Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
- Describe SSL certificate usage for public endpoints
- Fixed all code-blocks formatting on the file
JIRA:FUEL-328
Change-Id: Ifecab459ee0d633b4d8a254dcb01c92f76b66d4f
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
|
|
Similar to cmp, when route already exists, networking service fails
to start on 'nginx:server' slaves ('kvm' in novcp case).
JIRA: FUEL-349
Change-Id: I2dc83ea78528533e92c9b9125e78b6e4387bdfe2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- backport proposed fixup for ceilometer;
- remove 'ignore: all' from .gitmodules to make it easier to bump the
submodule;
- bump system submodule to upstream latest;
- drop patch merged upstream;
JIRA: FUEL-350
Change-Id: I68f232e0da5af368a1669a7379eedde5c4168b84
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
By default vrrp script seeks out haproxy process id, so change
check_pidof script arguments to "nginx" on proxy nodes.
Change-Id: I616bf90ba49fa8257d28d236dcf3b7c5598039f1
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* class including order (default was used)
* disable root_helper_daemon (incompatible with UCA)
* turn off websocket for pseudo agent updates
Change-Id: I4d7971d393da184bdd55f65b4d3fd8d9e898543f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
JIRA: FUEL-329
Change-Id: I56c8e027dc797a86848b73af30adbf40de119f85
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- dummy copy of os-nosdn-nofeature-ha masquerading as
os-ovn-nofeature-ha scenario placeholder;
JIRA: FUEL-329
Change-Id: Ic5e6d65cf057289bb13ce2fa157b6ba53d7dab80
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I71fdc7ccd84a0700333734b5144a4281b53cf25b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: If7d51555bc13dbcaa63f93ab1993f3655e2ce643
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I687b73b256aca78c9d41d4bcd49bfbde51278b51
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: Ie4d8e70866d533d195a6e80cdfecbdb00a3027ce
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I9e71d9006bad53cc79805ed9255b53b6c5705725
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- bump Pharos git submodule for j2 'do' extension + batch mode;
- adopt j2 'do' in our templates;
- use int filter for 'native' vlan check;
- lib.sh: adopt `-i` to remove `ln` hack for net_map.j2;
- lib.sh: adopt `-b` to speedup template parsing;
NOTE: Bumping Pharos will also bring in the latest changes in
pod_config.yml.j2, which include massive IP shifts and updates.
JIRA: FUEL-335
Change-Id: I7d3a997b3d8659d5f09f867870fb3a148c1ec6df
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
|
|
Change-Id: I503c8ad32900406e1fa375cec9a91b454889d8bf
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Ib903863a7a46008c93ee795083712a50a022a41d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
All settings specific to private nic are handled by linux.network.dpdk
but since the private nic's `interface.type` is currently 'eth', it is
not filtered out from /etc/network/interfaces.
To prevent this, define `interface.type` as a dummy value containing the
'dpdk' substring.
Change-Id: I565153ee80698572209e12b4eec5f44f9416d945
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Run the pharos yaml schema validation for configuration files
before expanding them
JIRA: FUEL-341
Change-Id: Ia1d69f53265876683a1b6674665a9594ba7dae16
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
|
|
Change-Id: Icee56da3720f0926e42390965581639f6a344b77
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I8d526d51a3e18652c59bad9d7c3c384aa6583566
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Now we explicitly add a LVM PV on /dev/sda{1,2} for Cinder storage,
so we can safely drop the patch disabling LVM volume filtering.
If we later move the PV to a different disk, we can just add the VG
and LV definitions to linux:storage via reclass, and Salt will skip
setting them up (as they're already created by MaaS), yet keep the
filtering sane.
While at it, fix 'nova_cpu_pinning' param expr; constructs based on
reclass interpolation (e.g. '${_param:x}') do not work when
parameters are passed via reclass.storage templating, so change
reclass interpolation syntax with classic YAML anchors.
Fixes: 672ae12
Change-Id: Ieb41635ddeb630543d7e4d1079f45d636d9a43af
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- node-specific parameters (nova pinning, hugepages, dpdk) should be
configurable via IDF, on a per-node basis;
- keep default settings for lf-pod2, with and without DPDK,
override them for virtual deploys via local-virtual1 IDF;
- leave neutron_tenant_* vars hardcoded for now, as they are required
on both ctl and cmp nodes - this way we'll deal stricly with
cmp params, so we can nicely pass them via config.yml to reclass
per-node (and not per-role), allowing mixed computes later;
- add compute params for ovs/odl-noha, preparing them for
deployment on baremetal later.
JIRA: ARMBAND-343
Change-Id: I89a58b9565679ab3882d85f07ae817690ae85c67
Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
|
|
- fix `route-br-ex` if-up.d script failing when route already exists
by adding a wrapper around distro's '/sbin/route' binary in
'/usr/local/sbin/route', exploiting default order in Ubuntu PATH;
- fix 'br-prv' duplicate entry in 'interfaces.d/ifcfg-br-prv' and
'interfaces' caused by upstream bug [1];
- add barrier waiting for all baremetal nodes online before attempting
reboot, trying to catch rare failures which are undetectable in logs
as both a succesful reboot and a disconneted minion report 'n/c';
With the above in place, networking service should no longer fail
to start on cmp nodes w/ DPDK.
[1] https://github.com/saltstack/salt/issues/40262
Change-Id: I6d4895376ce323c14c997e6c9af2ea3eeeee0184
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I17e66457f90818bad4d746300bb49e9d5179c239
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Maas uses a tftp library during commisioning which in turn uses another
library which tries to find the best packet size to use. For some reason
during commisioning the library uses smaller sizes than the
infrastructure can handle and therefore takes a lot of time to deploy.
JIRA: ARMBAND-351
Change-Id: I9b3083a059c04b118e8b7f0f2723af67d96d2aad
Signed-off-by: Charalampos Kominos <charalampos.kominos@enea.com>
|
|
Replace loop device LVM-backed cinder volume with a dedicated
/dev/vdb drive.
This is another small step towards bringing noHA to baremetal.
Change-Id: I80f9c2bee42e933a36ab7a8f9b4c5247d1652b42
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On systems with more than 2TB on /dev/sda, MaaS automatically creates
a 1MB partition with bios_grub label as /dev/sda1.
Account for this and expect rootfs to reside on /dev/sda2 (assume
all compute nodes have the same behavior wrt this issue).
Ideally, later we will switch to explicit partitioning via MaaS, or to
a new baremetal provisioner like Ironic.
Requires bumping Pharos git submodule to pick up the new j2 filter.
Fixes: f6f8a56
JIRA: FUEL-330
Change-Id: I12f5046cf69bf2f52c8b8dc331b90048df643646
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On cmp nodes, we assing 30G (fixed) to rootfs, use the rest for
cinder.
Note: AArch64 gets one extra partition (the EFI System Partition or
ESP) on /dev/sda1 via MaaS.
JIRA: FUEL-330
Change-Id: I2a36107d074532b627bd2349cafc0c8ee61f500f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- add Armband nightly/extra DEB repository;
- install forked and updated reclass 1.5.2 which includes:
* better error reporting;
* support for deleting existing keys during list interpolation;
* various other improvements and optimizations;
While at it, update copyright year for patches.
JIRA: FUEL-345
Change-Id: I00d8b625fe191648e7ea34b3dd4c8375691384e6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Virtual compute nodes goes to kernel panic during nova instances ops
under hwe kernel, so use the default one from xenial image.
Change-Id: Iae100b68208cc1fb9e43e45f385e762cdbd6573a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
All other VCP nodes (mdb, prx, ctl etc.) inherit only the infra
subdir of each scenario, so apply the same to dbs, msg.
This should cut down some operations during reclass interpolation
for affected nodes, without any changes in output pillar data.
Change-Id: I77ae6e1d5658cba87fcd8c45a5f8f5e177e0eda9
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: Id1ca66938531e1d24ec0d44194f8b09643062944
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
|
|
* changes:
[baremetal] Use upstream lab proxy for keyservers
[MaaS] Override failed testing by default
|
|
|
|
Previous commit used a pattern that is too generic and always matches
the substring 'mcp' vs the node hostname, not only pkg version.
Fixes: 4658acf
Change-Id: Ia4dcbbf7cdfa68574c86459217101d83d61add01
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Proxy chainloading does not always work for keyserver requests, so:
- mv common.infra.lab_proxy_pdf common.include.lab_proxy_pdf;
- mv common.include.proxy common.include.maas_proxy;
- include lab_proxy_pdf after each maas_proxy, so if upstream_proxy
is defined, it will override the MaaS proxy;
JIRA: FUEL-317
Change-Id: I63749be0d350ea73ea2cf6e629710766b14ecb73
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On cmp nodes, allocate only 30GB (fixed for now) for / partition.
The rest of the disk(s) can later be allocated via salt-formula-linux.
JIRA: FUEL-330
Change-Id: Ie11c78791e60801719cd33475ff91fc003df5ffa
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Some nodes fail automatic testing done by MaaS during commissioning,
although running the testing suites one more time manually works.
For now, just override all 'failed testing' nodes unconditionally.
JIRA: FUEL-333
Change-Id: I13d3ee3d82550524480aa53aa8752ab90aa940cd
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
Set nova/libvirt disk cache modes to file directsync to bypass the
host page cache & prevent instance's kernel panic due to absent
/dev partition. Caching mode directsync effectively turns all guest
I/O operations into direct I/O operations on the host, which is the
NFS client (virtuals) or GlusterFS (baremetals).
Also return back to hwe kernel as a golden mean between GA & Edge ones.
Change-Id: I51ab7d0ee71c214ff16b756cfee16e918738b6fd
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Fixes: 86c8109
Change-Id: I0a947bd7db5dd7cb830cc932f5a0d16831551923
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
In order to avoid using cache data with initial/outdated
configuration, mask opendaylight service before package
installation.
JIRA: FUEL-344
Change-Id: I71eb0b0a5af93d6d21698e76587b32098aba96b4
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Drop one questionable patch responsible for MaaS node authorized
keys to include mcp.rsa.pub by reading the contents of authorized
keys on mas01, assuming mcp.rsa.pub will be on the first line.
Instead, export the contents of the public key using a shell env
var during deploy, which gets expanded via maas_pdf j2 template
into a reclass param, leveraging existing salt-formula-maas sshprefs
mechanism for delivering the key to MaaS.
Since we require the public key to exist before expanding templates,
move `generate_ssh_key` call outside the current infrastructure
handling block, allowing it to execute during all `deploy.sh` calls,
even for dry-runs.
Change-Id: I0f53b0f764a2fafd292e0ffd399c284acf61bd30
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|