aboutsummaryrefslogtreecommitdiffstats
path: root/mcp/reclass/classes/cluster/mcp-common-ha
AgeCommit message (Collapse)AuthorFilesLines
2019-12-31aarch64: Pin qemu-efi from Armband reposAlexandru Avadanii1-2/+9
Upstream (UCA) qemu-efi (AAVMF) package is incompatible with most cloud images, e.g. Cirros used by Functest, resulting in kernel boot issues and/or missing serial console output. Work around this by pinning the qemu-efi Debian package from the old Armband repositories. This should fix singlevm1 functest testcase. Change-Id: Ibbe2218d99881f6fec89846497c2cc248aab5031 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 73656638216987cc4e9c75468182f16b82cce5d1)
2019-10-25[baremetal] Stein, Bionic, py3 supportAlexandru Avadanii7-43/+81
Change-Id: If3f8cb6bfeedeb766a050d5a271b21c90bb3ba1c Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-06-10[ha] Disable apache's status moduleMichael Polenchuk1-1/+2
To avoid ports conflict of nginx/apache disable unused apache's status module, which is binded on 80 port by default. Also remove patch with double locations content (formula already has such configuration). JIRA: FUEL-408 Change-Id: Ib06dac8abe36299cf77747bdb3fc0fe7216b6096 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-06-06Merge "[ha] Re-enable nginx proxy for Horizon"Alexandru Avadanii1-0/+1
2019-06-05[ha] Re-enable nginx proxy for HorizonAlexandru Avadanii1-0/+1
Starting with MCP 2019.2, Horizon was moved under haproxy in Active/Active mode by default via upstream changes: - Adding haproxy class for horizon [1]; - Cleanup nginx horizon sites by default [2]; This change re-enables the old behavior where Horizon is served by nginx instead of haproxy. While at it, fix missing support in salt-formula-apache for wsgi `locations`, so Horizon dashboard can access '/static' resources (e.g. CSS/images). JIRA: FUEL-408 [1] https://github.com/Mirantis/reclass-system-salt-model/commit/81c4c21a [2] https://github.com/Mirantis/reclass-system-salt-model/commit/a3b38f46 Change-Id: I9b35d5d0ce4e0b53dae808c2620a31ca80290b55 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-06-04Merge "Revert "Disable block migration explicitly""Michael Polenchuk1-1/+0
2019-06-03Revert "Disable block migration explicitly"Michael Polenchuk1-1/+0
This reverts commit 430a0aee9e8c7400d698f460406152aa70349b6c. Superseded by the patch into releng https://gerrit.opnfv.org/gerrit/67975 Change-Id: Ibeb8419fa0ebc8eebe255e7535d775458f560ad0 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-05-31Merge "Revert "Patch dhcp agent to avoid unwanted resync""Michael Polenchuk1-10/+0
2019-05-29Revert "Patch dhcp agent to avoid unwanted resync"Michael Polenchuk1-10/+0
This reverts commit 7522bdb0e898144da2b6dc361dbdd549b39bc025. The original patch has been merged (https://review.opendev.org/661011) Change-Id: I9a1c04590145800523d546e36e9462fa7074922c Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-05-29Disable block migration explicitlyMichael Polenchuk1-0/+1
Functest enabled block migration by default recently but it can't be used with shared storage. Change-Id: I15fd5459df91cece02e87cda9d1ed6e575194667 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-04-25Patch dhcp agent to avoid unwanted reschedulingMichael Polenchuk1-0/+10
Change-Id: Id49f26a2615e2fc06e94eeaf2e9200e83625e6c9 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-04-11[ha] Take out class with backports repoMichael Polenchuk1-1/+1
* update system reclass * rectify telemetry redis options Change-Id: I6dca1ae52e7f7d73a90e53fceddca8e86872651b Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-04-10Merge "Setup repository with backports"Michael Polenchuk7-7/+7
2019-04-09Merge "[VCP VMs] AArch64: Switch seeding back to qemu-nbd"Alexandru Avadanii1-0/+2
2019-04-08Setup repository with backportsMichael Polenchuk7-7/+7
Change-Id: I791436f512dea6c6bc61133c4122ac872950af8e Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-04-08[VCP VMs] AArch64: Switch seeding back to qemu-nbdAlexandru Avadanii1-0/+2
Upstream change [1] switched from old qemu-nbd preseeding of VCP VMs to using a cloud-init + configuration drive. This breaks on AArch64 with "IDE controllers are unsupported for this QEMU binary or machine type", so switch back to using qemu-nbd. [1] https://github.com/Mirantis/reclass-system-salt-model/commit/c0e4807 Change-Id: I0dfeb638d408343c76a73fafa503048a79ce1f6e Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-04-04Define stub for cinder service in keystoneMichael Polenchuk1-0/+4
Required only for Rally validation in cinder scenarios, there is no useful functionaly in terms of cluster. Change-Id: Idc4d62cbbc9974972e9d492b5a419342077e3d9a Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-03-29[akraino] Add IEC K8-calico scenariosAlexandru Avadanii1-0/+2
- bump Pharos git submodule to allow PODs with fewer nodes; - add `k8-calico-iec-noha` scenario definition for Akraino IEC basic configuration; - add `k8-calico-iec-vcp-noha` scenario definition for Akraino IEC nested (virtualized control plane) configuration; - add `akraino_iec` state, which will leverage the Akraino IEC bootstrap scripts from [1]; - replace system.reboot salt call with cmd.run 'reboot' as it's more reliable; - use kernel 4.15 for AArch64 K8 IEC scenarios; NOTE: These scenarios will not be released in OPNFV since don't rely on Salt formulas but instead of Akraino IEC scripts to install K8s. [1] https://gerrit.akraino.org/r/#/q/project:iec Change-Id: I4e538e0563d724cd3fd5c4d462ddc22d0c739402 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-03-27Rectify system reclass after updateMichael Polenchuk3-0/+8
* add opendaylight password (removed from system level) * get updated ovn system class w/o mysql settings * enable ceilometer user back (removed along with outdated service/endpoints) * adjsut check interval of haproxy for noha scenarios since there is only one backend for services, i.e. failover ain't expected Change-Id: Iedee290e1cfcf838998bd44dc09a729d143974ac Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-03-25Update system reclassMichael Polenchuk7-7/+7
Change-Id: I745a838b1f2f294b6c455700509ddf4b0264446f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-03-14Smooth down telemetry servicesMichael Polenchuk4-6/+1
* update gnocchi to 4.3 * remove outdated ceilometer api Change-Id: I7adaf3ddc76d93531b6b0997b684672b80f2992f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-03-04Turn off meltdown/spectre patchesMichael Polenchuk2-0/+6
Change-Id: Id75ffe4db808a4ec250ba8b86c5d49f1206c3784 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-02-28Tune up nova/neutron intervalsMichael Polenchuk2-0/+4
Also re-align resources for virtual scenarios. Change-Id: Id0d55407fd5b1720a24e30c364219f8b08e89d06 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-02-14[baremetal] Containerize MaaSAlexandru Avadanii1-6/+0
- replace mas01 VM with a Docker container; - drop `mcpcontrol` virsh-managed network, including special handling previously required for it across all scripts; - drop infrastructure VMs handling from scripts, the only VMs we still handle are cluster VMs for virtual and/or hybrid deployments; - drop SSH server from mas01; - stop running linux state on mas01, as all prerequisites are properly handled durin Docker build or via entrypoint.sh - for completeness, we still keep pillar data in sync with the actual contents of mas01 configuration, so running the state manually would still work; - make port 5240 available on the jumpserver for MaaS dashboard access; - docs: update diagrams and text to reflect the new changes; Change-Id: I6d9424995e9a90c530fd7577edf401d552bab929 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-27[ovs] Start ovs services before networkingAlexandru Avadanii1-2/+4
Fix broken systemd service unit dependecies: - OVS should start before networking service; - OVS ports & bridges should not be automatically ifup-ed by networking service to avoid races, so drop 'auto' for both (OVS ports are automatically handled when part of an OVS bridge); - explicitly ifup OVS bridges as part of networking service, but after all Linux interfaces have been handled; - use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another race condition; While at it, fix some other related issues: - make OVS service start after DPDK service (if present); - bump OVS-DPDK compute VMs RAM since since switching from MTU 1500 to jumbo frames for virtual PODs a while ago failed to do so [1]; - avoid creating conflicting reclass linux.network.interfaces entries for OVS ports by using their name (drop 'ovs_port_' prefix): * for untagged networks they will override existing common defs; * for tagged networks, they will create separate entries; - DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race conditions after node reboot by letting OVS handle them; [1] https://developers.redhat.com/blog/2018/03/16/\ ovs-dpdk-hugepage-memory/ Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-22Pass domain name properly for heat stack userMichael Polenchuk1-2/+0
Change-Id: I74c1c85310e2012e664764b6129fc4a52faaf106 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-01-21Merge "[noha] baremetal: Fix undef armband_repo_version"Michael Polenchuk1-1/+0
2019-01-17Sync heat domain name with keystone definedMichael Polenchuk1-0/+2
Change-Id: Ibf88f179af2570a707ade78f772342b7da23b74f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-01-16[noha] baremetal: Fix undef armband_repo_versionAlexandru Avadanii1-1/+0
Change-Id: I0e56261fc2fc2a0a3f164531c72d88f7c46f5ca1 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-12[patch] Drop reclass.system patch for repo archAlexandru Avadanii1-1/+1
MCP repos no longer publish arm64 metadata, so drop our patch that selected arm64 metadata on arm64 systems. Instead, let it default to 'deb [arch=amd64]', which will allow arm64 systems to fetch amd64 metadata and inherintely fetch all arch-independent packages from the same repos. While at it, switch to 'rocky-armband' repos on arm64 systems. Change-Id: I07fda895f5162bfa576c62336cbb4d74e985f37a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-23[armband] Parameterize aarch64 specific repo compAlexandru Avadanii1-2/+3
Factor out armband repository component name based on openstack_version parameter. However, since 'rocky-armband' repo is not available yet, reuse the 'queens-armband' on. Change-Id: Ibd17808059542ace14724776f8686fc2afd9de6a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-19Update OpenStack version to RockyMichael Polenchuk4-10/+4
Change-Id: I88f28370180278c4b32599b83eebbb0ee005c936 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-12-12Make MTU cluster-level configurable via IDFAlexandru Avadanii6-3/+9
JIRA: FUEL-336 Change-Id: I1c8d22b8322f700eb727d9077035ba4c9f9f9753 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-11-16[baremetal] cmp: Support per-node PXE/admin ifaceAlexandru Avadanii1-1/+1
intel-pod18 has different network interfaces on its compute nodes, requiring support for per-node PXE/admin NIC name override, instead of assumming all computes use the same NIC naming. Change-Id: I2b2e5ec6745601576ead898370241b743c963e3d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-11-14[ha] kvm: Disable ip_forwardAlexandru Avadanii1-0/+2
kvm nodes should not try to route traffic. This also silences some bogus 'martian packet' warnings about prx public VIP reaching br-ex. Change-Id: I608a561d292be3042d20fcbe48b2f5c816c4e8bf Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-11-13Revert "Conform configs to updated Redis v5.0 package"Michael Polenchuk1-1/+1
This reverts commit 7c5c2a8353177a393f72d244470e34f23c46c3e8. The package of Redis v5.0 has been removed from repository. Change-Id: Ic9449314e9e177435878542eecbe5f4a8b848549 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-11-09Conform configs to updated Redis v5.0 packageMichael Polenchuk1-1/+6
Also disable transparent hugepages on telemetry hosted nodes to avoid latency and memory usage issues with Redis. Change-Id: I3c7a0be6edbc51141f5d79d7368583afacef9025 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-10-29Specify barbican endpoint for glance serviceMichael Polenchuk1-0/+2
By default castellan key manager gets public endpoint of barbican service which isn't preferable in terms of cluster ops, so specify internal endpoint explicitly. Change-Id: Ie686ceb936132143743af18fcb4960ea15a8b93c Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-10-23Enable IPv6 on entire cluster by defaultMichael Polenchuk2-7/+1
IPv6 has been enabled back by commenting out the cis-3-3-3 yaml/class source in linux service reclass. Change-Id: Ia8f4e2ddbb98f9316e6ce5136badbb14ecb277c5 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-10-22Merge "[ha] Run OpenDaylight in cluster mode"Michael Polenchuk1-10/+0
2018-10-22[ha] Run OpenDaylight in cluster modeMichael Polenchuk1-10/+0
Change-Id: Id75fbee34a6cfc6e7fc60df053cccaaff21cb15a Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-10-19[ha] Add barbican to nginx on proxy nodesDelia Popescu1-0/+1
JIRA: FUEL-395 Change-Id: I8bd3a8e914828548e2ded0915770550ce3673897 Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2018-10-16Enable IPv6 on compute nodes for noha and haDelia Popescu1-1/+3
Enable IPv6 on compute nodes for both ha and noha deployment types Change-Id: I46c89e3005aefea8ccbeb4779efe513bf2be84e8 Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2018-10-11Set volume device name to sdcDelia Popescu1-1/+1
Functest is now using scsi volume type for fuel Set correct volume device name for functest volume tests JIRA: ARMBAND-402 Change-Id: I2265901eeb624a395388f6ce8afae226b129c5be Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2018-09-26[ha] Fix missing aodh_version paramAlexandru Avadanii1-0/+1
_param:aodh_version was lost during a recent refactor, bring it back. While at it, also make chown in entrypoint.sh recursive to prepare for non-sudo deployments. Fixes: c0de0902 Change-Id: I41b225c4a3f15269aa156a1c33412206beff6ee9 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-09-25[reclass] Consolidate all passwordsGuillermo Herrero2-45/+0
JIRA: FUEL-378 Change-Id: I00832d697d83c374628fa9d759c125e0b6ca64cf Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
2018-09-23[repos] Replace keyserver accesses with pillar GPGAlexandru Avadanii2-8/+6
JIRA: FUEL-392 Change-Id: Ia21840c7561a14a5eeed3d08bf89eb2dbf9acc3a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-09-21Merge "[state] virtual_init: Limit to mas01 on baremetal"Alexandru Avadanii1-2/+0
2018-09-21Merge "Rotate keystone fernet keys on shared filesystem"Alexandru Avadanii1-0/+2
2018-09-21Enable IPv6 back for proxy/nginx nodeMichael Polenchuk1-0/+4
Change-Id: I2af8a06f5637238c4512b5a117d899fec7cb2e50 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>