Age | Commit message (Collapse) | Author | Files | Lines |
|
Sometimes instance doesn't get ip address from dhcp server, which
resides only on gateway node, so run additional dhcp/metadata agents
on compute nodes to handle tenant networks in place.
Change-Id: If1d74af665cf8db64b09f846fac7192f76abdb25
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- bump Pharos git submodule to allow PODs with fewer nodes;
- add `k8-calico-iec-noha` scenario definition for Akraino
IEC basic configuration;
- add `k8-calico-iec-vcp-noha` scenario definition for Akraino
IEC nested (virtualized control plane) configuration;
- add `akraino_iec` state, which will leverage the Akraino IEC
bootstrap scripts from [1];
- replace system.reboot salt call with cmd.run 'reboot' as it's more
reliable;
- use kernel 4.15 for AArch64 K8 IEC scenarios;
NOTE: These scenarios will not be released in OPNFV since don't rely
on Salt formulas but instead of Akraino IEC scripts to install K8s.
[1] https://gerrit.akraino.org/r/#/q/project:iec
Change-Id: I4e538e0563d724cd3fd5c4d462ddc22d0c739402
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I2b41ce2e275bb053fa2590654ea7fa432b0c857f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* add opendaylight password (removed from system level)
* get updated ovn system class w/o mysql settings
* enable ceilometer user back (removed along with outdated service/endpoints)
* adjsut check interval of haproxy for noha scenarios since there is
only one backend for services, i.e. failover ain't expected
Change-Id: Iedee290e1cfcf838998bd44dc09a729d143974ac
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I745a838b1f2f294b6c455700509ddf4b0264446f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* update gnocchi to 4.3
* remove outdated ceilometer api
Change-Id: I7adaf3ddc76d93531b6b0997b684672b80f2992f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Id75ffe4db808a4ec250ba8b86c5d49f1206c3784
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Also re-align resources for virtual scenarios.
Change-Id: Id0d55407fd5b1720a24e30c364219f8b08e89d06
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Previously, Salt Master CA mine was only sent once, during
salt.minion.ca state execution at cfg01 bringup / bootstrap.
This causes possible issues with:
- Salt Master container restart (mine data is lost);
- UNH Lab deployment (uknown rootcause, might be related to XFS and
overlay2 being used with Docker on CentOS);
To bypass this issue, make x509.get_pem_entries module send mine data
at the default mine interval (60 minutes).
Change-Id: I5f6334ae18f5af6cbe0a164791603b67f0a3668f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- replace mas01 VM with a Docker container;
- drop `mcpcontrol` virsh-managed network, including special handling
previously required for it across all scripts;
- drop infrastructure VMs handling from scripts, the only VMs we still
handle are cluster VMs for virtual and/or hybrid deployments;
- drop SSH server from mas01;
- stop running linux state on mas01, as all prerequisites are properly
handled durin Docker build or via entrypoint.sh - for completeness,
we still keep pillar data in sync with the actual contents of mas01
configuration, so running the state manually would still work;
- make port 5240 available on the jumpserver for MaaS dashboard access;
- docs: update diagrams and text to reflect the new changes;
Change-Id: I6d9424995e9a90c530fd7577edf401d552bab929
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
Previously, Ubuntu ignored the VPP pinning with:
N: Ignoring file 'fdio.ubuntu' in directory '/etc/apt/preferences.d/'
as it has an invalid filename extension
Change-Id: I5ee60c1715bea3b4180b55125dc72962a70c2754
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
In order to mitigate live migration procedure make VIF plugging
event non-fatal for nova-compute. Also align max value of memory
for instance of ODL controller.
Change-Id: I0d00cc97c652eef3bd3404fac4715e2e7f2f02c7
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
|
|
VPP 18.10 has a weird bug triggered by certain packets, e.g. from
inside a guest VM on a compute node, these behave differently:
$ udhcpc -x hostname:1234567890123456789012 # works
$ udhcpc -x hostname:12345678901234567890123 # confuses VPP on gtw01
To avoid this bug, pin VPP to the previous release, which does not
exhibit the issue.
Change-Id: I8c1e085731909d4b9296e8b09608887a4b5bfdd6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Baremetal clusters might benefit from having a little more time
to plug in the VIFs.
Change-Id: I9406a0ef24de2177827b3acd27b7c60b293a4572
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Fix broken systemd service unit dependecies:
- OVS should start before networking service;
- OVS ports & bridges should not be automatically ifup-ed by
networking service to avoid races, so drop 'auto' for both
(OVS ports are automatically handled when part of an OVS bridge);
- explicitly ifup OVS bridges as part of networking service, but
after all Linux interfaces have been handled;
- use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another
race condition;
While at it, fix some other related issues:
- make OVS service start after DPDK service (if present);
- bump OVS-DPDK compute VMs RAM since since switching from MTU 1500
to jumbo frames for virtual PODs a while ago failed to do so [1];
- avoid creating conflicting reclass linux.network.interfaces entries
for OVS ports by using their name (drop 'ovs_port_' prefix):
* for untagged networks they will override existing common defs;
* for tagged networks, they will create separate entries;
- DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race
conditions after node reboot by letting OVS handle them;
[1] https://developers.redhat.com/blog/2018/03/16/\
ovs-dpdk-hugepage-memory/
Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
The ovs port remains in down state after reboot if "auto" is off.
Also turn off no_wait option for odl-noha scenarios.
Change-Id: I0121b3190869528e5f2e9985f9e9299ac6c6724e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
The first VMs spawned still exhibit the race condition described in
the ticket, so apply the same workaround proposed during the Fraser
release cycle in FDS.
JIRA: FDS-156
Change-Id: I3b2b1ed7b5711daf81b5f4a263e4dbee9f502259
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I74c1c85310e2012e664764b6129fc4a52faaf106
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Change-Id: Ibf88f179af2570a707ade78f772342b7da23b74f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I0e56261fc2fc2a0a3f164531c72d88f7c46f5ca1
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
The conntrack-based SNAT uses the Linux netfilter framework to
do the NAPT and track the connection. The first packet in a traffic is
passed to the netfilter to be translated with the external IP. The
following packets will use the netfilter for further inbound and
outbound translation.
Change-Id: I1090b4fe041f8d9533aa4ce1964284a4a5c073ce
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
MCP repos no longer publish arm64 metadata, so drop our patch that
selected arm64 metadata on arm64 systems.
Instead, let it default to 'deb [arch=amd64]', which will allow
arm64 systems to fetch amd64 metadata and inherintely fetch all
arch-independent packages from the same repos.
While at it, switch to 'rocky-armband' repos on arm64 systems.
Change-Id: I07fda895f5162bfa576c62336cbb4d74e985f37a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: Ic266864913dcac021b3e12f426e1c8a60c23fe87
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- cmp, gtw: bump RAM allocation to accomodate hugepages/VPP;
for now we overcommit, gtw01 resources can probably be lowered;
- submodule: add salt-formula-neutron so we can locally patch it;
- repo:
* FD.IO repos for VPP packages;
* networking-vpp PPA for python-networking-vpp Neutron driver;
- use vpp-router for L3, disable neutron-l3-agent;
- baremetal_init: apply repo config before network (otherwise UCA
repo is missing when trying to install DPDK on baremetal nodes);
- arm64: iommu.passthrough=1 is required on ThunderX for VPP on
newer kernels;
Design quirks:
- vpp service runs as 'neutron' user, which does not exist at the
time VPP is installed and initially started, hence the need to
restart it before starting the vpp-agent service;
- gtw01 node has DPDK, yet to configure it via IDF we use the
compute-specific OVS-targeted parameters like
`compute_ovs_dpdk_socket_mem`, which is a bit misleading;
- vpp-agent requires ml2_conf.ini on ALL compute AND network nodes
to parse per-node physnet-to-real interface names;
- vpp process is bound to core '1' (not parameterized via IDF);
Change-Id: I659f7dbebcab7b154e7b1fb829cd7159b4372ec8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On AArch64, 1G hugepages need to be enabled via kernel cmdline
before mounting hugetlbfs [1].
Leverage MaaS tags to apply custom kernel args to AArch64 nodes.
[1] https://wiki.debian.org/Hugepages
Change-Id: Ie68ddf805836ee62f725019b0b873082b1d40948
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Factor out armband repository component name based on
openstack_version parameter. However, since 'rocky-armband' repo
is not available yet, reuse the 'queens-armband' on.
Change-Id: Ibd17808059542ace14724776f8686fc2afd9de6a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
This commit should be reverted once original formulas
get required support of rocky version.
Change-Id: Ia3458381bced0cae8dbfacc9781c90933ad5c822
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I88f28370180278c4b32599b83eebbb0ee005c936
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Sync our reclass pillar data for mas01's iptables with latest formula
changes [1].
[1] https://github.com/salt-formulas/salt-formula-iptables/commit/e353ce3c
Change-Id: I66b2a75066ed512ab5ab4cc213d13d15c5c8cc7f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-364
Change-Id: Ia470fc8103713e7a06cd9647675b0edfb4342bf8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
While at it, rename FDIO (VPP) scenarios to align with OPNFV FDS
and OPNFV Apex projects.
Change-Id: I9aab5dc4a0dc41a2cc996687a8a2726d03288678
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-336
Change-Id: I1c8d22b8322f700eb727d9077035ba4c9f9f9753
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
There is a race with interfaces up/down action during
configuration, so activate them after node reboot.
Change-Id: Id40ce746cc6635fcedd0f9c809cf4a9fe4d1f034
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Previously, we used a single interface definition for public network
on odl01 node, which does not work well for baremetal setups that
use a tagged VLAN public network, like ericsson-pod1.
Change-Id: I10ff7c105406691011e94e06b2f099dc2cdf8a06
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
intel-pod18 has different network interfaces on its compute nodes,
requiring support for per-node PXE/admin NIC name override, instead
of assumming all computes use the same NIC naming.
Change-Id: I2b2e5ec6745601576ead898370241b743c963e3d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
kvm nodes should not try to route traffic. This also silences some
bogus 'martian packet' warnings about prx public VIP reaching br-ex.
Change-Id: I608a561d292be3042d20fcbe48b2f5c816c4e8bf
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
This reverts commit 7c5c2a8353177a393f72d244470e34f23c46c3e8.
The package of Redis v5.0 has been removed from repository.
Change-Id: Ic9449314e9e177435878542eecbe5f4a8b848549
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Also disable transparent hugepages on telemetry hosted nodes
to avoid latency and memory usage issues with Redis.
Change-Id: I3c7a0be6edbc51141f5d79d7368583afacef9025
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- s/Fuel@OPNFV/OPNFV Fuel/g;
- added README files for ci/scenarios/patches directories;
- refresh & simplify cluster overview diagrams;
- unify labels across docs;
- fix TOC numbering;
- remove local labs PDF/IDF files, as they are merely duplicates of
Pharos files included as a git submodule;
JIRA: FUEL-397
Change-Id: I87f61938eeb67f13fd9205d5226a30f02e55d267
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
By default castellan key manager gets public endpoint of barbican
service which isn't preferable in terms of cluster ops, so specify
internal endpoint explicitly.
Change-Id: Ie686ceb936132143743af18fcb4960ea15a8b93c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
IPv6 has been enabled back by commenting out the
cis-3-3-3 yaml/class source in linux service reclass.
Change-Id: Ia8f4e2ddbb98f9316e6ce5136badbb14ecb277c5
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|