| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Set timeout value for snat punts to zero to turn
off the rate limiting and installation of learnt flows.
Change-Id: I79dad8fd0f925bfc11d7dc1678c3a414dc35fa56
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I2b41ce2e275bb053fa2590654ea7fa432b0c857f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I745a838b1f2f294b6c455700509ddf4b0264446f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* update gnocchi to 4.3
* remove outdated ceilometer api
Change-Id: I7adaf3ddc76d93531b6b0997b684672b80f2992f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Also re-align resources for virtual scenarios.
Change-Id: Id0d55407fd5b1720a24e30c364219f8b08e89d06
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I3bbe3e4be520ccac198654bb4a7d493aa8450023
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
The PaxOsgi logging has a performance impact
(i.e. makes pressure to the Java GC).
Change-Id: Ic0bc2c0d1cfac195a04d1cfa90fa7fa47fc37612
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I74c1c85310e2012e664764b6129fc4a52faaf106
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* patch is merged into oslo-templates
* rocky repo key name is made as for others
* jinja package is updated to fix incorrect quoted value
[https://github.com/saltstack/salt/issues/46594]
Change-Id: Ia6359cf89579b4d892ae40c4d087168edcd86ebb
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
The conntrack-based SNAT uses the Linux netfilter framework to
do the NAPT and track the connection. The first packet in a traffic is
passed to the netfilter to be translated with the external IP. The
following packets will use the netfilter for further inbound and
outbound translation.
Change-Id: I1090b4fe041f8d9533aa4ce1964284a4a5c073ce
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
- cmp, gtw: bump RAM allocation to accomodate hugepages/VPP;
for now we overcommit, gtw01 resources can probably be lowered;
- submodule: add salt-formula-neutron so we can locally patch it;
- repo:
* FD.IO repos for VPP packages;
* networking-vpp PPA for python-networking-vpp Neutron driver;
- use vpp-router for L3, disable neutron-l3-agent;
- baremetal_init: apply repo config before network (otherwise UCA
repo is missing when trying to install DPDK on baremetal nodes);
- arm64: iommu.passthrough=1 is required on ThunderX for VPP on
newer kernels;
Design quirks:
- vpp service runs as 'neutron' user, which does not exist at the
time VPP is installed and initially started, hence the need to
restart it before starting the vpp-agent service;
- gtw01 node has DPDK, yet to configure it via IDF we use the
compute-specific OVS-targeted parameters like
`compute_ovs_dpdk_socket_mem`, which is a bit misleading;
- vpp-agent requires ml2_conf.ini on ALL compute AND network nodes
to parse per-node physnet-to-real interface names;
- vpp process is bound to core '1' (not parameterized via IDF);
Change-Id: I659f7dbebcab7b154e7b1fb829cd7159b4372ec8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I270660204653d06cc8d1b5dc773d11a0a05ac27b
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
This commit should be reverted once original formulas
get required support of rocky version.
Change-Id: Ia3458381bced0cae8dbfacc9781c90933ad5c822
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
JIRA: FUEL-364
Change-Id: Ia470fc8103713e7a06cd9647675b0edfb4342bf8
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Fix an undefined parameter reference:
root@cfg01:~# reclass-salt -p odl01.mcp-odl-ha.local
-> odl01.mcp-odl-ha.local
Cannot resolve ${_param:cluster_vip_address}, at
_param:keepalived_vip_address, in
yaml_fs:///srv/salt/reclass/classes/service/keepalived/cluster/single.yml
Change-Id: Ie653b80f2ba0f2c9664b36e23f8e95793ba0e198
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* bump salt-formula-maas git submodule;
* sync AArch64 initial salt config with the x86_64 default config;
* bump Pharos git submodule to sync `power_pass` MaaS configuration
paramater naming;
Change-Id: Ic59dd8becb6d83a9e67004c38d51681c88c4be7c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Also disable transparent hugepages on telemetry hosted nodes
to avoid latency and memory usage issues with Redis.
Change-Id: I3c7a0be6edbc51141f5d79d7368583afacef9025
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Setup haproxy on opendaylight nodes to listen/bind on VIP address.
Keepalived will be checking existence of haproxy daemon.
Change-Id: Ie0a3a6ebb82523388d528529709415644f67a380
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
IPv6 has been enabled back by commenting out the
cis-3-3-3 yaml/class source in linux service reclass.
Change-Id: Ia8f4e2ddbb98f9316e6ce5136badbb14ecb277c5
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Id75fbee34a6cfc6e7fc60df053cccaaff21cb15a
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
JIRA: FUEL-393
This patch adds support of os-odl-bgvpn-noha scenario to fuel
installer.
Change-Id: I4e053e38aac70023b0a81f9a41b415c7a1aae3af
Depends-On: I57288bbb42f4c75af19f3807f8f15b44482c066c
Signed-off-by: Stamatis Katsaounis <mokats@intracom-telecom.com>
|
|
JIRA: FUEL-392
Change-Id: Ia21840c7561a14a5eeed3d08bf89eb2dbf9acc3a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Salt's `ini.options_present` expects the file to be present.
Change-Id: Ib62b324ae0bd154a35b8a80e4ab2ec0002bc6bce
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
OpenDaylight polls OF statistics (usually superfluous) by default
which could affect performance in large scale deployments.
Also mask service only if package is installed.
Change-Id: I2f7a1da85dd5e04502f08be146bcc2ba946a631e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: Ie8ec7c94b2831dce88bde39c7fe219faaad21c5e
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I7d16bcd42a059817d7a4e6b06490e03001354f4f
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I448aa7f076e2c2d641a5326947852b3333728460
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
* ship prebuilt salt master conf for better readability:
- enable x509.sign_remote_certificate (for prx VCP nodes);
* refactor Salt master CA handling:
- preinstall `salt_minion_dependency_packages` and
`salt_minion_reclass_dependencies` inside docker image;
- persistent /etc/pki;
- run salt.minion on cfg01 to generate master keys;
* bump container formulas to 1 Sep 2018 versions or newer:
- inject date into Docker makefile, forcing a fresh fetch of all
salt formulas from upstream git repos;
* workaround broken salt-formula-designate's meta/sphinx.yml:
- the DEB package version of salt-formula-designate uses `cmd.shell`
to query dpkg on the minion, while the git repo version still
uses `cmd.run`, running into parsing issues;
- temporarily disable sphinx metadata generation for designate until
upstream git repo syncs with the DEB version;
* upstream: salt-formula-salt AArch64 salt.control.virt support:
- retire salt-formula-salt git submodule and related patches;
* skip installing reclass distro package (already installed via pip
inside the container);
* limit initial pillar_refresh call to nodes on jumphost;
* remove unused salt-formula-nova git submodule;
JIRA: FUEL-383
Change-Id: I883b825e556f887a5e31f8a43676dcd8ece6dfde
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Salt relies on a limiting libvirt_domain j2 template to generate the
XML it passes to libvirt for salt.control managed virtual machines.
For AArch64, we need to set up 3 XML nodes in a non-default way:
1. UEFI firmware (AAVMF) should be enabled by passing a pflash loader;
2. CPU mode should be 'host-passthrough';
3. QEMU machine type should be 'virt';
To allow configuring the above using pillar data:
- virtng module: implement functionality similar to upstream changes:
* 219b84a512 virt module: Allow NVRAM unlinking on DOM undefine
in develop, not in 2018.2;
* 9cace9adb9 Add support to virt for libvirt loader
in develop, not in 2018.2;
- virtng module: extend it with:
* pass virt machine type to vm;
* pass cpu_mode to vm;
JIRA: ARMBAND-404
Change-Id: Ib2123e7170991b3dfbdb42bd1a2baa5a4360b200
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
AArch64 specific formula, mostly tweaking nova conf / installing
virtualization layer prerequisites:
- install qemu-efi;
- install vgabios;
- fix missing link for vgabios binary blob;
- nova conf: cpu_model=cortex-a57 (only for virtual deploys);
- nova conf: virt_type=qemu (only for virtual deploys);
- nova compute conf: virt_type=qemu (only for virtual deploys);
- nova conf: pointer_model=ps2mouse since AArch64 has no USB tablet;
[1] https://github.com/openstack/nova/commit/f0f0953
Change-Id: I40515bdbd941850b103a86d51b347cc8610f5741
Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com>
Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* Refactor OPNFV salt-formulas mechanism to resemble upstream git
structure:
- git submodules: add new submodule for each formula we patch;
- create salt-formula-x directories for OPNFV formulas;
- move mcp/metadata/service contents to their each formula subdir;
- use `make patches-import` for patches previously handled by
patch.sh;
- retire patch.sh
* states: add virtual_init:
- mostly based on old salt.sh, which is now obsolete;
- exclude salt-master service restart (it would kill the container);
* scenarios: cleanup (rm cfg01 virtual node def), adopt virtual_init;
* reclass: align our model with prebuilt container's Salt config:
- drop linux:network pillar data (handled by Docker);
- stop applying linux.system state on cfg01;
- align salt user homedir;
- drop salt-formula packages (preprovisioned);
* minor plumbing in deploy.sh and lib.sh;
JIRA: FUEL-383
Change-Id: I28708a9b399d3f19012212c71966ebda9d6fc0ac
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I84a4789ff2155d7c14f9ffd9bfe54c5bca7a0d4f
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: I192cda7412151b2974e1bcd79a51f7593acace5d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Align opendaylight/server sls with the latest salt-formula-linux
version of keyserver requests support behind proxy.
Change-Id: I55f9010eec8b74932d4a28215ecf9647deb3d82c
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- noha: 'accept_policy: open_mode' to align with ha scenarios;
- s/cmp01/cmp001/g to align all scenarios and allow code reuse;
- rename network params: s/dhcp/mcpcontrol/g, cleanup;
- computes XDF data: drop 'opnfv_*' layer of params, cleanup;
- local vPDF: add comments with default roles by node index;
- parameterize all netmasks;
- drop unused address/netmask for 'proto: manual' interfaces;
- virsh_net: cleanup definitions, remove hardcodes, align IP on
jumpserver and DHCP range with MaaS for pxebr;
- maas: parameterize hardcoded '/24' cidr for PXE/admin, refactor
maas.region.machines parameterization;
- merge <all-mcp-arch-common/infra/config_*pdf.yaml.j2> templates;
- move reclass.storage definitions of compute nodes to common dir;
- drop 'openstack_compute_*' reclass params in favor of expanding
them via j2 directly in reclass.storage params;
- adopt `nm.cluster.has_*_nodes` where possible;
- obsolete `runtime.yml` from reclass model;
- refactor arch-specific reclass param selection;
- remove unused defaults in favor of mandatory IDF properties;
- noha: prepare for baremetal node support in cinder_lvm_devices;
- interfaces: add interface_mtu and 'noifupdown: true' everywhere;
- interfaces: use j2 macros to generate eth/vlan config;
- states cleanup: remove DHCP route disable workaround on prx/cmp;
- allow configuring NTP servers via:
`idf.fuel.network.ntp_strata_host{1,2}`;
- ovs_bridge: Allow setting gateway, dns-nameservers
- apache: Adjust module list for novcp class inheritance;
- glusterfs PPA: pin with same prio of MCP repos for novcp scenario;
JIRA: FUEL-319
JIRA: FUEL-326
JIRA: FUEL-337
Change-Id: Ia6ad64ba8cade85a75fb22c9a2505decc3834360
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Change-Id: Id024ed22dd1760f41ae18aeb8e680c2f07a5dc63
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
|
|
Install tacker from git repository since there is no ubuntu package yet.
Change-Id: Ibe4b6486050213df1a545c5c79c43a635bbf6c08
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
After salt update to version 2017.7.0 the indefinite mask
has to be removed before attempting to start the service.
Change-Id: I21616929f06f8ebd8a2d70e8c33f92c7b808a9c5
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
ODL requires native leveldbjni support on architectures like AArch64,
provided as a Debian package in ODL Team Nitrogen PPA.
Only systemd is supported (unlikely to change).
JIRA: ARMBAND-387
Change-Id: Ie7f2955c6574ab4584ed0c207b42ed7ab7261561
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Replace MAAS CLI set_disk_layout with the
new maas.machines.storage state
JIRA: FUEL-364
Change-Id: I4d8cd9f473c5386ee7b32ad378ca1e02989233ca
Signed-off-by: ting wu <ting.wu@enea.com>
|
|
Perform fio storage destructive test operation (usually takes just a
few minutes) to completely destroy any previous storage metadata that
might cause issues with cleanup in cloud-init/curtin during deploy.
Only resort to fio when a node fails to deploy, which allows us to
reuse the `maas.machines.mark_broken_state` state.
JIRA: FUEL-365
Change-Id: Ief327e6b4fefa83a8a3c131acfdf9f5fd605689d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Oxygen has an issue with broken config/data cache caused
by service restart in the middle of initial boot.
Change-Id: Ia30c76b67566ab8a2fb9045d0e10ca788f1a06a6
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
JIRA: FUEL-362
Change-Id: Ib2621bca72d1ba376af5d369edcf5fcf37e9788b
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Bring back public internet access to all cluster nodes via NAT
on mas01 node, required for NTP syncing.
NOTE: Both mcpcontrol and PXE/admin networks are currently
hard wired to using /24 netmask, so we leverage that in pxe_nat.sls.
JIRA: FUEL-348
This reverts commit 9a6e655e0b851ff6e449027c01ac1a66188b0064.
Change-Id: I7bab385f95f8c6d92cadc4e2149c2cd56e10c506
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- fix `route-br-ex` if-up.d script failing when route already exists
by adding a wrapper around distro's '/sbin/route' binary in
'/usr/local/sbin/route', exploiting default order in Ubuntu PATH;
- fix 'br-prv' duplicate entry in 'interfaces.d/ifcfg-br-prv' and
'interfaces' caused by upstream bug [1];
- add barrier waiting for all baremetal nodes online before attempting
reboot, trying to catch rare failures which are undetectable in logs
as both a succesful reboot and a disconneted minion report 'n/c';
With the above in place, networking service should no longer fail
to start on cmp nodes w/ DPDK.
[1] https://github.com/saltstack/salt/issues/40262
Change-Id: I6d4895376ce323c14c997e6c9af2ea3eeeee0184
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
On cmp nodes, allocate only 30GB (fixed for now) for / partition.
The rest of the disk(s) can later be allocated via salt-formula-linux.
JIRA: FUEL-330
Change-Id: Ie11c78791e60801719cd33475ff91fc003df5ffa
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Some nodes fail automatic testing done by MaaS during commissioning,
although running the testing suites one more time manually works.
For now, just override all 'failed testing' nodes unconditionally.
JIRA: FUEL-333
Change-Id: I13d3ee3d82550524480aa53aa8752ab90aa940cd
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- add new virsh managed network 'pxebr' (to mimic baremetal behavior
on virtual PODs, this will be the equivalent of PXE/admin network);
- connect 'pxebr' to 3rd interface for cfg01, mas01 for all deploys
(used to be baremetal-specific), replacing 'internal';
- keep 'mcpcontrol' connected only to 'cfg01' (+ 'mas01' if present)
for initial infrastructure bring-up (1st interface);
- switch all virtual cluster nodes to 'pxebr' (1st interface);
- use 'pxebr' for all Salt cluster nodes traffic, 'mcpcontrol' only
for mas01<=>cfg01 Salt traffic;
- convert <user-data.template> to jinja2 and expand it based on PDF
instead of using `envsubst`;
- split <user-data.sh.j2> into two versions, one for each network
used for Salt traffic;
- ci/deploy.sh: Read scenario data before template parsing for
cluster domain variable, needed in virsh network def;
- leave docs diagram refresh to later after all possible deploy types
have settled;
- limit keyserver proxy usage to nodes where the configured http proxy
matches the first nameserver (true for all MaaS-provisioned nodes),
so we can re-use the same pillar for FN VMs and baremetal nodes;
- add PXE/admin IP on cfg01's 3rd interface and switch other vnodes
`salt_master_host` to point to it;
JIRA: FUEL-322
Change-Id: Ie4f7aedddf2ef81046f1127b377d88dce79f0fda
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
Michael Polenchuk
Alexandru Avadanii
Stamatis Katsaounis
Guillermo Herrero
ting wu