diff options
Diffstat (limited to 'mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2')
-rw-r--r-- | mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 | 136 |
1 files changed, 81 insertions, 55 deletions
diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 index e16453e03..092febabb 100644 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 @@ -10,36 +10,44 @@ # NOTE: pod_config is generated and transferred into its final location on # cfg01 only during deployment to prevent leaking sensitive data classes: - - system.linux.system.single.simple - system.maas.region.single - service.maas.cluster.single - cluster.all-mcp-arch-common.opnfv.lab_proxy_pdf - cluster.all-mcp-arch-common.opnfv.pod_config parameters: _param: - mcpcontrol_interface: ${_param:opnfv_fn_vm_primary_interface} - primary_interface: ${_param:opnfv_fn_vm_secondary_interface} - pxe_admin_interface: ${_param:opnfv_fn_vm_tertiary_interface} - interface_mtu: 1500 - # MaaS has issues using MTU > 1500 for PXE interface - pxe_admin_interface_mtu: 1500 - linux_system_codename: xenial + linux_system_codename: bionic maas_admin_username: opnfv dns_server01: '{{ nm.dns_public[0] }}' - pxe_admin_address: ${_param:infra_maas_node01_deploy_address} - single_address: ${_param:pxe_admin_address} - hwe_kernel: 'hwe-16.04' + single_address: ${_param:infra_maas_node01_deploy_address} + hwe_kernel: 'ga-18.04' opnfv_maas_timeout_comissioning: {{ nm.maas_timeout_comissioning }} opnfv_maas_timeout_deploying: {{ nm.maas_timeout_deploying }} maas: region: + services: + - maas-regiond + - bind9 +{%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO or '-fdio-' in conf.MCP_DEPLOY_SCENARIO %} + tags: + aarch64_hugepages_1g: + comment: 'Enable 1G pagesizes on aarch64' + definition: '//capability[@id="asimd"]|//capability[@id="cp15_barrier"]' + kernel_opts: 'default_hugepagesz=1G hugepagesz=1G kpti=off' +{%- endif %} + enable_iframe: False + timeout: + # Set maas.wait_for_<state> timeouts to ~2.5x of MaaS <state> timeout + ready: {{ nm.maas_timeout_comissioning * 150 }} + deployed: {{ nm.maas_timeout_deploying * 150 }} + attempts: 3 boot_sources_delete_all_others: true boot_sources: resources_mirror: url: http://images.maas.io/ephemeral-v3/daily keyring_file: /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg boot_sources_selections: - xenial: + bionic: url: "http://images.maas.io/ephemeral-v3/daily" os: "ubuntu" release: "${_param:linux_system_codename}" @@ -49,8 +57,7 @@ parameters: {%- endfor %} subarches: - "generic" - - "ga-16.04" - - "hwe-16.04" + - "ga-18.04" labels: '"*"' fabrics: pxe_admin: @@ -81,8 +88,8 @@ parameters: armband: name: armband enabled: '1' - url: 'http://linux.enea.com/mcp-repos/${_param:openstack_version}/${_param:linux_system_codename}' - distributions: '${_param:openstack_version}-armband' + url: 'http://linux.enea.com/mcp-repos/${_param:armband_repo_version}/xenial' + distributions: '${_param:armband_repo_version}-armband' components: 'main' arches: 'arm64' key: ${_param:armband_key} @@ -94,8 +101,8 @@ parameters: active_discovery_interval: 600 ntp_external_only: true upstream_dns: ${_param:dns_server01} - commissioning_distro_series: 'xenial' - default_distro_series: 'xenial' + commissioning_distro_series: 'bionic' + default_distro_series: 'bionic' default_osystem: 'ubuntu' default_storage_layout: 'lvm' enable_http_proxy: true @@ -104,43 +111,62 @@ parameters: enable_third_party_drivers: true network_discovery: 'enabled' default_min_hwe_kernel: ${_param:hwe_kernel} + kernel_opts: 'spectre_v2=off nopti kpti=off nospec_store_bypass_disable noibrs noibpb' cluster: - saltstack_repo_xenial: "deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/16.04/amd64/2017.7/ xenial main" + saltstack_repo_bionic: "deb [arch=amd64] http://archive.repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7/ bionic main" + region: + host: ${_param:single_address} + port: 5240 +{%- if '-iec-' not in conf.MCP_DEPLOY_SCENARIO and conf.MCP_KERNEL_VER %} + curtin_vars: + amd64: + bionic: &curtin_vars_bionic + kernel_package: + enabled: True + value: 'linux-image-{{ conf.MCP_KERNEL_VER }}-generic' + extra_pkgs: + enabled: True + pkgs: + - linux-image-{{ conf.MCP_KERNEL_VER }}-generic + - linux-headers-{{ conf.MCP_KERNEL_VER }}-generic + - linux-modules-extra-{{ conf.MCP_KERNEL_VER }}-generic + arm64: + bionic: + <<: *curtin_vars_bionic +{%- endif %} linux: system: - kernel: - ~boot_options: - - ipv6.disable=0 - network: - interface: - mcpcontrol_interface: - enabled: true - name: ${_param:mcpcontrol_interface} - type: eth - proto: dhcp - primary_interface: - enabled: true - name: ${_param:primary_interface} - type: eth -{%- if conf.idf.fuel.jumphost.get('trunks', {}).get('mgmt', False) and (nm.vlan_mgmt | int > 0) %} - proto: manual - mtu: ${_param:interface_mtu} - primary_interface_vlan: - enabled: true - type: vlan - name: ${_param:primary_interface}.{{ nm.vlan_mgmt }} - use_interfaces: - - ${_param:primary_interface} -{%- endif %} - proto: static - mtu: ${_param:interface_mtu} - address: ${_param:infra_maas_node01_address} - netmask: ${_param:opnfv_net_mgmt_mask} - pxe_admin_interface: - enabled: true - name: ${_param:pxe_admin_interface} - mtu: ${_param:pxe_admin_interface_mtu} - proto: static - address: ${_param:single_address} - netmask: ${_param:opnfv_net_admin_mask} - type: eth + repo: + armband_3: + enabled: false + ~locale: '' + ~kernel: + sysctl: + net.ipv4.ip_forward: 1 + iptables: + schema: + epoch: 1 + service: + v4: + enabled: true + persistent_config: /etc/iptables/rules.v4 + v6: + enabled: false + tables: + v4: + filter: + chains: + INPUT: + ruleset: + 10: + rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask} + 11: + rule: -d ${_param:single_address}/${_param:opnfv_net_admin_mask} + nat: + chains: + POSTROUTING: + policy: ACCEPT + ruleset: + 10: + rule: -s ${_param:single_address}/${_param:opnfv_net_admin_mask} + action: MASQUERADE |