summaryrefslogtreecommitdiffstats
path: root/mcp/reclass
AgeCommit message (Collapse)AuthorFilesLines
2017-12-11[baremetal] Migrate public bridge to ovsMichael Polenchuk2-10/+25
Get rid of "ovs-to-linux" links, instead of this setup native ovs bridge for public interface and link it with neutron external bridge. Change-Id: I483881e78f22fc035107a622307d95761c4a5667 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit bcba227e4947bf1e6976b2a743b87c28ae9645c9)
2017-12-09[baremetal] PDF: Use net_admin for MaaS PXE netAlexandru Avadanii1-1/+1
While at it, fix another small issue where a variable (parameters__param_opnfv_maas_pxe_address) was used without being populated (defined in 'runtime.yml', which is not read using `parse_yaml`, like the scenario yml or the PDF expanded class, pod_config.yml). JIRA: FUEL-313 Change-Id: Iee88601d5420f55572bf90c8cf330afbedfb2e21 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 9136aef95f77a1f26175929caedfe6ae662bbbd8)
2017-12-04[baremetal] Restart gateway networking serviceMichael Polenchuk1-0/+0
Make sure all missing interfaces/links are up & running (e.g. br-ex <-> float-to-ex <-> br-floating). Fix (for https://github.com/saltstack/salt/issues/40262) into linux formula brought in a weird behaviour with network/interfaces.u/ items. Change-Id: Ic13f0ed2063455ae191bbc99920f97c5ecaa61fd Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-11-28Merge "Align options of glusterfs nova_instances volume" into stable/euphratesMichael Polenchuk2-3/+4
2017-11-27[baremetal] VCP VM base img: Switch URL to AWS S3Alexandru Avadanii1-1/+1
Mirantis prebuilt base image for VCP VMs (used by salt.control on x86_64) has been moved to a new location on AWS S3. Change-Id: I9f4a858a1033c3c0a05cba0bd40a8ceac6075615 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 255742b98efd4ff499a6abc6eb491059fc268d43)
2017-11-27Align options of glusterfs nova_instances volumeMichael Polenchuk2-3/+4
Change-Id: If0558afd37f16678290353fa9c5e6c4163f814a0 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 74a5bd6ae60916c664b0ec902418e3fae234b0c1)
2017-11-27Revert "Apply apache state on proxy nodes"Alexandru Avadanii1-8/+0
Upstream fixed the salt-formula-horizon in commit 95387ec, by defining 8078 (and only that) port in Apache's ports.conf. This fixes the port 80 overlap, so running the `apache` high state after the `horizon` high state not only is unnecessary now, but also would lead to new breakage, since `apache` state would overwrite the ports.conf (removing 8078 and adding 80), i.e. creating a new port conflict and breaking Horizon port completely. This reverts commit eb4645206d6d74992fca3b8726ee2eebca97205f. Conflicts: mcp/config/states/openstack_ha mcp/reclass/classes/cluster/baremetal-mcp-ocata-common/openstack_proxy.yml Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> Change-Id: Iea8f0bd90ee8d12f399aad16247dda274d6a907a (cherry picked from commit 0c71112ec06bd73a3ddc42ba0aacd666e9a00553)
2017-11-25Bring in newer glusterfs for mtime unsplit brainAlexandru Avadanii3-0/+6
Recent commit 8ba3a1a (Switch nofeature-ha compute nodes to UCA repo) bumped the reclass/system submodule and brought in upstream commit 2ee306b (Glusterfs: use automatic mtime-based split-brain resolution) which requires support for "cluster.favorite-child-policy", not available in Glusterfs 3.7.x available in Ubuntu Xenial. NOTE: UCA does not provide glusterfs for "Ocata", only for "Pike"+. Instead of reverting the commit switching to mtime brain un-split, bump glusterfs to a version that is not EOL (3.10) using their official PPA. Change-Id: I4606dda2f3d4b7563eea793cc8e5d1380f336f24 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 8a867449217151f59766a74c6165ffc26c7f50b4)
2017-11-24Switch nofeature-ha compute nodes to UCA repoMichael Polenchuk5-1/+15
Employ UCA repo on computes nodes for nosdn-nofeature-ha scenario as well to prevent a regression (creation of ports failed for 1+n instances) of neutron ovs agent from mcp/openstack repos. Change-Id: Ie65ae122096c0d3a93c09d46191787a934bd7d4f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 8ba3a1a4ed0ce41a76fa6d712778904bb56b60ac)
2017-11-21[baremetal] public gateway setup on prx nodesGuillermo Herrero15-108/+27
- prx: add route for public traffic to public interface - prx: add route towards salt master through maas - remove dashboard class from proxy node (already implements horizon) - remove dashboard (and benchmark) class definitions (no longer used) - (temporary) backport Pharos change for adapter template JIRA: FUEL-305 Change-Id: Ia14a18ac0123c1134d8d99dc43da9a1f770001d0 Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com> (cherry picked from commit 07f4e0238646fcb77072769feb8a0b68df52caca)
2017-11-17[baremetal] MaaS: Remove curtin netconfig via SaltAlexandru Avadanii2-0/+7
JIRA: FUEL-301 Change-Id: Id6b2b423b8045c581fa5c02133cf91702d9915c9 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 4010ea45c703d82e2fb95dcc869ff72bbca088b7)
2017-11-17Merge "[baremetal] Re-assign mgmt network to proxy nodes" into stable/euphratesAlexandru Avadanii7-9/+35
2017-11-17Merge "Update opendaylight/neutron patch" into stable/euphratesMichael Polenchuk2-18/+0
2017-11-16[baremetal] Re-assign mgmt network to proxy nodesAlexandru Avadanii7-9/+35
- extend arch-specific list of predefined VM iface names (2 -> 3); - add extra vnet iface for prx0* VCP VMs, connected to br-ctl (mgmt); - add mgmt address to pod_config.yml template (and sample); - add mgmt address to reclass.storage prx nodes; JIRA: FUEL-302 Change-Id: I17ce65eade7f69219fc27264363364e3c47d8f3f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 35041f05e790f8c13782eb4956b991a97fdec853)
2017-11-16Update opendaylight/neutron patchMichael Polenchuk2-18/+0
Align opendaylight support patch with latest neutron formula. Employ native ML2 backend/engine option as is instead of bringing in the "opendaylight" keyword into reclass model. Unfreeze the maas & neutron formulas versions. Change-Id: I2807dcf9f83b01d453bca6453524f840c378972f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 1a8153f6391bdde1bab21f7831841f5b6070832d)
2017-11-15Enable neutron trunk portsMichael Polenchuk5-0/+11
The network trunk service allows multiple networks to be connected to an instance using a single virtual NIC. JIRA: FUEL-303 Change-Id: Id9e7c122bc1a32a59f18167e332ceaaa3897b5ef Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 66e745c73ac2aba1ef93ba90db4b167e49813863)
2017-11-12salt formulas: Pin via reclass instead of salt.shAlexandru Avadanii2-0/+18
Previous commit pinned the salt-formula-package by installing a specific version after OPNFV-specific patches were applied by `patch.sh`. To prevent patch bypass, move the pin to reclass model. While at it, also move salt-formula-neutron pinning to reclass to bypass wrong minimum length of 2 for version-pinned formula pkgs. Change-Id: I35c2773c130d79ec919685cd771311d6c11e11a8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 1058c7ee35d64f38d978db2b3f840afca2facdef)
2017-11-12[baremetal] prx: Fix empty Apache module listAlexandru Avadanii1-1/+2
On low state expansion, apache.server.modules is iterated, and since reclass transforms '~' into 'null', an exception is thrown. Use an empty string instead (different type will still ensure reclass overrides variables from apache service instead of merging the lists). While at it, add missing version 'latest' for mod-wsgi pkg. Change-Id: I7913483b6a1be545b96de2958c39840940d9c557 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 40f907255380dbfc4d808d9f3c768db80c4c8158)
2017-11-10Apply apache state on proxy nodesMichael Polenchuk1-0/+8
Apache module will take care of ports.conf file to prevent bind socket conflict between apache & nginx services. Change-Id: Ia76ec356002e1db0dabd20d8f355a1b16fc07b30 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit eb4645206d6d74992fca3b8726ee2eebca97205f)
2017-11-02Merge "[virtual] Horizon: server: secure = False" into stable/euphratesAlexandru Avadanii1-0/+4
2017-11-01Connect proxy nodes to public networkMichael Polenchuk2-1/+17
cloudify vnf requires public enpoints to be available from instance with manager, so connect nodes w/ nginx to routed public network. JIRA: FUEL-286 Change-Id: Id0caa699519b9b46dad51deac6955afe6a0050de Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 0861ea0799114d9c59499f2c52a9c7a79fb1bbb7)
2017-10-31[virtual] Horizon: server: secure = FalseAlexandru Avadanii1-0/+4
Horizon login fails due to CSRF_COOKIE_SECURE being set when no SSL is available. JIRA: FUEL-297 Change-Id: I23f8ee86dbf5a909c75cfcc217a2ab6e4dca7324 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 6436cbad3cdf190d891c0121c7e6a7fd814a1026)
2017-10-19Merge "[baremetal] PDF-based network config" into stable/euphratesAlexandru Avadanii14-159/+419
2017-10-19[virtual] Rise memory for ovs/dpdk scenarioMichael Polenchuk1-1/+1
Let's add more hugepages/memory to the compute nodes since snaps_smoke required 2Gb flavor for tests. Change-Id: If52f30d53a6469abeca67aaf2bdee551542d1653 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 496c818b28b6d668428b3e8996675a7edd688f73)
2017-10-18[baremetal] PDF-based network configAlexandru Avadanii14-159/+419
This change extends current PDF/IDF support with: - dynamic interface / vlan definition; - dynamic interface and/or bridge allocation of installer networks on top of interfaces (physical or vlans); This allows us to drop hardcoded interface names and vlan / bridge configuration in favor of a runtime determined model based on PDF/IDF. For now, we duplicate common jinja variable definitions in each template, but this will later be moved to a common include file. JIRA: FUEL-275 Change-Id: Ia80a66dbdf898b0bd0a4fb99d069ce9ebe33fa65 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit c360b972649028d2613fc8561899c2c8b7f71832)
2017-10-18[virtual] Horizon: Use v2 API instead of v3Alexandru Avadanii1-1/+1
JIRA: FUEL-284 Change-Id: I821a8e79e6a23a71eae0fc0f857c1d05b30cd188 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 5936f07b1e951f4f08c0bc20c97122289f544c9e)
2017-10-18Return back glusterfs client stateMichael Polenchuk1-2/+0
In order to set properly keystone fernet keys, apply glusterfs client state before second keystone server state. Also leave out user/group settings for glusterfs volume of nova instances as it will be set later by nova compute packages themselves. Change-Id: I069e37c67f08c51ed29f45cf6f92d4a00a1ac97b Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 0224929b3a87d0e0ec011311c46872e6142497cf)
2017-10-18[baremetal] reclass: Fix class order for commonAlexandru Avadanii44-35/+56
Inheriting classes in the wrong order led to params being silently overriden by defaults in the system reclass classes, leaving some mismatched values between the controller nova config and the compute conunterpart (e.g. metadata_password had different values). Always inherit the common class first, so scenario-specific config is applied on top. NOTE: {dhcp,single}_nic are not used for mas|kvm|cmp nodes, but they are referenced in inherited classes, so keep them for now. Change-Id: I6cb90d5c832ffc8ab731bd9e3cd38ede858dba5c Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 92530f89c061b0070766e431f839feb368e2e4ac)
2017-10-15Add license headers where missingAlexandru Avadanii109-10/+749
While at it, compact 'set' into bash shebang where possible and add `make patches-copyright` target to simplify adding patch license headers. Change-Id: I0c841de72e5709e5eef915a52c5ec4a7fc0f7c37 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 644e5fdfa2f49b988a5150e2a4eefc12daecd845)
2017-10-15reclass: baremetal: Factor out common codeAlexandru Avadanii55-3343/+1218
While at it, add .yamllint file (copied from releng repo). Change-Id: I39630c0043fe2fd601510969c401e6cc9efbf69a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit a75af3d4c30af050dd15c0f875142f6328874fe4)
2017-10-11reclass: Fix all remaining yamllint warningAlexandru Avadanii2-3/+3
Change-Id: I1e0e1ba291dd4d5af578d89274f3655ee784f64e Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit c11eb920a3570ed22b252bbb8eecfb5231f5db1a)
2017-10-11Fix parametrized nic name variablesGuillermo Herrero17-51/+42
-Fix interface order for reclass config node -Interface types regruped on 3 sets for each cpu arch -Foundation VM interface names -VCP VM interface names -Baremetal node interface names Change-Id: I1ae522d775ee538b35b0f043914c80c3993232fc Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com> (cherry picked from commit c8d0c5b687f5eec9db62171fdf53053f5ffeef28)
2017-10-11yamllint: Fix recently introduced errorsAlexandru Avadanii5-8/+8
Change-Id: If117588f7c43306959d29032b1d5eeb3c751dc44 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 8401f25a520843d884abb84806873baca0452ec8)
2017-10-11reclass: Revert virt.nic to hardcoded eth{0,1}Alexandru Avadanii3-6/+6
Salt's virtualization model for virt:nic:default does not use real interface names that are present on the node, but instead it defaults to using "ethX" notation, that name being only a convention inside Salt internals. Moreover, the 'salt.control.virt' reclass class (located in /srv/salt/reclass/classes/system/salt/control) already provides a defalt maping between "eth{0,1}" and "br{0,1}". Using anything different than "eth{0,1}" will lead to 2 extra (broken) mappings. Reverting the changes in "virt:nic" reclass fixes both the python exception recently introduced, as well as the broken defaults. Change-Id: I5c90e3d2bc181c1ad3d87af64440439e6a41fb28 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit db2144a7f6ed8586bbab39fdb5ea15b171388e85)
2017-10-11Parametrized network config: nic device namesGuillermo Herrero39-100/+143
Change-Id: I94d40529261f7753ec47a0c6a8c67ecc0fb15951 Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com> (cherry picked from commit 5ab45d25c8fd3e5528c411e09b105699c745457f)
2017-10-06Update opendaylight version to nitrogenMichael Polenchuk2-0/+2
* use pseudo agentdb port binding controller instead of the deprecated network topology one * disable superfluous l2population mechanism driver * tidy up the duplicated haproxy neutron listen opts * straighten karaf features list * update jetty config Change-Id: Ifacf8de11eb56ab72df13a312151a510b280dea2 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit fca7d22742df82fc6e502b17ad45ebc11c0ba89b)
2017-10-06[virtual] Extend cinder volume sizeMichael Polenchuk1-1/+1
Rally test of NovaServers.boot_server_attach_created_volume_and_live_migrate requires 10Gb volume to function, so extend volume group size in order to avoid insufficient free space error. Change-Id: I317935d2bf736db360061e24f299c9b885154a9e Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 2d95dee51177e66f5370b85115c2999925b13657)
2017-10-04Identify jump host bridges based on IDF / PDF netsAlexandru Avadanii4-17/+18
- minor refactor of runtime templates parsing to allow var expansion; - parse <pod_config.yml> into shell vars, match dynamically networks from PDF to IP addresses on bridges of current jumphost; - keep old '-B' parameter in <ci/deploy.sh>, use it for providing fallback values in case there's no bridge name specified via IDF and no IP on the jumphost for one or more of the PDF networks; - re-enable dry-run to ease testing of the above; - add sample 'idf-pod1.yaml' to <mcp/config/labs/local>; The new behavior will try to determine the jump host bridge names: 1. Based on IDF mapping, if available 2. Based on PDF network matching with IP addrs on jumphost; 3. Fallback to values passed via '-B'; 4. Fallback to default values hardcoded in the deploy script; Later, we will drop MaaS network env vars in favor of PDF vars, once the PDF template is generating them. Change-Id: If9cd65d310c02965b2e2bfa06a0d7e0f97f1dd48 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 8ec927497b7ee0fd3b7346e957878173b080ef6a)
2017-10-02Align salt version & reposMichael Polenchuk32-29/+3
Change-Id: If7cb8473f5c290d1d5f22fce5567f7b8da24fd9f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 0c00f813d709fd1b65e5dd52abcf16fd81b3d0e1)
2017-10-02[virtual] Reset mtu for compute management bridgeMichael Polenchuk1-1/+0
Use default mtu for br-mgmt in order to resolve the live migration failure (cannot recv data: connection timed out) Change-Id: I9cee453d87f849e29fc877fff237f8e604f2df53 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit b45f3e15ac5581c1e8c44d0a7a1424a1d092834e)
2017-09-29Merge "PDF parsing support" into stable/euphratesAlexandru Avadanii3-91/+96
2017-09-28MaaS: Fix missing service.maas.cluster.single incAlexandru Avadanii3-0/+3
Upstream change [1] made the inclusion of service.maas.cluster.single mandatory by using some default reclass definitions which we don't override explicitly. [1] https://github.com/salt-formulas/salt-formula-maas/commit/ ce118a238bae4bcf19d2f10bca591a40405f7c3c Change-Id: I5746b6906b341a7257e0cd2b4b0bed8ea25840f4 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 4b2dfa552656def5f56a48229705e79c5c7bcfca)
2017-09-27PDF parsing supportAlexandru Avadanii3-91/+96
- add new git submodule pointing to OPNFV Pharos; - use Pharos 'generate_config.sh' to parse the PDF using the Fuel installer adapter and generate <pod_config.yml> dynamically; - build <pod_config.yml> outside current git repo and sync separately to prevent sensitive data leak; - add <pod1.yaml> PDF sample based on LF-POD2, should be used with 'ci/deploy.sh -l local -p pod1'; Change-Id: I4e1b95f180bcd5ade5d86f516628eb8edbe64b1c Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 36e4b9754dedef27637c09b510829f686bd469e4)
2017-09-27Merge "Change vlan tag of lf-pod private network" into stable/euphratesAlexandru Avadanii1-1/+1
2017-09-27Merge "Extended PDF support to all baremetal scenarios" into stable/euphratesAlexandru Avadanii13-179/+175
2017-09-27Change vlan tag of lf-pod private networkMichael Polenchuk1-1/+1
Change-Id: I66f5b4ac4ab58d3dbc983b0e1bed359a58602dba Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit 0e8c582713d70e00975e9a002898bc5cce66eee4)
2017-09-27[virtual] Switch compute nodes to uca repoMichael Polenchuk2-14/+11
Test of snaps_health_check gets console output of instance, which is empty (https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1667033), therefore take affected packages of computes from UCA repo. Change-Id: I4e13a40dd47caf305efd9f393b3c3cf5a17ef312 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> (cherry picked from commit c76d5e92d9e6cdfc614be4a1ed7b9e630c711008)
2017-09-26Extended PDF support to all baremetal scenariosGuillermo Herrero13-179/+175
JIRA: FUEL-275 Change-Id: I67e8d7ab95e35c78a4f960a12733124fe7bffaec Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com> (cherry picked from commit 809ea60a05f55d98814f8794a46540edcd2b0298)
2017-09-26Fix or silence all yamllint warningsAlexandru Avadanii89-1165/+1273
Change-Id: Iface28ab770beee00374afb902ef4f9c983538f5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit 597e4b55f57001ead8e90f30e2e3211c7d705ca8)
2017-09-23reclass: Drop MaaS public IP and interfaceAlexandru Avadanii8-34/+2
MaaS node does not need to be exposed to the public network; instead the management IP should be enough to access the MaaS dashboard. So, drop 'infra_maas_node01_external_address' reclass param, together with its OPNFV PDF param, 'opnfv_infra_maas_node01_external_address'. This allows us to move compute public IPs back to .{2,3} instead of .{101,102}, where we moved them during 'pod_config.yml' addition. While at it, fix a minor duplicate 'name' param for 'br-mgmt' bridge on kvm nodes. Change-Id: Ie9fcf5924d7aa37b666f42c968687d73b51a8278 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> (cherry picked from commit ee4d89f2803085bdd4a7f3b365e40ec9366c25a9)