aboutsummaryrefslogtreecommitdiffstats
path: root/mcp
AgeCommit message (Collapse)AuthorFilesLines
2017-08-23states/maas: Add mcp.rsa.pub to authorized_keysAlexandru Avadanii1-1/+4
Add our mcp.rsa.pub RSA key to all nodes, including VCP VMs. This is required for functest to be able to fetch openrc. While at it, add retry wrappers for more VCP VM state.sls calls. Change-Id: I34f79848c52e36de8d981055880321a081420874 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com> Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com>
2017-08-22states/network: parametrize Openstack public netAlexandru Avadanii1-3/+25
Determine public network based on public IPs of compute nodes. Change-Id: I5a6b29a0458b0b839f8fdb3e32616a41d7a621f7 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-22Configure neutron gatewayMichael Polenchuk5-58/+35
Change-Id: I01744bd5728d6fc4c8cd3792aee9759434d18645 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-22Return back infra interfaces configMichael Polenchuk2-2/+2
Change-Id: I4baa9940ae14ef6e084fda7169ec43be7cf3f449 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-22Shift vcp nodes interfacesMichael Polenchuk9-21/+24
* shift vcp nodes interfaces since names started from ens2 * add extra salt sync before vcp start up * run rabbitmq state on 1st node beforehand then the rest Change-Id: Ic2c174c288a5e89f2f28c0d9aa573340190a61d3 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-22baremetal: HA: Standalone openstack_ha stateAlexandru Avadanii2-1/+30
Replicate all calls from "openstack" state to "openstack_ha", while adjusting minor parameters for HA, based on [1]. [1] https://docs.mirantis.com/mcp/1.0/mcp-deployment-guide/\ deploy-mcp-cluster-manually.html Change-Id: Iaf2262fa9c54f2401b69635ff46329ffb856f802 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-22states: maas: Retry applying VCP VMs linux stateAlexandru Avadanii1-1/+1
Running a heavy state like `linux` on all nodes (including VCP VMs) might time out the first time on slower systems. Change-Id: I21a3ad380afafa833f59e14da86aff92e254e9c7 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-21reclass: baremetal: openstack: Fix eth assignmentAlexandru Avadanii6-11/+17
Baremetal support introduced a couple of VCP VMs, which have 2 network interfaces: - primary (ens3 inside x86 VM) - connected to "br-mgmt" bridge on each kvm node, serves for MaaS DHCP / connection to salt master; - secondary (ens4 inside x86 VM) - connected to "br-ctl" bridge on each kvm node, serves for Openstack Management network; However, the reclass model was configured to use a single IP address on the primary interface, breaking the connnection to salt master, while also not connecting the Openstack Management network properly. Fix this by configuring the primary interface for DHCP, while the secondary gets a static IP in Openstack Management network. Change-Id: I9f1d6f080e882bfaae7b5f209bc3c5536826ba06 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-21Cleanup outdated salt keysMichael Polenchuk1-0/+3
Remove keys that are left over from the previous deployment to avoid interfere with the new ones. Change-Id: I0dfa9782cbce9a8e8b7c1efe5954c8ffe85996f9 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-21Swap vcp nodes interfacesMichael Polenchuk1-2/+2
In order to connect to right underlay bridge, swap interfaces. Change-Id: I0ae1f50e8d1f3485404bd7e6eea772cab555b313 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-21Merge "virtual: odl-router: Stop overriding Ubuntu repos"Alexandru Avadanii1-1/+0
2017-08-21Merge "maas: Break infinite loops into finite retries"Alexandru Avadanii1-4/+31
2017-08-21Check out all vcp nodes are availableMichael Polenchuk1-0/+11
Change-Id: I86bb27b323152440e8a885dbf867da433a288dae Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-21maas: Break infinite loops into finite retriesAlexandru Avadanii1-4/+31
While at it, move the bash commands to a separate script file. Change-Id: Ib78b5b7f7083ed866e5d42e8340df7b27198f276 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-19patches: Add missing patch metadata lineAlexandru Avadanii1-0/+1
Change-Id: I35735c0d35c6004c546a704cee3d6d94ce077225 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-19MaaS: Add support for dynamic fabric numberingAlexandru Avadanii6-33/+139
Previously, we hardcoded the fabric name for our 3rd interface (which serves PXE/DHCP for the target nodes) to "fabric-2", relying on predictable index numbers to be provided by MaaS based on the interfaces defined in /etc/network/interfaces. However, the fabric IDs/names generated by MaaS are not predictable, and therefore cannot be hardcoded in our reclass model / scripts. Work around this by: - adding support for fabric ID deduction based on CIDR matching during subnet create/update operation in MaaS py module; - adding support for VLAN DHCP enablement to MaaS py module, which was previously handled via shell MaaS API operations from maas/region.sls; While at it, revert previous commit that disabled network discovery ("MaaS: Disable network discovery"), since it turns out that network discovery was not the culprit for subnet creation failure, but wrong fabric numbering. This reverts commit 8cdf22d1a1bae4694a373873cab4feb6251069b7. Change-Id: I15fa059004356cb4aaabb38999ea378dd3c0e0bb Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-19Merge "MaaS: Disable network discovery"Alexandru Avadanii1-1/+1
2017-08-19maas state: Add debug output to grep query loopsAlexandru Avadanii1-3/+3
Change-Id: Ic47a9dd2d5a4cccc9c4330509d81aba82f777084 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-19MaaS: Disable network discoveryAlexandru Avadanii1-1/+1
In case nodes are already powered on and have an IP in the same range as the new MaaS DHCP one (e.g. from a previous deploy), MaaS API will reject the subnet creation due to overlapping addresses. Try to work around this by disabling network discovery. Change-Id: I70a33c552bf38a7ccbc1bb7e90c21f424f082bc5 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-18Merge "MaaS: DHCP iprange fix: use dynamic, not reserved"Alexandru Avadanii1-0/+1
2017-08-18MaaS: DHCP iprange fix: use dynamic, not reservedAlexandru Avadanii1-0/+1
Without the 'type' parameter set to 'dynamic', MaaS was configured to reserve the IP range instead of allocating it dynamically. This led to IP exhaustion warnings in MaaS dashboard, as well as wrongful IP allocation. Change-Id: I1f2b90bf4cd2393cfab6d4bc17771cef009701c0 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-18maas.region: Add port to all MaaS API URLsAlexandru Avadanii3-3/+3
Change-Id: I6ecc81cc6faf45f33882666b9f537a3e42ad379e Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-18maas.region: Add missing port to maas_urlAlexandru Avadanii1-1/+1
Change-Id: Iae9991f9148ac518696f9f8b57b5a8ca9dded730 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-18linux.network: Fix noifupdown in linux/map.jinjaAlexandru Avadanii2-3/+4
Previous changes attempted to add 'noifupdown' support, but failed to spell it correctly. Fix the typo and also edit the 'maas' state to use simple `salt state.apply` instead of `cmd.run 'salt-call'`. Change-Id: If9889dee896fa100febe0372fe2c4173fc223ee3 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-18MaaS node: Fix dhcp_interface configAlexandru Avadanii1-1/+5
Explicitly configure dhcp_interface for mas01, in order to allow the interface name to be parametrized via "dhcp_interface" _param. Change-Id: I6a2750adc1941c0aa1f94ac9b39133b5bd2388c6 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-18Apply network config on kvm nodesMichael Polenchuk3-5/+6
* re-assign ip from interface to bridge - install bridge utils - make a reboot straight away after network config * change image source for vcp Change-Id: I34506ee161337b5d3a4088cfdf3c082d99ccb695 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-17patches: linux.system.single fixed upstreamAlexandru Avadanii1-26/+0
Fixed upstream in [1], drop our patch. [1] https://github.com/Mirantis/reclass-system-salt-model/commit/573be77 Change-Id: Ieeb9b87cac0418d860bbf04e5e8ffd48898a213e Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-17Merge "Bring in baremetal support"Alexandru Avadanii33-26/+1599
2017-08-17lib.sh: Fix mcp key owner for OPNFV Jenkins jobsAlexandru Avadanii1-1/+4
In case of non-root deploys (i.e. running `ci/deploy.sh` without sudo), the OPNFV Jenkins slave executes it under a user shell, under a root shell, e.g.: $ sudo sudo -u jenkins bash $ echo $USER jenkins $ echo $SUDO_USER root Adjust lib.sh to only use SUDO_USER when it is not "root". Change-Id: I6dd1c8a5dd3a3b02cfb760818d66e99f49709a5b Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-17Bring in baremetal supportAlexandru Avadanii33-26/+1599
- ci/deploy.sh: fail if default scenario file is missing; - start by copying reclass/classes/cluster/virtual-mcp-ocata-ovs as classes/cluster/baremetal-mcp-ocata-ovs; - add new state (maas) that will handle MaaS configuration; - Split PXE network in two for baremetal: * rename old "pxe" virtual network to "mcpcontrol", make it non-configurable and identical for baremetal/virtual deploys; * new "pxebr" bridge is dedicated for MaaS fabric network, which comes with its own DHCP, TFTP etc.; - Drop hardcoded PXE gateway & static IP for MaaS node, since "mcpcontrol" remains a NAT-ed virtual network, with its own DHCP; - Keep internet access available on first interfaces for cfg01/mas01; - Align MaaS IP addrs (all x.y.z.3), add public IP for easy debug via MaaS dashboard; - Add static IP in new network segment (192.168.11.3/24) on MaaS node's PXE interface; - Set MaaS PXE interface MTU 1500 (weird network errors with jumbo); - MaaS node: Add NAT iptables traffic forward from "mcpcontrol" to "pxebr" interfaces; - MaaS: Add harcoded lf-pod2 machine info (fixed identation in v6); - Switch our targeted scenario to HA; * scenario: s/os-nosdn-nofeature-noha/os-nosdn-nofeature-ha/ - maas region: Use mcp.rsa.pub from ~ubuntu/.ssh/authorized_keys; - add route for 192.168.11.0/24 via mas01 on cfg01; - fix race condition on kvm nodes network setup: * add "noifupdown" support in salt formula for linux.network; * keep primary eth/br-mgmt unconfigured till reboot; TODO: - Read all this info from PDF (Pod Descriptor File) later; - investigate leftover references to eno2, eth3; - add public network interfaces config, IPs; - improve wait conditions for MaaS commision/deploy; - report upstream breakage in system.single; Change-Id: Ie8dd584b140991d2bd992acdfe47f5644bf51409 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com> Signed-off-by: Guillermo Herrero <Guillermo.Herrero@enea.com> Signed-off-by: Charalampos Kominos <Charalampos.Kominos@enea.com> Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-13virtual: odl-router: Stop overriding Ubuntu reposAlexandru Avadanii1-1/+0
Keep UCA default apt sources, instead of overriding them with arch specific values from: - system.linux.system.repo.ubuntu Change-Id: I1edc725a97ae6290d316a7916c27fd904f59db04 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-11Merge "maas: region: credentials workaround, force sync"Alexandru Avadanii4-1/+72
2017-08-11Merge "lib.sh: AArch64: Use VGA video mode for guests"Alexandru Avadanii1-1/+9
2017-08-11lib.sh: AArch64: Use VGA video mode for guestsAlexandru Avadanii1-1/+9
On AArch64, there is no Cirrus video, so use VGA mode instead. On Debian systems, also fix a missing link for vgabios-stdvga.bin. Based on previous Armband work from [1]. [1] https://github.com/opnfv/armband/blob/danube.2.0/patches/fuel-library/ arm64-bug-fixes/0002-Install-vgabios-and-link-for-aarch64.patch Change-Id: Ia84ea5536b68e14993b719488375b0041183a767 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-11Revert "Switch distrib revision to testing"Michael Polenchuk1-1/+1
There is no much difference between nightly vs testing repos. This reverts commit 052a1626da71d232431b3a9faf576a76db61f10e. Change-Id: I40f60ddc2c9e1e59c7c4eb0be59ae19b00b7fb9b Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-10maas: region: credentials workaround, force syncAlexandru Avadanii4-1/+72
Workaround the issues described in [1], stating that salt-formula-maas package cannot set an autogenerated PostgreSQL password, respectively the known error thrown during initial setup. FIXME: These should be reverted later, after fixing the MaaS password update and initial artifact sync in the salt formula / scripts. [1] https://docs.mirantis.com/mcp/1.0/mcp-deployment-guide/\ install-base-infra/set-up-bare-metal-provisioner/configure-maas-vm.html Change-Id: I8b37f55d3caa4119c64f9549578850dd4eb9e3ad Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-09Synchronize down all of the dynamic modulesMichael Polenchuk2-0/+1
Sync all of the salt dynamic modules to make sure custom modules, states, grains & etc. are on the target nodes. Change-Id: I04f2ac0465d5381c4c07623e9383619d9b9731de Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-08Switch distrib revision to testingMichael Polenchuk2-1/+1
In order to avoid bleeding edge issues with nightly version of salt formulas, switch to "safe" testing repo source. Change-Id: I9d12f337c3952711cb8843943c23315795064016 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-03Merge "Set ntp servers list"Michael Polenchuk5-56/+22
2017-08-02Merge "reclass: opendaylight: Use UCA default repos"Alexandru Avadanii1-1/+0
2017-08-02Merge "mcp/config: Move scenario defs to separate dir"Alexandru Avadanii8-0/+22
2017-08-02Set ntp servers listMichael Polenchuk5-56/+22
* set ntp sweden servers list for virtuals * wrap common cluster init options Change-Id: I044802998d5498fed969e62bf1ea8c814652f34f Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-02[odl-router] Bring up public network on computesMichael Polenchuk1-0/+28
* apply provider mappings on compute nodes as well * set default route of computes to gateway node Change-Id: I5715e34fd8ecbed87bd7f1b1ed488766af711bae Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
2017-08-01mcp/config: Move scenario defs to separate dirAlexandru Avadanii8-0/+22
Prepare for adding baremetal scenarios by moving existing scenario definitions (intended for deploys on virtual PODs) to their own subdirectory. Change-Id: Iaa75e0b0a9876e4f263fc6bbae796d97848ef99b Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-01reclass: opendaylight: Use UCA default reposAlexandru Avadanii1-1/+0
Current opendaylight pillar enforces a full apt repository cleanup, removing Ubuntu Cloud Archive (UCA) repos in favor of adding pre-hardcoded Ubuntu archive repos. Unlike UCA, main Ubuntu archive is split based on target arch, the main archive.ubuntu.com holding only x86 packages, while the other archs are hosted on ports.ubuntu.com. This leads to adding (only) x86-specific repositories to our AArch64 UCA image. Mitigate this by ommiting "system.linux.system.repo.ubuntu" from the opendaylight pillar, leaving the default UCA repos in place. Change-Id: Ia7033bcb544d8752d5557bbabc92c92c5008b00c Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-08-01salt.sh: Drop upstream clone in favor of local gitAlexandru Avadanii6-11/+289
salt.sh currently clones the full Fuel@OPNFV git repo from upstream public mirror, preventing us from testing locally edited or new patches. Instead, bring back git submodule handling from old f_repos, clone and patch each submodule locally, then copy the whole parent repo over to cfg01. This is also a first step towards implementing offline deploy support. NOTE: This adds new deploy prerequisite packages: - git (for submodule clone/update); - make (for submodule patching); - rsync (for parent repo replication to cfg01); NOTE: Parent repository is expected to be a git repo, in order to work with git submodules. While at it, perform some minor related changes: - add deploy artifacts (ISOs, qcow2 files) to .gitignore, also used to filter-out such files during rsync to cfg01; - remove obsolete Fuel patches (old f_repos mechanism); - rename "reclass-system-salt-model" submodule; Change-Id: I6210d80d41010b2802e4f1b31acf249a18db7963 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-31mcp/scripts: shellcheck cleanupAlexandru Avadanii4-39/+46
Change-Id: I280d540b461341e14de654186016248eba4d3521 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-31ci/deploy.sh: Rework bridge arguments for MCPAlexandru Avadanii1-19/+35
Change-Id: I20d6dedeaa31f7986eaa35be49c5388c3fdb4b83 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-31lib.sh: Use host-passthrough when spawning VMsAlexandru Avadanii1-1/+3
virsh defaults to using "host-model" instead of "host-passthrough", which not only might lead to a small performance hit on x86, it is also causing compatibility issues with libvirt 3.x. Address this by explicitly requesting "host-passthrough" as the CPU model for virt-install. Change-Id: Ia7c5e8ff906c02fed2193c268cbb3594c5607bc6 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
2017-07-31[odl-router] Add missing nodes configMichael Polenchuk1-0/+10
Change-Id: Id7603aa581e4ccdddad1cf93f9434fe95c047800 Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>