| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When redeploying a cluster only (keeping the infrastructure containers
from a previous deploy), some things need to be adjusted:
- /entrypoint.sh exec permission;
- /etc/maas uid/gid re-align on new (fresh) deploy;
- account for different location of /usr/sbin/tcpdump apparmor profile
for CentOS jumpservers;
Change-Id: If51db0bc95eff1a497e1df5d457e26a7b902aa5a
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
- bump Pharos git submodule to allow PODs with fewer nodes;
- add `k8-calico-iec-noha` scenario definition for Akraino
IEC basic configuration;
- add `k8-calico-iec-vcp-noha` scenario definition for Akraino
IEC nested (virtualized control plane) configuration;
- add `akraino_iec` state, which will leverage the Akraino IEC
bootstrap scripts from [1];
- replace system.reboot salt call with cmd.run 'reboot' as it's more
reliable;
- use kernel 4.15 for AArch64 K8 IEC scenarios;
NOTE: These scenarios will not be released in OPNFV since don't rely
on Salt formulas but instead of Akraino IEC scripts to install K8s.
[1] https://gerrit.akraino.org/r/#/q/project:iec
Change-Id: I4e538e0563d724cd3fd5c4d462ddc22d0c739402
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Create 2 systemd services on the jumphost that will handle veth
pairs creation, respectively adding them to virsh/real bridges.
This allows us to set docker containers restart policy to 'always',
enabling persistent Salt Master/MaaS containers across jumphost
reboots.
NOTE: libvirt creates virtual networks async, hence the need for
retrying hooking veths to them.
JIRA: FUEL-406
Change-Id: I1ca033cb5eb854b577b57bb2387a58bd9605a5bb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Some PODs are fast enough to get past installing, syncing and using
MaaS to provision the OS on the baremetal nodes before the 1h mine
refresh.
Since mine.update operation is fast enough to go unnoticed and we
only collect IP addresses, grains and pem entries, schedule it every
15 minutes.
Due to reclass class inheritance, we can't easily override this via
pillar data, so handle it via entrypoint.sh.
Change-Id: I0d8ed2da838ad09c94e9327d0131d3e239de4f08
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
- replace mas01 VM with a Docker container;
- drop `mcpcontrol` virsh-managed network, including special handling
previously required for it across all scripts;
- drop infrastructure VMs handling from scripts, the only VMs we still
handle are cluster VMs for virtual and/or hybrid deployments;
- drop SSH server from mas01;
- stop running linux state on mas01, as all prerequisites are properly
handled durin Docker build or via entrypoint.sh - for completeness,
we still keep pillar data in sync with the actual contents of mas01
configuration, so running the state manually would still work;
- make port 5240 available on the jumpserver for MaaS dashboard access;
- docs: update diagrams and text to reflect the new changes;
Change-Id: I6d9424995e9a90c530fd7577edf401d552bab929
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
While the minions are working their jobs the CLI is waiting for the
first initial timeout period (timeout) to start. When that hits,
the CLI sends sends the first "find_job" query. This kicks off the
gather_job_timeout timer. Sometimes a minion doesn't respond to the request
within the gather_job_timeout time period (default is 10s), so rise up
this value to give a chance for a minion to report actual status.
Change-Id: Ic3756b82fdeb17718870ab30e9578263d25309f7
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Change-Id: I7486569568207f7652f8bdfcf1060ce51a9dbb0e
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
|
|
This commit should be reverted once original formulas
get required support of rocky version.
Change-Id: Ia3458381bced0cae8dbfacc9781c90933ad5c822
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
|
|
Sync predefined Salt Master configuration with reclass class
system.salt.master.single (but limit worker_threads to 20).
Change-Id: I760cdcb9ebbdab517011eccab0616abb36014cc1
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
reclass settings.py should be patched before the salt-master service
is started (since we can't restart it inside the container without
killing the tini init).
Fixes: 2de5348a
Change-Id: Id62d8f9f12fd72ef60322dd9907f26907231c4a7
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Explicitly set the ipv4_address for each network instead of relying
on ip_range allocation, which seems to fail / not be picked up.
While at it, use docker-compose 1.22 or newer to bypass slow Docker
network creation with 'macvlan' driver [1].
[1] https://github.com/docker/compose/issues/5248
Change-Id: Ic31851522576ebb2407d869b7c3ed7bd06951922
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Previously, cfg01 mgmt address did not consider the `ip-range` param,
leading to a mismatching `cfg01` entry in /etc/hosts on cluster nodes.
Change-Id: If6f605f4b2817c3751074bef60ebde298bc74b7d
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-393
This patch adds support of os-odl-bgvpn-noha scenario to fuel
installer.
Change-Id: I4e053e38aac70023b0a81f9a41b415c7a1aae3af
Depends-On: I57288bbb42f4c75af19f3807f8f15b44482c066c
Signed-off-by: Stamatis Katsaounis <mokats@intracom-telecom.com>
|
|
_param:aodh_version was lost during a recent refactor, bring it back.
While at it, also make chown in entrypoint.sh recursive to prepare
for non-sudo deployments.
Fixes: c0de0902
Change-Id: I41b225c4a3f15269aa156a1c33412206beff6ee9
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
`virtual_init` state file tries to ping all FN VMs, but that won't
work on hybrid PODs since all FN VMs but mas01 require MaaS DHCP to
be already configured (i.e. FN VMs in question will be reset after
mas01 is fully configured).
Limit virtual node queries in `virtual_init` to mas01 VM, as the rest
of FN VMs will be handled via `baremetal_init` state.
While at it, move _param:apt_mk_version def to common reclass to
avoid an undef reference in NOHA hybrid deployments; set MCP_VCP to
0 for non-HA scenarios.
JIRA: FUEL-385
Change-Id: I582bca6864e9bfed23baf26f9b66e6e95e986c58
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
While at it, retire obsolete MAAS_IP global variable and let mas01
VM get a DHCP address from virsh-managed mcpcontrol network.
Change-Id: Ifd85dbcab10894a5d0d675d37f0c35f09776d9b4
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Allow skipping docker pull for verify jobs by setting the new env
var to 'verify'.
JIRA: FUEL-383
Change-Id: If8e2f66b5ccdac5c3911eeabfc2ba9c0eba61093
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
JIRA: FUEL-383
Change-Id: Ie635965cff3538d6e786f2b76fa4d175d1be1773
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
* ship prebuilt salt master conf for better readability:
- enable x509.sign_remote_certificate (for prx VCP nodes);
* refactor Salt master CA handling:
- preinstall `salt_minion_dependency_packages` and
`salt_minion_reclass_dependencies` inside docker image;
- persistent /etc/pki;
- run salt.minion on cfg01 to generate master keys;
* bump container formulas to 1 Sep 2018 versions or newer:
- inject date into Docker makefile, forcing a fresh fetch of all
salt formulas from upstream git repos;
* workaround broken salt-formula-designate's meta/sphinx.yml:
- the DEB package version of salt-formula-designate uses `cmd.shell`
to query dpkg on the minion, while the git repo version still
uses `cmd.run`, running into parsing issues;
- temporarily disable sphinx metadata generation for designate until
upstream git repo syncs with the DEB version;
* upstream: salt-formula-salt AArch64 salt.control.virt support:
- retire salt-formula-salt git submodule and related patches;
* skip installing reclass distro package (already installed via pip
inside the container);
* limit initial pillar_refresh call to nodes on jumphost;
* remove unused salt-formula-nova git submodule;
JIRA: FUEL-383
Change-Id: I883b825e556f887a5e31f8a43676dcd8ece6dfde
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
AArch64 specific formula, mostly tweaking nova conf / installing
virtualization layer prerequisites:
- install qemu-efi;
- install vgabios;
- fix missing link for vgabios binary blob;
- nova conf: cpu_model=cortex-a57 (only for virtual deploys);
- nova conf: virt_type=qemu (only for virtual deploys);
- nova compute conf: virt_type=qemu (only for virtual deploys);
- nova conf: pointer_model=ps2mouse since AArch64 has no USB tablet;
[1] https://github.com/openstack/nova/commit/f0f0953
Change-Id: I40515bdbd941850b103a86d51b347cc8610f5741
Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com>
Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com>
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
|
Add configuration items for bringing up the Salt master Docker
container using docker-compose:
- mount <storage dir>/hosts as /etc/hosts
- mount <storage dir>/salt as /etc/salt:
* semi-persistent generated Salt information;
- mount <storage dir>/nodes as /srv/salt/reclass/nodes:
* semi-persistent generated reclass node data storage;
- mount Fuel@OPNFV git repo in /root/fuel;
- mount all other previously rsynced artifacts;
- hook container to 3 networks/bridges: mcpcontrol, PXE/admin and
management:
* container IP addresses are managed by Docker, so no DHCP is used;
- override upstream entrypoint.sh by mounting our own version on top;
* run-time patch Salt to fix certain init system interactions due
to 'Tini' looking like Upstart but behaving a bit differently;
* work around directory traversal issues in Salt/reclass by using
extensive `cp` (to be later mitigated at container build time);
* overwrite reclass.system with our own version (patched), later to
fetched pre-patched during container build;
* overwrite salt-formulas with our patched versions;
* create missing links for salt-formulas-* packages (e.g. gnocchi)
which are not available as git repos upstream;
- add mcp.rsa.pub to 'ubuntu' user's authorized_keys for SSH login
to master node to remain backwards compatible;
- mount configuration files for semi-persistent state preservation
at container destroy/rebuild (using '-f' deploy argument);
JIRA: FUEL-383
Change-Id: Ie17e578a7ebeb071b1c0e0a49ad58ffa6bbc89bb
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
|
Alexandru Avadanii
Michael Polenchuk
Stamatis Katsaounis
Guillermo Herrero