Age | Commit message (Collapse) | Author | Files | Lines |
|
- bump Pharos git submodule to allow PODs with fewer nodes;
- add `k8-calico-iec-noha` scenario definition for Akraino
IEC basic configuration;
- add `k8-calico-iec-vcp-noha` scenario definition for Akraino
IEC nested (virtualized control plane) configuration;
- add `akraino_iec` state, which will leverage the Akraino IEC
bootstrap scripts from [1];
- replace system.reboot salt call with cmd.run 'reboot' as it's more
reliable;
- use kernel 4.15 for AArch64 K8 IEC scenarios;
NOTE: These scenarios will not be released in OPNFV since don't rely
on Salt formulas but instead of Akraino IEC scripts to install K8s.
[1] https://gerrit.akraino.org/r/#/q/project:iec
Change-Id: I4e538e0563d724cd3fd5c4d462ddc22d0c739402
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* add opendaylight password (removed from system level)
* get updated ovn system class w/o mysql settings
* enable ceilometer user back (removed along with outdated service/endpoints)
* adjsut check interval of haproxy for noha scenarios since there is
only one backend for services, i.e. failover ain't expected
Change-Id: Iedee290e1cfcf838998bd44dc09a729d143974ac
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Previously, Salt Master CA mine was only sent once, during
salt.minion.ca state execution at cfg01 bringup / bootstrap.
This causes possible issues with:
- Salt Master container restart (mine data is lost);
- UNH Lab deployment (uknown rootcause, might be related to XFS and
overlay2 being used with Docker on CentOS);
To bypass this issue, make x509.get_pem_entries module send mine data
at the default mine interval (60 minutes).
Change-Id: I5f6334ae18f5af6cbe0a164791603b67f0a3668f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- replace mas01 VM with a Docker container;
- drop `mcpcontrol` virsh-managed network, including special handling
previously required for it across all scripts;
- drop infrastructure VMs handling from scripts, the only VMs we still
handle are cluster VMs for virtual and/or hybrid deployments;
- drop SSH server from mas01;
- stop running linux state on mas01, as all prerequisites are properly
handled durin Docker build or via entrypoint.sh - for completeness,
we still keep pillar data in sync with the actual contents of mas01
configuration, so running the state manually would still work;
- make port 5240 available on the jumpserver for MaaS dashboard access;
- docs: update diagrams and text to reflect the new changes;
Change-Id: I6d9424995e9a90c530fd7577edf401d552bab929
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- cmp, gtw: bump RAM allocation to accomodate hugepages/VPP;
for now we overcommit, gtw01 resources can probably be lowered;
- submodule: add salt-formula-neutron so we can locally patch it;
- repo:
* FD.IO repos for VPP packages;
* networking-vpp PPA for python-networking-vpp Neutron driver;
- use vpp-router for L3, disable neutron-l3-agent;
- baremetal_init: apply repo config before network (otherwise UCA
repo is missing when trying to install DPDK on baremetal nodes);
- arm64: iommu.passthrough=1 is required on ThunderX for VPP on
newer kernels;
Design quirks:
- vpp service runs as 'neutron' user, which does not exist at the
time VPP is installed and initially started, hence the need to
restart it before starting the vpp-agent service;
- gtw01 node has DPDK, yet to configure it via IDF we use the
compute-specific OVS-targeted parameters like
`compute_ovs_dpdk_socket_mem`, which is a bit misleading;
- vpp-agent requires ml2_conf.ini on ALL compute AND network nodes
to parse per-node physnet-to-real interface names;
- vpp process is bound to core '1' (not parameterized via IDF);
Change-Id: I659f7dbebcab7b154e7b1fb829cd7159b4372ec8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On AArch64, 1G hugepages need to be enabled via kernel cmdline
before mounting hugetlbfs [1].
Leverage MaaS tags to apply custom kernel args to AArch64 nodes.
[1] https://wiki.debian.org/Hugepages
Change-Id: Ie68ddf805836ee62f725019b0b873082b1d40948
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Factor out armband repository component name based on
openstack_version parameter. However, since 'rocky-armband' repo
is not available yet, reuse the 'queens-armband' on.
Change-Id: Ibd17808059542ace14724776f8686fc2afd9de6a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Sync our reclass pillar data for mas01's iptables with latest formula
changes [1].
[1] https://github.com/salt-formulas/salt-formula-iptables/commit/e353ce3c
Change-Id: I66b2a75066ed512ab5ab4cc213d13d15c5c8cc7f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-364
Change-Id: Ia470fc8103713e7a06cd9647675b0edfb4342bf8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-336
Change-Id: I1c8d22b8322f700eb727d9077035ba4c9f9f9753
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
intel-pod18 has different network interfaces on its compute nodes,
requiring support for per-node PXE/admin NIC name override, instead
of assumming all computes use the same NIC naming.
Change-Id: I2b2e5ec6745601576ead898370241b743c963e3d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
IPv6 has been enabled back by commenting out the
cis-3-3-3 yaml/class source in linux service reclass.
Change-Id: Ia8f4e2ddbb98f9316e6ce5136badbb14ecb277c5
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Some nodes did not rely on the _param:pxe_admin_address internal
reclass param, although all of them do have an IP address in the
PXE/admin network segment.
Ensure all nodes define this param, so we can query all nodes with:
$ salt '*' pillar.item _param:pxe_admin_address
JIRA: FUEL-394
Change-Id: I7575934752c8b459c52af8a8c98c2b0327756428
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-378
Change-Id: I00832d697d83c374628fa9d759c125e0b6ca64cf
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
|
|
JIRA: FUEL-392
Change-Id: Ia21840c7561a14a5eeed3d08bf89eb2dbf9acc3a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Upstream reclass.system introduced a regression for us in [1].
[1] https://github.com/Mirantis/reclass-system-salt-model/commit/99490e7d
Change-Id: I5cedcbb5c528a8bf59b4f917b422ed433d2ceea3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Include class disabling IPv6 first, so our override is last.
Change-Id: I91f8cb48ab2eaef54eb98705fc97ab9910c3666f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
IPv6 has been disabled recently by default to reduce the attack
surface of the system, however MaaS rackd service relies on other
libraries that require an INET6 socket by design.
Change-Id: I6c633e9790e75d53437f400790d0e528f0a792b3
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I55a3c10f275079b11b7456b28a2c846cb33c204a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Drop duplicate maas:machines definitions which could cause conflicts
in rare corner cases.
Slightly refactor j2 template expansion to make `conf.virtual.nodes`
available during first stage.
Change-Id: I04d56e346b12c6eb97da5c0c0ab1e3446e5fc1b8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* Refactor OPNFV salt-formulas mechanism to resemble upstream git
structure:
- git submodules: add new submodule for each formula we patch;
- create salt-formula-x directories for OPNFV formulas;
- move mcp/metadata/service contents to their each formula subdir;
- use `make patches-import` for patches previously handled by
patch.sh;
- retire patch.sh
* states: add virtual_init:
- mostly based on old salt.sh, which is now obsolete;
- exclude salt-master service restart (it would kill the container);
* scenarios: cleanup (rm cfg01 virtual node def), adopt virtual_init;
* reclass: align our model with prebuilt container's Salt config:
- drop linux:network pillar data (handled by Docker);
- stop applying linux.system state on cfg01;
- align salt user homedir;
- drop salt-formula packages (preprovisioned);
* minor plumbing in deploy.sh and lib.sh;
JIRA: FUEL-383
Change-Id: I28708a9b399d3f19012212c71966ebda9d6fc0ac
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Due to design limitations in idf.net_config, for a hybrid POD we need
to trunk certain network segments for the VMs running on the
jumpserver, including mgmt network going to cfg01, mas01.
Add mgmt VLAN support for cfg01, mas01 gated by a flag in IDF:
idf.fuel.jumphost.trunks.mgmt: True
JIRA: FUEL-338
Change-Id: I6903f9b70e5f8a88618bce28e21c7c0631a05065
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Salt 2016.x has a bug with states ordering coming from 'include'
statement. Glance/Heat DB sync is applied before package setup
although clearly specified 'require' in state.
Change-Id: Ic5f7ce4a7623fb208c0a5ba366802b7e02fa8b9f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Instead of hardcoding kvm hostnames in maas machine definitions,
read node roles/hostnames from current scenario and map them
accodingly.
JIRA: FUEL-382
Change-Id: I15d52e299e0353971f8d0c7da853c571ad5410da
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Include system.linux.system.single class globally in the common
section, preparing for MaaS NOHA node definition.
JIRA: FUEL-382
Change-Id: Icdfb2a90f356cd537631abe653950c0c30020551
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Reclass storage definitions for mas01 node should be added to all
ha/noha scenarios, only when/if baremetal cluster nodes are involved.
JIRA: FUEL-382
Change-Id: I455b07894b68eb89903df94352159ea6519275b0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Prepare for reusing MaaS-related reclass classes for NOHA scenarios.
JIRA: FUEL-338
Change-Id: Ic8ddd5915563f58643ef8c7ac4055a1000db7d45
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I5734431d54c0d0ad9fb337fc37ce3b31a3c58e0a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Ie707de90617e7080a5eb87cad69a604cf5e0f9fc
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- noha: 'accept_policy: open_mode' to align with ha scenarios;
- s/cmp01/cmp001/g to align all scenarios and allow code reuse;
- rename network params: s/dhcp/mcpcontrol/g, cleanup;
- computes XDF data: drop 'opnfv_*' layer of params, cleanup;
- local vPDF: add comments with default roles by node index;
- parameterize all netmasks;
- drop unused address/netmask for 'proto: manual' interfaces;
- virsh_net: cleanup definitions, remove hardcodes, align IP on
jumpserver and DHCP range with MaaS for pxebr;
- maas: parameterize hardcoded '/24' cidr for PXE/admin, refactor
maas.region.machines parameterization;
- merge <all-mcp-arch-common/infra/config_*pdf.yaml.j2> templates;
- move reclass.storage definitions of compute nodes to common dir;
- drop 'openstack_compute_*' reclass params in favor of expanding
them via j2 directly in reclass.storage params;
- adopt `nm.cluster.has_*_nodes` where possible;
- obsolete `runtime.yml` from reclass model;
- refactor arch-specific reclass param selection;
- remove unused defaults in favor of mandatory IDF properties;
- noha: prepare for baremetal node support in cinder_lvm_devices;
- interfaces: add interface_mtu and 'noifupdown: true' everywhere;
- interfaces: use j2 macros to generate eth/vlan config;
- states cleanup: remove DHCP route disable workaround on prx/cmp;
- allow configuring NTP servers via:
`idf.fuel.network.ntp_strata_host{1,2}`;
- ovs_bridge: Allow setting gateway, dns-nameservers
- apache: Adjust module list for novcp class inheritance;
- glusterfs PPA: pin with same prio of MCP repos for novcp scenario;
JIRA: FUEL-319
JIRA: FUEL-326
JIRA: FUEL-337
Change-Id: Ia6ad64ba8cade85a75fb22c9a2505decc3834360
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* CPU pinning: tests have no support for dedicated CPU policy, so
enabled pinning causes general performance impact
[https://docs.openstack.org/nova/pike/admin/cpu-topologies.html]
* L3 HA routers:
- doesn't catch l3-agent failure, relies only on
HA network state to spot failure
- failover process only retains the state of network
connections for instances with a floating IP address
- incompatible with DVR mode
JIRA: FUEL-360
Change-Id: Ie0182bf953b9989729f89d705d9fee902d229e51
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Now we explicitly add a LVM PV on /dev/sda{1,2} for Cinder storage,
so we can safely drop the patch disabling LVM volume filtering.
If we later move the PV to a different disk, we can just add the VG
and LV definitions to linux:storage via reclass, and Salt will skip
setting them up (as they're already created by MaaS), yet keep the
filtering sane.
While at it, fix 'nova_cpu_pinning' param expr; constructs based on
reclass interpolation (e.g. '${_param:x}') do not work when
parameters are passed via reclass.storage templating, so change
reclass interpolation syntax with classic YAML anchors.
Fixes: 672ae12
Change-Id: Ieb41635ddeb630543d7e4d1079f45d636d9a43af
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- node-specific parameters (nova pinning, hugepages, dpdk) should be
configurable via IDF, on a per-node basis;
- keep default settings for lf-pod2, with and without DPDK,
override them for virtual deploys via local-virtual1 IDF;
- leave neutron_tenant_* vars hardcoded for now, as they are required
on both ctl and cmp nodes - this way we'll deal stricly with
cmp params, so we can nicely pass them via config.yml to reclass
per-node (and not per-role), allowing mixed computes later;
- add compute params for ovs/odl-noha, preparing them for
deployment on baremetal later.
JIRA: ARMBAND-343
Change-Id: I89a58b9565679ab3882d85f07ae817690ae85c67
Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
|
|
Decouple virtual cluster nodes (ctl, gtw etc.) from opnfv_fn_* vars
in favor of parsing PDF/IDF.
This is the first step towards unifying baremetal and virtual network
definition templates, as well as allowing virtual nodes to run on a
remote hypervisor (and eventually with a different arch).
opnfv_fn_* vars will still be used for infra VMs spawned on FN (cfg01
and optionally mas01).
Adopt new 'net_map.j2' from Pharos submodule for new templates (virt),
as well as old ones (baremetal).
JIRA: FUEL-322
Change-Id: I150c2416566bbe42ea11cd00f12a8a7bf96776c2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- 10.1.0.0/24 (internal):
* 10.1.0.101 -> opnfv_openstack_compute_node01_tenant_address
* 10.1.0.124 -> opnfv_openstack_gateway_node01_tenant_address
- 172.16.10.0/24 (mgmt):
* 172.16.10.11 -> opnfv_openstack_control_node01_address
* 172.16.10.100 -> opnfv_infra_config_address
* 172.16.10.101 -> opnfv_openstack_compute_node01_control_address
* 172.16.10.111 -> opnfv_opendaylight_server_node01_single_address
* 172.16.10.124 -> opnfv_openstack_gateway_node01_address
- 10.16.0.0/24 (public):
* 10.16.0.11 -> opnfv_openstack_control_node01_external_address
* 10.16.0.101 -> opnfv_openstack_compute_node01_external_address
* 10.16.0.124 -> opnfv_openstack_gateway_node01_external_address
To re-use DPDK config baremetal template, move:
- cluster.baremetal-mcp-pike-ovs-dpdk-ha.infra.config_pdf
+ cluster.all-mcp-arch-common.infra.config_dpdk_pdf
Drop unused 'ceilometer_graphite_publisher_host' (172.16.10.107).
JIRA: FUEL-322
Change-Id: I3aef3415bd696a7ae5b566af12af4733a50c2135
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|