Age | Commit message (Collapse) | Author | Files | Lines |
|
* update gnocchi to 4.3
* remove outdated ceilometer api
Change-Id: I7adaf3ddc76d93531b6b0997b684672b80f2992f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Also re-align resources for virtual scenarios.
Change-Id: Id0d55407fd5b1720a24e30c364219f8b08e89d06
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- replace mas01 VM with a Docker container;
- drop `mcpcontrol` virsh-managed network, including special handling
previously required for it across all scripts;
- drop infrastructure VMs handling from scripts, the only VMs we still
handle are cluster VMs for virtual and/or hybrid deployments;
- drop SSH server from mas01;
- stop running linux state on mas01, as all prerequisites are properly
handled durin Docker build or via entrypoint.sh - for completeness,
we still keep pillar data in sync with the actual contents of mas01
configuration, so running the state manually would still work;
- make port 5240 available on the jumpserver for MaaS dashboard access;
- docs: update diagrams and text to reflect the new changes;
Change-Id: I6d9424995e9a90c530fd7577edf401d552bab929
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Fix broken systemd service unit dependecies:
- OVS should start before networking service;
- OVS ports & bridges should not be automatically ifup-ed by
networking service to avoid races, so drop 'auto' for both
(OVS ports are automatically handled when part of an OVS bridge);
- explicitly ifup OVS bridges as part of networking service, but
after all Linux interfaces have been handled;
- use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another
race condition;
While at it, fix some other related issues:
- make OVS service start after DPDK service (if present);
- bump OVS-DPDK compute VMs RAM since since switching from MTU 1500
to jumbo frames for virtual PODs a while ago failed to do so [1];
- avoid creating conflicting reclass linux.network.interfaces entries
for OVS ports by using their name (drop 'ovs_port_' prefix):
* for untagged networks they will override existing common defs;
* for tagged networks, they will create separate entries;
- DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race
conditions after node reboot by letting OVS handle them;
[1] https://developers.redhat.com/blog/2018/03/16/\
ovs-dpdk-hugepage-memory/
Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I74c1c85310e2012e664764b6129fc4a52faaf106
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Change-Id: Ibf88f179af2570a707ade78f772342b7da23b74f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I0e56261fc2fc2a0a3f164531c72d88f7c46f5ca1
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
MCP repos no longer publish arm64 metadata, so drop our patch that
selected arm64 metadata on arm64 systems.
Instead, let it default to 'deb [arch=amd64]', which will allow
arm64 systems to fetch amd64 metadata and inherintely fetch all
arch-independent packages from the same repos.
While at it, switch to 'rocky-armband' repos on arm64 systems.
Change-Id: I07fda895f5162bfa576c62336cbb4d74e985f37a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- cmp, gtw: bump RAM allocation to accomodate hugepages/VPP;
for now we overcommit, gtw01 resources can probably be lowered;
- submodule: add salt-formula-neutron so we can locally patch it;
- repo:
* FD.IO repos for VPP packages;
* networking-vpp PPA for python-networking-vpp Neutron driver;
- use vpp-router for L3, disable neutron-l3-agent;
- baremetal_init: apply repo config before network (otherwise UCA
repo is missing when trying to install DPDK on baremetal nodes);
- arm64: iommu.passthrough=1 is required on ThunderX for VPP on
newer kernels;
Design quirks:
- vpp service runs as 'neutron' user, which does not exist at the
time VPP is installed and initially started, hence the need to
restart it before starting the vpp-agent service;
- gtw01 node has DPDK, yet to configure it via IDF we use the
compute-specific OVS-targeted parameters like
`compute_ovs_dpdk_socket_mem`, which is a bit misleading;
- vpp-agent requires ml2_conf.ini on ALL compute AND network nodes
to parse per-node physnet-to-real interface names;
- vpp process is bound to core '1' (not parameterized via IDF);
Change-Id: I659f7dbebcab7b154e7b1fb829cd7159b4372ec8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Factor out armband repository component name based on
openstack_version parameter. However, since 'rocky-armband' repo
is not available yet, reuse the 'queens-armband' on.
Change-Id: Ibd17808059542ace14724776f8686fc2afd9de6a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I88f28370180278c4b32599b83eebbb0ee005c936
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
JIRA: FUEL-336
Change-Id: I1c8d22b8322f700eb727d9077035ba4c9f9f9753
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
intel-pod18 has different network interfaces on its compute nodes,
requiring support for per-node PXE/admin NIC name override, instead
of assumming all computes use the same NIC naming.
Change-Id: I2b2e5ec6745601576ead898370241b743c963e3d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
This reverts commit 7c5c2a8353177a393f72d244470e34f23c46c3e8.
The package of Redis v5.0 has been removed from repository.
Change-Id: Ic9449314e9e177435878542eecbe5f4a8b848549
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Also disable transparent hugepages on telemetry hosted nodes
to avoid latency and memory usage issues with Redis.
Change-Id: I3c7a0be6edbc51141f5d79d7368583afacef9025
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
By default castellan key manager gets public endpoint of barbican
service which isn't preferable in terms of cluster ops, so specify
internal endpoint explicitly.
Change-Id: Ie686ceb936132143743af18fcb4960ea15a8b93c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
IPv6 has been enabled back by commenting out the
cis-3-3-3 yaml/class source in linux service reclass.
Change-Id: Ia8f4e2ddbb98f9316e6ce5136badbb14ecb277c5
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
JIRA: FUEL-393
This patch adds support of os-odl-bgvpn-noha scenario to fuel
installer.
Change-Id: I4e053e38aac70023b0a81f9a41b415c7a1aae3af
Depends-On: I57288bbb42f4c75af19f3807f8f15b44482c066c
Signed-off-by: Stamatis Katsaounis <mokats@intracom-telecom.com>
|
|
Enable IPv6 on compute nodes for both ha and noha deployment
types
Change-Id: I46c89e3005aefea8ccbeb4779efe513bf2be84e8
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
|
|
Functest is now using scsi volume type for fuel
Set correct volume device name for functest volume tests
JIRA: ARMBAND-402
Change-Id: I2265901eeb624a395388f6ce8afae226b129c5be
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
|
|
|
|
Some nodes did not rely on the _param:pxe_admin_address internal
reclass param, although all of them do have an IP address in the
PXE/admin network segment.
Ensure all nodes define this param, so we can query all nodes with:
$ salt '*' pillar.item _param:pxe_admin_address
JIRA: FUEL-394
Change-Id: I7575934752c8b459c52af8a8c98c2b0327756428
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Previously, only HA scenarios required the Armband repository
configuration (including its higher repo prio pinning), since NOHA
scenarios were not supported on baremetal.
With multiarch hybrid POD support landing, the same repo prio should
be set for NOHA scenarios.
Change-Id: I676ee262e270ce4689c44c245967badebc2efe2c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-378
Change-Id: I00832d697d83c374628fa9d759c125e0b6ca64cf
Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
|
|
JIRA: FUEL-392
Change-Id: Ia21840c7561a14a5eeed3d08bf89eb2dbf9acc3a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
`virtual_init` state file tries to ping all FN VMs, but that won't
work on hybrid PODs since all FN VMs but mas01 require MaaS DHCP to
be already configured (i.e. FN VMs in question will be reset after
mas01 is fully configured).
Limit virtual node queries in `virtual_init` to mas01 VM, as the rest
of FN VMs will be handled via `baremetal_init` state.
While at it, move _param:apt_mk_version def to common reclass to
avoid an undef reference in NOHA hybrid deployments; set MCP_VCP to
0 for non-HA scenarios.
JIRA: FUEL-385
Change-Id: I582bca6864e9bfed23baf26f9b66e6e95e986c58
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- bump formulas baseline during docker build;
- refresh patches;
Change-Id: I0a54863f57344c5f8897dc981f704c4d265c5522
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I55a3c10f275079b11b7456b28a2c846cb33c204a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Enable jumbo frames on tenant/private interface as well so that
an instance can get the DHCP response from gateway node.
Change-Id: I9407fa67e9e0cdbe50335e4430748b0e45ba841a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* shift MTU from public bridge to physical interface
* add neutron related settings
Change-Id: Ia57d1ca7976968d6e7ee23f58a0abae1a1a256c0
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Since we reboot all nodes, applying the network configuration via
Salt before reboot is pointless and creates a race condition with
OVS.
While at it, add `--ignore-errors` to ifup call for OVS bridge to
prevent a race condition during linux.network state apply.
Change-Id: I22fe0afaffecd7b850a6b77d7b810ed296bfc9ca
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* Refactor OPNFV salt-formulas mechanism to resemble upstream git
structure:
- git submodules: add new submodule for each formula we patch;
- create salt-formula-x directories for OPNFV formulas;
- move mcp/metadata/service contents to their each formula subdir;
- use `make patches-import` for patches previously handled by
patch.sh;
- retire patch.sh
* states: add virtual_init:
- mostly based on old salt.sh, which is now obsolete;
- exclude salt-master service restart (it would kill the container);
* scenarios: cleanup (rm cfg01 virtual node def), adopt virtual_init;
* reclass: align our model with prebuilt container's Salt config:
- drop linux:network pillar data (handled by Docker);
- stop applying linux.system state on cfg01;
- align salt user homedir;
- drop salt-formula packages (preprovisioned);
* minor plumbing in deploy.sh and lib.sh;
JIRA: FUEL-383
Change-Id: I28708a9b399d3f19012212c71966ebda9d6fc0ac
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Align all noha scenarios to install OVS 2.9 which doesn't drop
packets on bridge with netdev datapath type at initial stage.
Change-Id: Iab204828ac7acefcb26647cdbc27805871904f2c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Change-Id: I61ee8e19e783437dce7a9ddd666cd60e9d22a2e1
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
For DPDK scenarios, the private VLAN Linux interface should not
be created, as it interferes with OVS configuration.
Change-Id: I7eff6031a7cd5e50296e5d36084d7d50d6f3beae
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Now that host vnet MTU has been bumped to 9000, we can safely enable
jumbo frames in ctl01 VM without breaking nova compute discovery.
JIRA: FUEL-336
Change-Id: I30bf333c18f3f0de2ce37fc7ae99df9b99f3a5e9
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
|
|
- odl01: Use a bridge for br-ctl to allow tagged mgmt;
- ctl01: Use bridges for br-ctl, br-ext;
- ctl01: Use mtu 1500 since jumbo frames seems to break nova cell
discovery;
JIRA: FUEL-382
Change-Id: I9bf48711930cac77a089e4d7b7ba98924dd161ee
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Locally overwriting barbican_integration_enable
on compute nodes does not work.
Set barbican_integration_enable to true by default.
Disable barbican_integration at openstack_control side.
While at it, enable barbican on ha scenarios too.
JIRA: FUNCTEST-981
Change-Id: I3c8df5d4078f73f32f3605dec5a7a365fa386019
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
|
|
Change-Id: I0377615ff19e39aca74b90d2ff7e7b2cd5cd6ccb
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Instead of applying PXE/admin static IPs via Salt right away,
delay the transition from DHCP until after node reboot to avoid
duplicate IPs and networking issues during deployment.
Change-Id: I8a12d78a6b42edc9bcf9eb9ebc9590e2af5ec52c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
While at it, move openstack_version param to the common include dir.
JIRA: FUEL-382
Change-Id: I5e7ebb18a95672f066126d3afd28f13395a3149f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Due to design limitations in idf.net_config, for a hybrid POD we need
to trunk certain network segments for the VMs running on the
jumpserver, including mgmt network going to cfg01, mas01.
Add mgmt VLAN support for cfg01, mas01 gated by a flag in IDF:
idf.fuel.jumphost.trunks.mgmt: True
JIRA: FUEL-338
Change-Id: I6903f9b70e5f8a88618bce28e21c7c0631a05065
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
Configure barbican for cinder-volumes and nova-compute
to use encrypted volumes
Disable default glance image signature verification with
barbican enabled
JIRA: FUNCTEST-981
Change-Id: I35660234526780a2277e459f3fa21a67d96ce7d7
Signed-off-by: Delia Popescu <delia.popescu@enea.com>
|
|
Prepare for MaaS integration in NOHA scenarios by aligning cinder
VG naming across all scenarios.
JIRA: FUEL-382
Change-Id: I0cd7accf573ae0904efddd7aa67d880f2a6deb71
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|