| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- bump Pharos git submodule for j2 'do' extension + batch mode;
- adopt j2 'do' in our templates;
- use int filter for 'native' vlan check;
- lib.sh: adopt `-i` to remove `ln` hack for net_map.j2;
- lib.sh: adopt `-b` to speedup template parsing;
NOTE: Bumping Pharos will also bring in the latest changes in
pod_config.yml.j2, which include massive IP shifts and updates.
JIRA: FUEL-335
Change-Id: I7d3a997b3d8659d5f09f867870fb3a148c1ec6df
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- node-specific parameters (nova pinning, hugepages, dpdk) should be
configurable via IDF, on a per-node basis;
- keep default settings for lf-pod2, with and without DPDK,
override them for virtual deploys via local-virtual1 IDF;
- leave neutron_tenant_* vars hardcoded for now, as they are required
on both ctl and cmp nodes - this way we'll deal stricly with
cmp params, so we can nicely pass them via config.yml to reclass
per-node (and not per-role), allowing mixed computes later;
- add compute params for ovs/odl-noha, preparing them for
deployment on baremetal later.
JIRA: ARMBAND-343
Change-Id: I89a58b9565679ab3882d85f07ae817690ae85c67
Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
|
|
- fix `route-br-ex` if-up.d script failing when route already exists
by adding a wrapper around distro's '/sbin/route' binary in
'/usr/local/sbin/route', exploiting default order in Ubuntu PATH;
- fix 'br-prv' duplicate entry in 'interfaces.d/ifcfg-br-prv' and
'interfaces' caused by upstream bug [1];
- add barrier waiting for all baremetal nodes online before attempting
reboot, trying to catch rare failures which are undetectable in logs
as both a succesful reboot and a disconneted minion report 'n/c';
With the above in place, networking service should no longer fail
to start on cmp nodes w/ DPDK.
[1] https://github.com/saltstack/salt/issues/40262
Change-Id: I6d4895376ce323c14c997e6c9af2ea3eeeee0184
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Virtual compute nodes goes to kernel panic during nova instances ops
under hwe kernel, so use the default one from xenial image.
Change-Id: Iae100b68208cc1fb9e43e45f385e762cdbd6573a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Previous commit used a pattern that is too generic and always matches
the substring 'mcp' vs the node hostname, not only pkg version.
Fixes: 4658acf
Change-Id: Ia4dcbbf7cdfa68574c86459217101d83d61add01
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On cmp nodes, allocate only 30GB (fixed for now) for / partition.
The rest of the disk(s) can later be allocated via salt-formula-linux.
JIRA: FUEL-330
Change-Id: Ie11c78791e60801719cd33475ff91fc003df5ffa
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Some nodes fail automatic testing done by MaaS during commissioning,
although running the testing suites one more time manually works.
For now, just override all 'failed testing' nodes unconditionally.
JIRA: FUEL-333
Change-Id: I13d3ee3d82550524480aa53aa8752ab90aa940cd
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Set nova/libvirt disk cache modes to file directsync to bypass the
host page cache & prevent instance's kernel panic due to absent
/dev partition. Caching mode directsync effectively turns all guest
I/O operations into direct I/O operations on the host, which is the
NFS client (virtuals) or GlusterFS (baremetals).
Also return back to hwe kernel as a golden mean between GA & Edge ones.
Change-Id: I51ab7d0ee71c214ff16b756cfee16e918738b6fd
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Fixes: 86c8109
Change-Id: I0a947bd7db5dd7cb830cc932f5a0d16831551923
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
In order to avoid using cache data with initial/outdated
configuration, mask opendaylight service before package
installation.
JIRA: FUEL-344
Change-Id: I71eb0b0a5af93d6d21698e76587b32098aba96b4
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Previous commit replacing explicit loops with `wait_for` failed to
properly escape a nested variable, leading to deploy failure.
Also, the logic was flawed, not breaking for offline nodes, rendering
the whole barrier check useless.
Fixes: 1a0e8e7e
Change-Id: I038dbf90fb53c6b61da2e5c9b6867e31d78867af
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
|
|
|
|
|
|
Deactivate documentation related optional state
until it get fixed in upstream.
Change-Id: I5242ed307548c4f37f81d271a1f4f6bee9903f4e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
JIRA: FUEL-322
Change-Id: I99c4b1774a7c3afbc834a6f6e8468f7baf1bc329
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Instead of classifying scenarios by underlying machine type, switch
to HA/NOHA differentiantion only.
This allows us to add support for hybrid scenarios (with some virtual
and some baremetal nodes in the same cluster).
To facilitate this, we will template the scenario files, which is a
small step towards SDF (Scenario Descriptor File) definition and
adoption later.
JIRA: FUEL-338
Change-Id: If5787991869a3105d82c27ffa0a86ac79b4b08ba
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I7b583c354843f0116a65b3a31f3be4589087b8a5
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Add a new class of scenarios, based on existing baremetal HA
scenarios, but instead of having a virtualized control plane (VCP),
all Openstack controller services will run directly on the cluster
nodes.
This change adds the common scaffolding, as well as the OVS scenario.
The new scenario(s) can be used on full-baremetal clusters, soon on
full-virtual clusters and later on hybrid (virt + bare) clusters.
This change defines old (current) style scenario definitions for
both baremetal and virtual, both named:
- os-nosdn-nofeature-novcp-ha;
Prerequisites:
1. Merge-able by name reclass.storage.node definitions
Each cluster (e.g. database, telemetry) adds its own set of
reclass storage node defitions, which for novcp scenarios should
be merged into a single node (kvm) based on the 'name' property.
This is not currently supported by upstream reclass 'node.sls'
high state, so add support for it via an early patch (required
before salt-master-init.sh tries to handle reclass.storage).
2. common reclass classes for novcp
Some of the classes in `baremetal-...-common-ha` are not fit for
novcp as they define VCP-specific config/inheritance, so add new
versions of said classes with novcp in mind or adapt old classes:
- parameterize ctl hostname in `openstack_compute.yml`;
- new `openstack_control_novcp.yml`;
- new `openstack_init_novcp.yml`;
3. Handle hard set names in state files for baremetal nodes
Some of our state files (e.g. maas) hardcodes baremetal node names
to 'kvm', 'cmp', so we need to align the names in novcp scenario
with these values to re-use the maas state. As a future improvement
we should parameterize these names in all state files.
As a consequence, our baremetal controller nodes will also use
'kvm*' hostnames (instead of 'ctl*').
4. Add 'noifupdown' to all interfaces on kvm nodes to prevent duplicate
IPs/routes created at *any* ifup due to /etc/network/route-br-ex.
Patch salt-formula-linux to skip network restart on 'noifupdown',
also when routes are present on that interface.
JIRA: FUEL-310
Change-Id: Ic67778f63e5ee0334dbfe9547c7109ec1a938d61
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
For VCP-enabled scenarios, `cluster_public_host` and
`cluster_vip_address` both point to the public VIP of the cluster.
However, for upcoming NOVCP scenarios, `cluster_vip_address` resides
inside the management segment, so use `cluster_public_host` instead.
JIRA: FUEL-310
Change-Id: I13ef482e2c3116c991dfe91be81d0964f140f8e9
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Horizon package from Mirantis mcp-repos does not require the fixup,
so limit its application to non-mcp packages.
Required for upcoming NOVCP scenarios, where we also have mcp-repos
APT source on the proxy nodes.
JIRA: FUEL-324
JIRA: FUEL-310
Change-Id: I4399af803c0a17e0aa8f3d7a7330e501a5eedf55
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
A few things differ between baremetal and virtual nodes:
- provisioning method;
- network setup;
Since now we support completely dynamic network config based on PDF +
IDF, as well as dynamic provisioning of VMs on jumpserver (as virtual
cluster nodes), respectively MaaS-driven baremetal provisioning, let's
drop the 'baremetal-' prefix from cluster model names and prepare for
unified scenarios.
Note that some limitations still apply, e.g. virtual nodes are spawned
only on jumpserver (localhost) for now.
JIRA: FUEL-310
Change-Id: If20077ac37c6f15961468abc58db7e16f2c29260
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- apply `linux` state on cfg01 first, so PXE/admin IP is added and
FN VM minions are available;
- add barrier and wait for all FN VMs to register with cfg01;
- use batch-mode execution while applying `linux.network` on FN VMs;
- retry all states executed via <salt.sh> on FN VMs;
JIRA: FUEL-310
Change-Id: I72e1c565370072500df1d486fe76e6315f583c75
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-322
Change-Id: I1482badbbbf66b4855faf6daf486520fc71e09b0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Sync latest changes from pharos git repo for our sample PDF/IDF:
- move net_config from PDF to IDF;
- minor cleanup;
JIRA: FUEL-322
Change-Id: If6865ac61a4942a1dd5daf7081fd8faa67e0e7bf
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Based on Canonical research (https://goo.gl/QJykMa) there is
low-risk of attack for private clouds environments, therefore
turn off the related kernel patches & regain performance back.
Change-Id: I661fa127241e327b07d21a29d58d584997607123
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
On rare occassions, one or more minions might fail to respond in due
time, so catch 'no reponse' using `wait_for`.
Change-Id: I8e6b0dc44a39e79c2874ff9a657e152620ba3f13
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* switch ovs/dpdk scenario from vlan to vxlan mode
* force br-ex interface to mitigate race with incorrect state
* remove dpdk packages list (already in upstream)
Change-Id: Ib827cef2d67879fd2a86d286ca2118b22493274d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
|
|
The horizon in Pike release is broken due to missing
the static content. This workaround is to:
- create a missing symbolic link.
The link is defined as an alias in the apache configuraion
- collecting and compressing static assets
- add single "Default" theme as AVAILABLE_THEMES
- restart apache2 service
- apply the workaround to Salt states
'openstack_ha' and 'openstack_noha'
JIRA: FUEL-324
Change-Id: Idd70165f1be8d31967a3ab518323e6f3e8406624
Signed-off-by: ting wu <ting.wu@enea.com>
|
|
- Remove hardcoded /24 mask
- Use PDF as source for public network, with reclass params:
opnfv_net_public, _mask, _gw, _pool_start, _pool_end
JIRA: FUEL-315
Change-Id: Idf3a4ed8f63f58fa90d9c1dcb7751ef3b1c9bd36
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
|
|
Instead of defining a http proxy for all salt-minion traffic, which
also includes some Openstack API accesses we can't filter (no_proxy
is not yet supported), add & leverage support for proxy configuration
during APT keyserver access / key download.
JIRA: FUEL-331
Change-Id: I9470807633596c610cfafb141b139ddda2ff096b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- openvswitch 2.8 officially supports kernel versions from 3.10 to 4.12
- ODL baremetal scenario is acting up with floating/public SNAT
flow under hwe edge kernel 4.13
Change-Id: I099d528b3b1c2ea34f8f856cd60f809f90defea6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Initiate mongodb master at first to avoid race conditaion with
unwanted master election which causes cluster setup failure.
Change-Id: I6d2f75f3f002849cac3a5f52a7dcfb4646b7822a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
The service of cinder-volume restarts too quickly after package
installation with default/incorrect configuration and goes over restart
threshold, so systemd stops attempt to restart any further causing
state faulure. To fix it properly the RestartSec (i.e. restart delay)
param should be added into cinder-volume.service unit.
Change-Id: Ic8591e8ef52a3d439122f276d275e56bd2442ce6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Prevent dhcp client from setting an unwanted
default routes on compute nodes.
Change-Id: I2529491bbc977647e5f457d5f1ba88b0cc4372ee
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
wait_for function should be able to also check for minions that did
not return or not respond, in addition to the return code.
To keep it backwards compatible, condition the new check on the max
attempt number being specified in decimal format (e.g. '10.0' unlike
old '10').
Change-Id: If2512cf9121cdd795638efe7362ef0485d4e8d91
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Since Mirantis prebuilt image comes with salt-minion 2016.3 instead
of 2016.11 and upgrading it leads to a hard to break catch-22, use
the Ubuntu cloud archive image we already download for FN VMs and
pre-install:
- a newer kernel (hwe-edge);
- salt-minion (2016.11);
This also implicitly aligns the image handling on AArch64 and x86_64.
Change-Id: I86d1c777449d37bdd0348936a598e3ffe9d265af
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Isolate networks by retiring NAT on mas01; also cutting direct
internet access from cluster nodes that are not facing the public
network (prx, cmp).
NOTE: Since we are removing mas01 NAT, VCP VMs (except prx which have
public IPs) and kvm nodes (cmp also have public IPs) will no longer
have direct internet connectivity.
Cluster deployment and operations will work without it, but if it is
required for different reasons, the MaaS proxy could be enabled by
uncommenting the /etc/enviroment section in:
- cluster.baremetal-mcp-pike-common-ha.include.proxy.yml
JIRA: FUEL-317
Change-Id: I5ed8b420296b27df34a54ec1ebd7b7cf58041425
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Instead of using NAT on the mas01 node for all cluster node outgoing
traffic, use the MaaS built-in proxy for APT traffic to leverage its
caching capabilities too.
Also enable the proxy for salt minions, so they can access public
keyservers et al.
Cleanup public DNS from kvm nodes, interferes with MaaS proxy.
Add example config for global env proxy, but don't enable it:
- default environment settings - /etc/environment (via reclass);
The MaaS proxy will not be used (at least for now) on nodes:
- cfg01;
- mas01;
NOTE: We can't yet drop the maas.pxe_nat state completely, as certain
Openstack services are still accessed via public addresses from ctl
nodes.
JIRA: FUEL-317
JIRA: FUEL-318
Change-Id: I6c5f6872bb94afb838580571080e808bc262fc68
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: Ib9021ee3ca15c05cc137ae42c263383acb4393bd
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* rename openstack state name with noha suffix
* increase vcpus for compute nodes
Change-Id: I03386c4c1c92d329d847aa506589823e57644ef4
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Salt minion could return 'no response' and cause an
unconfigured state of the vcp node(s), so catch this output after linux
state as well. Also clean up excess route on proxy nodes.
Change-Id: I3183fa09ff41a8f027ee789869bdae0c3962ab8f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
OVN based scenario doesn't require conventional gateway
node since connectivity to external networks and routing
occurs on compute nodes.
Change-Id: I81e0d497170d5ffb067adf13b0e46290525f26a6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I9dbb51ce2387450e4ae19f8b3444f5e52cfdc71d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
The proper patches have been merged into upstream (nova/neutron
formulas, system reclass) to use a separate dir for vhost_user sockets.
Change-Id: Iba8d8a9a05c5ab681b5b5ffbea786dca92704c82
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
`maas_fixup` is already re-entrant, so we can execute it more than
once during a commissioning/deploy cycle. Reduce the timeout waiting
for all nodes to reach a stable state, so nodes stuck in 'Ready'
state instead of reaching 'Deploying' get dealt with sooner (~5 min
vs old 30 min).
While at it, let `maas_fixup` handle machine deploy as well, so we
can catch nodes stuck in 'Ready' state and re-trigger the deploy.
Change-Id: Id24cc97b17489835c5846288639a9a6032bd320a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
Alexandru Avadanii
Cristina Pauna
Michael Polenchuk
Delia Popescu
ting wu
Guillermo Herrero