Age | Commit message (Collapse) | Author | Files | Lines |
|
This is needed for Ansible to deploy on operator0.
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I6163942c8157108784008b4e05fc0abe85ee5184
|
|
Current rules may cause kubernetes services to be blocked. This may lead
to a lot of time wasted on debuging issues that aren't to any of
deployed components. After all patches are in place and working we might
try to come up with restricting Security Groups.
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I2f36afefb72df1c4082bc9dda036713f4625ab46
|
|
Also set variables that will be needed to deploy NFS.
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Ibb033726f040246094f45ec5f1288b4bb4de0ef0
|
|
This patch adds new network traffic exceptions to the infrastructure
setup step. This change has to be done during the infrastructure setup
step because OpenStack client is not available from within the cluster.
Issue-ID: INT-1601
Change-Id: I5adbce6197d8de6ab2bf7f54c73d6003442674da
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Configuration of the operation machine has to be altered before
commencing in-cluster deployment stage - otherwise in-cluster playbook
will not be even parsable (after changing Ansible control node).
Issue-ID: INT-1601
Change-Id: Ic0fd8d3e36866dd588febfcee8e91f837b46f015
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch creates an in-cluster inventory based on the dynamic one from
creating OpenStack VMs. It will be used at the next deployment stage.
This patch also adds missing documentation on required software to run
these Ansible playbooks.
Issue-ID: INT-1601
Change-Id: Ibf009a2530de989b1927a7a4a2f328fa61c1dd55
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Given current constraints of CI Lab application of Ansible playbooks has
to be divided into several stages (changing Ansible controller between
them). This is why role structure can be flattened for increased
readability.
Issue-ID: INT-1601
Change-Id: I71f95649617e160f7887f03c6a96161fb8873c66
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Relevant review:
https://gerrit.onap.org/r/c/integration/+/116546/#message-dc666a721a0f7ee646626bef6d36e54b7786e38f
Issue-ID: INT-1601
Change-Id: I3a37cb6b2ff8b200dcbad052653e0eac7af10c60
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: I218ec5521d97eab298ea0556f690f2bc3d8ccbfa
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: Ie2c606d7afa191386124a0ad49619de40fb15c06
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: I799f15077437bcd836c5a38a004d974eed64f707
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: I358332725272c44535257648c7fbccaf94d2ac30
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch is required for allowing machine-to-machine traffic within
ONAP cluster with no Vagrant operator involvement.
Issue-ID: INT-1601
Change-Id: I0159b3176ecb3e5783f4f87b9b507824fc411b2b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch creates operator keypair and deploys its public key to all
machines in the cluster. Previously cluster could be accessed from
OpenStack admin machine only.
Additional information added to the "all.yml*" group variables allowed
keeping current roles generic and flexible.
Issue-ID: INT-1601
Change-Id: I6b289ff9a8c9ebe04562671b8f4b4468b543723f
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Image "cirros-0.5.1-x86_64-disk" will no longer be suitable for testing
ONAP infrastructure deployment because it lacks Python interpreter.
Python is required for provisioning ONAP infrastructure VMs using
Ansible.
Issue-ID: INT-1601
Change-Id: I68aa4d941350b1abf32b4d2bc00cbee489af6587
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch adds OpenStack admin management access to the local "root"
user. Admin access is necessary to make changes to the default DevStack
configuration after its creation.
Package "python-openstackclient" is now installed globally (as root).
This is the reason why it requires additional flag
("--ignore-installed") for overriding packages already available on the
system - specifically PyYAML (3.11 available, 3.12 required).
Issue-ID: INT-1601
Change-Id: Ia5a1000f2f2066073c4e4a92fcb823eed17c36fd
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Private key can be retrieved from OpenStack during keypair creation
only. Subsequent attempts to do so will result in getting an empty
string. If private key already exists on the local machine and there is
no guard local private key will be overwritten with an empty file.
This patch adds local private key guard which allows subsequent runs of
"create.yml" playbook without erasing local private key.
Issue-ID: INT-1601
Change-Id: If3b3bb088bc8a2f9494e21e1826ac68adcc7a2cb
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Two issues were detected during testing deployment locally:
- incomplete provisioning if set up from scratch [1],
- leaving DevStack in unknown state if test failed.
[1] https://www.vagrantup.com/docs/cli/up#provision-with-x-y-z
Issue-ID: INT-1601
Change-Id: Ie553ba71a2b56789736ab822f1f1a2e4043f4935
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Keeping only symlinks as the markup indicator does not trigger CI on
relevant patches changing documentation contents (there's no change in
symlink).
This can be resolved by dropping symlinks usage entirely. Sphinx and RTD
aren't going anywhere anytime soon.
To make sure all symlinks were replaced following one-liner was used:
$ find . -type l -name "*.rst" -exec readlink -e {} \; \
| xargs -I% git mv -f %{,.rst}
which finds all the symlinks in the repo with "*.rst" suffix, then reads
which file they link to and finally replaces given symlink with that
file.
This solution was suggested by:
Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1672
Change-Id: I120e216b0b48032bb7b80c23cad799cd6f7cca53
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
As of Ansible 2.5+, the recommended way to perform loops is to use the
new "loop" keyword instead of "with_*" style loops [1].
This issue was reported by:
Bartek Grzybowski <b.grzybowski@partner.samsung.com>
[1] https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
Issue-ID: INT-1601
Change-Id: Icf9079fc5c22ac034631397ea46d2b03fb4298ab
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: I3ff59402627e679a6a5dcdb5a64f2d04d1df09cf
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This allows easier storage quota changes (without the need to modify
flavors).
Issue-ID: INT-1601
Change-Id: I0fe7557ff6f23eb0e29314ee0d4819893583a294
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Added configuration resembles set of instances already in use for
Service Mesh Proof-of-Concept purposes. Floating IPs were disabled on
Worker and NFS nodes to limit resource usage.
Issue-ID: INT-1601
Change-Id: Ie575c37344da21e71a8e0803e2e5bd2db18d9290
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Having a symlink instead of actual file allows having less changes
between upstream repository and on-premise deployment.
This patch does not affect development environment in any way.
Issue-ID: INT-1601
Change-Id: I489c7ce7084d48ba03962e44d64f56c316bcc56a
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Dedicated network interface is recommended for accessing OpenStack guest
instances [1]. With current Vagrant-based environment "eth2" interface
is expected to be assigned as additional NIC (with "eth0" for Vagrant
host network and "eth1" for Ansible management network).
[1] https://docs.openstack.org/devstack/latest/networking.html
Issue-ID: INT-1601
Change-Id: I3798f94db476eef77d02e6f8f7e078fc4b4e7622
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Additional OpenStack security group and its rules are required to allow
traffic to virtual machines created on DevStack. Virtual machines will
be accessible from 172.24.4.0/24 network (default public IP pool).
Issue-ID: INT-1601
Change-Id: I902f64f542197e329e21790f98662d2e408d4bb6
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Key pair is generated upon host creation and removed after the host is
destroyed.
This patch is based on previous work by:
Krzysztof Opasiak <k.opasiak@samsung.com>
Issue-ID: INT-1601
Change-Id: I9acd0b68a3ee79a0d710c40e0a1cc8470dfacce5
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch also adds Vagrant provisioners for creating and destroying
OpenStack infrastructure. These are set to never run (unless explicitly
called by the operator) because DevStack instance on a separate machine
might not be ready to provide OpenStack API.
This patch is based on previous work by:
Krzysztof Opasiak <k.opasiak@samsung.com>
Test harness is based on blog post [1] by:
Chris Morgan <me@chrismorgan.info>
[1] https://chrismorgan.info/blog/make-and-git-diff-test-harness
Issue-ID: INT-1601
Change-Id: I031ca7a5a43cca0258dc0dc9e0339182c431898a
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Development guide ("HACKING") is subject to change based on gathered
feedback.
Issue-ID: INT-1601
Change-Id: I8988c8a6e85d215485666690e0c281412a1ce869
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch adds requirements to the parent README file. This will be
changed to ".. include" directive once these READMEs are ready to be
added to the Integration documentation.
Issue-ID: INT-1601
Change-Id: I5bc2aba03689ea2547e713491a62947a54558095
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|