Commit Graph

507 Commits (master)

Author SHA1 Message Date
Harald Jensås 31896d86b8 Set bmc_other_ports port_security_enabled: false
We are seeing error in BMC console on some clouds:
  Error, some other host (<% MAC_ADDR %>) already uses
  address <% IP ADDR %>.

Set port_security_enabled: false on BMC other ports.

Closes-Bug: #1997561

Change-Id: I178bd5c642ac8c54c94cd854452f9bcebf697fba
6 months ago
Dzmitry Stremkouski 002b2d201b Improving parameters processing
- parametrize BMC credentials.
- adding ability to set variables from the ENV to avoid sensitive
  data leak to a terminal or process listing.

'required=True' has been removed from the '--instance' parameter
to allow setting it from the ENV.

Change-Id: Ida5df11fc3c50dcdabd2741b9a8abfa5fb87ed45
9 months ago
Steve Baker e7f4a60f4d Build a minimal bmc clouds.yaml
Currently every auth attribute (including every service endpoint
version) ends up in the generated BMC clouds.yaml, but most of these
values are not required and are discovered via the catalog.

This change builds a bare-minimal clouds.yaml.

Change-Id: Ic408cefa03f0c1ae7ba00fa891aa4bf3f81b3d1e
10 months ago
Steve Baker ae8499e00d Support setting any interface in build-nodes-json
build-nodes-json now has an --interface argument which allows setting
any of the supported ironic node interfaces. For example, the
following will result in "boot_interface": "pxe" being set for every
node entry:

--interface boot=pxe

Change-Id: I209456464e5e605f777b02869e3aae4c9c192fe5
10 months ago
Dariusz Smigiel 6caa316959 Install updated CA certs for CentOS 7
During a process of building BMC image, CentOS 7 gets certificate
It needs to be updated, before the process continues.

Change-Id: Id90883fbcc9410040fa7c7889b555ccc8da6db1c
1 year ago
Marios Andreou 9bb446514e Use python jobs template for Zed
The current master should be compatible with the Zed
release of the other projects. oslo.log dropped support
for py36 see related-bug

Related-Bug: 1974244
Change-Id: I5362ca355e23830bc48f61b4a580de4a5edac423
1 year ago
Steve Baker 77782cf903 Add bmc host support for centos-9-stream
This change allows the BMC to install and run on centos9-stream.
centos-8 is skipped to reduce the required support matrix, centos-7
support can be removed once known OVB tooling is upgraded.

Then, pre-built image support can be restored, and also feature work
can be resumed in a modern python3 environment (such as implementing a
redfish endpoint).

Change-Id: I81565726f18d11c906ed23295d8acf5e18a9c2fe
1 year ago
Zuul 6ec7ccd34d Merge "Simplify bmc repo setup and installation" 1 year ago
Zuul 2628ebca77 Merge "Explicitly support only centos-7 on the bmc host" 1 year ago
Steve Baker ce863ae11c Make ipxe-boot image EFI capable
This refreshes the ipxe build makefile to build an image
that works in both legacy BIOS and UEFI environments.

This makes the following changes:
- Moves the ipxe submodule commit to current master
- Creates an EFI partition efi.img containing ipxe.efi
  as the default binary
- Builds ipxe-boot.img as an MBR/GPT hybrid ISO which boots
  and runs iPXE in both legacy BIOS and UEFI environments
- Stop creating ipxe-boot.qcow2 since the conversion from
  ipxe-boot.img has an incorrect EFI partition, and there is
  no real benefit over the raw image anyway
- Refresh the documentation for how to upload the images to
  an OpenStack cloud, remove the redundancy from ipxe/README

Change-Id: I720ed5aaa0d55ded73e01aaba9db66602adc26cd
1 year ago
Steve Baker f36b5cc6eb Simplify bmc repo setup and installation
This makes the following changes to simplify the install of pyghmi and
its dependencies:
- Bootstrap installing tripleo-repo by curling delorean.repo instead
  of a wget tree search to find the tripleo-repo rpm
- Install pyghmi from rpm, it has been packaged for years and
  installing by pip was intended to be temporary
- Do not install unused jq, git, pip

Change-Id: I43206770283cf9a8a6cc7ac2e71f7800238e1690
1 year ago
Steve Baker 01d82d7544 Explicitly support only centos-7 on the bmc host
This change removes the pre-built image support and explicitly
installs for centos-7 base images. There are likely no pre-built image
deployments in the wild, they all appear to use a base centos-7 image
(this includes the bmc-template image used in RDO CI).

This change is the first in a series to upgrade the BMC host to CentOS
versions 8 and 9-stream.

Change-Id: I136b16528b722a6d38235ffcd571f3591d29e679
1 year ago
Harald Jensås ad0b75e870 Fix indentation error chrony.conf dhcpv6-relay.yaml
The CloudConfig write_files entry fro chrony.conf is
a nested list, instead of an entry. The file does not
get written.

Change-Id: I5ff6b81c6aaf454fad93e7c2fe2ff5ac68b91261
1 year ago
Zuul 564b18f3d5 Merge "fix typos" 2 years ago
Zuul e757f3c6f4 Merge "Set explicit boot mode even for bios boot" 2 years ago
Zuul 85cb25516c Merge "Use OS::Heat::None for extra role BMC" 2 years ago
Zuul b0c58fe6e1 Merge "Handle bmc-none in" 2 years ago
Steve Baker 041df632fc Set explicit boot mode even for bios boot
OVB correctly detects when the image is UEFI boot enabled and sets
boot_mode:uefi. However non-UEFI images will use the ironic configured
default, and this will soon change from 'bios' to 'uefi'.

This change explicitly sets to boot mode to either 'bios' or 'uefi'
based on discovered image properties so that ironic defaults can
change without causing CI failures.

Change-Id: If97d33aee65a05f6fb860eb4f3c1655bc4605908
2 years ago
Sagi Shnaidman fb6700fcdb Hide curl command with auth token from logs
Curl command contains auth token to cloud and it's printed in
console, let's hide it with "+x".

Change-Id: I3cd61678de85c487335802019d3308f4c854636e
2 years ago
Hervé Beraud 85b8b79236 fix typos
Change-Id: Ibe68633ae840764afaf010b521f3ecbe5e189101
2 years ago
Harald Jensås 137394737d Use OS::Heat::None for extra role BMC
The example's environments/base-extra-node.yaml
and environments/base-extra-node-all.yaml uses a
CentOS image to create undercloud like extra nodes.

There is no need for a virtual bmc for the servers
in this role. Set the BMC to OS::Heat::None so that
no BMC instance is created for this role.

Change-Id: I502de0a2e0352078e8f187cc0592f49ec0a9d65d
2 years ago
Harald Jensås fa2c425843 Handle bmc-none in
When there are less bmc_ports, compared to bm_ports filter
away bm_ports without a match bmc_port and set up the
baremetal to bmc pairs in bmc_bm_port_pairs.

All bm_ports are returned, and used with the new separate
function to build network_details. The new bmc_bm_port_pairs
is used with the _build_nodes method to create the a "nodes"
section containing only the bm nodes with a bmc port peer.

This is useful when using multiple roles, where one role
is hosting extra nodes that is not intended as virtual
baremetal nodes.

Change-Id: Ifc36d15b72c7421d7e0ec810d1ead17f4232b3ab
2 years ago
Harald Jensås 23914fab1a build-nodes-json - use ports by default, mac is deprecated
The mac field in TripleO nodes JSON has been deprecated
since Rocky. Let's switch to use the 'ports' field by

Add the argument '--use-mac' to allow the user to choose
to use the legacy "mac" field.

Change-Id: I3728bb8589a82fea71f54505c6f7c17e79d8378e
2 years ago
ramishra a3b959f150 Revert extra node BMC mappings
Partially reverts Ib7ac727d29012427a11ddb4dd6e51a3534d8aece.

Change-Id: I352ed61a2b44ec9b2f0d4d44332182b43152d9ea
2 years ago
Zuul d16033b032 Merge "Add doc/requirements" 2 years ago
ramishra 575a83645a Fix the config_drive property in virtual_baremetal_server.yaml
An error in the last patch:/


Change-Id: Ib08ba08fe8b7c9bec7e98f7bd0cc51653480d8ee
2 years ago
ramishra d6452234c0 Add baremetal_config_drive parameter for baremetal instances
This also sets OS::OVB::BMC to OS::Heat::None for the extra
nodes roles.

Change-Id: Ib7ac727d29012427a11ddb4dd6e51a3534d8aece
2 years ago
ramishra cfaf78da7f Add config-drive to extra node environments
This is required for scenarios that use extra nodes.

Related-Bug: #1929384
Change-Id: Ic7f0aa563ca7ca771edbddb01281139d7b50adee
2 years ago
Sandeep Yadav b58913d865 Add config-drive in parameter_defaults
We added support to explicitly request config-drive
for BMC and Undercloud type instances in [1]. Default
is false.

Adding similiar option in parameter_defaults will ease overriding
environments/base.yaml in ovb-manage role generate_template.yml[2].

[1] 306ec29aec

Change-Id: I7bbdc80684147c72561c0434b3217e41bd2a0995
2 years ago
Harald Jensås 306ec29aec Add support to use config-drive
Add support to explicitly request config-drive
for BMC and Undercloud type instances.

NOTE: config-drive is always disabled for the
virtual barmetal intances. This is already hard
coded in virtual-baremetal-servers.yaml and

Related-Bug: #1929384
Closes-Bug: #1929419
Change-Id: I1f6454363b5d8a5c325afe194ed1484ff618f729
2 years ago
yatinkarel 02cdcbb752 When private network is created suffix it with identifier
It's needed when environments/create-private-network.yaml
is used with ovb jobs where '--id' is used, in this
case each ovb env should have seperate private network
with different id.


Change-Id: Icf5c87ae1ab083a143a0f3f8a991426bb5433c37
2 years ago
Hervé Beraud fa7e59644d Add doc/requirements
We need to specify doc requirements in doc/requirements.txt
to avoid problems with the pip resolver [1] for the release team [2][3].
Removing specific doc requirements from test-requirements.txt.

The problem here is that this repos haven't doc/requirements.txt file
and by default in this case zuul will use the test-requirements.txt file
to pull requirements [4].

This requirements file contains extra requirements like flake8 that
collided with those allowed in our job environment and so the new pip
resolver fails to install these requirements and the job exits in error.

This project meet the conditions leading to the bug however it doesn't
produce any doc or releasenotes, but uniformization can't hurt and help
us in the future.


Change-Id: I746d4b743924eefeb606e8516e2f60244b977c92
2 years ago
Hervé Beraud 5f3febe70f Replace deprecated UPPER_CONSTRAINTS_FILE variable
the new environment variable name that replaces it [1].

This allows to use upper-constraints file as more
readable way instead of UPPER_CONSTRAINTS_FILE=<lower-constraints file>.


Change-Id: Ic1b791ae72a77ee716983b2cc4dd1903b5ce4613
3 years ago
Harald Jensås 2a08c50da8 Add option to strip '--id' from physical_network
When using routed networks it is required to set the
physical_network property for baremetal ports. The
'--physical-network' option makes the build-nodes-json
command add this.

Whith this change the '--id' arg can be used with the
build-nodes-json command to strip the id added with the
deploy commands '--id' option from the resource name
when setting the physical_network property.

 ovb-build-nodes-json --env my-env.yaml \
   --nodes_json instackenv.json \
   --physical_network \
   --id <ID-to-strip>

Change-Id: Ic5fea591464a9f8bb91bcaef9a99d0b9e994e19e
3 years ago
Zuul 677467cd27 Merge "Enable net.ipv6.conf.all.forwarding on dhcpv6-relay" 3 years ago
Harald Jensås f51430d1ce Enable net.ipv6.conf.all.forwarding on dhcpv6-relay
The dhcpv6-relay acts as both DHCPv6 relay and router
with radvd. Introspection and provisionin baremetal
nodes in the OVB environment fail's with connection
timeout unless net.ipv6.conf.all.forwarding is enabled.

Change-Id: Ida15d7e5c573ea09f8e6929d70901408330dc8e8
3 years ago
Harald Jensås 4dedbd95c4 Add --id support for routed network resources
Append the 'id' to router resources, and also the server
name for the dhcpv6-ralay

Change-Id: Ic72bb921f5f23acf49eb2f967e242031ae87fa94
3 years ago
yatinkarel ff4d8fa4e2 Fix type of public_net_allocation_pools added support
of allocation_pools, but set type of public_net_allocation_pools
to comma_delimited_list which causes below issue because for
comma_delimited_list, list items are converted to string:-

Property error: :[0]:
"{'end': '', 'start': ''}" is not a map

We need to use type: json to get it work, this patch fixes it.

Related-Bug: #1874418
Change-Id: Iaebb297e5018ce8db6dd1f67a308e7707117fe03
3 years ago
Zuul b82dc6dfc9 Merge "Add IPv6 radvd and dhcpv6 relay support" 3 years ago
Alex Schultz a953a5ebb4 Switch from openstackcli to openstacksdk
The openstackcli is super slow at scale (e.g. many nodes) so this change
inlines a python script ot leverage openstacksdk to query the network
and port information to writeout the bmc service files and os-net-config
configuration files.

Change-Id: I1e3d8934071cde12a6be7f1212eb6a85aa2eeafd
3 years ago
Zuul b3a214a501 Merge "Add allocation-pool support for the public_net" 3 years ago
Zuul f4008540c6 Merge "Add prefix --id support for the radvd and dhcrelay" 3 years ago
Harald Jensås ccec11f9c8 Add allocation-pool support for the public_net
TripleO CI uses statically for the undercloud's
public interface. When using extra node in some job's
there is sometime a conflict, because the extra node get's
the address allocated.

Adding support to define the allocation pools on the
public_net allows TripleO CI to define a pool with the address eliminated.

A good practice would be to set up OVB to use
[{start:, end:}], and then configure
the undercloud/overcloud deployed on the OVB infrastructure
to use addresses in the range

The parameter public_net_allocation_pools controls the
allocation pool setting, by default all addresses of the
subnet is in the pool.

Related-Bug: #1874418
Change-Id: Ieca4864e069148abb49eb709bf7f48a14ef04e77
3 years ago
Zuul b07ad26446 Merge "Add undercloud public IP to quintupleo output" 3 years ago
Harald Jensås 6b3d7f1aaa Add prefix --id support for the radvd and dhcrelay
Add prefix support for radvd and dhcrelay instances.
Also adds missing parameters for these instances in
the sample env generator environment.

Change-Id: I86bd6b014b62c3a382458f68443cfb02ed2e7031
3 years ago
Hervé Beraud 99841adb93 Stop to use the __future__ module.
The __future__ module [1] was used in this context to ensure compatibility
between python 2 and python 3.

We previously dropped the support of python 2.7 [2] and now we only support
python 3 so we don't need to continue to use this module and the imports
listed below.

Imports commonly used and their related PEPs:
- `division` is related to PEP 238 [3]
- `print_function` is related to PEP 3105 [4]
- `unicode_literals` is related to PEP 3112 [5]
- `with_statement` is related to PEP 343 [6]
- `absolute_import` is related to PEP 328 [7]


Change-Id: I292be888fef955705fae5e29c27d4083ae455d59
3 years ago
Harald Jensås dad3208384 Add undercloud public IP to quintupleo output
Add the public IP of the undercloud to the stack output
so that it's easily available to configure the public
interface on the undercloud with the correct IP statically.

Change-Id: I90ad37cc683f1640464eb7b2ccfb3ba5d107f259
Related-Bug: #1874418
3 years ago
Harald Jensås 135786a9ca Add IPv6 radvd and dhcpv6 relay support
Add a new templates to configure radvd and dhcpv6 relay.

For IPv6 routed network the radvd daemon and the dhcpv6
relay is hosted on the same instance.

Since we do not want the networks in the OVB infra to
provide any DHCP or auto configuration we cannot use
neutron routers for provisioning network routing. The
instance running dhcpv6 relay and radvd will also be
the router for the provisioning networks.

Bump template version in undercloud-networks-routed.yaml
to version 2015-10-15. Need this version to avoid error:
  'Items to join must be strings not
   {u'str_split': [u'/', u'fd12:3456:789a:3::/64', 1]}'

Change-Id: Ib95f7d7cfd3d2318ac4f4f44f22955b0c18c465e
3 years ago
Harald Jensås 7000097d2e ipv6-radvd - resolve mtu from provisioning network
Currently the advertized MTU is hardcoded to 1450.
1450 is to high in case of geneve tunnels on a net
with mtu of 1500 in the underlay.

Automatically get the mtu from the network via the
port on the provisioning network.

Change-Id: I0725b6357bda6219ca49127184f6121167f4f319
3 years ago
Jesse Pretorius (odyssey4me) 23c0c73e5f Change ipxe-boot image to try all interfaces
The current implementation will only try an iPXE
boot from eth0. This patch sets it to try all
interfaces up to 10 attempts, then reboots and
starts again.

Change-Id: I9259a275f5f1f248905755ec5955ace5b67fc2bd
3 years ago