| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
A few things differ between baremetal and virtual nodes:
- provisioning method;
- network setup;
Since now we support completely dynamic network config based on PDF +
IDF, as well as dynamic provisioning of VMs on jumpserver (as virtual
cluster nodes), respectively MaaS-driven baremetal provisioning, let's
drop the 'baremetal-' prefix from cluster model names and prepare for
unified scenarios.
Note that some limitations still apply, e.g. virtual nodes are spawned
only on jumpserver (localhost) for now.
JIRA: FUEL-310
Change-Id: If20077ac37c6f15961468abc58db7e16f2c29260
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Decouple virtual cluster nodes (ctl, gtw etc.) from opnfv_fn_* vars
in favor of parsing PDF/IDF.
This is the first step towards unifying baremetal and virtual network
definition templates, as well as allowing virtual nodes to run on a
remote hypervisor (and eventually with a different arch).
opnfv_fn_* vars will still be used for infra VMs spawned on FN (cfg01
and optionally mas01).
Adopt new 'net_map.j2' from Pharos submodule for new templates (virt),
as well as old ones (baremetal).
JIRA: FUEL-322
Change-Id: I150c2416566bbe42ea11cd00f12a8a7bf96776c2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
RHEL family virtualization tools reserve 02:00 PCI slot for VGA, even
if 'nographics' is specified when creating the VM (in case the user
wants to later hook a video card, which usually *requires* PCI slot2).
Debian systems do not follow this rule (tested with libvirt 1.x, 2.x,
3.x), hence 1st NIC lands on PCI slot 2 (and get eth name 'ens2').
To align the behavior across all possible jumpserver distros, bring
back the virtio video.
This reverts commit 738f6c3b68d1179de1ff790f9e72c25f10874da4.
Change-Id: Ifd855c12e04aec1ff0ab047b13f8081365741889
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Based on Canonical research (https://goo.gl/QJykMa) there is
low-risk of attack for private clouds environments, therefore
turn off the related kernel patches & regain performance back.
Change-Id: I661fa127241e327b07d21a29d58d584997607123
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Since VCP VMs (created via salt formula) do not have a video
controller defined in their domain XMLs, network devices end on
different PCI slots and hence have different names assigned
(ens2+ vs foundation node VMs, which start with ens3).
To align network interface names for VMs on jumpserver vs kvm nodes,
and reduce confusion, remove the video controller from FN VMs.
This allows some cleanup:
- drop extra AArch64 args from virt-install;
- unify 'opnfv_vcp_vm_*' and 'opnfv_fn_vm_*' variables;
Change-Id: I0d108b00914b3eaaa03b67c652174f8ed4573118
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
|
|
- switch from securedlab to pharos as lab-config structure;
- accomodate the move net_config from PDF to IDF in j2 templates;
Change-Id: Ib04e4fb384568a6efd9e78a080857b663521ae88
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Previous cherry-pick failed to rename 'ocata' to 'pike'.
JIRA: FUEL-317
Change-Id: Ic1a1145e0652f2a7d15980399232631cf3fc5080
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
If upstream proxy is defined in IDF, propagate it to pillar data:
- linux:system:proxy:keyserver:http(s) for cfg01, mas01;
- maas:region:upstream_proxy for mas01;
Sample IDF config:
idf:
fuel:
network:
upstream_proxy:
address: 10.0.2.2
port: 3128
JIRA: FUEL-317
Change-Id: I12be815e1b4564227fb09c20ce06cd71e7d433b6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- Remove hardcoded /24 mask
- Use PDF as source for public network, with reclass params:
opnfv_net_public, _mask, _gw, _pool_start, _pool_end
JIRA: FUEL-315
Change-Id: Idf3a4ed8f63f58fa90d9c1dcb7751ef3b1c9bd36
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
|
|
Although previous commit d1b6119 changed the first reference of
apt-mk repos to 'stable' from 'nightly', it missed the cluster model.
This fixes redeploys with `-f`, which fail due to conflicts between
already installed 'stable' packages and 'nightly' ones.
Fixes: d1b6119
Change-Id: I854bac86feaaa61da0b68d158e270eec1ee0ccb7
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- openvswitch 2.8 officially supports kernel versions from 3.10 to 4.12
- ODL baremetal scenario is acting up with floating/public SNAT
flow under hwe edge kernel 4.13
Change-Id: I099d528b3b1c2ea34f8f856cd60f809f90defea6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
By default, MaaS formula will install Salt minion 2016.3 via curtin
on physical nodes. 2016.3 does not properly support proxy_host
config option, causing timeouts during `linux.system.repo` SLS apply.
Change-Id: I3d6245f0d4b425170c43b3b62a21ad9acc6cb97e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Instead of using NAT on the mas01 node for all cluster node outgoing
traffic, use the MaaS built-in proxy for APT traffic to leverage its
caching capabilities too.
Also enable the proxy for salt minions, so they can access public
keyservers et al.
Cleanup public DNS from kvm nodes, interferes with MaaS proxy.
Add example config for global env proxy, but don't enable it:
- default environment settings - /etc/environment (via reclass);
The MaaS proxy will not be used (at least for now) on nodes:
- cfg01;
- mas01;
NOTE: We can't yet drop the maas.pxe_nat state completely, as certain
Openstack services are still accessed via public addresses from ctl
nodes.
JIRA: FUEL-317
JIRA: FUEL-318
Change-Id: I6c5f6872bb94afb838580571080e808bc262fc68
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Ubuntu prefers ipv6 connections therefore in some networks, this
breaks software updates (it does a AAAA DNS lookup before A record
lookups). Let's prefer old style ipv4 connections over the new ipv6 in
order to save some processing and resource utilization.
Based on previous work from [1] (but without /etc/gai.conf, only APT).
[1] https://review.openstack.org/#/c/462502/
JIRA: FUEL-321
Change-Id: Ic3dff3baa1c0be9ac95972557d6a2d26641bfe1b
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Updated libvirt formula now supports group
name as an option for unix socket parameter.
Change-Id: I683e38971fe6c939fd09e95b805d611ddc596f28
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Change-Id: I360dcb675c90b6f20687979ebc493afe6682c821
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Use PXE/admin network for salt traffic from/to all minions
except cfg01, mas01.
This allows us to drop the route to admin net from cfg01.
Change-Id: Ic2526f1ff77afe5d92ced900971f4c8f78d2d8a2
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- patch MaaS to default to `DHCP` instead of `AUTO` for physical
PXE interfaces (all IPs will be handed out by MaaS DHCP *inside* the
defined dynamic DHCP IP range);
- reduce range to silence bogus MaaS warning about address exhaustion;
- regenerate pod_config.yml.example to reflect the changes;
- drop `opnfv_infra_maas_pxe_address` (duplicate of
`opnfv_infra_maas_node01_deploy_address`);
- add `opnfv_infra_config_pxe_address` for future usage;
- while at it, fix missing patch copyright;
JIRA: FUEL-316
Change-Id: I81fad333e77f7c8508cd2b2b267c7b39c130e3e1
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- move linux.network.interface definitions to their own classes, which
also removes the previous requirement of defining {dhcp,single}_nic
parameters in classes that don't actually use them;
- drop now useless {dhcp,single}_nic parameters;
- expand linux_{dhcp,single}_interface macros, since they cause issues
with reclass dict-merge while attempting to override sub-vars (i.e.
it's not possible to set 'enabled: false' via reclass interpolation);
JIRA: FUEL-310
Change-Id: I29d921f545e761de335a60e242a4523d13b06c78
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Glusterfs 3.11 package from UCA repo has the bug#875651, which
causes package instalation error due to timeout of glustereventsd
service startup. Therefore get the latest version from PPA repo.
Change-Id: Ia47d969e758c8689508dfd6b7fd2725514ea88c5
Co-Authored-By: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
We hard set some repo URLs used for base image pre-building, so bump
those to Pike, now that Armband repos for Pike are populated.
JIRA: ARMBAND-335
Change-Id: Ibd7267b628985a3c7a33d9d8a93c824077c69f10
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- s/opnfv_maas_pxe_/opnfv_infra_maas_pxe_/g to align with other vars;
- patches: pharos: Add MaaS PXE network to installer adapter;
- runtime.yml{,.template}: move to installer adapter, update
pod_config.yml example;
- drop MAAS_PXE_NETWORK global env var, now read strictly from PDF;
JIRA: FUEL-313
Change-Id: I46d7510bd53fba7890c411d36bc28fd6ff6f3648
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
|
|
Since the uca/pike repo has version of 3.11
This reverts commit 8a867449217151f59766a74c6165ffc26c7f50b4.
Change-Id: I5cc0d94b4a1b53b987fab03bc20466ee3c3eb8b2
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* up glusterfs.client state before actual volume usage
* handle keystone server state
* specify suitable nova packages list for uca repo
(consoleproxy vs novncproxy)
* upgrade vcp nodes to get proper cryptography
library for keystone
* align service names for libvirt & glusterfs
Change-Id: Iaeb7d147e6d407bbeaec2d40fd81037c939c3fe0
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Our PDF installer adapter defines 3 unused reclass params that are
misleading, so drop them (infra_compute_node{01,02,03}_address).
Change-Id: I0ca49b73add543c8f03b14ed4d805ce55f973bb5
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: If4208e937734df72b10aad259c65a2617ff5e19c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
Alexandru Avadanii
Michael Polenchuk
Guillermo Herrero