0,0 +1,25 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Mon, 12 Mar 2018 17:43:09 +0400 +Subject: [PATCH] Handle extra environment variables + +Change-Id: Ieae46ac65041630759c82238a8a5ce0535c454b2 + +diff --git a/keystone/files/keystonercv3 b/keystone/files/keystonercv3 +index 1b7f378..984c8a2 100644 +--- a/keystone/files/keystonercv3 ++++ b/keystone/files/keystonercv3 +@@ -11,3 +11,6 @@ export OS_REGION_NAME={{ server.region }} + export OS_INTERFACE=internal + export OS_ENDPOINT_TYPE="internal" + export OS_CACERT="{{ server.cacert }}" ++{%- for opt, value in server.get('openrc_extra', {}).iteritems() %} ++{{ "export %s=%s"|format(opt|upper, value) }} ++{%- endfor %} diff --git a/mcp/patches/0008-Handle-kernel-boot-options.patch b/mcp/patches/0008-Handle-kernel-boot-options.patch deleted file mode 100644 index f5198a2ab..000000000 --- a/mcp/patches/0008-Handle-kernel-boot-options.patch +++ /dev/null @@ -1,69 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2018 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Michael Polenchuk <mpolenchuk@mirantis.com> -Date: Thu, 25 Jan 2018 13:22:39 +0400 -Subject: [PATCH] Handle kernel boot options - -The 'system.kernel.elevator' and 'system.kernel.isolcpu' options -have been kept for backward compatibility and should be used in new -fashion way with system.kernel.boot_options parameter. - -Change-Id: I51f7167b8b8946500df2065ee6b02bcf21809bc9 - -diff --git a/linux/system/kernel.sls b/linux/system/kernel.sls -index 59b7177..b1c3f3b 100644 ---- a/linux/system/kernel.sls -+++ b/linux/system/kernel.sls -@@ -3,39 +3,24 @@ - - {%- if system.kernel is defined %} - --{%- if system.kernel.isolcpu is defined or system.kernel.elevator is defined %} -+{%- set kernel_boot_opts = [] %} -+{%- do kernel_boot_opts.append('isolcpus=' ~ system.kernel.isolcpu) if system.kernel.isolcpu is defined %} -+{%- do kernel_boot_opts.append('elevator=' ~ system.kernel.elevator) if system.kernel.elevator is defined %} -+{%- do kernel_boot_opts.extend(system.kernel.boot_options) if system.kernel.boot_options is defined %} - -+{%- if kernel_boot_opts %} - include: - - linux.system.grub - --{%- if system.kernel.isolcpu is defined %} -- --/etc/default/grub.d/90-isolcpu.cfg: -- file.managed: -- - contents: 'GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT isolcpus={{ system.kernel.isolcpu }}"' -- - require: -- - file: grub_d_directory --{%- if grains.get('virtual_subtype', None) not in ['Docker', 'LXC'] %} -- - watch_in: -- - cmd: grub_update -- --{%- endif %} --{%- endif %} -- --{%- if system.kernel.elevator is defined %} -- --/etc/default/grub.d/91-elevator.cfg: -+/etc/default/grub.d/99-custom-settings.cfg: - file.managed: -- - contents: 'GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT elevator={{ system.kernel.elevator }}"' -+ - contents: 'GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT {{ kernel_boot_opts|join(' ') }}"' - - require: - - file: grub_d_directory - {%- if grains.get('virtual_subtype', None) not in ['Docker', 'LXC'] %} - - watch_in: - - cmd: grub_update -- --{%- endif %} - {%- endif %} -- - {%- endif %} - - {%- if system.kernel.version is defined %} diff --git a/mcp/patches/0009-controller-Use-keystoneclient-to-check-project-ID.patch b/mcp/patches/0009-controller-Use-keystoneclient-to-check-project-ID.patch deleted file mode 100644 index ed34e0646..000000000 --- a/mcp/patches/0009-controller-Use-keystoneclient-to-check-project-ID.patch +++ /dev/null @@ -1,168 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Wed, 3 Jan 2018 00:50:50 +0100 -Subject: [PATCH] controller: Use keystoneclient to check project ID - -Port fix from [1] for using the internal network when connecting -to keystone during project ID validation in nova, instead of -going through public endpoint (and using SSL). - -[1] https://bugs.launchpad.net/nova/+bug/1716344 - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - nova/controller.sls | 10 ++ - ...keystoneclient-to-check-project-ID-exists.patch | 116 +++++++++++++++++++++ - 2 files changed, 126 insertions(+) - create mode 100644 nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch - -diff --git a/nova/controller.sls b/nova/controller.sls -index a55d037..59af945 100644 ---- a/nova/controller.sls -+++ b/nova/controller.sls -@@ -71,6 +71,16 @@ contrail_nova_packages: - - {%- endif %} - -+nova-api-openstack-identity-patch: -+ file.patch: -+ - name: /usr/lib/python2.7/dist-packages -+ - source: salt://nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch -+ - hash: False -+ - options: '-p1' -+ - unless: 'test -f /var/cache/salt/minion/files/base/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch && cd /usr/lib/python2.7/dist-packages && patch -p1 -R --dry-run /var/cache/salt/minion/files/base/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch' -+ - require: -+ - pkg: nova_controller_packages -+ - /etc/nova/nova.conf: - file.managed: - - source: salt://nova/files/{{ controller.version }}/nova-controller.conf.{{ grains.os_family }} -diff --git a/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch b/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch -new file mode 100644 -index 0000000..58d027e ---- /dev/null -+++ b/nova/files/0001-Use-keystoneclient-to-check-project-ID-exists.patch -@@ -0,0 +1,116 @@ -+From: Christoph Fiehe <fiehe@gmx.de> -+Date: Wed, 3 Jan 2018 00:11:20 +0100 -+Subject: [PATCH] Use keystoneclient to check project ID exists -+ -+Based on Christoph's implementation proposed in [1]. -+ -+[1] https://bugs.launchpad.net/nova/+bug/1716344 -+ -+Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -+--- -+ nova/api/openstack/identity.py | 81 ++++++++++++++++-------------------------- -+ 1 file changed, 30 insertions(+), 51 deletions(-) -+ -+diff --git a/nova/api/openstack/identity.py b/nova/api/openstack/identity.py -+index 833d3b5..3269cec 100644 -+--- a/nova/api/openstack/identity.py -++++ b/nova/api/openstack/identity.py -+@@ -12,16 +12,15 @@ -+ # License for the specific language governing permissions and limitations -+ # under the License. -+ -+-from keystoneauth1 import exceptions as kse -+-from keystoneauth1 import loading as ks_loading -++from keystoneauth1 import session -++from keystoneclient import exceptions as kse -++from keystoneclient.v3 import client -+ from oslo_log import log as logging -+ import webob -+ -+-import nova.conf -+ from nova.i18n import _ -+ -+ -+-CONF = nova.conf.CONF -+ LOG = logging.getLogger(__name__) -+ -+ -+@@ -32,51 +31,31 @@ def verify_project_id(context, project_id): -+ an HTTPBadRequest is emitted. -+ -+ """ -+- sess = ks_loading.load_session_from_conf_options( -+- CONF, 'keystone', auth=context.get_auth_plugin()) -+- -+- failure = webob.exc.HTTPBadRequest( -+- explanation=_("Project ID %s is not a valid project.") % -+- project_id) -++ auth = context.get_auth_plugin() -++ sess = session.Session(auth=auth) -++ keystone = client.Client(session=sess) -+ try: -+- resp = sess.get('/projects/%s' % project_id, -+- endpoint_filter={ -+- 'service_type': 'identity', -+- 'version': (3, 0) -+- }, -+- raise_exc=False) -+- except kse.EndpointNotFound: -+- LOG.error( -+- "Keystone identity service version 3.0 was not found. This might " -+- "be because your endpoint points to the v2.0 versioned endpoint " -+- "which is not supported. Please fix this.") -+- raise failure -+- except kse.ClientException: -+- # something is wrong, like there isn't a keystone v3 endpoint, -+- # we'll take the pass and default to everything being ok. -+- LOG.exception("Unable to contact keystone to verify project_id") -+- return True -+- -+- if resp: -+- # All is good with this 20x status -+- return True -+- elif resp.status_code == 404: -+- # we got access, and we know this project is not there -+- raise failure -+- elif resp.status_code == 403: -+- # we don't have enough permission to verify this, so default -+- # to "it's ok". -+- LOG.info( -+- "Insufficient permissions for user %(user)s to verify " -+- "existence of project_id %(pid)s", -+- {"user": context.user_id, "pid": project_id}) -+- return True -+- else: -+- LOG.warning( -+- "Unexpected response from keystone trying to " -+- "verify project_id %(pid)s - resp: %(code)s %(content)s", -+- {"pid": project_id, -+- "code": resp.status_code, -+- "content": resp.content}) -+- # realize we did something wrong, but move on with a warning -+- return True -++ project = keystone.projects.get(project_id) -++ except kse.ClientException as e: -++ if e.http_status == 404: -++ # we got access, and we know this project is not there -++ raise webob.exc.HTTPBadRequest( -++ explanation=_("Project ID %s is not a valid project.") % -++ project_id) -++ elif e.http_status == 403: -++ # we don't have enough permission to verify this, so default -++ # to "it's ok". -++ LOG.info( -++ "Insufficient permissions for user %(user)s to verify " -++ "existence of project_id %(pid)s", -++ {"user": context.user_id, "pid": project_id}) -++ return True -++ else: -++ LOG.warning( -++ "Unexpected response from keystone trying to " -++ "verify project_id %(pid)s - resp: %(code)s %(content)s", -++ {"pid": project_id, -++ "code": resp.status_code, -++ "content": resp.content}) -++ # realize we did something wrong, but move on with a warning -++ return True diff --git a/mcp/patches/0010-maas-region-allow-timeout-override.patch b/mcp/patches/0010-maas-region-allow-timeout-override.patch index 5b8d5a1fe..c6f9e3a52 100644 --- a/mcp/patches/0010-maas-region-allow-timeout-override.patch +++ b/mcp/patches/0010-maas-region-allow-timeout-override.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 @@ -31,6 +31,11 @@ reserved range, but instead DHCP will assign them *inside* the range. One alternative would be to handle this via API calls, for each node's PXE physical interface, but that overcomplicates things. +3. MaaS blocksize: For some reason the python library behind tftp forces ip +blocksize to be 1008. We can force it to be 1464 and gain some performance due +to MTU beeing 1500 (i.e. allow bigger packets). + + JIRA: FUEL-316 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> @@ -39,7 +44,7 @@ Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> diff --git a/maas/region.sls b/maas/region.sls --- a/maas/region.sls +++ b/maas/region.sls -@@ -19,6 +19,36 @@ +@@ -19,6 +19,46 @@ - require: - pkg: maas_region_packages @@ -63,6 +68,16 @@ diff --git a/maas/region.sls b/maas/region.sls + - require_in: + - service: maas_region_services + ++maas_ip_blksize_force: ++ file.replace: ++ - name: "/usr/lib/python3/dist-packages/tftp/bootstrap.py" ++ - pattern: 'int_blksize = min\(\(int_blksize, MAX_BLOCK_SIZE\)\)' ++ - repl: 'int_blksize = 1464' ++ - require: ++ - pkg: maas_region_packages ++ - require_in: ++ - service: maas_region_services ++ +maas_interface_default_mode_dhcp: + file.replace: + - name: "/usr/lib/python3/dist-packages/maasserver/models/node.py" diff --git a/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch b/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch index fdf84dcd1..48e945acd 100644 --- a/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch +++ b/mcp/patches/0011-system.repo-Debian-Add-keyserver-proxy-support.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 @@ -31,6 +31,11 @@ When the new http(s) proxy param is set: If linux:system:proxy:keyserver is not defined, the behavior is unchanged for backwards compatibility. +To allow runtime decisions whether the keyserver proxy should be used +add an additional condition for it to match the first nameserver. +This allows us to mix virtual nodes with MaaS-provisioned nodes in +Fuel@OPNFV, while keeping the ext_pillar common. + Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> --- README.rst | 16 ++++++++++++++++ @@ -38,14 +43,13 @@ Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> 2 files changed, 56 insertions(+) diff --git a/linux/system/repo.sls b/linux/system/repo.sls -index 5d4d059..724db5a 100644 --- a/linux/system/repo.sls +++ b/linux/system/repo.sls @@ -96,13 +96,50 @@ linux_repo_{{ name }}_key: - name: "curl -s {{ repo.key_url }} | apt-key add -" - watch: - file: default_repo_list -+{%- if system.proxy.keyserver is defined %} ++{%- if system.proxy.keyserver is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.http %} + - env: + - http_proxy: {{ system.proxy.get('keyserver', {}).get('http', '') }} + - https_proxy: {{ system.proxy.get('keyserver', {}).get('https', '') }} @@ -58,7 +62,7 @@ index 5d4d059..724db5a 100644 {%- if repo.get('enabled', True) %} -+{%- if system.proxy.keyserver is defined %} ++{%- if system.proxy.keyserver is defined and grains['dns']['nameservers'][0] in system.proxy.keyserver.http %} + +{%- if repo.get('key') %} + @@ -96,7 +100,7 @@ index 5d4d059..724db5a 100644 {%- endif %} - file: /etc/apt/sources.list.d/{{ name }}.list - clean_file: {{ repo.clean|default(True) }} -+ {%- if system.proxy.keyserver is not defined %} ++ {%- if system.proxy.keyserver is not defined or grains['dns']['nameservers'][0] not in system.proxy.keyserver.http %} {%- if repo.key_id is defined %} - keyid: {{ repo.key_id }} {%- endif %} diff --git a/mcp/patches/0012-linux.storage.lvm-Disable-filter.patch b/mcp/patches/0012-linux.storage.lvm-Disable-filter.patch deleted file mode 100644 index de74fadcd..000000000 --- a/mcp/patches/0012-linux.storage.lvm-Disable-filter.patch +++ /dev/null @@ -1,35 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sat, 18 Nov 2017 22:03:01 +0200 -Subject: [PATCH] linux.storage.lvm: Disable filter - -Due to upstream bug [1], mixing OS-managed LVM volumes with Cinder -LVM volumes leads to a broken filter value in lvm.conf. -Temporarily disable the filter (whitelisting all devices, similar -to no-Cinder use-cases) until upstream bug is fixed. - -[1] https://github.com/salt-formulas/salt-formula-linux/issues/127 - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - -diff --git a/linux/files/lvm.conf b/linux/files/lvm.conf ---- a/linux/files/lvm.conf -+++ b/linux/files/lvm.conf -@@ -129,7 +129,8 @@ - # Example - # Accept every block device: - -- filter = [ {%- for vgname, vg in storage.lvm.iteritems() %}{%- if vg.get('enabled', True) %}{%- for dev in vg.devices %}"a|{{ dev }}*|"{%- if not loop.last %},{%- endif %}{%- endfor %}{%- endif %}{%- endfor %}, "r|.*|" ] -+ # NOTE(opnfv): https://github.com/salt-formulas/salt-formula-linux/issues/127 -+ # filter = [ {%- for vgname, vg in storage.lvm.iteritems() %}{%- if vg.get('enabled', True) %}{%- for dev in vg.devices %}"a|{{ dev }}*|"{%- if not loop.last %},{%- endif %}{%- endfor %}{%- endif %}{%- endfor %}, "r|.*|" ] - - # filter = [ "a|.*/|" ] - # Reject the cdrom drive: diff --git a/mcp/patches/0012-routes-Skip-network-restart-on-noifupdown.patch b/mcp/patches/0012-routes-Skip-network-restart-on-noifupdown.patch new file mode 100644 index 000000000..fb42512ea --- /dev/null +++ b/mcp/patches/0012-routes-Skip-network-restart-on-noifupdown.patch @@ -0,0 +1,37 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Mon, 8 Jan 2018 05:09:11 +0100 +Subject: [PATCH] routes: Skip network restart on 'noifupdown' + +Previously, setting up routes did not allow passing 'require_reboot', +so each route change would lead to a networking service restart, +rendering interface configuration options like 'noifupdown' useless. +Allow disabling network restart per-interface using the existing +'noifupdown' option. + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + linux/network/interface.sls | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/linux/network/interface.sls b/linux/network/interface.sls +index 921ceac..6ebc670 100644 +--- a/linux/network/interface.sls ++++ b/linux/network/interface.sls +@@ -338,6 +338,9 @@ linux_network_{{ interface_name }}_routes: + gateway: {{ route.gateway }} + {%- endif %} + {%- endfor %} ++ {%- if interface.noifupdown is defined %} ++ - require_reboot: {{ interface.noifupdown }} ++ {%- endif %} + + {%- endif %} + diff --git a/mcp/patches/0013-dpdk-Support-ovs-bridge-tagging.patch b/mcp/patches/0013-dpdk-Support-ovs-bridge-tagging.patch deleted file mode 100644 index f73931ea8..000000000 --- a/mcp/patches/0013-dpdk-Support-ovs-bridge-tagging.patch +++ /dev/null @@ -1,30 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2018 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Michael Polenchuk <mpolenchuk@mirantis.com> -Date: Mon, 22 Jan 2018 15:22:47 +0400 -Subject: [PATCH] [dpdk] Support ovs bridge tagging - -Bring in "tag" option for dpdk/ovs bridges -to support vlan-tagged vxlan mode. - -Change-Id: I7f1f88233694f2c8b968a6cf55584f32879ec042 - -diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls -index 1ac9e25..05fe05f 100644 ---- a/linux/network/dpdk.sls -+++ b/linux/network/dpdk.sls -@@ -110,7 +110,7 @@ linux_network_dpdk_bond_mode_{{ interface_name }}: - - linux_network_dpdk_bridge_interface_{{ interface_name }}: - cmd.run: -- - name: "ovs-vsctl add-br {{ interface_name }} -- set bridge {{ interface_name }} datapath_type=netdev" -+ - name: "ovs-vsctl add-br {{ interface_name }} -- set bridge {{ interface_name }} datapath_type=netdev{% if interface.tag is defined %} -- set port {{ interface_name }} tag={{ interface.tag }}{% endif %}" - - unless: "ovs-vsctl show | grep {{ interface_name }}" - - {# OVS dpdk needs ip address for vxlan termination on bridge br-prv #} diff --git a/mcp/patches/0014-reclass.storage.node-Merge-duplicate-nodes.patch b/mcp/patches/0014-reclass.storage.node-Merge-duplicate-nodes.patch new file mode 100644 index 000000000..a9d5b6589 --- /dev/null +++ b/mcp/patches/0014-reclass.storage.node-Merge-duplicate-nodes.patch @@ -0,0 +1,44 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Sun, 03 Dec 2017 22:03:01 +0200 +Subject: [PATCH] reclass.storage.node: Merge duplicate nodes + +Reclass does not support duplicate nodes in top pillar, so merge all +nodes with the same name into a single node, inheriting classes from +all instances. + +This allows using multiple "system.reclass.storage.system.*_cluster" +classes for the same node, based on re-using the name (hostname). + +NOTE: defaults.merge module does not merge lists (e.g. for classes), +so handle that case separately. + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + +diff --git a/reclass/storage/node.sls b/reclass/storage/node.sls +--- a/reclass/storage/node.sls ++++ b/reclass/storage/node.sls +@@ -1,7 +1,15 @@ + {%- from "reclass/map.jinja" import storage with context %} + {%- if storage.enabled %} + ++{%- set storage_by_name = {} %} + {%- for node_name, node in storage.get('node', {}).iteritems() %} ++{%- set new_node_name = node.get('name', node_name) %} ++{%- set new_node = storage_by_name.get(new_node_name, {'classes': []}) %} ++{%- do salt['defaults.merge'](node, {'classes': new_node.classes + node.classes}) %} ++{%- do salt['defaults.merge'](storage_by_name, {new_node_name: node}) %} ++{%- endfor %} ++ ++{%- for node_name, node in storage_by_name.iteritems() %} + + {%- if node.repeat is defined %} + diff --git a/mcp/patches/0015-Set-ovs-bridges-as-L3-interfaces.patch b/mcp/patches/0015-Set-ovs-bridges-as-L3-interfaces.patch new file mode 100644 index 000000000..c55a3727c --- /dev/null +++ b/mcp/patches/0015-Set-ovs-bridges-as-L3-interfaces.patch @@ -0,0 +1,86 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Wed, 28 Feb 2018 17:54:28 +0400 +Subject: [PATCH] Set ovs bridges as L3 interfaces + +Change-Id: I1e83129cc184cf481bea21d7aa452bf60d9e0499 + +diff --git a/linux/files/ovs_bridge b/linux/files/ovs_bridge +new file mode 100644 +index 0000000..c609e45 +--- /dev/null ++++ b/linux/files/ovs_bridge +@@ -0,0 +1,13 @@ ++auto {{ bridge_name }} ++allow-ovs {{ bridge_name }} ++iface {{ bridge_name }} inet static ++ ovs_type OVSBridge ++ address {{ bridge.address }} ++ netmask {{ bridge.netmask }} ++ mtu {{ bridge.get('mtu', '1500') }} ++ {%- if bridge.use_interfaces is defined %} ++ ovs_ports {{ bridge.use_interfaces|join(' ') }} ++ {%- endif %} ++ {%- if bridge.datapath_type is defined %} ++ ovs_extra set Bridge ${IFACE} datapath_type={{ bridge.datapath_type }} ++ {%- endif %} +diff --git a/linux/files/ovs_port b/linux/files/ovs_port +index 222ca8e..efb0307 100644 +--- a/linux/files/ovs_port ++++ b/linux/files/ovs_port +@@ -1,6 +1,9 @@ + auto {{ port_name }} + allow-{{ port.bridge }} {{ port_name }} + iface {{ port_name }} inet {{ port.get('proto', 'manual') }} ++{%- if '.' in port_name %} ++vlan-raw-device {{ port_name.split('.')[0] }} ++{%- endif %} + ovs_type {{ port.get('ovs_port_type', 'OVSIntPort') }} + mtu {{ port.get('mtu', '1500') }} + ovs_bridge {{ port.bridge }} +diff --git a/linux/network/interface.sls b/linux/network/interface.sls +index 180f912..dcb295b 100644 +--- a/linux/network/interface.sls ++++ b/linux/network/interface.sls +@@ -91,6 +91,34 @@ add_int_{{ int_name }}_to_ovs_dpdk_bridge_{{ interface_name }}: + ovs_bridge_{{ interface_name }}: + openvswitch_bridge.present: + - name: {{ interface_name }} ++{%- if interface.get('proto', 'manual') == 'static' %} ++ file.managed: ++ - name: /etc/network/interfaces.u/ifcfg-{{ interface_name }} ++ - makedirs: True ++ - source: salt://linux/files/ovs_bridge ++ - defaults: ++ bridge: {{ interface|yaml }} ++ bridge_name: {{ interface_name }} ++ - template: jinja ++ ++linux_interfaces_include_{{ interface_name }}: ++ file.prepend: ++ - name: /etc/network/interfaces ++ - text: | ++ source /etc/network/interfaces.d/* ++ # Workaround for Upstream-Bug: https://github.com/saltstack/salt/issues/40262 ++ source /etc/network/interfaces.u/* ++ ++ovs_bridge_up_{{ interface_name }}: ++ cmd.run: ++ - name: ifup {{ interface_name }} ++ - require: ++ - file: ovs_bridge_{{ interface_name }} ++ - openvswitch_bridge: ovs_bridge_{{ interface_name }} ++ - file: linux_interfaces_final_include ++ - unless: ++ - ip link show {{ interface_name }} | grep -q '\<UP\>' ++{%- endif %} + + {# add linux network interface into OVS bridge #} + {%- for int_name, int in network.interface.items() %} diff --git a/mcp/patches/0016-Set-boot-source-selections.patch b/mcp/patches/0016-Set-boot-source-selections.patch new file mode 100644 index 000000000..ff52681d2 --- /dev/null +++ b/mcp/patches/0016-Set-boot-source-selections.patch @@ -0,0 +1,31 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Michael Polenchuk <mpolenchuk@mirantis.com> +Date: Thu, 26 Apr 2018 16:29:02 +0400 +Subject: [PATCH] Set boot source selections + +Change-Id: I8dc738b3e6e6f1bfcc1348873f162651aff8bbdf + +diff --git a/maas/region.sls b/maas/region.sls +--- a/maas/region.sls ++++ b/maas/region.sls +@@ -171,6 +171,13 @@ maas_login_admin: + cmd.run: + - name: "maas-region apikey --username {{ region.admin.username }} > /var/lib/maas/.maas_credentials" + ++boot_source_selections: ++ cmd.run: ++ - name: "maas login {{ region.admin.username }} http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && maas opnfv boot-source-selection update 1 1 release='{{ region.maas_config.default_distro_series }}'" ++ - require: ++ - cmd: maas_login_admin ++ - unless: "maas login {{ region.admin.username }} http://{{ region.bind.host }}:5240/MAAS/api/2.0 - < /var/lib/maas/.maas_credentials && maas opnfv boot-source-selections read 1 | grep -q {{ region.maas_config.default_distro_series }}" ++ + maas_force_artifact_sync: + cmd.script: + - name: salt://maas/files/maas-artifact-sync.sh diff --git a/mcp/patches/fuel-patch-copyright.template b/mcp/patches/fuel-patch-copyright.template index 6c52af768..e92458082 100644 --- a/mcp/patches/fuel-patch-copyright.template +++ b/mcp/patches/fuel-patch-copyright.template @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/patch.sh b/mcp/patches/patch.sh index 1da3bc597..bb48dcd07 100755 --- a/mcp/patches/patch.sh +++ b/mcp/patches/patch.sh @@ -11,10 +11,9 @@ CI_DEBUG=${CI_DEBUG:-0}; [[ "${CI_DEBUG}" =~ (false|0) ]] || set -x if [ -r "$1" ]; then while IFS=': ' read -r p_dest p_file; do - if [[ ! "${p_dest}" =~ '^#' ]] && [[ "${p_dest}" =~ $2 ]] && \ - ! patch --dry-run -Rd "${p_dest}" -r - -s -p1 < \ - "/root/fuel/mcp/patches/${p_file}" > /dev/null; then - patch -d "${p_dest}" -p1 < "/root/fuel/mcp/patches/${p_file}" + if ! patch --dry-run -Rd "${p_dest}" -r - -s -p1 < \ + "/root/fuel/mcp/patches/${p_file}" > /dev/null; then + patch -d "${p_dest}" -p1 < "/root/fuel/mcp/patches/${p_file}" fi - done < "$1" + done < <(grep -vE '^#' "${1}" | grep -E "^.*${2}.*: ") fi diff --git a/mcp/patches/patches.list b/mcp/patches/patches.list index 2eb45b272..6a6e7a361 100644 --- a/mcp/patches/patches.list +++ b/mcp/patches/patches.list @@ -1,20 +1,19 @@ ############################################################################## -# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# Copyright (c) 2018 Mirantis Inc., Enea AB and others. # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## -/usr/share/salt-formulas/env: 0001-opendaylight-formula-neutron.patch /usr/share/salt-formulas/env: 0002-maas-region-skip-credentials-update.patch /usr/share/salt-formulas/env: 0003-maas-region-force-artifact-download.patch -/usr/share/salt-formulas/env: 0004-maas-region-use-authorized_keys-1st-entry.patch +/usr/share/salt-formulas/env: 0004-network.dpdk-Move-ifcfg-br-prv-to-interfaces.u.patch /usr/share/salt-formulas/env: 0005-maas-module-Obtain-fabric-ID-from-CIDR.patch /usr/share/salt-formulas/env: 0006-maas-module-Add-VLAN-DHCP-enable-support.patch /usr/share/salt-formulas/env: 0007-network.interface-Fix-ifup-OVS-port-with-route.patch -/usr/share/salt-formulas/env: 0008-Handle-kernel-boot-options.patch -/usr/share/salt-formulas/env: 0009-controller-Use-keystoneclient-to-check-project-ID.patch +/usr/share/salt-formulas/env: 0008-Handle-extra-environment-variables.patch /usr/share/salt-formulas/env: 0010-maas-region-allow-timeout-override.patch /usr/share/salt-formulas/env: 0011-system.repo-Debian-Add-keyserver-proxy-support.patch -/usr/share/salt-formulas/env: 0012-linux.storage.lvm-Disable-filter.patch -/usr/share/salt-formulas/env: 0013-dpdk-Support-ovs-bridge-tagging.patch +/usr/share/salt-formulas/env: 0012-routes-Skip-network-restart-on-noifupdown.patch +/usr/share/salt-formulas/env: 0015-Set-ovs-bridges-as-L3-interfaces.patch +/usr/share/salt-formulas/env: 0016-Set-boot-source-selections.patch diff --git a/mcp/patches/patches_init.list b/mcp/patches/patches_init.list new file mode 100644 index 000000000..94488cf9a --- /dev/null +++ b/mcp/patches/patches_init.list @@ -0,0 +1,8 @@ +############################################################################## +# Copyright (c) 2017 Mirantis Inc., Enea AB and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +/usr/share/salt-formulas/env: 0014-reclass.storage.node-Merge-duplicate-nodes.patch diff --git a/mcp/patches/reclass-system-salt-model/0001-Bring-in-opendaylight-support.patch b/mcp/patches/reclass-system-salt-model/0001-Bring-in-opendaylight-support.patch deleted file mode 100644 index c7ba5a740..000000000 --- a/mcp/patches/reclass-system-salt-model/0001-Bring-in-opendaylight-support.patch +++ /dev/null @@ -1,110 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Michael Polenchuk <mpolenchuk@mirantis.com> -Date: Thu, 29 Jun 2017 12:22:42 +0400 -Subject: [PATCH] Bring in opendaylight support - -Change-Id: I3efec9a8b586a6c75b1c1635ad2a7024d73d9ad2 ---- - neutron/control/opendaylight/cluster.yml | 17 +++++++++++++++++ - neutron/control/opendaylight/single.yml | 15 +++++++++++++++ - neutron/gateway/opendaylight/single.yml | 7 +++++++ - opendaylight/server/single.yml | 2 ++ - reclass/storage/system/opendaylight_control_single.yml | 13 +++++++++++++ - 5 files changed, 54 insertions(+) - create mode 100644 neutron/control/opendaylight/cluster.yml - create mode 100644 neutron/control/opendaylight/single.yml - create mode 100644 neutron/gateway/opendaylight/single.yml - create mode 100644 opendaylight/server/single.yml - create mode 100644 reclass/storage/system/opendaylight_control_single.yml - -diff --git a/neutron/control/opendaylight/cluster.yml b/neutron/control/opendaylight/cluster.yml -new file mode 100644 -index 0000000..a32e7ab ---- /dev/null -+++ b/neutron/control/opendaylight/cluster.yml -@@ -0,0 +1,17 @@ -+classes: -+- service.keepalived.cluster.single -+- service.haproxy.proxy.single -+- service.neutron.control.cluster -+- system.neutron.control.openvswitch.cluster -+parameters: -+ neutron: -+ server: -+ backend: -+ host: ${_param:opendaylight_service_host} -+ rest_api_port: 8282 -+ user: admin -+ password: admin -+ ovsdb_connection: tcp:127.0.0.1:6639 -+ mechanism: -+ ovs: -+ driver: opendaylight_v2 -diff --git a/neutron/control/opendaylight/single.yml b/neutron/control/opendaylight/single.yml -new file mode 100644 -index 0000000..053f14d ---- /dev/null -+++ b/neutron/control/opendaylight/single.yml -@@ -0,0 +1,15 @@ -+classes: -+- service.neutron.control.single -+- system.neutron.control.openvswitch.single -+parameters: -+ neutron: -+ server: -+ backend: -+ host: ${_param:opendaylight_service_host} -+ rest_api_port: 8282 -+ user: admin -+ password: admin -+ ovsdb_connection: tcp:127.0.0.1:6639 -+ mechanism: -+ ovs: -+ driver: opendaylight_v2 -diff --git a/neutron/gateway/opendaylight/single.yml b/neutron/gateway/opendaylight/single.yml -new file mode 100644 -index 0000000..2169001 ---- /dev/null -+++ b/neutron/gateway/opendaylight/single.yml -@@ -0,0 +1,7 @@ -+classes: -+- service.neutron.gateway.single -+parameters: -+ neutron: -+ gateway: -+ backend: -+ ovsdb_connection: tcp:127.0.0.1:6639 -diff --git a/opendaylight/server/single.yml b/opendaylight/server/single.yml -new file mode 100644 -index 0000000..3d11872 ---- /dev/null -+++ b/opendaylight/server/single.yml -@@ -0,0 +1,2 @@ -+classes: -+- service.opendaylight.server.single -diff --git a/reclass/storage/system/opendaylight_control_single.yml b/reclass/storage/system/opendaylight_control_single.yml -new file mode 100644 -index 0000000..ad809f5 ---- /dev/null -+++ b/reclass/storage/system/opendaylight_control_single.yml -@@ -0,0 +1,13 @@ -+parameters: -+ _param: -+ opendaylight_control_hostname: odl01 -+ reclass: -+ storage: -+ node: -+ opendaylight_control_node01: -+ name: ${_param:opendaylight_control_hostname} -+ domain: ${_param:cluster_domain} -+ params: -+ salt_master_host: ${_param:reclass_config_master} -+ linux_system_codename: ${_param:linux_system_codename} -+ single_address: ${_param:opendaylight_service_host} diff --git a/mcp/patches/reclass-system-salt-model/0003-Use-keystone-v3-endpoints-by-default.patch b/mcp/patches/reclass-system-salt-model/0001-Use-keystone-v3-endpoints-by-default.patch index 6f860bcce..514ea59e4 100644 --- a/mcp/patches/reclass-system-salt-model/0003-Use-keystone-v3-endpoints-by-default.patch +++ b/mcp/patches/reclass-system-salt-model/0001-Use-keystone-v3-endpoints-by-default.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 @@ -20,7 +20,7 @@ Change-Id: I7e9a1b180f4e0ddb24ec72ed9f08c9e2580c7897 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keystone/client/single.yml b/keystone/client/single.yml -index ebf5b5f..8007710 100644 +index a79ed7ec..86b4e09e 100644 --- a/keystone/client/single.yml +++ b/keystone/client/single.yml @@ -4,7 +4,7 @@ classes: @@ -31,4 +31,4 @@ index ebf5b5f..8007710 100644 +- system.keystone.client.service.keystone3 - system.keystone.client.service.neutron parameters: - linux: + _param: diff --git a/mcp/patches/reclass-system-salt-model/0004-Revert-Admin-endpoint-for-keystone-v3.patch b/mcp/patches/reclass-system-salt-model/0002-Revert-Admin-endpoint-for-keystone-v3.patch index 00b4cf34b..00b4cf34b 100644 --- a/mcp/patches/reclass-system-salt-model/0004-Revert-Admin-endpoint-for-keystone-v3.patch +++ b/mcp/patches/reclass-system-salt-model/0002-Revert-Admin-endpoint-for-keystone-v3.patch diff --git a/mcp/patches/reclass-system-salt-model/0002-mongodb-Parameterize-cluster-hostnames.patch b/mcp/patches/reclass-system-salt-model/0002-mongodb-Parameterize-cluster-hostnames.patch deleted file mode 100644 index b75044b16..000000000 --- a/mcp/patches/reclass-system-salt-model/0002-mongodb-Parameterize-cluster-hostnames.patch +++ /dev/null @@ -1,37 +0,0 @@ -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. -: -: All rights reserved. This program and the accompanying materials -: are made available under the terms of the Apache License, Version 2.0 -: which accompanies this distribution, and is available at -: http://www.apache.org/licenses/LICENSE-2.0 -:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> -Date: Sun, 10 Dec 2017 21:58:52 +0100 -Subject: [PATCH] mongodb: Parameterize cluster hostnames - -Replace mdb{01,02,03} with reclass params, similar to prev commit. - -Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> ---- - mongodb/server/cluster.yml | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/mongodb/server/cluster.yml b/mongodb/server/cluster.yml -index f3c16d6..1d1e397 100644 ---- a/mongodb/server/cluster.yml -+++ b/mongodb/server/cluster.yml -@@ -3,9 +3,9 @@ classes: - parameters: - _param: - mongodb_server_replica_set: mongodb -- mongodb_master: mdb01 -+ mongodb_master: ${_param:openstack_telemetry_node01_hostname} - mongodb_server_members: -- - host: mdb01 -+ - host: ${_param:openstack_telemetry_node01_hostname} - priority: 2 -- - host: mdb02 -- - host: mdb03 -+ - host: ${_param:openstack_telemetry_node02_hostname} -+ - host: ${_param:openstack_telemetry_node03_hostname} diff --git a/mcp/patches/scripts/0001-salt-master-setup.sh-Allow-arm64-salt-bootstrap.patch b/mcp/patches/scripts/0001-salt-master-setup.sh-Allow-arm64-salt-bootstrap.patch index 8d0c46c92..498743b77 100644 --- a/mcp/patches/scripts/0001-salt-master-setup.sh-Allow-arm64-salt-bootstrap.patch +++ b/mcp/patches/scripts/0001-salt-master-setup.sh-Allow-arm64-salt-bootstrap.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/scripts/0002-salt-master-init.sh-Apply-OPNFV-Fuel-patches.patch b/mcp/patches/scripts/0002-salt-master-init.sh-Apply-OPNFV-Fuel-patches.patch new file mode 100644 index 000000000..6c7cbb6e8 --- /dev/null +++ b/mcp/patches/scripts/0002-salt-master-init.sh-Apply-OPNFV-Fuel-patches.patch @@ -0,0 +1,35 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +Date: Fri, 8 Dec 2017 20:30:46 +0100 +Subject: [PATCH] salt-master-init.sh: Apply OPNFV Fuel patches + +Some of Fuel@OPNFV patches need to be applied before the reclass +storage.node state is ran for Salt Master, i.e. between installing +salt-formula-* packages and configuring the Salt Master salt services. + +JIRA: FUEL-310 + +Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> +--- + salt-master-init.sh | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/salt-master-init.sh b/salt-master-init.sh +index 343324c..a4ec138 100755 +--- a/salt-master-init.sh ++++ b/salt-master-init.sh +@@ -284,6 +284,7 @@ options + system_config + + saltmaster_bootstrap &&\ ++ /root/fuel/mcp/patches/patch.sh /root/fuel/mcp/patches/patches_init.list formulas &&\ + saltmaster_init &&\ + + verify_salt_minions diff --git a/mcp/patches/scripts/0002-salt-master-setup-Group-APT-install-formulas.patch b/mcp/patches/scripts/0003-salt-master-setup-Group-APT-install-formulas.patch index 71632681e..d5a9bf3c4 100644 --- a/mcp/patches/scripts/0002-salt-master-setup-Group-APT-install-formulas.patch +++ b/mcp/patches/scripts/0003-salt-master-setup-Group-APT-install-formulas.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2017 Mirantis Inc., Enea AB and others. +: Copyright (c) 2018 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 @@ -23,7 +23,7 @@ Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/salt-master-init.sh b/salt-master-init.sh -index 343324c..48a05b9 100755 +index a4ec138..db90a22 100755 --- a/salt-master-init.sh +++ b/salt-master-init.sh @@ -24,6 +24,12 @@ options() { |