aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2019-02-28Fix race condition with nova privsep utimestable/gambiaMichael Polenchuk3-10/+18
Bug: https://bugs.launchpad.net/nova/+bug/1809123 Change-Id: I14622c21826aeeddac6ea7bf7f9d116cd3e68cfb Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit ac56d7b14f46b05f497b3dca4b6a4b0bfedd83e2)
2019-02-26[lib] Add fatal validation of old kernel on UbuntuAlexandru Avadanii1-0/+8
As reported in [1], kernel 4.4 seems to break nested virtualization, add a fatal check against it. [1] https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1797332 Change-Id: I0aef8a7340dd82bfeb2e58c9642623b9ec13dca5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 5b838797e514ba3dc613017054816feb538034a5)
2019-02-26[cfg01] Reduce mine_interval to 15 minAlexandru Avadanii1-1/+1
Some PODs are fast enough to get past installing, syncing and using MaaS to provision the OS on the baremetal nodes before the 1h mine refresh. Since mine.update operation is fast enough to go unnoticed and we only collect IP addresses, grains and pem entries, schedule it every 15 minutes. Due to reclass class inheritance, we can't easily override this via pillar data, so handle it via entrypoint.sh. Change-Id: I0d8ed2da838ad09c94e9327d0131d3e239de4f08 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 90208ef02e80c127b662dd6e7e3ca9db05d69048)
2019-02-15[cfg01] Schedule x509.get_pem_entries mine updateAlexandru Avadanii1-0/+4
Previously, Salt Master CA mine was only sent once, during salt.minion.ca state execution at cfg01 bringup / bootstrap. This causes possible issues with: - Salt Master container restart (mine data is lost); - UNH Lab deployment (uknown rootcause, might be related to XFS and overlay2 being used with Docker on CentOS); To bypass this issue, make x509.get_pem_entries module send mine data at the default mine interval (60 minutes). Change-Id: I5f6334ae18f5af6cbe0a164791603b67f0a3668f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 5ec93b557da3784144b7000be5245bbf5d1bb4f4)
2019-02-06Merge "[submodule] Bump Pharos for arm-pod10 cmp change" into stable/gambiaAlexandru Avadanii1-0/+0
2019-02-04[fdio] Fix VPP package pinningAlexandru Avadanii1-2/+2
Previously, Ubuntu ignored the VPP pinning with: N: Ignoring file 'fdio.ubuntu' in directory '/etc/apt/preferences.d/' as it has an invalid filename extension Change-Id: I5ee60c1715bea3b4180b55125dc72962a70c2754 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit a4e83d75373702f2cb44f394c426750318611c5e)
2019-02-04[submodule] Bump Pharos for arm-pod10 cmp changeAlexandru Avadanii1-0/+0
Change-Id: Ia7f8845017333e54db110bca5b3715702948b76b Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 918c1273f7d0b3fafb6b1d2fce1f6f8a8384e014)
2019-01-30[fdio] Pin VPP packages to 18.07-releaseAlexandru Avadanii1-1/+7
VPP 18.10 has a weird bug triggered by certain packets, e.g. from inside a guest VM on a compute node, these behave differently: $ udhcpc -x hostname:1234567890123456789012 # works $ udhcpc -x hostname:12345678901234567890123 # confuses VPP on gtw01 To avoid this bug, pin VPP to the previous release, which does not exhibit the issue. Change-Id: I8c1e085731909d4b9296e8b09608887a4b5bfdd6 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 8ea1edb53676fdf074694967368747bd6919d682)
2019-01-29[ovs] Start ovs services before networkingAlexandru Avadanii13-21/+133
Fix broken systemd service unit dependecies: - OVS should start before networking service; - OVS ports & bridges should not be automatically ifup-ed by networking service to avoid races, so drop 'auto' for both (OVS ports are automatically handled when part of an OVS bridge); - explicitly ifup OVS bridges as part of networking service, but after all Linux interfaces have been handled; - use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another race condition; While at it, fix some other related issues: - make OVS service start after DPDK service (if present); - bump OVS-DPDK compute VMs RAM since since switching from MTU 1500 to jumbo frames for virtual PODs a while ago failed to do so [1]; - avoid creating conflicting reclass linux.network.interfaces entries for OVS ports by using their name (drop 'ovs_port_' prefix): * for untagged networks they will override existing common defs; * for tagged networks, they will create separate entries; - DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race conditions after node reboot by letting OVS handle them; [1] https://developers.redhat.com/blog/2018/03/16/\ ovs-dpdk-hugepage-memory/ Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry-picked from commit ac7fd699468ad9a02b250e5ef890aff8a03ce1bf)
2019-01-28Update openvswitch to 2.10opnfv-7.2.0Michael Polenchuk6-16/+43
Change-Id: I0121b3190869528e5f2e9985f9e9299ac6c6724e Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-01-27[fdio] Increase VIF plug-in timeoutAlexandru Avadanii2-2/+2
Baremetal clusters might benefit from having a little more time to plug in the VIFs. Change-Id: I9406a0ef24de2177827b3acd27b7c60b293a4572 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit cb5a6d3029bd739d89d97607d2cf8e4f6c71cd6f)
2019-01-24Merge "[fdio] Make VIF timeout non-fatal" into stable/gambiaAlexandru Avadanii2-0/+10
2019-01-24[fdio] Make VIF timeout non-fatalAlexandru Avadanii2-0/+10
The first VMs spawned still exhibit the race condition described in the ticket, so apply the same workaround proposed during the Fraser release cycle in FDS. JIRA: FDS-156 Change-Id: I3b2b1ed7b5711daf81b5f4a263e4dbee9f502259 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 527f953f6006e9934d0bba843018247a6764a35c)
2019-01-24[docs] Update Gambia 7.2 release dateAlexandru Avadanii1-1/+1
Change-Id: I27d13cafcfa45f70413695dbb6fe29e5bb222a3e Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 689ca642765365ea41e603684c679cad5a830476)
2019-01-21[uefi_cleanup] Use grain targetingAlexandru Avadanii1-8/+3
Alternating HA and no-HA scenario deployments on baremetal requires non-hostname targeting for UEFI cleanup (e.g. ctl01/gtw01/kvm01). Change-Id: I9f0e967b500856b65a69ea0ab6ea13e15b327d8b Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 8de84a06b723a237aa34dd42d020ba06ae57dcf5)
2019-01-17[submodule] Bump Pharos for arm-pod10 cmp NIC syncAlexandru Avadanii1-0/+0
Change-Id: I177598d4d20539e50aab5f283e8d10022a4f1a14 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit ae0456292b2932f591d110fb052d480db026fbe2)
2019-01-16[submodule] Bump Pharos for arm-pod10 NIC reorderAlexandru Avadanii1-0/+0
Change-Id: I79d3167432d48500346d5c8294d447c54e0cb6be Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 50afe2ca1c8cd4e0c8d888d56ac67caab51e82bb)
2019-01-16Make shutdown only on physical nodesMichael Polenchuk2-2/+6
Change-Id: If167e7a6bdcdccd6b6df43bd5cac54250abec61a Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 352e7bb783b5cb70a41acff26d4a7635ba9aeaec)
2019-01-15Merge "[docs] Update documentation for Gambia 7.2" into stable/gambiaAlexandru Avadanii11-79/+28
2019-01-15Merge "[noha] Fix gtw private NIC name in j2 templates" into stable/gambiaAlexandru Avadanii2-3/+3
2019-01-15[baremetal] Shutdown nodes from previous deployAlexandru Avadanii1-0/+1
When noha scenarios are scheduled on the same CI POD currently running a previously deployed HA scenario, one baremetal node might remain unused (kvm03), connect to the new Salt master and interfere with the deployment. To prevent that, shutdown all baremetal nodes at the begining of the deployment. Change-Id: Ia9bad8b5d8348433cefac9aa76eca0de664f187d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 267bd35d4b7656a7eb0236fa04acbbaba76f5da3)
2019-01-14[centos] Update altarch kernel URLAlexandru Avadanii1-6/+2
CentOS recently moved its kernel source RPM from the altarch subdir to the same directory x86_64 kernel sources used to reside, so update our script accordinly. Change-Id: I88010eabdfc15d6a79350dface29258cc37c4b95 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 250e40c2e9e9ec99d771b39262aac2bfdcb959c2)
2019-01-14[noha] Fix gtw private NIC name in j2 templatesAlexandru Avadanii2-3/+3
Change-Id: Ic266864913dcac021b3e12f426e1c8a60c23fe87 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 65b4efd8fca25380825af4f165bf51fdd68086db)
2019-01-14[patch] Avoid ifup run if noifupdown is turned onMichael Polenchuk1-13/+18
Handle noifupdown option for all cmd.run states with explicit ifup call as well. Change-Id: Ie855a0810bcfe4a856cf9d29bd0755643d71ff4d Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit fb1be0fa7097ae68eca9fe5aaa8820afa6bdd151)
2019-01-12[docs] Update documentation for Gambia 7.2Cristina Pauna11-79/+28
Change-Id: I180f668b297ad97dd95bd9201005410fe7a62b4c Signed-off-by: Cristina Pauna <cristina.pauna@enea.com> (cherry picked from commit e1acfcab9563a6bed784d11d7c782cb5b854fb21)
2019-01-10[noha] Bring in FDIO (VPP+DPDK) scenarioAlexandru Avadanii21-78/+709
- cmp, gtw: bump RAM allocation to accomodate hugepages/VPP; for now we overcommit, gtw01 resources can probably be lowered; - submodule: add salt-formula-neutron so we can locally patch it; - repo: * FD.IO repos for VPP packages; * networking-vpp PPA for python-networking-vpp Neutron driver; - use vpp-router for L3, disable neutron-l3-agent; - baremetal_init: apply repo config before network (otherwise UCA repo is missing when trying to install DPDK on baremetal nodes); - arm64: iommu.passthrough=1 is required on ThunderX for VPP on newer kernels; Design quirks: - vpp service runs as 'neutron' user, which does not exist at the time VPP is installed and initially started, hence the need to restart it before starting the vpp-agent service; - gtw01 node has DPDK, yet to configure it via IDF we use the compute-specific OVS-targeted parameters like `compute_ovs_dpdk_socket_mem`, which is a bit misleading; - vpp-agent requires ml2_conf.ini on ALL compute AND network nodes to parse per-node physnet-to-real interface names; - vpp process is bound to core '1' (not parameterized via IDF); Change-Id: I659f7dbebcab7b154e7b1fb829cd7159b4372ec8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 455b46a6be4bca145c047ed6957727c119285796)
2019-01-03[MaaS] Implement aarch64 tags for kernel_optsAlexandru Avadanii3-0/+102
On AArch64, 1G hugepages need to be enabled via kernel cmdline before mounting hugetlbfs [1]. Leverage MaaS tags to apply custom kernel args to AArch64 nodes. [1] https://wiki.debian.org/Hugepages Change-Id: Ie68ddf805836ee62f725019b0b873082b1d40948 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit f19e6e8f4c50f3c2198f8871dde44334ed636eff)
2018-12-14[docker] deploy.sh: Use tag for stable branchopnfv-7.1.0Alexandru Avadanii1-1/+3
Outside OPNFV Jenkins (i.e. when manually cloning the OPNFV Fuel repo and starting a deploy), the Docker tag used to default to 'latest' unless the user specifically set it to 'gambia'. Rely on 'defaultbranch' setting in .gitreview to determine the appropiate Docker tag. Change-Id: I7e6b0706597d84d7cd5dc077499da78031aa61af Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 4ad7cf5046bbfb90d11f6c172475d75fad257149)
2018-12-14[docs] Updates for Gambia 7.1.0 releaseAlexandru Avadanii38-68/+74
While at it, rename FDIO (VPP) scenarios to align with OPNFV FDS and OPNFV Apex projects. Change-Id: I9aab5dc4a0dc41a2cc996687a8a2726d03288678 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit c6a4fcf01b5bcb0533d552d761f7462190df44b7)
2018-12-14Merge "[ha] barbican, nova targeting: use server:role" into stable/gambiaCristina Pauna1-3/+4
2018-12-13[VCP] Reboot all VCP VMs after network configAlexandru Avadanii1-2/+2
Currently, PXE/admin on VCP nodes still uses MaaS DHCP before the new network configuration is enforced. A live network refresh would break minion registration with the Salt master, so perform a node reboot instead. Change-Id: I1c25f63f6c98a9fff98108d3fad9550dd4468355 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 59cc3ee4457005bdea78b2a407243d4fcb32f177)
2018-12-12Make MTU cluster-level configurable via IDFAlexandru Avadanii16-27/+22
JIRA: FUEL-336 Change-Id: I1c8d22b8322f700eb727d9077035ba4c9f9f9753 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit e2c175f3114fb1857ab8ab4bb7e8ff2f8daf18bd)
2018-12-12[docs] Update scenario matrix: os-odl-bgpvpn-nohaStamatis Katsaounis1-0/+4
Scenario description resides in the SDNVPN repository. JIRA: FUEL-393 Change-Id: I2c4f3c32821ed47ea104706bd1bff6e2e55eb50f Signed-off-by: Stamatis Katsaounis <mokats@intracom-telecom.com> (cherry picked from commit 3633ccf6b4fa39e3cef23bf4690073786e133044)
2018-12-11[odl/dpdk] Disable up/down for public interfaceMichael Polenchuk1-0/+2
There is a race with interfaces up/down action during configuration, so activate them after node reboot. Change-Id: Id40ce746cc6635fcedd0f9c809cf4a9fe4d1f034 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 38c2905e88a113ab8fbe10bb9e30a02294e66143)
2018-12-10[bgpvpn] Use Linux bridge for odl01 public networkAlexandru Avadanii1-3/+8
Previously, we used a single interface definition for public network on odl01 node, which does not work well for baremetal setups that use a tagged VLAN public network, like ericsson-pod1. Change-Id: I10ff7c105406691011e94e06b2f099dc2cdf8a06 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit b8a85f1c6213e3abaf295e7662c4b0df4570039b)
2018-12-10[ha] barbican, nova targeting: use server:roleAlexandru Avadanii1-3/+4
Instead of matching the hostname to determine the primary barbican node, rely on pillar data. While at it, apply the same logic to nova:controller states. Change-Id: Ia4ac391927a8b4b223febff106b400e84d264f7a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit a4d64c6ff23dd2957b34ebc303c16ee640d709e6)
2018-12-08[cfg01] reclass: Apply broken default patch firstAlexandru Avadanii2-3/+4
reclass settings.py should be patched before the salt-master service is started (since we can't restart it inside the container without killing the tini init). Fixes: 2de5348a Change-Id: Id62d8f9f12fd72ef60322dd9907f26907231c4a7 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 137d0635cc47ae2e0b86c97ee13e93bf2bf94f51)
2018-12-08Merge "[ha] fix barbican server install error" into stable/gambiaAlexandru Avadanii1-1/+2
2018-12-07[cfg01] Patch reclass settings.py broken defaultAlexandru Avadanii1-0/+3
Until a new reclass release including the fix for [1] is published, patch settings.py explicitly. [1] https://github.com/salt-formulas/reclass/issues/77 Change-Id: If93848a6b6f084c76e64ddcf7bfdfa52b7d59050 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 2de5348a8b267a1742154dd6d5c4f5bd3a2983ab)
2018-12-07[ha] fix barbican server install errorGuillermo Herrero1-1/+2
Ensure installation happens first on node 1 first, run as batch on the rest after. Change-Id: I1ac3f516c35c4941b343e88d47c78b19d13d7b90 Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com> (cherry picked from commit 73b02742d463fc2932ef66baee7123fc773c1b0c)
2018-12-07Revert "Revert "Conform configs to updated Redis v5.0 package""Michael Polenchuk2-2/+2
This reverts commit 86c0ba63236b96fbf38370280d85a23290b19680. The package of Redis v5.0 has been returned back to repository. Change-Id: I674238ef36528a9a16a914811b675349acf0bf07 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-12-04submodule: Bump pharos to latestPaul Vaduva1-0/+0
Change-Id: I1bf4452e0f6e9aa5d2b9a002a1ec45c70fb8c2ab Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com> (cherry picked from commit 2b58963221b1378d7be31a99296d4762282dff07)
2018-12-03[docker] compose: Switch ip_range to ipv4_addressAlexandru Avadanii3-9/+11
Explicitly set the ipv4_address for each network instead of relying on ip_range allocation, which seems to fail / not be picked up. While at it, use docker-compose 1.22 or newer to bypass slow Docker network creation with 'macvlan' driver [1]. [1] https://github.com/docker/compose/issues/5248 Change-Id: Ic31851522576ebb2407d869b7c3ed7bd06951922 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 904183e275ca6b2aa6cad11a330fc060d5379b3e)
2018-12-01[state] maas: Retry first state apply on mas01Alexandru Avadanii1-1/+1
Change-Id: I6d2fab853b25d2f235e27c83a355ebc2c520771c Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 20dcc03e2acd0d143723c3c319f73c19d894718c)
2018-12-01[patch] docker: Explicitly install python-futuresAlexandru Avadanii1-4/+5
For x86_64, the Saltstack bootstrapping scripts fetch a custom build of `python-tornado` DEB package, which being arch-specific won't be picked up on AArch64 (and a similar version from Ubuntu Xenial repos will be used instead). Although the Ubuntu package works just fine, it lacks a hard dependency on `python-futures`, which became mandatory in Salt 2017.7.8, see [1]. Explicitly install `python-futures` inside cfg01 Docker container during build, which will be a no-op on x86_64 and fix the issue on AArch64. [1] https://github.com/saltstack/salt/issues/50220 Change-Id: Ie4aad064572788c0852aaf398f21437b456becbe Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit cee4e0ca227509ea8386934a15f748b8077f4e18)
2018-11-29[docker] build: Allow cache invalidationAlexandru Avadanii5-24/+87
While at it, fix emoji issues with latest virtualenv [1]. JIRA: FUEL-398 [1] https://github.com/pypa/pipenv/issues/3223 Change-Id: Ice5937222bf75c1ddadc6b9f1994635bc10faf57 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit f03a33bc58135acc7e4420efaaf34c26a32d6142)
2018-11-28Merge "[cfg01] Honor idf.net_config.mgmt.ip-range" into stable/gambiaAlexandru Avadanii2-3/+2
2018-11-28Merge "[vcp] kvm: Re-apply sysctl settings after libvirt" into stable/gambiaAlexandru Avadanii1-1/+1
2018-11-27Merge "submodule: Bump salt-formula-maas" into stable/gambiaAlexandru Avadanii7-4/+50
2018-11-23[cfg01] Honor idf.net_config.mgmt.ip-rangeAlexandru Avadanii2-3/+2
Previously, cfg01 mgmt address did not consider the `ip-range` param, leading to a mismatching `cfg01` entry in /etc/hosts on cluster nodes. Change-Id: If6f605f4b2817c3751074bef60ebde298bc74b7d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 9521ac10cb9cd22e6e1ab7c04d8882318ce8ba35)