New shell commands for management of PTP instances configuration:
- "system ptp-instance-add <name> <service> <hostname or id>"
- "system ptp-instance-delete <name or UUID>"
- "system ptp-instance-show <name or UUID>"
- "system ptp-instance-list" (list all PTP instances)
- "system host-ptp-instance-list <hostname or id>" (host's instances)
Also added REST API to manage the PTP instance table contents.
Test Plan:
PASS: New unit tests for PTP instance API.
Regression:
PASS: Existing unit tests still running with former PTP implementation.
Story: 2009248
Task: 43527
Signed-off-by: Douglas Henrique Koerich <douglashenrique.koerich@windriver.com>
Change-Id: Ia74c55c486562aaac3e093f256b1dba267ed7ff5
- Update the dependencies for python3.
- Made sure that the package is buildable and installable.
- Added missing files.
Story: 2009101
Task: 43047
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: Ia76b0da93cce737ed00b0b1545717ba127f00c44
This commit provides the retimer version of the FPGA device in
the host device query output.
Tests:
Verified that retimer version is displayed when FPGA device exists.
Story: 2008972
Task: 43610
Change-Id: Ic16eab80146cf9ddd2237e2c51097fe014e2be88
Signed-off-by: Teresa Ho <teresa.ho@windriver.com>
For security reasons, system certificate-install deletes the
file passed as parameter after a successful installation.
It shows a warning describing what it is doing:
'WARNING: For security reasons, the original certificate,
containing the private key, will be removed,
once the private key is processed.'
The actual behaviour, however, is different than that. It is
deleting the file regardless of whether it contains the
private key information or not.
That is incorrect. If the file does not contain any private
key, such as ssl_ca or openstack_ca, it should not delete
the file.
This change fixes that: If file has a private key, it deletes
it, otherwise it is kept.
Test cases:
PASSED: Verify that a software patch of this change works
fine with sw-patch cli
PASSED: Verify that files that contain a private key get
deleted after a successful installation, by installing a ssl
rest api certificate (-m ssl)
PASSED: Verify that files that contain a private will be kept
if the installation fails, by testing with a bad file
PASSED: Verify that files that do not contain a private key
are kept after a successful installation, by installing a new
Trusted CA certificate (-m ssl_ca)
Closes-Bug: 1945818
Change-Id: Ie07548d3bb84dda4a1d9e2a365a28febc941663e
Signed-off-by: Rei Oliveira <Reinildes.JoseMateusOliveira@windriver.com>
A lot of work has gone into making sure that StarlingX is python3
compatible. To ensure future compatibility, enable the python3
portability checks. Disable the checks that are raising errors.
Another set of commits will address the offending code.
Story: 2006796
Task: 43194
Signed-off-by: Bernardo Decco <bernardo.deccodesiqueira@windriver.com>
Change-Id: I84b711ade0c21b1872bbb1eeafe9562e0c1e1ae2
Add support for Debian bullseye which runs python3.9.
This was tested by running tox locally on a Debian bullseye
VM.
Story: 2006796
Task: 42931,42925,43099
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: I2b18437db2249ecd7b358c6d1e49023afa3da21a
The Host Hardware Profiles for creating re-usable configuration
templates for hosts are no longer maintained or supported and should be
removed from code. Including : CPU, Interface, Storage and Memory
profiles.
This patch removes profiles from cgtsclient v1 CLI.
Story: 2009163
Task: 43158
Depends-On: https://review.opendev.org/c/starlingx/gui/+/806967
Signed-off-by: Enzo Candotti <enzo.candotti@windriver.com>
Change-Id: Ib7a7b94499cd0b12c866dfb4e983ccecea50ee6f
This commit reunites the code related to user client interface
to use k8s rootca update APIs on sysinv.
Includes commands for
system kube-rootca-update-start
system kube-rootca-update-generate-cert
system kube-rootca-update-upload-cert
system kube-rootca-host-update
system kube-rootca-pods-update
system kube-rootca-update-complete
system kube-rootca-update-abort
Task: 43080
Story: 2008675
Depends-on: https://review.opendev.org/c/starlingx/config/+/805375
Signed-off-by: Joao Soubihe <JoaoPaulo.Soubihe@windriver.com>
Change-Id: I67f938130a9f3d6a4abdcf7b47492226dfbd3ce6
Before this change the code was doing the cert validity check
and stopping the execution if any of the certificates in the
passed in file were invalid.
This change removes the invalid certificate from the PEM
bundle being installed and allows the remaining valid certs
to be installed. The error message is stored and returned at
the end.
Closes-Bug: 1939917
Change-Id: Ic9c45ac15f081576a71472853e6e00ca0017336e
Signed-off-by: Rei Oliveira <Reinildes.JoseMateusOliveira@windriver.com>
Decode can safely be used here since the value contains only "text",
thus no need for an intent to encode specific characters
when passing 'data' dictionary further.
Story: 2006796
Task: 42748
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: I5709d6fec53422beae94521c48ba6303b16455a2
(cherry picked from commit 983e6f4e9048a6f94107b3ee359f058c441be05a)
Fix the deprecation warnings while running the unit tests.
Python3 interprets string literals as unicode strings, so an
"r" is required.
Story: 2006796
Task: 42749
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: I78362e4a8533237b8db19065d6f576121538c8e9
(cherry picked from commit 3d8b5813f686a618ba86fada0e8bb9ce80a9e1d0)
The update provides the support of updating BMC and retimer firmware
for the N3000 device.
Story: 2008965
Task: 42953
Change-Id: Id745bd642d906c917e50d54b02d5923ca6d277a7
Signed-off-by: Teresa Ho <teresa.ho@windriver.com>
Change testenv and pylint testenv from python2.7 to python3.
Change installed version of pylint for tests to be the same as the
ones used in sysinv. Previously no version was pinned.
Add inline pylint warning suppressions.
Story: 2008454
Task: 42617
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
Change-Id: I76b066b0e9bc3614f4819f113e44d29435c5a852
(cherry picked from commit fee9bf0cbdedf7d7dfdafc73e996e815bd93f1f9)
Added support for python 3.9 in the zuul gate. Tested
by running tox locally.
Story: 2006796
Task: 42951
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: I571ff28fc631215b66b4a88649e30e3d3b7368ac
In the DB, a new "kube_cmd_versions" table will be created,
aside from the boilerplate stuff, the important columns
will be "kubeadm_version" and "kubelet_version".
We want to default these to the highest-available
validated version of kubernetes in the load at the time.
There will be only 1 row here and the default will be created
in the DB migration script.
In the API a new endpoint is created '/v1/kube_cmd_versions',
and with this we can get and modify the kubeadm/kubelet version.
Story: 2008972
Task: 42895
Change-Id: Ic848ea777fecab5bda7488df225c2c3e924c2fd5
Signed-off-by: Mihnea Saracin <Mihnea.Saracin@windriver.com>
System host-upgrade prompts the user to confirm the operation on a SX
for any hostname typed, this adds validation to the inputted argument
and rejects the command if the hostname or id typed is invalid.
Also added validation to host-downgrade and kube-host-upgrade.
Tested on a SX, changing the cgts-client and the validation was
sucessfull rejecting invalid ids and hostnames.
Closes-bug: #1934806
Signed-off-by: Iago Regiani <Lago.RodriguezRegiani@windriver.com>
Change-Id: Ia7f48fee1204e4e2178ef5a954621725512cc738
The py2.7 jobs need to specify xenial
The py3.6 jobs need to specify bionic
The focal zuul nodes only have python 3.8 installed in them
The copyright date was updated for some files in order to trigger
the zuul jobs, as a no-delta type of change.
Partial-Bug: 1928978
Signed-off-by: albailey <Al.Bailey@windriver.com>
Change-Id: Ifc7904d4908a5dbe2ffbd9214e5e4c425932afad
Downloading images at application upload enables subclouds to use the
central cloud registry even when the central does not have the same
application applied. This way Central would only need to upload an app
such as Openstack in order to have images available for the subclouds.
This is done by adding an extra option `-i` or `--images` that
defaults to False.
Testing:
* VirtualBox: AIO-DX (Central), AIO-SX (Subcloud)
* Upload an app to the Central Cloud using `--image` or '-i'
* option (without applying it) Upload and apply app at
* Subcloud using the DC registry
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: I706c2bdf233617aadae8506724dde1afbbc1b35b
Closes-Bug: 1925844
The issue is when it executes a system
application-upload in the remote cli it returns
an error "Application-upload rejected: application
tar file /wd/custom_apps/hello-kitty.tgz does not exist"
the reason is because the cgts-client sends the
path of the tarbal, the proposal solution sends
the binary data and save it in a path on controller
Closes-bug: 1926308
Signed-off-by: Rafael Jordão Jardim <RafaelJordao.Jardim@windriver.com>
Change-Id: I6dadef9e86612328ae68fc90564e929646e93dba
Switch type(certificate) and type(obj) to instance since its accords
with python style.
Story: 2006796
Task: 42442
Test:
- Ran unit tests.
- Built iso and ran some smoke tests.
- Tested on general install on controller+storage+workers system,
bootstrapped ok.
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: I03d444f3ae67ab802881b8ede90f1e1c7e9694cc
Ceph components are configured by puppet. Hieradata for it is generated
by sysinv. Currently the configuration is generated using IPs from the
management network.
Allow ceph components to be configurable on cluster-host network.
Create a 'network' parameter for strorage-backend-add command. The
parameter is optional, the rest controller will default the value to
management network.
Example usage:
system storage-backend-add --network cluster-host ceph --confirmed
system storage-backend-add --network mgmt ceph --confirmed
system storage-backend-add ceph --confirmed
Updated unit tests.
Added unit test for component that generates the ceph monitor ips for
hieradata.
Tests:
1) AIO-SX: add ceph using --network cluster-host, unlock, ip is from
cluster-host network.
2) STANDARD 2+2: full deploy, no --network parameter, everything as
before.
3) storage-backend-modify and storage-backend-add allows only 'mgmt' and
'cluster-host' network parameter.
4) storage-backend-modify does modify the network before the first
unlock; is rejected for network parameter after first unlock.
Story: 2008843
Task: 42350
Task: 42351
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
Change-Id: I681ccb3302b8f233424bc291e08675a4dc2b10f7
Prettytable and six are required dependencies that were not listed
in the requirements.txt.
Story: 2006796
Task: 42071
tests:
- Ran build test.
- Ran basic smoke test with resulting RPMS and iso.
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: Ib047e61487ed26792930c80db167920afc21c66c
The changes of https://review.opendev.org/c/starlingx/config/+/782575
was used to test the cgts-client, so it is need to be merged first.
Removing python-neutronclient because this dependency is unnecessary,
it was removed by copying a few very small utility functions from
python-neutronclient into the cgtsclient.
Development: When I was trying to find things to modify I followed the
approach of build the client, get the tar file, I set up 2 environments
one based on python2 and another python3, I installed the tar client
in both environments and i exported the env vars that the client expect
to get to request the controller, and doing that I could switch between
the two python and indentifying what I should modify.
Test: After all the modification I built an ISO and I installed that
to run some commands and check if my changes got any side effects. After
that followed the procedure to update the remote CLI docker image and
insert the updated client there and I test this new image in the
remote CLI.
Story: 2007106
Task: 42268
Depends-On: I5086832605752bdb00a40a24596494c8fd987692
Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com>
Change-Id: Ibf919260693f1cbe99993d1de01ecf785d604839
This commit adds additional attributes to enhance the current
addrpool-add CLI. With this change, the addrpool-add CLI can create
the addrpool with additional values including: 'floating_address',
'controller0_address', 'controller1_address' and 'gateway_address'.
Test:
Fresh install on an AIOSX, add addrpool with or without these
attributes successfully by system addrpool command.
Story: 2008774
Task: 42206
Signed-off-by: Yuxing Jiang <yuxing.jiang@windriver.com>
Change-Id: I80955180e90accdcb6ce0c65dded2986f4a9c8ec
- Replace 'range' with six.moves.range.
- Replace 'zip' with six.moves.zip.
- Reaplace 'map' with six.moves.map.
- Replace a/b with a//b to use interger division on python3.
- Replace dict.keys() with list(dict.keys()) to get a list on Python
3. On Python 3, dict.keys() now returns a view.
test:
- Changes were tested by running tox py27 and py36.
- Build iso with added changes and ran some basic functionality
Story: 2006796
Task: 41887
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: I5086832605752bdb00a40a24596494c8fd987692
In order to add flexibility we want to allow specifying CPU
function by range, rather than just by count.
This will allow us to run something like this on the CLI:
system host-cpu-modify -f application-isolated -c 3-5,25 controller-0
There are a couple complications to be aware of. First, sysinv will
NOT automatically add any missing SMT hyperthreads if the host has
hyperthreading enabled. Second, when specifying CPU function for
a different function via the CLI the range specification is lost and
gets converted to a simple count. This implies that (for the CLI)
only one function can support a range-based specification, and it
must be specified last.
Story: 2008760
Task: 42180
Change-Id: Id21d9968b6b0b59e163f42098be7a6f0e6ef739d
Signed-off-by: Chris Friesen <chris.friesen@windriver.com>
This update allows the user to change the system_mode on a subcloud
from simplex to duplex using the system modify command. The sysinv DB
and the platform.conf will be updated with the new system mode. The
semantic checks were modified to ensure that changing from duplex to
simplex is prohibited. The changes also include support for updating
the OAM networking config using the oam-modify command.
Story: 2008587
Task: 41885
Signed-off-by: Melissa Wang <melissa.wang@windriver.com>
Change-Id: If7c14222ca66323225400ed88f214655f33fe615
This update is to allow the option primary_reselect configurable for
aggregated ethernet interface. The option is to prevent reverting
between the primary slave and other slaves.
Story: 2008706
Task: 42057
Change-Id: Icacc0bd2d5e42bf2e5db1505fd676c628dbe3ed1
Signed-off-by: Teresa Ho <teresa.ho@windriver.com>
Adding the functionality of using the flag -f or --force with
system application-remove or system application-delete
Story: 2007960
Task: 42016
Signed-off-by: Suvro Ghosh <suvrojeet.ghosh@windriver.com>
Depends-On: Ia1017b7eff0d9bd73b6448f2c4790f7e2b89c828
Change-Id: If68d66d799addcd996da4b146d092c855b455aa3
New fields was created for the system object.
Changes was made to include GEO location attributes (latitude,
longitude) to the system object and adding a way to retrieve and
modify those attributes using the API and CLI.
Updates on: DB system model; DB migration; System object fields;
API fields; CLI fields; API documentation.
Story: 2008570
Task: 41721
Signed-off-by: Daniel Pinto Barros <DanielPinto.Barros@windriver.com>
Change-Id: I86f124c44d80896427e3ac1bc799fe34588ae942
Introduces a new sysinv config API for retrieving the Kubernetes
cluster access information and security credentials (if configured).
The information may be used to configure a remote Kubernetes client
with the required configuration to use the Kubernetes API with
administrative privileges with either client certificate authentication
or token authentication for the kubernetes-admin service account.
The following information is available for each cluster:
Kubernetes Cluster Name (kubernetes)
Kubernetes Release Version
Cluster API Endpoint URL
Cluster Root CA Certificate
Admin Client Certificate
Admin Client Key
Admin User Name (kubernetes-admin)
Admin service account token
Story: 2008630
Task: 41836
Signed-off-by: Matt Peters <matt.peters@windriver.com>
Change-Id: Ib81c7fcc3a577c1209ab3a0dd882552ba3d2b9db
This commit adds SR-IOV device plugin support for forward error
correction (FEC) devices that are enabled on an Intel ACC100 (Mt.
Bryce). The Intel ACC100 is mounted on Lisbon ACC100 Card.
The FEC device is intended for use by a DPDK application. It is
presented to the system under resource name: "intel_acc100_fec."
An example usage to modify the device:
system host-device-modify <host> <device_name> \
-e true \
--driver igb_uio \
--vf-driver <driver> \
-N <num_vfs>
And example assignment to a pod:
resources:
requests:
memory: 4Gi
intel.com/intel_acc100_fec: '16'
cpu: 6
limits:
hugepages-1Gi: 2Gi
memory: 4Gi
intel.com/intel_acc100_fec: '16'
cpu: 6
Story: 2008440
Task: 41403
Depends-On: https://review.opendev.org/c/starlingx/stx-puppet/+/775253
Depends-On: https://review.opendev.org/c/starlingx/integ/+/775252
Signed-off-by: Babak Sarashki <Babak.SarAshki@windriver.com>
Change-Id: I831fd16a0410ee988365c067789f760139274ec8
This is an experimental feature in stx5.0.
This commit enables following commands for the edgeworker node:
system host-add/system host-update/system host-delete
After the host being added/updated, the mgmt ip of an edgeworker
node will be assigned during the configuration process of it.
There will be limitations of edgeworker nodes before the final
phase of the feature finished:
- The Kubernetes provisioning requires ansible playbook triggered
manually.
- Gather node HW information is not supported.
- Configure node from controller is not supported.
- Manage node lifecycle is not supported.
- Update/upgrade node is not supported.
Story: 2008129
Task: 40862
Change-Id: I7e6de65ba848d9468a4e5afddd16b1cd9e3cd7dd
Signed-off-by: Mingyuan Qi <mingyuan.qi@intel.com>
Depends-On: https://review.opendev.org/c/starlingx/config/+/761716
This feature is part of 'Single NIC support'.
This commit implements the rate limit on VFs in terms of
max_tx_rate leveraging hardware NIC driver capability.
And adjust sriov-device-plugin config.json to make it easy
to allocate rate limited VFs to the target Pods.
Story: 2008470
Task: 41508
Depends-On: https://review.opendev.org/c/starlingx/config/+/770132
Signed-off-by: Litao Gao <litao.gao@windriver.com>
Change-Id: I3b609296b6b5b872f0bb0bd9733740b01e9d421c
This feature is to allow user to configure CaaS and Data networks
to single VF capable NIC during ‘Host interface configuration’
before unlock operation.
This commit introduce a new subinterface type which is used to
support for ethernet subinterface creation over pci-sriov class
ethernet interface.
Story: 2008470
Task: 41505
Signed-off-by: Litao Gao <litao.gao@windriver.com>
Change-Id: I2c148d24c73854e59ebb2be122e97017c6235c89