aboutsummaryrefslogtreecommitdiffstats
path: root/mcp/reclass
AgeCommit message (Collapse)AuthorFilesLines
2019-01-29Merge "[ovs] Start ovs services before networking"Alexandru Avadanii6-8/+17
2019-01-27[fdio] Increase VIF plug-in timeoutAlexandru Avadanii2-2/+2
Baremetal clusters might benefit from having a little more time to plug in the VIFs. Change-Id: I9406a0ef24de2177827b3acd27b7c60b293a4572 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-27[ovs] Start ovs services before networkingAlexandru Avadanii6-8/+17
Fix broken systemd service unit dependecies: - OVS should start before networking service; - OVS ports & bridges should not be automatically ifup-ed by networking service to avoid races, so drop 'auto' for both (OVS ports are automatically handled when part of an OVS bridge); - explicitly ifup OVS bridges as part of networking service, but after all Linux interfaces have been handled; - use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another race condition; While at it, fix some other related issues: - make OVS service start after DPDK service (if present); - bump OVS-DPDK compute VMs RAM since since switching from MTU 1500 to jumbo frames for virtual PODs a while ago failed to do so [1]; - avoid creating conflicting reclass linux.network.interfaces entries for OVS ports by using their name (drop 'ovs_port_' prefix): * for untagged networks they will override existing common defs; * for tagged networks, they will create separate entries; - DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race conditions after node reboot by letting OVS handle them; [1] https://developers.redhat.com/blog/2018/03/16/\ ovs-dpdk-hugepage-memory/ Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-24Merge "Enable back auto for ports network script"Michael Polenchuk1-0/+5
2019-01-24Enable back auto for ports network scriptMichael Polenchuk1-0/+5
The ovs port remains in down state after reboot if "auto" is off. Also turn off no_wait option for odl-noha scenarios. Change-Id: I0121b3190869528e5f2e9985f9e9299ac6c6724e Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-01-24[fdio] Make VIF timeout non-fatalAlexandru Avadanii2-0/+10
The first VMs spawned still exhibit the race condition described in the ticket, so apply the same workaround proposed during the Fraser release cycle in FDS. JIRA: FDS-156 Change-Id: I3b2b1ed7b5711daf81b5f4a263e4dbee9f502259 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-22Pass domain name properly for heat stack userMichael Polenchuk2-4/+0
Change-Id: I74c1c85310e2012e664764b6129fc4a52faaf106 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-01-21Merge "[noha] baremetal: Fix undef armband_repo_version"Michael Polenchuk3-2/+1
2019-01-17Sync heat domain name with keystone definedMichael Polenchuk2-0/+4
Change-Id: Ibf88f179af2570a707ade78f772342b7da23b74f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-01-16[noha] baremetal: Fix undef armband_repo_versionAlexandru Avadanii3-2/+1
Change-Id: I0e56261fc2fc2a0a3f164531c72d88f7c46f5ca1 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-14[odl] Set conntrack as netvirt nat modeMichael Polenchuk2-0/+2
The conntrack-based SNAT uses the Linux netfilter framework to do the NAPT and track the connection. The first packet in a traffic is passed to the netfilter to be translated with the external IP. The following packets will use the netfilter for further inbound and outbound translation. Change-Id: I1090b4fe041f8d9533aa4ce1964284a4a5c073ce Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2019-01-14Merge "[patch] Drop reclass.system patch for repo arch"Michael Polenchuk2-2/+2
2019-01-12[patch] Drop reclass.system patch for repo archAlexandru Avadanii2-2/+2
MCP repos no longer publish arm64 metadata, so drop our patch that selected arm64 metadata on arm64 systems. Instead, let it default to 'deb [arch=amd64]', which will allow arm64 systems to fetch amd64 metadata and inherintely fetch all arch-independent packages from the same repos. While at it, switch to 'rocky-armband' repos on arm64 systems. Change-Id: I07fda895f5162bfa576c62336cbb4d74e985f37a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-11[noha] Fix gtw private NIC name in j2 templatesAlexandru Avadanii2-3/+3
Change-Id: Ic266864913dcac021b3e12f426e1c8a60c23fe87 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-09Bring in FDIO (VPP+DPDK) scenarioAlexandru Avadanii13-70/+327
- cmp, gtw: bump RAM allocation to accomodate hugepages/VPP; for now we overcommit, gtw01 resources can probably be lowered; - submodule: add salt-formula-neutron so we can locally patch it; - repo: * FD.IO repos for VPP packages; * networking-vpp PPA for python-networking-vpp Neutron driver; - use vpp-router for L3, disable neutron-l3-agent; - baremetal_init: apply repo config before network (otherwise UCA repo is missing when trying to install DPDK on baremetal nodes); - arm64: iommu.passthrough=1 is required on ThunderX for VPP on newer kernels; Design quirks: - vpp service runs as 'neutron' user, which does not exist at the time VPP is installed and initially started, hence the need to restart it before starting the vpp-agent service; - gtw01 node has DPDK, yet to configure it via IDF we use the compute-specific OVS-targeted parameters like `compute_ovs_dpdk_socket_mem`, which is a bit misleading; - vpp-agent requires ml2_conf.ini on ALL compute AND network nodes to parse per-node physnet-to-real interface names; - vpp process is bound to core '1' (not parameterized via IDF); Change-Id: I659f7dbebcab7b154e7b1fb829cd7159b4372ec8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2019-01-03[MaaS] Implement aarch64 tags for kernel_optsAlexandru Avadanii1-0/+7
On AArch64, 1G hugepages need to be enabled via kernel cmdline before mounting hugetlbfs [1]. Leverage MaaS tags to apply custom kernel args to AArch64 nodes. [1] https://wiki.debian.org/Hugepages Change-Id: Ie68ddf805836ee62f725019b0b873082b1d40948 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-23[armband] Parameterize aarch64 specific repo compAlexandru Avadanii3-6/+8
Factor out armband repository component name based on openstack_version parameter. However, since 'rocky-armband' repo is not available yet, reuse the 'queens-armband' on. Change-Id: Ibd17808059542ace14724776f8686fc2afd9de6a Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-21Pull out rocky patchesMichael Polenchuk1-2/+1
This commit should be reverted once original formulas get required support of rocky version. Change-Id: Ia3458381bced0cae8dbfacc9781c90933ad5c822 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-12-19Update OpenStack version to RockyMichael Polenchuk9-23/+10
Change-Id: I88f28370180278c4b32599b83eebbb0ee005c936 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-12-17[mas01] Fix iptables pillar compatibility formatAlexandru Avadanii1-17/+25
Sync our reclass pillar data for mas01's iptables with latest formula changes [1]. [1] https://github.com/salt-formulas/salt-formula-iptables/commit/e353ce3c Change-Id: I66b2a75066ed512ab5ab4cc213d13d15c5c8cc7f Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-14[maas] Adopt maas, maasng proposed functionsAlexandru Avadanii1-0/+28
JIRA: FUEL-364 Change-Id: Ia470fc8103713e7a06cd9647675b0edfb4342bf8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-13[docs] Updates for Gambia 7.1.0 releaseAlexandru Avadanii24-27/+27
While at it, rename FDIO (VPP) scenarios to align with OPNFV FDS and OPNFV Apex projects. Change-Id: I9aab5dc4a0dc41a2cc996687a8a2726d03288678 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-12Make MTU cluster-level configurable via IDFAlexandru Avadanii13-13/+17
JIRA: FUEL-336 Change-Id: I1c8d22b8322f700eb727d9077035ba4c9f9f9753 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-12-10Merge "[bgpvpn] Use Linux bridge for odl01 public network"Alexandru Avadanii1-3/+8
2018-12-10[odl/dpdk] Disable up/down for public interfaceMichael Polenchuk1-0/+2
There is a race with interfaces up/down action during configuration, so activate them after node reboot. Change-Id: Id40ce746cc6635fcedd0f9c809cf4a9fe4d1f034 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-12-09[bgpvpn] Use Linux bridge for odl01 public networkAlexandru Avadanii1-3/+8
Previously, we used a single interface definition for public network on odl01 node, which does not work well for baremetal setups that use a tagged VLAN public network, like ericsson-pod1. Change-Id: I10ff7c105406691011e94e06b2f099dc2cdf8a06 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-11-16[baremetal] cmp: Support per-node PXE/admin ifaceAlexandru Avadanii3-2/+3
intel-pod18 has different network interfaces on its compute nodes, requiring support for per-node PXE/admin NIC name override, instead of assumming all computes use the same NIC naming. Change-Id: I2b2e5ec6745601576ead898370241b743c963e3d Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-11-14[ha] kvm: Disable ip_forwardAlexandru Avadanii1-0/+2
kvm nodes should not try to route traffic. This also silences some bogus 'martian packet' warnings about prx public VIP reaching br-ex. Change-Id: I608a561d292be3042d20fcbe48b2f5c816c4e8bf Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-11-13Revert "Conform configs to updated Redis v5.0 package"Michael Polenchuk2-2/+2
This reverts commit 7c5c2a8353177a393f72d244470e34f23c46c3e8. The package of Redis v5.0 has been removed from repository. Change-Id: Ic9449314e9e177435878542eecbe5f4a8b848549 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-11-09Conform configs to updated Redis v5.0 packageMichael Polenchuk2-2/+10
Also disable transparent hugepages on telemetry hosted nodes to avoid latency and memory usage issues with Redis. Change-Id: I3c7a0be6edbc51141f5d79d7368583afacef9025 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-11-05[docs] Refresh for Gambia releaseAlexandru Avadanii1-8/+8
- s/Fuel@OPNFV/OPNFV Fuel/g; - added README files for ci/scenarios/patches directories; - refresh & simplify cluster overview diagrams; - unify labels across docs; - fix TOC numbering; - remove local labs PDF/IDF files, as they are merely duplicates of Pharos files included as a git submodule; JIRA: FUEL-397 Change-Id: I87f61938eeb67f13fd9205d5226a30f02e55d267 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-10-29Specify barbican endpoint for glance serviceMichael Polenchuk2-0/+4
By default castellan key manager gets public endpoint of barbican service which isn't preferable in terms of cluster ops, so specify internal endpoint explicitly. Change-Id: Ie686ceb936132143743af18fcb4960ea15a8b93c Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-10-23Enable IPv6 on entire cluster by defaultMichael Polenchuk6-28/+1
IPv6 has been enabled back by commenting out the cis-3-3-3 yaml/class source in linux service reclass. Change-Id: Ia8f4e2ddbb98f9316e6ce5136badbb14ecb277c5 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-10-22Merge "[ha] Run OpenDaylight in cluster mode"Michael Polenchuk7-30/+44
2018-10-22Merge "[ha] Add barbican to nginx on proxy nodes"Michael Polenchuk1-0/+1
2018-10-22[ha] Run OpenDaylight in cluster modeMichael Polenchuk7-30/+44
Change-Id: Id75fbee34a6cfc6e7fc60df053cccaaff21cb15a Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-10-19[ha] Add barbican to nginx on proxy nodesDelia Popescu1-0/+1
JIRA: FUEL-395 Change-Id: I8bd3a8e914828548e2ded0915770550ce3673897 Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2018-10-17Merge "Add odl bgpvpn noha scenario to fuel"Alexandru Avadanii3-0/+17
2018-10-16Add odl bgpvpn noha scenario to fuelStamatis Katsaounis3-0/+17
JIRA: FUEL-393 This patch adds support of os-odl-bgvpn-noha scenario to fuel installer. Change-Id: I4e053e38aac70023b0a81f9a41b415c7a1aae3af Depends-On: I57288bbb42f4c75af19f3807f8f15b44482c066c Signed-off-by: Stamatis Katsaounis <mokats@intracom-telecom.com>
2018-10-16Enable IPv6 on compute nodes for noha and haDelia Popescu2-1/+6
Enable IPv6 on compute nodes for both ha and noha deployment types Change-Id: I46c89e3005aefea8ccbeb4779efe513bf2be84e8 Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2018-10-11Set volume device name to sdcDelia Popescu2-2/+2
Functest is now using scsi volume type for fuel Set correct volume device name for functest volume tests JIRA: ARMBAND-402 Change-Id: I2265901eeb624a395388f6ce8afae226b129c5be Signed-off-by: Delia Popescu <delia.popescu@enea.com>
2018-09-26[ha] Fix missing aodh_version paramAlexandru Avadanii1-0/+1
_param:aodh_version was lost during a recent refactor, bring it back. While at it, also make chown in entrypoint.sh recursive to prepare for non-sudo deployments. Fixes: c0de0902 Change-Id: I41b225c4a3f15269aa156a1c33412206beff6ee9 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-09-26Merge "[ovn] Enable metadata agent"Alexandru Avadanii4-0/+12
2018-09-26Merge "[reclass] Ensure pxe_admin_address is set for all"Alexandru Avadanii2-1/+3
2018-09-26[reclass] Ensure pxe_admin_address is set for allAlexandru Avadanii2-1/+3
Some nodes did not rely on the _param:pxe_admin_address internal reclass param, although all of them do have an IP address in the PXE/admin network segment. Ensure all nodes define this param, so we can query all nodes with: $ salt '*' pillar.item _param:pxe_admin_address JIRA: FUEL-394 Change-Id: I7575934752c8b459c52af8a8c98c2b0327756428 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-09-26Merge "[AArch64] noha: Add armband repo prio"Alexandru Avadanii1-0/+9
2018-09-26[ovn] Enable metadata agentMichael Polenchuk4-0/+12
Change-Id: I9ef3a1dd570abf90b222609af350565d385326c8 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2018-09-26Merge "[minion] Set tcp_keepalive for flaky networks"Michael Polenchuk1-0/+4
2018-09-25[AArch64] noha: Add armband repo prioAlexandru Avadanii1-0/+9
Previously, only HA scenarios required the Armband repository configuration (including its higher repo prio pinning), since NOHA scenarios were not supported on baremetal. With multiarch hybrid POD support landing, the same repo prio should be set for NOHA scenarios. Change-Id: I676ee262e270ce4689c44c245967badebc2efe2c Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2018-09-25[reclass] Consolidate all passwordsGuillermo Herrero9-87/+66
JIRA: FUEL-378 Change-Id: I00832d697d83c374628fa9d759c125e0b6ca64cf Signed-off-by: Guillermo Herrero <guillermo.herrero@enea.com>