As the functions of overrides are upgraded,the
files that depend on the functions of overrides
need to be modified synchronously.This patch and
https://review.opendev.org/#/c/707788/ depend on
each other.
Story: 2007291
Task: 38753
Depends-on: https://review.opendev.org/#/c/707788/
Change-Id: I048c8fe73f8f85df465f2c829812b75be1e4f130
Signed-off-by: songgongjun <gongjun.song@intel.com>
For OVS-DPDK deployments, where tunnel interface is bound to DPDK, there
should be support to transport the tunnel traffic over a VLAN network.
Change-Id: I1e63c9a6eb03a3f78a8592244d7c4b4928164fa5
Changed Nova and Neutron health-probe script to exit if previous
probe process is still running.
The health-probe has RPC call timeout of 60 seconds and has 2
retries. In worst case scenario the probe process can run a little
over 180 seconds. Changing the periodSeconds so that probe starts
after previous one is complete. Also changing timeoutSeconds value
a little to give little more extra time for the probe to finish.
Increasing the liveness probe periods as they are not do critical
which will reduce the resource usage for the probes.
Co-authored-by: Randeep Jalli <rj2083@att.com>
Change-Id: Ife1c381d663c1e271a5099bdc6d0dfefb00d8d73
This reverts commit 1c85fdc390e05eb578874e77fad9d4ec942da791.
Do not use randomly generated strings in configmaps as this leads to
whole helm release redeployment even no values are changed. The random
items have to be generated outside of helm chart and provided via
values.
Also previous behaviour didn't allow to use cache during rolling upgrade
as new pods were spawned with new key.
Change-Id: I423611b18fca0d65e2e721a9c6a0c3d8df0813d2
Removes stale DHCP and L3 namespaces. The cron runs once in 12 hours.
Network namespace cleanup is implemented as a daemonset as Kubernetes
does not have a cronjob that works like daemonset-cronjob.
Network namespace cleanup should run on all nodes where DHCP and L3
agents run.
Change-Id: I7525e493067669026e0d57889a3e3238a2bd1308
The 'options' keyword for setting mtu in 'set interface' does not
set mtu and it seems to ignore/fail the request silently.
Change-Id: Icec98c5166611a8c538f93e6326cf7d20b545ecd
This ps update neutron ovs agent to support properly:
- setting mtu on dpdk bond and nic interface port
- setting vhost-iommu-support on dpdk bond and nic interface port
- setting n_txq values on dpdk bond and nic interface port
Change-Id: I422fa21a622642ecb7c49914fef04073e4f984bc
Implement container security context for the following Nova resources:
- Neutron metadata_agent
- Neutron ovs_agent
Change-Id: If8246450f8ebd62a0c5999f832ec59796355ee78
A recently introduced readiness probe for neutron-ovs-agent makes use of
an OVSDB table entry 'dpdk_initialized' which does not exist in OVS
versions preceeding v2.10.0. This patch changes the readiness probe to
exit successfully if this table entry does not exit. Thereby it does not
give any guarantees for older versions of OVS, but at least allows the
readiness probe to pass.
Change-Id: Ic77c6bdd60730c1a7c5e55fdb4afc6db938f0ddb
Neutron plugins (for ex. TaaS) using their own rootwrap filters install
those filter files in /var/lib/openstack/etc/neutron/rootwrap.d directory.
Therefore this path should be added to neutron values.conf file to let
these plugins function correctly.
Change-Id: Ia76153b50e2e22cb606b8c0f811119b3f71217d2
This patch set is one of many to migrate existing code/script to be
python-3 compatible as python-2 is sunsetting in January of 2020.
Change-Id: I337069203a3273e9aba6a37294ee3c25e5b4870a
Signed-off-by: Tin Lam <tin@irrational.io>
The current configuration expects VF & bonding info by default. This patch
set removes the need to configure them for every deployment.
Change-Id: Id546c113b2d3c42591a0326ee8cd442cccc73578
Python psutil library has not been consistent in behavior
a. gives trucated process names at times
b. the truncated names sometimes contain path to Python instead
of the program name Python runs
Change-Id: I99b77a4c28761a2187e59be4e562d5893ef3caa9
This PS adds octavia chart and its deployment scripts.
Blueprint name : openstack-helm-octavia
- Deployments : api, worker, housekeeping
- Daemonset : health-manager
- health-manager daemonset creates o-hm device on each controller node.
- This is for multi node deployment.
- 180-create-resource-for-octavia.sh : Create openstack resources
(network, sec groups, flavor, keypair, image for development)
- 190-create-octavia-certs.sh : Create certificates to use Octavia
(the certs is passed into pod using secret and volume for development)
- 200-octavia.sh : Deploy Octavia chart
Note: This chart doesn't include amphora image itself and its build.
Change-Id: I0bb7dfc7c15d77287c05a8542347e19fc269aba4
Signed-off-by: hagun.kim <hagun.kim@samsung.com>
This PS updates the test project purge script to target specificly
the desired project by its id.
Change-Id: I54bfaa7727fdad781bdecc31251c1fe53f912c18
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the os purge of the test project to be an optional
operator driven choice, as they will also need to ensure
the project is unique to neutron testing.
Additionally this updates the purge image to be driven by the
charts values.yaml, as with every other image in OSH.
Change-Id: I46807f7c4922a1b411386641eddbd8957ab56f05
Signed-off-by: Pete Birley <pete@port.direct>
This commit adds readiness checks to neutron ovs agent
to check if the ovs and dpdk configurations are working
without errors.
Change-Id: I48277bdbd91ec8121e5fec300aeb646a80a65d29
Rally usually cleans up all its resources in normal executions - normal
test success cases and normal test failure cases. But the generic cleanup
does not work well for out of the system failures like process
interruptions, pod failures, disaster cleanup etc.
This is a known issue in rally-openstack. -
"Current generic mechanism is nice but it doesn't work enough well in real life.
And in cases of existing users, persistence context
and disaster cleanups it doesn't work well."
Hence, if we shall face above such issues, it is becoming impossible
to run "helm test neutron" again because of the stale data
and different quota limits mentioned in the values.yaml.
Hence we need to purge the stale data from the "test"
project as well as reset the quota limit for such scenarios.
For the normal executions, this patch has to do nothing,
but for unexpected failures, this patch will purge the stale data
from test project and reset the quota as defined in
values.yaml for the next run.
Change-Id: I3f6851582e2ac1aa1d375fcd13c07f4f57f45dc8
Python 2 is sunsetting in Jan 2020. We should not be finding python 2
explicitly. This patch removes those calls.
Change-Id: Ie6c9ad77097e662393c5fdd26490ebef25bdc3de
Signed-off-by: Tin Lam <tin@irrational.io>
Enhance the Neutron charts to support configuration parameters for
following additional configurations for deploying OVS with DPDK:-
1. Bonding support
2. Jumbo Frame support
3. Number of Rx Queue and Rx and Tx Queue sizes
Change-Id: I4ee7c8465825cf7d66d175446c4145a8a26b6381
Several sriov drivers (i.e. TaaS, Trunking) require the write permissions
to files in /sys/class/net/ and /sys/devices.
This patchset mounts the host's above mentioned sys-fs folders for the
neutron-sriov-agent container.
Change-Id: I87f51d1ad46bb272beb9401f2b428c81c3dc6f69
Extending the Neutron with configuration parameters and scripts for
deploying OVS with DPDK support enabled. The new functionality takes
care of binding NICs to DPDK and adding those to OVS bridges of type
'netdev'.
Co-Authored-By: Rihab Banday <rihab.banday@ericsson.com>
Change-Id: I9932123986a0b723d7523136940d325bcfde983d
The L3 neutron agent uses the -W flag when adding new iptable rules.
That flag verifies if the lock is free to avoid race conditions. The
lock is normally /run/xtables.lock.
In iptables <1.6.2, if the file does not exist, iptables ignores the
lock and silently continues. Starting with 1.6.2, that behaviour changed
and if the file does not exist, iptables fails:
https://git.netfilter.org/iptables/commit/?id=80d8bfaac9e2430d710084a10ec78e68bd61e6ec
Leap 15.0 is using iptables 1.6.2 whereas Ubuntu Bionic uses 1.6.1.
That is why Ubuntu compute-kit gates where working whereas openSUSE
compute-kit gate was not
This patch fixes the gate problem by mounting /run/xtables.lock
Change-Id: Ia9c648cdf95c9824b34f40a6d9ed538a2cad5154
Signed-off-by: Manuel Buil <mbuil@suse.com>
BGP-MPLS VPN extension allows attachment of Neutron networks and/or
routers to VPNs built in carrier provided WANs using these standard
protocols.
Change-Id: Ib0ec8cb22e9c113d4be1c992d895b565db5e30b0
Remove the readiness probe from the neutron-sriov-agent-init init
container of the neutron-sriov-agent DaemonSet, and use the probe
template for the neutron-sriov-agent container.
Change-Id: Iaa1fbca0b2d5ba1b0c15b82b6e8927c2b7be9f52
