| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
As described in 'Add an EnvoyFilter for HTTP header case' section of
https://wiki.onap.org/display/DW/ONAP+on+ServiceMesh+setup+guide
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I7d52794a9679bdb4c27afa3ebddecd41e561a0a2
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I86a813380de30c2e30c2275d3555f7e231929415
|
|
* Revert "Enable VID" (this reverts commit 2223bfaffa8fe5fb90c578ec71a035f001b9ce22)
* make sure ca-certificates is current
* add ability to configure Docker daemon
* upgrade Ubuntu to 20.04
* update tools, dependencies, Ansible Galaxy collections, Docker, RKE, k8s & charts
* make Prometheus & MetalLB optional
* deploy Istio
* use copy instead of ansible.posix.synchronize
* Allow to set IP address pools in OpenStack
* fix ansible-lint issues
* split big tasks files into smaller ones
* migrate to ansible-core
* add 'make onap' task
* add Devstack deployment
* fix NFS exports
* add Strimzi
* install Docker on operator
* override Nexus only on hosts that need it
* ability to set override file (sm-onap is default)
* ability to set ONAP (OOM) branch
* ability to set Devstack version
* add playbook to deploy everything
* describe how to run playbooks
* save operator0 access information
* install Galaxy deps with dedicated module
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I88cfeeaf281c175340b63909983251ecd62eeb00
|
|
* set remote_src in helm installation
* add umount to clean up nfs mountpoint
* fix pip executable error for Ubuntu 20.04
* make separate volume usage for instances optional
* add ability to set public DNS servers to network creation
* change installation method to command since current stable release of kubernetes.core doesnt support versioning
* hardcode helm push plugin version to 0.9.0
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I5d374db779f6fc1f165eb5efe9b69b8a05c9f388
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Ibe22ba9671724913e1c919f59859bb0ddceeb711
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Iaa87b8b85584a38ea4170f48117ac154f24e0c6c
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Ia23b7ec2f5dbe3ecc1845f245f6377401daebbf0
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: If42f82101ad22631d636b9cadd8a0cef03e53a11
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Id7cfc411a73f11102ef9c90364da986d49dbb888
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I5793219b3daeb3fa11b7e5b27207350b95c9a05a
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I331bf443fc23edcd706f4811d68eb4ba94dac6c8
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Ia9e567b867e6cd0f7988be7c53c034f3335f0320
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Ieb1bdd761099f707223e8b04f5c117dd86ef6b1f
|
|
Bastion rules may cause DNS malfunction sometimes. It won't be an issue
on NFS server but might be on control or operator host.
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I23f49a20257c34475ed02f4c0df036f0ded450f4
|
|
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I8de10257f75e662e8e8809061ec818def0d3f048
|
|
This is needed for Ansible to deploy on operator0.
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I6163942c8157108784008b4e05fc0abe85ee5184
|
|
Current rules may cause kubernetes services to be blocked. This may lead
to a lot of time wasted on debuging issues that aren't to any of
deployed components. After all patches are in place and working we might
try to come up with restricting Security Groups.
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I2f36afefb72df1c4082bc9dda036713f4625ab46
|
|
Also set variables that will be needed to deploy NFS.
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: Ibb033726f040246094f45ec5f1288b4bb4de0ef0
|
|
Python dependencies are now tracked in requirements.txt file.
Issue-ID: INT-1601
Signed-off-by: Maciej Wereski <m.wereski@partner.samsung.com>
Change-Id: I47bbec6ad3e7b9e9fa3ec569d44605b803ac8271
Signed-off-by: mrichomme <morgan.richomme@orange.com>
|
|
This patch adds new network traffic exceptions to the infrastructure
setup step. This change has to be done during the infrastructure setup
step because OpenStack client is not available from within the cluster.
Issue-ID: INT-1601
Change-Id: I5adbce6197d8de6ab2bf7f54c73d6003442674da
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Configuration of the operation machine has to be altered before
commencing in-cluster deployment stage - otherwise in-cluster playbook
will not be even parsable (after changing Ansible control node).
Issue-ID: INT-1601
Change-Id: Ic0fd8d3e36866dd588febfcee8e91f837b46f015
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch creates an in-cluster inventory based on the dynamic one from
creating OpenStack VMs. It will be used at the next deployment stage.
This patch also adds missing documentation on required software to run
these Ansible playbooks.
Issue-ID: INT-1601
Change-Id: Ibf009a2530de989b1927a7a4a2f328fa61c1dd55
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Given current constraints of CI Lab application of Ansible playbooks has
to be divided into several stages (changing Ansible controller between
them). This is why role structure can be flattened for increased
readability.
Issue-ID: INT-1601
Change-Id: I71f95649617e160f7887f03c6a96161fb8873c66
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Relevant review:
https://gerrit.onap.org/r/c/integration/+/116546/#message-dc666a721a0f7ee646626bef6d36e54b7786e38f
Issue-ID: INT-1601
Change-Id: I3a37cb6b2ff8b200dcbad052653e0eac7af10c60
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: I218ec5521d97eab298ea0556f690f2bc3d8ccbfa
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: Ie2c606d7afa191386124a0ad49619de40fb15c06
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: I799f15077437bcd836c5a38a004d974eed64f707
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: I358332725272c44535257648c7fbccaf94d2ac30
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch is required for allowing machine-to-machine traffic within
ONAP cluster with no Vagrant operator involvement.
Issue-ID: INT-1601
Change-Id: I0159b3176ecb3e5783f4f87b9b507824fc411b2b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch creates operator keypair and deploys its public key to all
machines in the cluster. Previously cluster could be accessed from
OpenStack admin machine only.
Additional information added to the "all.yml*" group variables allowed
keeping current roles generic and flexible.
Issue-ID: INT-1601
Change-Id: I6b289ff9a8c9ebe04562671b8f4b4468b543723f
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Image "cirros-0.5.1-x86_64-disk" will no longer be suitable for testing
ONAP infrastructure deployment because it lacks Python interpreter.
Python is required for provisioning ONAP infrastructure VMs using
Ansible.
Issue-ID: INT-1601
Change-Id: I68aa4d941350b1abf32b4d2bc00cbee489af6587
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch adds OpenStack admin management access to the local "root"
user. Admin access is necessary to make changes to the default DevStack
configuration after its creation.
Package "python-openstackclient" is now installed globally (as root).
This is the reason why it requires additional flag
("--ignore-installed") for overriding packages already available on the
system - specifically PyYAML (3.11 available, 3.12 required).
Issue-ID: INT-1601
Change-Id: Ia5a1000f2f2066073c4e4a92fcb823eed17c36fd
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Private key can be retrieved from OpenStack during keypair creation
only. Subsequent attempts to do so will result in getting an empty
string. If private key already exists on the local machine and there is
no guard local private key will be overwritten with an empty file.
This patch adds local private key guard which allows subsequent runs of
"create.yml" playbook without erasing local private key.
Issue-ID: INT-1601
Change-Id: If3b3bb088bc8a2f9494e21e1826ac68adcc7a2cb
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1510
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Change-Id: I74a0e0ddd6d023f6e18ebc41b1affb244a27c0b1
|
|
Issue-ID: INT-1763
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Change-Id: Idde89623869a98ba625a1ee7ffd09596fbb9b62d
|
|
Using "--no-cache-dir" flag in pip install ,make sure dowloaded packages
by pip don't cached on system . This is a best practise which make sure
to fetch ftom repo instead of using local cached one . Further , in case
of Docker Containers , by restricing caching , we can reduce image size.
In term of stats , it depends upon the number of python packages
multiplied by their respective size . e.g for heavy packages with a lot
of dependencies it reduce a lot by don't caching pip packages.
Further , more detail information can be found at
https://medium.com/sciforce/strategies-of-docker-images-optimization-2ca9cc5719b6
Issue-ID: INT-1616
Signed-off-by: Pratik Raj <rajpratik71@gmail.com>
Change-Id: Id3e28faf35f36258362323b4a96bcf0f3f95726b
Signed-off-by: mrichomme <morgan.richomme@orange.com>
|
|
Two issues were detected during testing deployment locally:
- incomplete provisioning if set up from scratch [1],
- leaving DevStack in unknown state if test failed.
[1] https://www.vagrantup.com/docs/cli/up#provision-with-x-y-z
Issue-ID: INT-1601
Change-Id: Ie553ba71a2b56789736ab822f1f1a2e4043f4935
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: POLICY-2794
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: Id9ee90bf303f77c1e6db91ae2ce6a7166934c64d
|
|
Issue-ID: POLICY-2794
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I2d4cffc3350a28ed17ec3aedafd78691c1e11808
|
|
Keeping only symlinks as the markup indicator does not trigger CI on
relevant patches changing documentation contents (there's no change in
symlink).
This can be resolved by dropping symlinks usage entirely. Sphinx and RTD
aren't going anywhere anytime soon.
To make sure all symlinks were replaced following one-liner was used:
$ find . -type l -name "*.rst" -exec readlink -e {} \; \
| xargs -I% git mv -f %{,.rst}
which finds all the symlinks in the repo with "*.rst" suffix, then reads
which file they link to and finally replaces given symlink with that
file.
This solution was suggested by:
Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1672
Change-Id: I120e216b0b48032bb7b80c23cad799cd6f7cca53
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
As of Ansible 2.5+, the recommended way to perform loops is to use the
new "loop" keyword instead of "with_*" style loops [1].
This issue was reported by:
Bartek Grzybowski <b.grzybowski@partner.samsung.com>
[1] https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
Issue-ID: INT-1601
Change-Id: Icf9079fc5c22ac034631397ea46d2b03fb4298ab
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: INT-1601
Change-Id: I3ff59402627e679a6a5dcdb5a64f2d04d1df09cf
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
- 1.15.11 not supported
- 1.15.3 is OK on Nokia lab
- OOM reco is 1.15.x up to frankfurt
Impossible to revert through gerrit
Do it manually
Issue-ID: INT-1677
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Change-Id: I67f8f65aab4d77f8c341b10c195c86a2f8be8901
|
|
it remained in 1.15.3 on windriver lab
It shall be 1.15.11
Issue-ID: INT-1677
Signed-off-by: mrichomme <morgan.richomme@orange.com>
Change-Id: I889cb52ec4d41929b56ae8416584d73430a5bd59
Signed-off-by: mrichomme <morgan.richomme@orange.com>
|
|
This allows easier storage quota changes (without the need to modify
flavors).
Issue-ID: INT-1601
Change-Id: I0fe7557ff6f23eb0e29314ee0d4819893583a294
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Added configuration resembles set of instances already in use for
Service Mesh Proof-of-Concept purposes. Floating IPs were disabled on
Worker and NFS nodes to limit resource usage.
Issue-ID: INT-1601
Change-Id: Ie575c37344da21e71a8e0803e2e5bd2db18d9290
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Having a symlink instead of actual file allows having less changes
between upstream repository and on-premise deployment.
This patch does not affect development environment in any way.
Issue-ID: INT-1601
Change-Id: I489c7ce7084d48ba03962e44d64f56c316bcc56a
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Dedicated network interface is recommended for accessing OpenStack guest
instances [1]. With current Vagrant-based environment "eth2" interface
is expected to be assigned as additional NIC (with "eth0" for Vagrant
host network and "eth1" for Ansible management network).
[1] https://docs.openstack.org/devstack/latest/networking.html
Issue-ID: INT-1601
Change-Id: I3798f94db476eef77d02e6f8f7e078fc4b4e7622
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Additional OpenStack security group and its rules are required to allow
traffic to virtual machines created on DevStack. Virtual machines will
be accessible from 172.24.4.0/24 network (default public IP pool).
Issue-ID: INT-1601
Change-Id: I902f64f542197e329e21790f98662d2e408d4bb6
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Key pair is generated upon host creation and removed after the host is
destroyed.
This patch is based on previous work by:
Krzysztof Opasiak <k.opasiak@samsung.com>
Issue-ID: INT-1601
Change-Id: I9acd0b68a3ee79a0d710c40e0a1cc8470dfacce5
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
Maciej Wereski
Rado Chmiel
Pawel Wieczorek
mrichomme
Pratik Raj
jhh