summaryrefslogtreecommitdiffstats
path: root/mcp/reclass/classes
AgeCommit message (Collapse)AuthorFilesLines
2018-09-06[submodule] Bump Pharos for maas:machines syncAlexandru Avadanii1-31/+0
Drop duplicate maas:machines definitions which could cause conflicts in rare corner cases. Slightly refactor j2 template expansion to make `conf.virtual.nodes` available during first stage. Change-Id: I04d56e346b12c6eb97da5c0c0ab1e3446e5fc1b8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-09-05Merge "[ha] Fix ovn-ha scenario"Guillermo Herrero1-0/+2
2018-09-05[ha] Fix ovn-ha scenarioGuillermo Herrero1-0/+2
openstack/control.yml -redefine database host ip inherited from system.neutron.control.cluster Change-Id: Ic8e61c61c7ebb17f31e0c53f8d9e3a013f8a3e9e Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
2018-09-04[noha] Set MTU on tenant/private dpdk interfaceMichael Polenchuk3-0/+3
Enable jumbo frames on tenant/private interface as well so that an instance can get the DHCP response from gateway node. Change-Id: I9407fa67e9e0cdbe50335e4430748b0e45ba841a Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-09-03[odl/dpdk] Make dedicated public network schemeMichael Polenchuk1-4/+25
In order to avoid TCP connection checksum issue (i.e. TX offloading on ovs bridges) add linux bridge connected with ovs public bridge. Change-Id: I4d266dd92756d5326dfa3d74fe2f376b26415812 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-09-01[docker] Cleanup, minor fixes, formula bumpAlexandru Avadanii1-0/+3
* ship prebuilt salt master conf for better readability: - enable x509.sign_remote_certificate (for prx VCP nodes); * refactor Salt master CA handling: - preinstall `salt_minion_dependency_packages` and `salt_minion_reclass_dependencies` inside docker image; - persistent /etc/pki; - run salt.minion on cfg01 to generate master keys; * bump container formulas to 1 Sep 2018 versions or newer: - inject date into Docker makefile, forcing a fresh fetch of all salt formulas from upstream git repos; * workaround broken salt-formula-designate's meta/sphinx.yml: - the DEB package version of salt-formula-designate uses `cmd.shell` to query dpkg on the minion, while the git repo version still uses `cmd.run`, running into parsing issues; - temporarily disable sphinx metadata generation for designate until upstream git repo syncs with the DEB version; * upstream: salt-formula-salt AArch64 salt.control.virt support: - retire salt-formula-salt git submodule and related patches; * skip installing reclass distro package (already installed via pip inside the container); * limit initial pillar_refresh call to nodes on jumphost; * remove unused salt-formula-nova git submodule; JIRA: FUEL-383 Change-Id: I883b825e556f887a5e31f8a43676dcd8ece6dfde Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-31[noha] Align MTU settingsMichael Polenchuk5-3/+19
* shift MTU from public bridge to physical interface * add neutron related settings Change-Id: Ia57d1ca7976968d6e7ee23f58a0abae1a1a256c0 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-30[AArch64] salt.control.virt supportAlexandru Avadanii2-14/+32
Salt relies on a limiting libvirt_domain j2 template to generate the XML it passes to libvirt for salt.control managed virtual machines. For AArch64, we need to set up 3 XML nodes in a non-default way: 1. UEFI firmware (AAVMF) should be enabled by passing a pflash loader; 2. CPU mode should be 'host-passthrough'; 3. QEMU machine type should be 'virt'; To allow configuring the above using pillar data: - virtng module: implement functionality similar to upstream changes: * 219b84a512 virt module: Allow NVRAM unlinking on DOM undefine in develop, not in 2018.2; * 9cace9adb9 Add support to virt for libvirt loader in develop, not in 2018.2; - virtng module: extend it with: * pass virt machine type to vm; * pass cpu_mode to vm; JIRA: ARMBAND-404 Change-Id: Ib2123e7170991b3dfbdb42bd1a2baa5a4360b200 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-29Add noifupdown for all br-floatingAlexandru Avadanii4-0/+4
Since we reboot all nodes, applying the network configuration via Salt before reboot is pointless and creates a race condition with OVS. While at it, add `--ignore-errors` to ifup call for OVS bridge to prevent a race condition during linux.network state apply. Change-Id: I22fe0afaffecd7b850a6b77d7b810ed296bfc9ca Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-29[docker] Switch to containerized Salt MasterAlexandru Avadanii3-65/+6
* Refactor OPNFV salt-formulas mechanism to resemble upstream git structure: - git submodules: add new submodule for each formula we patch; - create salt-formula-x directories for OPNFV formulas; - move mcp/metadata/service contents to their each formula subdir; - use `make patches-import` for patches previously handled by patch.sh; - retire patch.sh * states: add virtual_init: - mostly based on old salt.sh, which is now obsolete; - exclude salt-master service restart (it would kill the container); * scenarios: cleanup (rm cfg01 virtual node def), adopt virtual_init; * reclass: align our model with prebuilt container's Salt config: - drop linux:network pillar data (handled by Docker); - stop applying linux.system state on cfg01; - align salt user homedir; - drop salt-formula packages (preprovisioned); * minor plumbing in deploy.sh and lib.sh; JIRA: FUEL-383 Change-Id: I28708a9b399d3f19012212c71966ebda9d6fc0ac Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-24[noha] Get OVS 2.9 & DPDK 17.11 from UCA repoMichael Polenchuk2-12/+9
Align all noha scenarios to install OVS 2.9 which doesn't drop packets on bridge with netdev datapath type at initial stage. Change-Id: Iab204828ac7acefcb26647cdbc27805871904f2c Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-23[odl/dpdk] Set pubilic bridge datapath_type=netdevMichael Polenchuk1-0/+3
In order to handle floating IPs related flows properly the public bridge requires netdev datapath type to be set explicitly in DPDK mode since OpenDaylight only manages patches between integration bridge and the public one. Change-Id: I868747dc501e9124cbecd4eb1234f74e8edd4edf Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-22Merge ".gitignore refresh, fold common expressions"Alexandru Avadanii2-8/+2
2018-08-22[odl/dpdk] Use untagged iface for tenant networkMichael Polenchuk1-1/+1
Change-Id: Id35d4cbee9b4ce0a7b78e2935b03c2def68bc123 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-21.gitignore refresh, fold common expressionsAlexandru Avadanii2-8/+2
Change-Id: I5346ee523b40f1a249394d59dbbe4d3d85c692cb Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-21Merge "[noha] ctl01: Enable jumbo frames"Alexandru Avadanii1-1/+1
2018-08-21[ha][noha] Add vpp scenario placeholderCristina Pauna22-0/+346
- dummy copy of os-nosdn-nofeature-ha masquerading as os-nosdn-vpp-ha scenario placeholder - dummy copy of os-nosdn-nofeature-noha masquerading as os-nosdn-vpp-noha scenario placeholder Change-Id: I63a302c98e6e176a480fbc110012ac66749ee88f Signed-off-by: Cristina Pauna <cristina.pauna@enea.com>
2018-08-21Turn off glance signatures verificationMichael Polenchuk2-0/+4
Change-Id: I61ee8e19e783437dce7a9ddd666cd60e9d22a2e1 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-20[noha] dpdk: Skip creating private vlan ifaceAlexandru Avadanii2-2/+8
For DPDK scenarios, the private VLAN Linux interface should not be created, as it interferes with OVS configuration. Change-Id: I7eff6031a7cd5e50296e5d36084d7d50d6f3beae Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-20Define missing interface MTU for ODL nodeMichael Polenchuk1-0/+1
Change-Id: Ib442f98b2601800360bc9b4ec01da892b50e7f1a Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-17[noha] ctl01: Enable jumbo framesAlexandru Avadanii1-1/+1
Now that host vnet MTU has been bumped to 9000, we can safely enable jumbo frames in ctl01 VM without breaking nova compute discovery. JIRA: FUEL-336 Change-Id: I30bf333c18f3f0de2ce37fc7ae99df9b99f3a5e9 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-17Merge "[reclass] Set banner_company_name: OPNFV"Alexandru Avadanii1-0/+2
2018-08-17Merge "[noha] Parameterize network configuration"Alexandru Avadanii13-59/+108
2018-08-16Merge "Fix barbican integration on compute nodes"Alexandru Avadanii5-3/+4
2018-08-16[noha] Parameterize network configurationAlexandru Avadanii13-59/+108
- odl01: Use a bridge for br-ctl to allow tagged mgmt; - ctl01: Use bridges for br-ctl, br-ext; - ctl01: Use mtu 1500 since jumbo frames seems to break nova cell discovery; JIRA: FUEL-382 Change-Id: I9bf48711930cac77a089e4d7b7ba98924dd161ee Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-16Fix barbican integration on compute nodesDelia Popescu5-3/+4
Locally overwriting barbican_integration_enable on compute nodes does not work. Set barbican_integration_enable to true by default. Disable barbican_integration at openstack_control side. While at it, enable barbican on ha scenarios too. JIRA: FUNCTEST-981 Change-Id: I3c8df5d4078f73f32f3605dec5a7a365fa386019 Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2018-08-15Turn off default apache portsMichael Polenchuk4-1/+12
Change-Id: I0377615ff19e39aca74b90d2ff7e7b2cd5cd6ccb Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-13[reclass] Set banner_company_name: OPNFVAlexandru Avadanii1-0/+2
Change-Id: I493fd49cb2b4bcd976873cd9297de3f90a74acf1 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-13[reclass] noifupdown for cluster nodes PXE/adminAlexandru Avadanii6-0/+6
Instead of applying PXE/admin static IPs via Salt right away, delay the transition from DHCP until after node reboot to avoid duplicate IPs and networking issues during deployment. Change-Id: I8a12d78a6b42edc9bcf9eb9ebc9590e2af5ec52c Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-10[noha] Add mas01 reclass inheritanceAlexandru Avadanii11-7/+66
While at it, move openstack_version param to the common include dir. JIRA: FUEL-382 Change-Id: I5e7ebb18a95672f066126d3afd28f13395a3149f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-09[IDF] infra VMs: Allow trunking mgmt networkAlexandru Avadanii3-2/+30
Due to design limitations in idf.net_config, for a hybrid POD we need to trunk certain network segments for the VMs running on the jumpserver, including mgmt network going to cfg01, mas01. Add mgmt VLAN support for cfg01, mas01 gated by a flag in IDF: idf.fuel.jumphost.trunks.mgmt: True JIRA: FUEL-338 Change-Id: I6903f9b70e5f8a88618bce28e21c7c0631a05065 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-09Update Salt version to 2017.7Michael Polenchuk2-2/+2
Salt 2016.x has a bug with states ordering coming from 'include' statement. Glance/Heat DB sync is applied before package setup although clearly specified 'require' in state. Change-Id: Ic5f7ce4a7623fb208c0a5ba366802b7e02fa8b9f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-08-08Merge "[maas] Adopt node role from scenario definitions"Alexandru Avadanii1-2/+4
2018-08-08Merge "Enable barbican itegration on compute nodes"Alexandru Avadanii1-0/+1
2018-08-07Merge changes from topics 'baremetal-noha', 'move-maas-classes'Alexandru Avadanii22-25/+31
* changes: [noha] cinder: Align VG name with HA scenarios [reclass] Move system.single class to common [maas] Add reclass storage definitions for all [reclass] Move MaaS classes to common dir for NOHA
2018-08-07Enable barbican itegration on compute nodesDelia Popescu1-0/+1
Configure barbican for cinder-volumes and nova-compute to use encrypted volumes Disable default glance image signature verification with barbican enabled JIRA: FUNCTEST-981 Change-Id: I35660234526780a2277e459f3fa21a67d96ce7d7 Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2018-08-07[maas] Adopt node role from scenario definitionsAlexandru Avadanii1-2/+4
Instead of hardcoding kvm hostnames in maas machine definitions, read node roles/hostnames from current scenario and map them accodingly. JIRA: FUEL-382 Change-Id: I15d52e299e0353971f8d0c7da853c571ad5410da Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-06[ha] Bind cinder volume I/O on mgmt networkAlexandru Avadanii1-0/+1
JIRA: FUEL-367 Change-Id: I9a4171d2616af5ae1bafbf1740fd7c7f97c1768e Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-06[noha] cinder: Align VG name with HA scenariosAlexandru Avadanii1-0/+9
Prepare for MaaS integration in NOHA scenarios by aligning cinder VG naming across all scenarios. JIRA: FUEL-382 Change-Id: I0cd7accf573ae0904efddd7aa67d880f2a6deb71 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-06[reclass] Move system.single class to commonAlexandru Avadanii7-6/+1
Include system.linux.system.single class globally in the common section, preparing for MaaS NOHA node definition. JIRA: FUEL-382 Change-Id: Icdfb2a90f356cd537631abe653950c0c30020551 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-06[maas] Add reclass storage definitions for allAlexandru Avadanii2-1/+3
Reclass storage definitions for mas01 node should be added to all ha/noha scenarios, only when/if baremetal cluster nodes are involved. JIRA: FUEL-382 Change-Id: I455b07894b68eb89903df94352159ea6519275b0 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-06[reclass] Move MaaS classes to common dir for NOHAAlexandru Avadanii14-18/+18
Prepare for reusing MaaS-related reclass classes for NOHA scenarios. JIRA: FUEL-338 Change-Id: Ic8ddd5915563f58643ef8c7ac4055a1000db7d45 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-02[ha] AArch64: Add missing GPG key for armband repoAlexandru Avadanii1-0/+2
In a regular baremetal HA scenario, all cluster nodes are provisioned via MaaS, which also adds the Enea GPG key to the APT keyring. However, for a hybrid deployment, virtual nodes are not provisioned by MaaS, so the GPG key should be added to reclass pillar data explicitly for Salt to be able to import it. JIRA: FUEL-338 Change-Id: I333b7c373bdbc631c0f54ac549f97ab889dec77c Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-08-02Merge "[ha] Add OVN scenario"Alexandru Avadanii7-6/+34
2018-08-02[ha] Add OVN scenarioGuillermo Herrero7-6/+34
JIRA: FUEL-329 Change-Id: I46c7dbc791441c6b069a0d56373ff98a32a57e60 Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>
2018-08-01[maas] Allow more than two compute nodesAlexandru Avadanii1-4/+6
Change-Id: Ie023bfe7b322a49a8b525e7926518c94899c67ce Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-07-31[ovn/noha] Simplify net scheme on compute nodesMichael Polenchuk2-13/+17
Also install OVS 2.9 from UCA repository to get the latest code/fixes. Change-Id: I09d6da67d28033bc0e64eef27fffb368d262d7f4 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-07-30[odl/noha] Simplify net scheme on compute nodesMichael Polenchuk1-13/+5
Align external network scheme of computes with gateway node to setup just ovs bridge with physical port plugged in. Change-Id: Ie7919abc8c1f0a0905764b6354f29ad68d3c6557 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-07-27[noha] Bind cinder volume I/O on mgmt networkMichael Polenchuk1-0/+1
iSCSI read/write ops are acting up on interface/network (pxe/admin is chosen by default) with jumbo frames enabled, so configure iSCSI daemon to listen on management network. Change-Id: I3b643b151ba0abffe5cfe2ba7417010020eb07ae Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-07-24Bring in Barbican service onboardMichael Polenchuk9-1/+93
Change-Id: I68759360c9dd8f8cf422161e21ed15df6c694e84 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>