summaryrefslogtreecommitdiffstats
path: root/mcp/config/states/openstack_ha
AgeCommit message (Collapse)AuthorFilesLines
2019-04-30Patch dhcp agent to avoid unwanted reschedulingMichael Polenchuk1-0/+1
Change-Id: Id49f26a2615e2fc06e94eeaf2e9200e83625e6c9 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 7522bdb0e898144da2b6dc361dbdd549b39bc025)
2019-04-25[ha] Decouple openstack services by rolesMichael Polenchuk1-10/+18
Deploy the OpenStack API services based on roles to prevent issues with absent database tables since db_sync runs only on the nodes with primary role. Change-Id: I04cf3ce0dd59afd93b8a0dfcf060fbd7e7411c82 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 07d70f192a8d296ad9a94b992d6d6f41191e290b)
2019-03-19Revert "Fix race condition with nova privsep utime"Michael Polenchuk1-1/+0
This reverts commit ac56d7b14f46b05f497b3dca4b6a4b0bfedd83e2. The original patch has been merged (https://review.openstack.org/643011) Change-Id: I3a7cd825f371e375d36256143b4b8c91f90ee26e Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-03-14Smooth down telemetry servicesMichael Polenchuk1-1/+0
* update gnocchi to 4.3 * remove outdated ceilometer api Change-Id: I7adaf3ddc76d93531b6b0997b684672b80f2992f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-02-26Fix race condition with nova privsep utimeMichael Polenchuk1-0/+1
Bug: https://bugs.launchpad.net/nova/+bug/1809123 Change-Id: I14622c21826aeeddac6ea7bf7f9d116cd3e68cfb Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-02-22Install missing gnocchi dependenciesMichael Polenchuk1-0/+1
Change-Id: Ifc4fff90551344c69295990b220f0778967887a4 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-01-09[state] Fold aarch64 conditionsAlexandru Avadanii1-5/+1
The armband formula already has checks in place to run only on nodes with the expected arch, so remove the duplicate condition in state files. Change-Id: I05b26368a2d97422830a692e09242bc50e4eb1db Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-25Remove rabbitmq hostname optionMichael Polenchuk1-2/+1
The BindToDevice=lo option has been removed from epmd.socket: https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/1808766 Change-Id: Ib92eaf5efababd37963745bdb8e3ad9354045449 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-12-24[ha] Fix pillar data targeting msg nodesAlexandru Avadanii1-1/+1
Change-Id: If4f4eb08c54ba8265ac178f215384d8a749d1b8b Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-21Pull out rocky patchesMichael Polenchuk1-0/+1
This commit should be reverted once original formulas get required support of rocky version. Change-Id: Ia3458381bced0cae8dbfacc9781c90933ad5c822 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-12-19Update OpenStack version to RockyMichael Polenchuk1-3/+2
Change-Id: I88f28370180278c4b32599b83eebbb0ee005c936 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-12-07[ha] barbican, nova targeting: use server:roleAlexandru Avadanii1-3/+4
Instead of matching the hostname to determine the primary barbican node, rely on pillar data. While at it, apply the same logic to nova:controller states. Change-Id: Ia4ac391927a8b4b223febff106b400e84d264f7a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-07[ha] fix barbican server install errorGuillermo Herrero1-1/+2
Ensure installation happens first on node 1 first, run as batch on the rest after. Change-Id: I1ac3f516c35c4941b343e88d47c78b19d13d7b90 Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
2018-09-13[ha] Get OVS 2.9 & DPDK 17.11 from UCA repoMichael Polenchuk1-4/+0
* to be compatible with HWE kernel * make neutron balancing to RR back * turn off glance v1 api support (doesn't relevant for now) Change-Id: I916aae10f523be339c20de32218ce03c245afe72 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-29[salt-formulas] Add & enable armband formulaGuillermo Herrero1-1/+5
AArch64 specific formula, mostly tweaking nova conf / installing virtualization layer prerequisites: - install qemu-efi; - install vgabios; - fix missing link for vgabios binary blob; - nova conf: cpu_model=cortex-a57 (only for virtual deploys); - nova conf: virt_type=qemu (only for virtual deploys); - nova compute conf: virt_type=qemu (only for virtual deploys); - nova conf: pointer_model=ps2mouse since AArch64 has no USB tablet; [1] https://github.com/openstack/nova/commit/f0f0953 Change-Id: I40515bdbd941850b103a86d51b347cc8610f5741 Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com> Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com> Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-15Turn off default apache portsMichael Polenchuk1-1/+1
Change-Id: I0377615ff19e39aca74b90d2ff7e7b2cd5cd6ccb Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-09[ha] Fix openstack_ha ovn setupGuillermo Herrero1-1/+2
Fix targeting for neutron.compute sls for ovn computes, avoiding interaction with ovs dpdk scenarios. JIRA: FUEL-329 Change-Id: Iffb07f6f0d4dc8071437adf59d4cd6982113b998 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
2018-08-03[states] openstack_ha: Retry rabbitmq stateAlexandru Avadanii1-1/+1
For hybrid deployments, the first run of rabbitmq:server sls might lead to 'no response' and a retry of the whole `openstack_ha` state. JIRA: FUEL-338 Change-Id: I7ec663f9babc8c55d2c8a2b31a6e674452f04166 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-02[ha] Add OVN scenarioGuillermo Herrero1-0/+3
JIRA: FUEL-329 Change-Id: I46c7dbc791441c6b069a0d56373ff98a32a57e60 Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
2018-07-24Bring in Barbican service onboardMichael Polenchuk1-0/+3
Change-Id: I68759360c9dd8f8cf422161e21ed15df6c694e84 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-05-23[Horizon] Drop the obsolete Horizon workaroundting wu1-12/+0
Since we switch the Horizon package from Ubuntu/UCA repo to MCP repos, we can drop the obsolete Horizon workaround. JIRA: FUEL-374 Change-Id: I0b77a4f2158a972a5eb400919f2929c7bd8360cf Signed-off-by: ting wu <ting.wu@enea.com>
2018-05-21[ha] Bring in gnocchi/panko servicesMichael Polenchuk1-5/+4
JIRA: FUEL-372 Change-Id: I9083898f0179649d855750d48f3f9bc79caba50c Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-04-26Run galera state on slave nodes one by oneMichael Polenchuk1-1/+1
Apply galera state in consecutive order to avoid a race condition with database initialization. Change-Id: I877bad38777d8469c03cee3b7e96acc875a3a72a Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-04-25[states] Catch more transient 'no response' respAlexandru Avadanii1-7/+7
Change-Id: Ie8e60a648fa28e59daa6e00f357df52b5821e833 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-18[Horizon] Fix 'mcp' version check patternAlexandru Avadanii1-1/+1
Previous commit used a pattern that is too generic and always matches the substring 'mcp' vs the node hostname, not only pkg version. Fixes: 4658acf Change-Id: Ia4dcbbf7cdfa68574c86459217101d83d61add01 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-07Switch off broken sphinx stateMichael Polenchuk1-1/+1
Deactivate documentation related optional state until it get fixed in upstream. Change-Id: I5242ed307548c4f37f81d271a1f4f6bee9903f4e Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-02-06[HA] Use cluster_public_host for SSL cert fetchAlexandru Avadanii1-5/+7
For VCP-enabled scenarios, `cluster_public_host` and `cluster_vip_address` both point to the public VIP of the cluster. However, for upcoming NOVCP scenarios, `cluster_vip_address` resides inside the management segment, so use `cluster_public_host` instead. JIRA: FUEL-310 Change-Id: I13ef482e2c3116c991dfe91be81d0964f140f8e9 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-02-06[Horizon] Limit css fixup to Ubuntu packageAlexandru Avadanii1-9/+11
Horizon package from Mirantis mcp-repos does not require the fixup, so limit its application to non-mcp packages. Required for upcoming NOVCP scenarios, where we also have mcp-repos APT source on the proxy nodes. JIRA: FUEL-324 JIRA: FUEL-310 Change-Id: I4399af803c0a17e0aa8f3d7a7330e501a5eedf55 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-01-23Horizon: Fix and reload missing css in Piketing wu1-0/+10
The horizon in Pike release is broken due to missing the static content. This workaround is to: - create a missing symbolic link. The link is defined as an alias in the apache configuraion - collecting and compressing static assets - add single "Default" theme as AVAILABLE_THEMES - restart apache2 service - apply the workaround to Salt states 'openstack_ha' and 'openstack_noha' JIRA: FUEL-324 Change-Id: Idd70165f1be8d31967a3ab518323e6f3e8406624 Signed-off-by: ting wu <ting.wu@enea.com>
2018-01-15Setup mongodb master primarilyMichael Polenchuk1-3/+3
Initiate mongodb master at first to avoid race conditaion with unwanted master election which causes cluster setup failure. Change-Id: I6d2f75f3f002849cac3a5f52a7dcfb4646b7822a Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-01-12Retry cinder volume stateMichael Polenchuk1-1/+1
The service of cinder-volume restarts too quickly after package installation with default/incorrect configuration and goes over restart threshold, so systemd stops attempt to restart any further causing state faulure. To fix it properly the RestartSec (i.e. restart delay) param should be added into cinder-volume.service unit. Change-Id: Ic8591e8ef52a3d439122f276d275e56bd2442ce6 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-12-11[baremetal] Fixup pike deploymentMichael Polenchuk1-4/+4
* up glusterfs.client state before actual volume usage * handle keystone server state * specify suitable nova packages list for uca repo (consoleproxy vs novncproxy) * upgrade vcp nodes to get proper cryptography library for keystone * align service names for libvirt & glusterfs Change-Id: Iaeb7d147e6d407bbeaec2d40fd81037c939c3fe0 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-11-27Merge "[baremetal] Retry cinder.controller on failure"Michael Polenchuk1-1/+1
2017-11-26[baremetal] Retry cinder.controller on failureAlexandru Avadanii1-1/+1
Occasionally, cinderng.volume_type_present errors with: ClientException: Service Unavailable (HTTP 503) Instead of retrying the whole state file, use `wait_for` macro to retry only this high state up to 5 times. Change-Id: Ib9ef017aca737e53c853007c13107d56d856c016 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-24Revert "Apply apache state on proxy nodes"Alexandru Avadanii1-1/+0
Upstream fixed the salt-formula-horizon in commit 95387ec, by defining 8078 (and only that) port in Apache's ports.conf. This fixes the port 80 overlap, so running the `apache` high state after the `horizon` high state not only is unnecessary now, but also would lead to new breakage, since `apache` state would overwrite the ports.conf (removing 8078 and adding 80), i.e. creating a new port conflict and breaking Horizon port completely. This reverts commit eb4645206d6d74992fca3b8726ee2eebca97205f. Conflicts: mcp/config/states/openstack_ha mcp/reclass/classes/cluster/baremetal-mcp-ocata-common/openstack_proxy.yml Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> Change-Id: Iea8f0bd90ee8d12f399aad16247dda274d6a907a
2017-11-16Merge "[baremetal] Retry keystone.client state on failure"Alexandru Avadanii1-1/+1
2017-11-15[baremetal] Retry keystone.client state on failureAlexandru Avadanii1-1/+1
JIRA: FUEL-306 Change-Id: I648545890c1f7dc59176beac1a0593aed54079cb Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2017-11-13[baremetal] SaltStack Deployment DocumentationAlexandru Avadanii1-1/+1
Generate documentation automatically using `reclass-doc`. nginx is already configured to serve said documentation on proxy's public VIP on port 8090. Change-Id: If2aef646a0ec44d5cc7e9d425e565e5c0aa581b3 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-10Apply apache state on proxy nodesMichael Polenchuk1-0/+1
Apache module will take care of ports.conf file to prevent bind socket conflict between apache & nginx services. Change-Id: Ia76ec356002e1db0dabd20d8f355a1b16fc07b30 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-11-03Enable glance v1 api for orchestra testsMichael Polenchuk1-0/+4
Change-Id: Ia896c3f9fcd96dd498eef6d1f83d46e29df0cd6b Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-10-26Run aodh state one by oneMichael Polenchuk1-1/+1
Apply aodh state in consecutive order to avoid a race condition with database synchronization. Change-Id: I4684fbeaaba2c9780084e0a64fe6453bccfb67e0 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-10-21Catch expected failuresMichael Polenchuk1-1/+1
* neutron on computes (dpdk case: void state) * mongodb server (incomplete initialization) Change-Id: I3dd3266b5c2d1b155981f725e15742cd38ed899d Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-10-16Return back glusterfs client stateMichael Polenchuk1-1/+1
In order to set properly keystone fernet keys, apply glusterfs client state before second keystone server state. Also leave out user/group settings for glusterfs volume of nova instances as it will be set later by nova compute packages themselves. Change-Id: I069e37c67f08c51ed29f45cf6f92d4a00a1ac97b Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-10-15states: Break on error, retry states up to 5 timesAlexandru Avadanii1-2/+4
While applying scenario states, break on error, and retry failed state up to 5 times. Apply the same behavior for `salt.sh`. Add new deploy parameter, '-D', backed up by 'CI_DEBUG' env var, which gates deploy sh scripts logging (set -x). Also extend '-f' deploy parameter, allowing it to be specified more than once; the first occurence will skip infra VM creation, but still sync reclass & other config from local repo, while a second occurence will also disable config sync. To prevent glusterfs client state from failing due to non-existent nova user/group, move it after nova:compute's nova state is applied. Change-Id: I234e126e16be0e133d878957bd88fed946955de8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-14Add license headers where missingAlexandru Avadanii1-2/+8
While at it, compact 'set' into bash shebang where possible and add `make patches-copyright` target to simplify adding patch license headers. Change-Id: I0c841de72e5709e5eef915a52c5ec4a7fc0f7c37 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-14Drop infinite loops in favor of finite wait_forAlexandru Avadanii1-1/+4
While at it, fix some shellcheck warnings, and s/fgrep/grep -F/g. Change-Id: I093b7b4c196731b1ecc0c27a4111955b2e412762 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-14states: Split virtual_control_plane from maasAlexandru Avadanii1-2/+2
We should eventually also support baremetal deploys without a virtualized control plane (VCP), so decouple MaaS provisioning from VCP provisioning. While at it, move "wait_for" bash function from maas state to common library file, lib.sh. Change-Id: I32c33135655cb6aceae901a5f92b51265a8c84b4 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-13[baremetal] Setup glusterfs for nova instancesMichael Polenchuk1-1/+1
Live-migration feature requires shared storage on compute nodes, so configure glusterfs volume for nova instances. Change-Id: Id6b9b5aad89f5b4aefbef71e4ba7247a441873b0 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-09-10os_cacert: Parametrize VIP used in path by cp.pushAlexandru Avadanii1-1/+4
JIRA: FUEL-274 Change-Id: Ia77948ba3e99c47aa86fcca20c67d80e2e761208 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-06Initialize mongodb clusterMichael Polenchuk1-1/+5
* wait for mongodb service ready state * run rs.initiate() to start a replication set Change-Id: Ia9d2357d2ce0e9ba92a6be3d8b6c068efaa10822 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>