summaryrefslogtreecommitdiffstats
path: root/mcp/scripts/lib.sh
AgeCommit message (Collapse)AuthorFilesLines
2017-12-07Merge "lib.sh: persistent cfg01, mas01 mcpcontrol"Michael Polenchuk1-2/+2
2017-11-27lib.sh: persistent cfg01, mas01 mcpcontrolAlexandru Avadanii1-2/+2
cfg01, mas01 DHCP leases in mcpcontrol virtual network should be persistent (if cfg01 IP changes, minions can't find Salt Master). Change-Id: I497207ebe1537af94fd92de12491664d17ad3144 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-27AArch64: base image: pre-install salt-minionAlexandru Avadanii1-1/+7
While at it, rename apt repo in foundation node user-data template from "salt" to "saltstack", to align with reclass model naming. Change-Id: I5b216492349ae187b568884b1ab4046c52b1c6b2 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-27Add pre-{install,purge} support for base imageAlexandru Avadanii1-5/+132
Extend <lib.sh> and its invocation from <ci.deploy.sh> with support for modifying foundation node VMs base image prior to using it with: - additional APT GPG keys; - additional APT repos; - packages to pre-install; - packages to pre-remove; - (non-configurable) cloud init datasource via NoCloud only, so VCP VMs won't wait for metadata service; While at it, re-use the resulting image as a base for another round of pre-patching (same operations as above are supported) to provide a base image for VCP VMs. Add AArch64-specific configuration based on new mechanisms: - pre-install linux-image-generic-hwe-16.04-edge (and headers) for foundation node and VCP (common) image (also requires new repo and its key); - pre-install cloud-init for VCP image (it should already be installed, but script needs non-empty config for VCP to create the VCP image and transfer it over to Salt Master); NOTE: cloud-init is required on VCP VMs for DHCP on 1st iface. JIRA: FUEL-309 Change-Id: I7dcaf0ffd9c57009133c6d339496ec831ab14375 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-11-08lib.sh: Cleanup previous /boot/efi contentsAlexandru Avadanii1-1/+2
Some UEFI firmwares insist on scanning removable drives, even when boot entries were deleted from UEFI boot list (board flash). To work around this, remove contents of </boot/efi/*>, so scanning won't identify any valid EFI binaries. Another option would be erasing partition tables, but identifying the underlying disk(s) is more complicated, especially when using LVM/RAID etc. Change-Id: I9949b99b139b1642e3bd8f04de3bd5ef74d1ecc5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-28lib.sh: rm Ubuntu boot entry on EFI systemsAlexandru Avadanii1-0/+10
On EFI-enabled systems, grub-install from grub-efi-* package installs a boot entry named "ubuntu". MaaS relies on IPMI to set boot order to PXE first; however on systems with buggy firmware or without full IPMI support, that fails, leading to booting Ubuntu from hard disk instead. Work around this by clearing any previous Ubuntu boot entry from board flash, before starting a new baremetal deploy. NOTE: This only runs against nodes that are online from a previous deploy. Closes: ARMBAND-47 Change-Id: I1c4ece09e42845ce2a1b7119ec69e46e5ca12376 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-27Merge "lib.sh: Fix compatibility with bash 4.2"Alexandru Avadanii1-16/+16
2017-10-27lib.sh: Fix compatibility with bash 4.2Alexandru Avadanii1-16/+16
JIRA: FUEL-296 Change-Id: Ide9f9333fe9b44ff6b78678064f8e67f05aabd42 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-26AArch64: Switch jumpserver VMs to virtio videoAlexandru Avadanii1-2/+2
Drop vgabios dependency by switching video from VGA to virtio for all VMs spawned on the jumpserver. NOTE: This requires virtualization packages on the jumpserver to be up to date (e.g. libvirt, QEMU). JIRA: ARMBAND-306 Change-Id: I73913e1ae8584f4e73b92994f78f7ec363cba3ec Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-20lib.sh: Fix locals override in nested invocationsAlexandru Avadanii1-11/+14
'wait_for' bash function is nested in another 'wait_for' call in some places, which leads to inner calls interfering with outer calls by overriding the locally scoped variables, including the 'attempt' internal counter. In some cases, the outer 'wait_for' would exit after a single attempt. Fix that by running all contents of `wait_for` inside a subshell, which inherits outer calls variables, but does not override them when the inner call is finished. Change-Id: I450eda3d023af2380c61ee930071fbfc393a5645 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-15states: Break on error, retry states up to 5 timesAlexandru Avadanii1-2/+3
While applying scenario states, break on error, and retry failed state up to 5 times. Apply the same behavior for `salt.sh`. Add new deploy parameter, '-D', backed up by 'CI_DEBUG' env var, which gates deploy sh scripts logging (set -x). Also extend '-f' deploy parameter, allowing it to be specified more than once; the first occurence will skip infra VM creation, but still sync reclass & other config from local repo, while a second occurence will also disable config sync. To prevent glusterfs client state from failing due to non-existent nova user/group, move it after nova:compute's nova state is applied. Change-Id: I234e126e16be0e133d878957bd88fed946955de8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-14Add license headers where missingAlexandru Avadanii1-0/+7
While at it, compact 'set' into bash shebang where possible and add `make patches-copyright` target to simplify adding patch license headers. Change-Id: I0c841de72e5709e5eef915a52c5ec4a7fc0f7c37 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-14Drop infinite loops in favor of finite wait_forAlexandru Avadanii1-3/+2
While at it, fix some shellcheck warnings, and s/fgrep/grep -F/g. Change-Id: I093b7b4c196731b1ecc0c27a4111955b2e412762 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-14states: Split virtual_control_plane from maasAlexandru Avadanii1-10/+23
We should eventually also support baremetal deploys without a virtualized control plane (VCP), so decouple MaaS provisioning from VCP provisioning. While at it, move "wait_for" bash function from maas state to common library file, lib.sh. Change-Id: I32c33135655cb6aceae901a5f92b51265a8c84b4 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-10-03Identify jump host bridges based on IDF / PDF netsAlexandru Avadanii1-7/+1
- minor refactor of runtime templates parsing to allow var expansion; - parse <pod_config.yml> into shell vars, match dynamically networks from PDF to IP addresses on bridges of current jumphost; - keep old '-B' parameter in <ci/deploy.sh>, use it for providing fallback values in case there's no bridge name specified via IDF and no IP on the jumphost for one or more of the PDF networks; - re-enable dry-run to ease testing of the above; - add sample 'idf-pod1.yaml' to <mcp/config/labs/local>; The new behavior will try to determine the jump host bridge names: 1. Based on IDF mapping, if available 2. Based on PDF network matching with IP addrs on jumphost; 3. Fallback to values passed via '-B'; 4. Fallback to default values hardcoded in the deploy script; Later, we will drop MaaS network env vars in favor of PDF vars, once the PDF template is generating them. Change-Id: If9cd65d310c02965b2e2bfa06a0d7e0f97f1dd48 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-26lib.sh: Use host bridge in favor of virsh networkAlexandru Avadanii1-4/+5
If a linux bridge already exists on the jump host, with the same name as the value passed via `-B` or the default, use it instead of trying to create a virsh network. Change-Id: If7f0753ec366d429ff101c2b37dd68f895903404 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-25Fix or silence all yamllint warningsAlexandru Avadanii1-1/+1
Change-Id: Iface28ab770beee00374afb902ef4f9c983538f5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-11salt master, maas: Move mcpcontrol to 10.20.0.0/24Alexandru Avadanii1-1/+2
Use INSTALLER_IP Jenkins param instead of SALT_MASTER_IP, allowing us to drop SALT_MASTER_IP completely from releng. mcpcontrol IP changes: - 192.168.10.100 becomes 10.20.0.2 (align with legacy Fuel master); - 192.168.10.3 becomes 10.20.0.3 (baremetal MaaS address); JIRA: FUEL-285 Change-Id: I6e2d44c3a8b43846196bd64191735214167a76ce Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-08bash scripts: Fix remaining shellcheck warn/errsAlexandru Avadanii1-1/+1
Fix/silence all shellcheck errors, except for scripts in <prototypes/sfc_tacker>. Change-Id: Idc317cdba0f69b78299f2d3665e72ffc19dd8af5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-08Merge "Move mcp.rsa to /var/lib/opnfv"Alexandru Avadanii1-1/+1
2017-09-08lib.sh: Remove all storage on undefineAlexandru Avadanii1-1/+4
While executing the deploy script via sudo will raise no issues with re-using old storage volume files, non-root deploys fail to change ownership of said files. Properly clean after ourselves when destroying and undefining VMs. JIRA: ARMBAND-311 Change-Id: I7fdd269dccbfd5ab5285d852ac7dacfc4dc5ccd7 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-07Move mcp.rsa to /var/lib/opnfvAlexandru Avadanii1-1/+1
JIRA: FUEL-280 Change-Id: I1e07b0e1597b2a1e4a92e1274f89dda62cb81bb8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-05ci/deploy.sh, lib.sh: Align SSH_KEY with JenkinsAlexandru Avadanii1-14/+21
Jenkins defines a build param also called SSH_KEY, which holds the full path to our MCP private RSA key, as opposed to Fuel@OPNFV, which uses the file basename as SSH_KEY. Switch to using full path in SSH_KEY, while also moving the key outside /tmp. NOTE: When running `ci/deploy.sh` with sudo, key will land in /root/opnfv/mcp.rsa unless SSH_KEY is set via env var. While at it, bring back VM image storage dir param, allowing us to drop one more reference to /tmp. JIRA: FUEL-280 Change-Id: Id1cfa6dbe7b2e6f3915b22281da5957333718401 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-09-04lib.sh: Limit envsubst to certain variablesAlexandru Avadanii1-1/+2
This will prevent envsubst from expanding the SALT_REPO local variable in user-data.template. Change-Id: Idcc3ea827293ac0d3b4059776f90bbbcf807daec Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-29lib.sh: Reuse /tmp/mcp.rsa if presentAlexandru Avadanii1-0/+5
Long-term, /tmp/mcp.rsa should be moved to a persistent location [1], and made configurable via env var / other mechanisms. This will allow us to: - use an existing keypair (provided by end-user in expected path); - login to previous deployment machines (e.g. to cleanup UEFI boot entries before destroying the cluster and rebuilding it); - split deploy in re-entrant stages (salt master only, cluster nodes only; similar to old Fuel, where we could reuse old Fuel VM); [1] https://jira.opnfv.org/browse/FUEL-280 Change-Id: I1e53321ed1cfc217ff95e809c867fa3370c479c9 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-29[virtual] Apply ceilometer/aodh servicesMichael Polenchuk1-1/+1
* run ceilometer/aodh states * wrap common virtual cluster options * get the source image based on timestamps Change-Id: I88f1d63ed4a94eba4ec0a9cf33d36d51c75ae355 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-17Merge "Bring in baremetal support"Alexandru Avadanii1-22/+28
2017-08-17lib.sh: Fix mcp key owner for OPNFV Jenkins jobsAlexandru Avadanii1-1/+4
In case of non-root deploys (i.e. running `ci/deploy.sh` without sudo), the OPNFV Jenkins slave executes it under a user shell, under a root shell, e.g.: $ sudo sudo -u jenkins bash $ echo $USER jenkins $ echo $SUDO_USER root Adjust lib.sh to only use SUDO_USER when it is not "root". Change-Id: I6dd1c8a5dd3a3b02cfb760818d66e99f49709a5b Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-17Bring in baremetal supportAlexandru Avadanii1-22/+28
- ci/deploy.sh: fail if default scenario file is missing; - start by copying reclass/classes/cluster/virtual-mcp-ocata-ovs as classes/cluster/baremetal-mcp-ocata-ovs; - add new state (maas) that will handle MaaS configuration; - Split PXE network in two for baremetal: * rename old "pxe" virtual network to "mcpcontrol", make it non-configurable and identical for baremetal/virtual deploys; * new "pxebr" bridge is dedicated for MaaS fabric network, which comes with its own DHCP, TFTP etc.; - Drop hardcoded PXE gateway & static IP for MaaS node, since "mcpcontrol" remains a NAT-ed virtual network, with its own DHCP; - Keep internet access available on first interfaces for cfg01/mas01; - Align MaaS IP addrs (all x.y.z.3), add public IP for easy debug via MaaS dashboard; - Add static IP in new network segment (192.168.11.3/24) on MaaS node's PXE interface; - Set MaaS PXE interface MTU 1500 (weird network errors with jumbo); - MaaS node: Add NAT iptables traffic forward from "mcpcontrol" to "pxebr" interfaces; - MaaS: Add harcoded lf-pod2 machine info (fixed identation in v6); - Switch our targeted scenario to HA; * scenario: s/os-nosdn-nofeature-noha/os-nosdn-nofeature-ha/ - maas region: Use mcp.rsa.pub from ~ubuntu/.ssh/authorized_keys; - add route for 192.168.11.0/24 via mas01 on cfg01; - fix race condition on kvm nodes network setup: * add "noifupdown" support in salt formula for linux.network; * keep primary eth/br-mgmt unconfigured till reboot; TODO: - Read all this info from PDF (Pod Descriptor File) later; - investigate leftover references to eno2, eth3; - add public network interfaces config, IPs; - improve wait conditions for MaaS commision/deploy; - report upstream breakage in system.single; Change-Id: Ie8dd584b140991d2bd992acdfe47f5644bf51409 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com> Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com> Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-11lib.sh: AArch64: Use VGA video mode for guestsAlexandru Avadanii1-1/+9
On AArch64, there is no Cirrus video, so use VGA mode instead. On Debian systems, also fix a missing link for vgabios-stdvga.bin. Based on previous Armband work from [1]. [1] https://github.com/opnfv/armband/blob/danube.2.0/patches/fuel-library/ arm64-bug-fixes/0002-Install-vgabios-and-link-for-aarch64.patch Change-Id: Ia84ea5536b68e14993b719488375b0041183a767 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-31mcp/scripts: shellcheck cleanupAlexandru Avadanii1-12/+16
Change-Id: I280d540b461341e14de654186016248eba4d3521 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-31ci/deploy.sh: Rework bridge arguments for MCPAlexandru Avadanii1-19/+35
Change-Id: I20d6dedeaa31f7986eaa35be49c5388c3fdb4b83 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-31lib.sh: Use host-passthrough when spawning VMsAlexandru Avadanii1-1/+3
virsh defaults to using "host-model" instead of "host-passthrough", which not only might lead to a small performance hit on x86, it is also causing compatibility issues with libvirt 3.x. Address this by explicitly requesting "host-passthrough" as the CPU model for virt-install. Change-Id: Ia7c5e8ff906c02fed2193c268cbb3594c5607bc6 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-31Set key owner to original user in case of sudoMichael Polenchuk1-1/+3
Change-Id: If964d36ad4f0cb6f1b2caf8544d4e35487f59c6c Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-07-26lib.sh: cleanup_vms: Also remove VMs that use UEFIAlexandru Avadanii1-2/+4
Pass `--nvram` to `virsh undefine`, so guest VMs booted using UEFI (OVMF on x86 or AAVMF on AArch64) can be destroyed. This does not affect VMs without UEFI. While at it, fix logical error in previous commit adding support for cleaning up stopped VMs. Change-Id: I44c20566469f29a8683d81e3641c69da572ccd4e Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-26lib.sh: cleanup_vms: Also remove stopped MCP VMsAlexandru Avadanii1-1/+1
In case the cfg01 & co. VMs are in "shut off" state, `virsh --name` will ommit them, which leads to `cleanup_vms` leaving behind stale VMs. Add `--all` arg to list all VMs, including stopped ones. Change-Id: Ia550a10eb0b40138f87ade709336c2871a8b1cd8 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-19[bugfix]invalid user ‘jenkins’zhihui wu1-1/+1
See https://build.opnfv.org/ci/job/fuel-deploy-zte-pod1-daily-master/456/console In lib.sh, generate_ssh_key() assumes that "jenkins" is the current user name. But on zte-pod1, the ci user name isn't jenkins. It is better to use $USER replaced "jenkins". JIRA:FUEL-273 Change-Id: I6ec6847eccd055b8b4062dd202f8f0a24ba6dd73 Signed-off-by: zhihui wu <wu.zhihui1@zte.com.cn>
2017-07-15mcp: lib.sh: virt-install --noautoconsoleAlexandru Avadanii1-1/+2
When X server is available, virt-install tries opening virt-viewer automatically (for each newly created VM), which blocks the deployment until the user closes the virt-viewer window. Without X, virt-install just throws a warning and moves on. Fix both of the above by passing the "--noautoconsole" argument to virt-install. Change-Id: I7df839aa902f7629dec11d24905fc05d1070f9db Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-13Tune network sysctl optionsMichael Polenchuk1-1/+2
* tune net/tcp opts * handle vcpus setting for vms * fix tempest issue with public subnets visible * set reclass data source to local to avoid git clone Change-Id: Ibac9eba8234ebb20854c03b399405968cb2069e8 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-07-06Enable cinder volume serviceMichael Polenchuk1-1/+1
Change-Id: I29ad8fc0e504779184fdf3795dc82ce1b031dbf8 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-07-05Turn on opendaylight scenarioMichael Polenchuk1-1/+1
* fix formula & reclass cluster model * bring in running states Change-Id: I8e66e69045f5c745f9aa6f59f7ce6d66b5bf1c95 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-07-03Rewrite infra deployment scriptsMichael Polenchuk1-0/+128
* bring in scenario files * shift infra code into functions Change-Id: I650a26d03d842c3afcc7fcb97b84ef4826827a38 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>