| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Hugepage count has been recently bumped for virtual PODs via IDF
changes in Pharos, so align our FDio scenarios with the new RAM
requirements.
While at it, fix wrong pod_config template evaluation by moving it
after the templated scenario files are expanded, since pod_config
relies on scenario node definition.
Also, configure VPP to use decimal interface names by default to
align with Pharos macro for the VPP interface name string.
Change-Id: Ib3a89c294a3a2755567fdbe07e3be2b8ca1a5714
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
The per port model potentially requires an increase in memory
resource requirements (which is limited by labs) to support the
same number of ports and configuration as the shared port model.
Set linux:network:openvswitch:per_port_memory explicitly to true
to enable per port mempools support for DPDK devices.
Change-Id: I130885afc50e7a047f8835113d370840827ad718
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
The per port memory model provides a more transparent memory usage model
and avoids pool exhaustion due to competing memory requirements for
interfaces. (http://docs.openvswitch.org/en/latest/topics/dpdk/memory/)
Change-Id: I5add0f49cdcdf2fc3d24affee10a275abe3ca46a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
After Rocky support was added upstream to salt-formula-neutron, our
FDIO patch continued to be applied only for Queens, so refresh the
patch by switching to Rocky.
Change-Id: If0bbb9c4ec674d386ceade00ef8fe936482fb49c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Also re-align resources for virtual scenarios.
Change-Id: Id0d55407fd5b1720a24e30c364219f8b08e89d06
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I7709c9ca9e701b656447154919eb084a710f49af
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Fix broken systemd service unit dependecies:
- OVS should start before networking service;
- OVS ports & bridges should not be automatically ifup-ed by
networking service to avoid races, so drop 'auto' for both
(OVS ports are automatically handled when part of an OVS bridge);
- explicitly ifup OVS bridges as part of networking service, but
after all Linux interfaces have been handled;
- use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another
race condition;
While at it, fix some other related issues:
- make OVS service start after DPDK service (if present);
- bump OVS-DPDK compute VMs RAM since since switching from MTU 1500
to jumbo frames for virtual PODs a while ago failed to do so [1];
- avoid creating conflicting reclass linux.network.interfaces entries
for OVS ports by using their name (drop 'ovs_port_' prefix):
* for untagged networks they will override existing common defs;
* for tagged networks, they will create separate entries;
- DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race
conditions after node reboot by letting OVS handle them;
[1] https://developers.redhat.com/blog/2018/03/16/\
ovs-dpdk-hugepage-memory/
Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
The ovs port remains in down state after reboot if "auto" is off.
Also turn off no_wait option for odl-noha scenarios.
Change-Id: I0121b3190869528e5f2e9985f9e9299ac6c6724e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I74c1c85310e2012e664764b6129fc4a52faaf106
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* patch is merged into oslo-templates
* rocky repo key name is made as for others
* jinja package is updated to fix incorrect quoted value
[https://github.com/saltstack/salt/issues/46594]
Change-Id: Ia6359cf89579b4d892ae40c4d087168edcd86ebb
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
MCP repos no longer publish arm64 metadata, so drop our patch that
selected arm64 metadata on arm64 systems.
Instead, let it default to 'deb [arch=amd64]', which will allow
arm64 systems to fetch amd64 metadata and inherintely fetch all
arch-independent packages from the same repos.
While at it, switch to 'rocky-armband' repos on arm64 systems.
Change-Id: I07fda895f5162bfa576c62336cbb4d74e985f37a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Handle noifupdown option for all cmd.run states
with explicit ifup call as well.
Change-Id: Ie855a0810bcfe4a856cf9d29bd0755643d71ff4d
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- cmp, gtw: bump RAM allocation to accomodate hugepages/VPP;
for now we overcommit, gtw01 resources can probably be lowered;
- submodule: add salt-formula-neutron so we can locally patch it;
- repo:
* FD.IO repos for VPP packages;
* networking-vpp PPA for python-networking-vpp Neutron driver;
- use vpp-router for L3, disable neutron-l3-agent;
- baremetal_init: apply repo config before network (otherwise UCA
repo is missing when trying to install DPDK on baremetal nodes);
- arm64: iommu.passthrough=1 is required on ThunderX for VPP on
newer kernels;
Design quirks:
- vpp service runs as 'neutron' user, which does not exist at the
time VPP is installed and initially started, hence the need to
restart it before starting the vpp-agent service;
- gtw01 node has DPDK, yet to configure it via IDF we use the
compute-specific OVS-targeted parameters like
`compute_ovs_dpdk_socket_mem`, which is a bit misleading;
- vpp-agent requires ml2_conf.ini on ALL compute AND network nodes
to parse per-node physnet-to-real interface names;
- vpp process is bound to core '1' (not parameterized via IDF);
Change-Id: I659f7dbebcab7b154e7b1fb829cd7159b4372ec8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On AArch64, 1G hugepages need to be enabled via kernel cmdline
before mounting hugetlbfs [1].
Leverage MaaS tags to apply custom kernel args to AArch64 nodes.
[1] https://wiki.debian.org/Hugepages
Change-Id: Ie68ddf805836ee62f725019b0b873082b1d40948
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
`make patches-export` trims trailing whitespace from patch file,
bring it back to prevent issues with `patches-import`.
Change-Id: Ie9fe31f4480164ce19d3ccd47c2050e28382410a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
This commit should be reverted once original formulas
get required support of rocky version.
Change-Id: Ia3458381bced0cae8dbfacc9781c90933ad5c822
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
JIRA: FUEL-364
Change-Id: Ia470fc8103713e7a06cd9647675b0edfb4342bf8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-336
Change-Id: I1c8d22b8322f700eb727d9077035ba4c9f9f9753
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
For x86_64, the Saltstack bootstrapping scripts fetch a custom build
of `python-tornado` DEB package, which being arch-specific won't be
picked up on AArch64 (and a similar version from Ubuntu Xenial repos
will be used instead).
Although the Ubuntu package works just fine, it lacks a hard
dependency on `python-futures`, which became mandatory in Salt
2017.7.8, see [1].
Explicitly install `python-futures` inside cfg01 Docker container
during build, which will be a no-op on x86_64 and fix the issue on
AArch64.
[1] https://github.com/saltstack/salt/issues/50220
Change-Id: Ie4aad064572788c0852aaf398f21437b456becbe
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
While at it, fix emoji issues with latest virtualenv [1].
JIRA: FUEL-398
[1] https://github.com/pypa/pipenv/issues/3223
Change-Id: Ice5937222bf75c1ddadc6b9f1994635bc10faf57
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
Workaround broken configuration default option in `reclass` [1].
[1] https://github.com/salt-formulas/reclass/issues/77
Change-Id: I8a6e1d9fcd20f32e2c9edff59f6b538dc94008fb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* bump salt-formula-maas git submodule;
* sync AArch64 initial salt config with the x86_64 default config;
* bump Pharos git submodule to sync `power_pass` MaaS configuration
paramater naming;
Change-Id: Ic59dd8becb6d83a9e67004c38d51681c88c4be7c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Also disable transparent hugepages on telemetry hosted nodes
to avoid latency and memory usage issues with Redis.
Change-Id: I3c7a0be6edbc51141f5d79d7368583afacef9025
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- s/Fuel@OPNFV/OPNFV Fuel/g;
- added README files for ci/scenarios/patches directories;
- refresh & simplify cluster overview diagrams;
- unify labels across docs;
- fix TOC numbering;
- remove local labs PDF/IDF files, as they are merely duplicates of
Pharos files included as a git submodule;
JIRA: FUEL-397
Change-Id: I87f61938eeb67f13fd9205d5226a30f02e55d267
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
By default castellan key manager gets public endpoint of barbican
service which isn't preferable in terms of cluster ops, so specify
internal endpoint explicitly.
Change-Id: Ie686ceb936132143743af18fcb4960ea15a8b93c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Idf8b4b42dcc68bc55debaac9a8b5f1ca6b5b398e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
IPv6 has been enabled back by commenting out the
cis-3-3-3 yaml/class source in linux service reclass.
Change-Id: Ia8f4e2ddbb98f9316e6ce5136badbb14ecb277c5
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Id75fbee34a6cfc6e7fc60df053cccaaff21cb15a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Id2f93d0274b102a5eef5271a6d15cb91428d7a0c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I9ef3a1dd570abf90b222609af350565d385326c8
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Workaround issues like [1]. Requires bumping formulas for
salt-formula-salt support of tcp_keepalive_* params.
[1] https://github.com/saltstack/salt/issues/38157
Change-Id: I7093437fb696809f73a24b10144c6321d0f1be32
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-392
Change-Id: Ia21840c7561a14a5eeed3d08bf89eb2dbf9acc3a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- bump formulas baseline during docker build;
- refresh patches;
Change-Id: I0a54863f57344c5f8897dc981f704c4d265c5522
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
In order to get tacker definitions and latest changes.
Change-Id: Ib5bf5034f140e708fb596dd4b622f0b2bdee8a59
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* ship prebuilt salt master conf for better readability:
- enable x509.sign_remote_certificate (for prx VCP nodes);
* refactor Salt master CA handling:
- preinstall `salt_minion_dependency_packages` and
`salt_minion_reclass_dependencies` inside docker image;
- persistent /etc/pki;
- run salt.minion on cfg01 to generate master keys;
* bump container formulas to 1 Sep 2018 versions or newer:
- inject date into Docker makefile, forcing a fresh fetch of all
salt formulas from upstream git repos;
* workaround broken salt-formula-designate's meta/sphinx.yml:
- the DEB package version of salt-formula-designate uses `cmd.shell`
to query dpkg on the minion, while the git repo version still
uses `cmd.run`, running into parsing issues;
- temporarily disable sphinx metadata generation for designate until
upstream git repo syncs with the DEB version;
* upstream: salt-formula-salt AArch64 salt.control.virt support:
- retire salt-formula-salt git submodule and related patches;
* skip installing reclass distro package (already installed via pip
inside the container);
* limit initial pillar_refresh call to nodes on jumphost;
* remove unused salt-formula-nova git submodule;
JIRA: FUEL-383
Change-Id: I883b825e556f887a5e31f8a43676dcd8ece6dfde
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* shift MTU from public bridge to physical interface
* add neutron related settings
Change-Id: Ia57d1ca7976968d6e7ee23f58a0abae1a1a256c0
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Salt relies on a limiting libvirt_domain j2 template to generate the
XML it passes to libvirt for salt.control managed virtual machines.
For AArch64, we need to set up 3 XML nodes in a non-default way:
1. UEFI firmware (AAVMF) should be enabled by passing a pflash loader;
2. CPU mode should be 'host-passthrough';
3. QEMU machine type should be 'virt';
To allow configuring the above using pillar data:
- virtng module: implement functionality similar to upstream changes:
* 219b84a512 virt module: Allow NVRAM unlinking on DOM undefine
in develop, not in 2018.2;
* 9cace9adb9 Add support to virt for libvirt loader
in develop, not in 2018.2;
- virtng module: extend it with:
* pass virt machine type to vm;
* pass cpu_mode to vm;
JIRA: ARMBAND-404
Change-Id: Ib2123e7170991b3dfbdb42bd1a2baa5a4360b200
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Since we reboot all nodes, applying the network configuration via
Salt before reboot is pointless and creates a race condition with
OVS.
While at it, add `--ignore-errors` to ifup call for OVS bridge to
prevent a race condition during linux.network state apply.
Change-Id: I22fe0afaffecd7b850a6b77d7b810ed296bfc9ca
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Salt bootstrap scripts are no longer used directly, so it is now safe
to retire the whole git submodule and its related patches.
JIRA: FUEL-383
Change-Id: I1fbdfe4fbd4930bfb3c999a3a68033d12565682b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* Refactor OPNFV salt-formulas mechanism to resemble upstream git
structure:
- git submodules: add new submodule for each formula we patch;
- create salt-formula-x directories for OPNFV formulas;
- move mcp/metadata/service contents to their each formula subdir;
- use `make patches-import` for patches previously handled by
patch.sh;
- retire patch.sh
* states: add virtual_init:
- mostly based on old salt.sh, which is now obsolete;
- exclude salt-master service restart (it would kill the container);
* scenarios: cleanup (rm cfg01 virtual node def), adopt virtual_init;
* reclass: align our model with prebuilt container's Salt config:
- drop linux:network pillar data (handled by Docker);
- stop applying linux.system state on cfg01;
- align salt user homedir;
- drop salt-formula packages (preprovisioned);
* minor plumbing in deploy.sh and lib.sh;
JIRA: FUEL-383
Change-Id: I28708a9b399d3f19012212c71966ebda9d6fc0ac
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-383
Change-Id: Ie4374d44993bd738b90e9b6e357014d0c5657da0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* changes:
[docker build] Install OpenSSH server
[submodule] Add docker-salt-formulas, ci/build.sh
[deploy.sh] Install Docker if not present
[jump req] Add build/deploy specific requirements
|
|
While at it, create the 'ubuntu' user with passwordless sudo
and preinstall salt-formula-gnocchi (missing git repo workaround),
as well as various useful packages (e.g. net-tools).
JIRA: FUEL-383
Change-Id: I5902c37110331acfd3fd4fccb92104de7b5ece6b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Armband has been carrying a few arch-enablement patches that are
required for the default reclass system classes to work as expected
on AArch64 systems.
Change-Id: I1f96c062eb3f9dcabb8513aadd1ea41be4fbc098
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- add new git submodule pointing to upstream docker build scripts;
- add patch extending Docker tags with an '-(arch)' suffix,
aligning with OPNFV tagging requiremnts;
- add <ci/build.sh> wrapper for starting Docker builds;
- install build-specific distro package requirements, as well as
pip-managed packages (e.g. pipenv);
JIRA: FUEL-383
Change-Id: Id4fc886206d7eaf7e6d02810380f2391609ba405
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I61ee8e19e783437dce7a9ddd666cd60e9d22a2e1
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
bootstrap-salt.sh now has arm64 support [1], so drop our obsoleted
workaround.
JIRA: ARMBAND-399
[1] https://github.com/saltstack/salt-bootstrap/pull/1251
Change-Id: I8b06520b2c41564ed2eda338e7633ce1637bb866
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Configure barbican for cinder-volumes and nova-compute
to use encrypted volumes
Disable default glance image signature verification with
barbican enabled
JIRA: FUNCTEST-981
Change-Id: I35660234526780a2277e459f3fa21a67d96ce7d7
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
|
Alexandru Avadanii
Michael Polenchuk
Delia Popescu