| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- centos: Update qcow2 URL for aarch64 image after upstream refactored
its repository structure;
- saltstack: Update repo URLs after upstream archived Saltstack 2017.7
release artifacts due to recently discovered CVEs (which do not affect
us since we run Salt Master in a Docker container without exposing its
ports to the public network);
Change-Id: I022ba0739386734eec931c35bad51805a61b964d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
arm64 kernels use a different kernel option (kpti=off vs nopti) to
disable PTI, so sync the two platform configurations.
Conveniently, this also bypasses kernel 4.15 issues described in [1],
so apply the kernel option customisation via MaaS too, to allow aarch64
deployments to bootstrap using 4.15 kernel (with the downside of these
args being duplicated by Salt later in HA scenarios).
PTI is now disabled for baremetal nodes (via MaaS, no matter the
scenario) and/or for kvm/cmp hosts (in HA scenarios only).
While at it, install missing thin provisioning tools in aarch64
bootstrap image for MaaS deploy stage to succeed.
[1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1857074
Change-Id: Ibd1f57f24abc690b0f13b6298f25d7e8a1af1567
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Pin salt-formula-nfs to a commit before 'mount.opts' was introduced.
Adapt salt-formula-maas bits for MaaS 2.4 (shipped by default in
Bionic) compatibility.
Change-Id: I42f436203d3fbdb777d6b3eff9ac185240088742
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
hwe-18.04, currently based on 5.3 kernel in Bionic, has issues on both
x86_64 and aarch64 nodes, so use ga-18.04, currently based on 4.15.
If MCP_KERNEL_VER is set (currently pinned to 5.0), the ga-18.04 kernel
is replaced by the specified version after the MaaS commissioning,
initial MaaS deployment.
Change-Id: Ibe8e27217025290c1263f8dca9496b2cde24368c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Ubuntu kernel meta packages are all broken on at least one platform
architecture, so pin the kernel version to 5.0.0-37, which is known to
be stable.
Make the kernel version configurable via a new enviroment variable,
MCP_KERNEL_VER in globals.sh. If not defined, the ga-18.04 kernel is
left unchanged (based on upstream kernel 4.15), except for baremetal
nodes providioned by MaaS which currently use the HWE kernel (based on
5.3 in Bionic).
Change-Id: I648d09b22f6080efd2bce26b6a06fecc3f6b4599
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
We currently do not configure linux:network:resolv:dns via reclass
pillar data, so we don't actually enforce the public DNS set in
the IDF file, but instead leave it to the OS to figure it out, which
most of the time works fine, but it's not completely reliable.
Change that behavior to instead enforce it via linux.network.resolv
state across all cluster nodes.
Change-Id: I4f82315a473fcbdc8573380cfcac1e30b44c3dd4
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Some baremetal servers might have VLAN tagged public interfaces
configured via PDF/IDF, adjust our compute networking j2 handling to
accomodate that.
Change-Id: I97c07f9742a09cd01e7aecf118ada270a682280e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
systemd 230..241 has issues generating persistent MAC addresses
for bridge/tap/etc network devices, causing trouble for VPP agent
hooking tap devices to the bridges it creates on the fly.
Work around this by disabling the faulty policy, as suggested in [1].
[1] https://github.com/systemd/systemd/issues/3374
Change-Id: I8d568bc0a859256d1493bf9f8261d60943fa60e0
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On some aarch64 platforms (e.g. ThunderX 1), lvcreate manifests some
spurious timing issues resulting in incomplete/corrupted LVM thin
creation and eventually to transaction ID mismatch between userspace
and kernel space.
This eventually leads to cinder-volume issues, either when creating
the thin storage pool (vgroot-pool) and/or when creating the LVs
inside said pool.
The issue manifests spuriously on Ubuntu Bionic + UCA, so until a
working combination of userspace/kernel is found, work around this
by bumping the kernel package to hwe-18.04 (kernel 5.0),
effectively bypassing the timing issues during volume creation.
This affects all cluster machines (both HA and NOHA scenarios,
baremetal and virtual, x86_64 and aarch64, baremetal and virtualized
nodes).
Note: Ubuntu Bionic cloud image partition handling requires e2fsprogs
1.43, not currently available on Ubuntu Xenial / CentOS 7.
Change-Id: I839e03080104c391fe18185b9544c9df43c114e6
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Partially revert more from commit 63b712d, it turns out static files
were not always up to date after the package install, so force a
refresh.
While at it, fold some common libvirt pillar configuration.
Fixes: af1a4adf
Change-Id: I1b4c20cfa9ae08d1cd7b0b774b544b76fc73a715
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On some aarch64 platforms (e.g. ThunderX), the DMI tables parsed by
lshw lead to wrong CPU capabilities detection, breaking our MaaS tag
filtering (which used to rely solely on CPU having asimd caps).
Extend the tag filtering condition to also include nodes that report
`cp15_barrier` platform capability. Note that not all aarch64 systems
include this cap explicitly (especially since it's been deprecated in
ARM v8), but it is currently reported by the platforms where asimd is
not properly detected.
This is merely a workaround for the broken lshw version in Ubuntu Bionic
(B.02.18).
Change-Id: I4a5c0d6af4d863d2ca094d6926a65ee90dee0e07
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- ha, noha: Fix misaligned python 3 requirement for Horizon:
* python3-pylibmc
- ha, noha: Partially revert commit 63b712d:
"[Horizon] Drop the obsolete Horizon workaround"
Since we switched back from MCP Horizon package to UCA,
fix misaligned expected static resources location.
- noha: Enable nginx proxy on ctl01 node for serving the Horizon
dashboard at http://<cluster public VIP>:80 (http only, no SSL).
Change-Id: I5f930a5826a818791183d3910aa0e5607924e8f3
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Upstream (UCA) qemu-efi (AAVMF) package is incompatible
with most cloud images, e.g. Cirros used by Functest,
resulting in kernel boot issues and/or missing serial console
output.
Work around this by pinning the qemu-efi Debian package from
the old Armband repositories. This should fix singlevm1 functest
testcase.
Change-Id: Ibbe2218d99881f6fec89846497c2cc248aab5031
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- refresh formula patches with new package names where necessary;
- switch to packagecloud.io repositories;
Change-Id: I1178a387891d34117c162380d8247eb7a4212359
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: Id6754dec226e75b9ee1e8c19ac04531b9f277e0f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: If3f8cb6bfeedeb766a050d5a271b21c90bb3ba1c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Nova (by means of os-vif lib) uses 6640 port by default
to connect to remote ovsdb over tcp/ssl.
Change-Id: I1372d8a3170b00243a5756b15a140aafe03dc268
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I5c7a1e827446189b98b924ffd4272acf1a794697
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Change-Id: I6cbbceb9b4a88f527d8dd800b0650f31a3dc1364
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Ib2b1525957929c39e4b602ad1b7f4fbfd16a375c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I06577fa93e895a7c5940dac41b4f9c24b455f455
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I9c1e97144ffd46040d32a0edf8253fc393b73c89
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- reclass: iec: CentOS compatibility changes:
* drop `proto: static` in favor of letting the linux formula set
the appropiate default based on target OS;
* replace `proto: manual` with `proto: none` on RHEL systems;
* system.file: Avoid using non-existing `shadow` group for system
files;
* load br_netfilter kernel module to avoid `linux.network` state
failures;
* disable `at`, `cron` due to incomplete defaults in
salt-formula-linux (since we don't use them on iec nodes anyway);
- jumpserver/VCP VMs: centos: enable predictable interface names:
* CentOS cloud image defaults to old 'eth' naming scheme;
* add necessary kernel boot options via linux state;
* cleanup auto-generated udev rules for old eth interface names;
- salt-formula-linux: network: RHEL: Set bridge for member interfaces
* Find the bridge containing the interface being currently
configured (if any) and pass it to the `network.managed` Salt call;
- deploy.sh: Add new deploy argument `-o` for specifying the operating
system to preinstall on jumpserver and/or VCP VMs;
* defaults to 'ubuntu1604';
* only iec scenarios will also support 'centos' for now;
- user-data: minor tweaks for CentOS compatability:
* use `systemctl` instead of `service` utility;
* explicitly enable `salt-minion` service, since it defaults to
disabled on RHEL systems;
* explicitly call `ldconfig` to work around stale cache on RHEL,
preventing `salt-minion` from using OpenSSL library;
- states: virtual_init: Skip non-existing sysctl options on CentOS:
* CentOS currently uses a 3.x kernel which lacks certain sysctl
options that were only introduced in 4.x kernels, so skip them;
- state: akraino_iec: Add centos support:
* move iec repo to `/var/lib/akraino/iec` on both Salt Master and
cluster nodes;
- scenario defaults: Add CentOS configuration:
* OS-dependent configuration split;
* CentOS base image, default packages etc.;
- AArch64 deploy requirements: Add `xz` dependency
* CentOS AArch64 cloud image is archived using xz, install xz tools
for decompression;
- xdf_data: Make yaml parsing OS agnostic:
* rename `apt` to `repo` where appropiate;
* OS-dependent configuration parsing;
- lib_jump_deploy: CentOS handling changes:
* skip filesystem resize of cloud image for CentOS;
* add repo handling, package intallation/removal handling for CentOS;
* unxz base image if necessary (CentOS AArch64 cloud image);
Change-Id: Ic3538bacd53198701ff4ef77db62218eabc662e7
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
To avoid ports conflict of nginx/apache disable unused apache's
status module, which is binded on 80 port by default.
Also remove patch with double locations content
(formula already has such configuration).
JIRA: FUEL-408
Change-Id: Ib06dac8abe36299cf77747bdb3fc0fe7216b6096
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Starting with MCP 2019.2, Horizon was moved under haproxy in
Active/Active mode by default via upstream changes:
- Adding haproxy class for horizon [1];
- Cleanup nginx horizon sites by default [2];
This change re-enables the old behavior where Horizon is served by
nginx instead of haproxy.
While at it, fix missing support in salt-formula-apache for wsgi
`locations`, so Horizon dashboard can access '/static' resources
(e.g. CSS/images).
JIRA: FUEL-408
[1] https://github.com/Mirantis/reclass-system-salt-model/commit/81c4c21a
[2] https://github.com/Mirantis/reclass-system-salt-model/commit/a3b38f46
Change-Id: I9b35d5d0ce4e0b53dae808c2620a31ca80290b55
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
This reverts commit 430a0aee9e8c7400d698f460406152aa70349b6c.
Superseded by the patch into releng https://gerrit.opnfv.org/gerrit/67975
Change-Id: Ibeb8419fa0ebc8eebe255e7535d775458f560ad0
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
This reverts commit 7522bdb0e898144da2b6dc361dbdd549b39bc025.
The original patch has been merged (https://review.opendev.org/661011)
Change-Id: I9a1c04590145800523d546e36e9462fa7074922c
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Functest enabled block migration by default recently
but it can't be used with shared storage.
Change-Id: I15fd5459df91cece02e87cda9d1ed6e575194667
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Hugepage count has been recently bumped for virtual PODs via IDF
changes in Pharos, so align our FDio scenarios with the new RAM
requirements.
While at it, fix wrong pod_config template evaluation by moving it
after the templated scenario files are expanded, since pod_config
relies on scenario node definition.
Also, configure VPP to use decimal interface names by default to
align with Pharos macro for the VPP interface name string.
Change-Id: Ib3a89c294a3a2755567fdbe07e3be2b8ca1a5714
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: Id49f26a2615e2fc06e94eeaf2e9200e83625e6c9
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Optimized for LF-POD2 as nic assigned to private/dpdk interface
and pinned cores resides on numa #0. Core #11 is for DPDK,
the rest four cores for PMDs.
Change-Id: Icca701bc1a66f3672b8511e0245c82ca29788a8b
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Set timeout value for snat punts to zero to turn
off the rate limiting and installation of learnt flows.
Change-Id: I79dad8fd0f925bfc11d7dc1678c3a414dc35fa56
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* update system reclass
* rectify telemetry redis options
Change-Id: I6dca1ae52e7f7d73a90e53fceddca8e86872651b
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
|
|
Change-Id: I791436f512dea6c6bc61133c4122ac872950af8e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Upstream change [1] switched from old qemu-nbd preseeding of VCP VMs
to using a cloud-init + configuration drive. This breaks on AArch64
with "IDE controllers are unsupported for this QEMU binary or machine
type", so switch back to using qemu-nbd.
[1] https://github.com/Mirantis/reclass-system-salt-model/commit/c0e4807
Change-Id: I0dfeb638d408343c76a73fafa503048a79ce1f6e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Required only for Rally validation in cinder scenarios,
there is no useful functionaly in terms of cluster.
Change-Id: Idc4d62cbbc9974972e9d492b5a419342077e3d9a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Sometimes instance doesn't get ip address from dhcp server, which
resides only on gateway node, so run additional dhcp/metadata agents
on compute nodes to handle tenant networks in place.
Change-Id: If1d74af665cf8db64b09f846fac7192f76abdb25
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- bump Pharos git submodule to allow PODs with fewer nodes;
- add `k8-calico-iec-noha` scenario definition for Akraino
IEC basic configuration;
- add `k8-calico-iec-vcp-noha` scenario definition for Akraino
IEC nested (virtualized control plane) configuration;
- add `akraino_iec` state, which will leverage the Akraino IEC
bootstrap scripts from [1];
- replace system.reboot salt call with cmd.run 'reboot' as it's more
reliable;
- use kernel 4.15 for AArch64 K8 IEC scenarios;
NOTE: These scenarios will not be released in OPNFV since don't rely
on Salt formulas but instead of Akraino IEC scripts to install K8s.
[1] https://gerrit.akraino.org/r/#/q/project:iec
Change-Id: I4e538e0563d724cd3fd5c4d462ddc22d0c739402
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I2b41ce2e275bb053fa2590654ea7fa432b0c857f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* add opendaylight password (removed from system level)
* get updated ovn system class w/o mysql settings
* enable ceilometer user back (removed along with outdated service/endpoints)
* adjsut check interval of haproxy for noha scenarios since there is
only one backend for services, i.e. failover ain't expected
Change-Id: Iedee290e1cfcf838998bd44dc09a729d143974ac
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I745a838b1f2f294b6c455700509ddf4b0264446f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* update gnocchi to 4.3
* remove outdated ceilometer api
Change-Id: I7adaf3ddc76d93531b6b0997b684672b80f2992f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
Alexandru Avadanii
Michael Polenchuk