This reverts commit 850269646f5b4b30f3bf43f65cc0d244c09e0ed5.
Reason for revert: a patch is being applied on top of the original
change (https://review.opendev.org/c/starlingx/stx-puppet/+/938636)
which ensures that the interfaces in the auto file are ordered as
follows: lo -> eths -> bondings -> slaves -> vlans -> labels. This
guarantees that the interfaces are properly initialized at boot,
effectively fixing the issue that caused the change to be reverted in
the first place.
This commit replaces the apply_network_config.sh script by the Python-
coded equivalent apply_network_config.py, and includes automated tests
for it.
The original scripts apply_network_config.sh, network_ifupdown.sh and
network_sysconfig.sh are being marked as obsolete and shall be removed
in the future.
Flake8 test has been changed to include all files in the
puppet-manifests folder, adjustments had to be made to
puppet-update-grub-env.py, k8s_wait_for_endpoints_health.py and
change_k8s_control_plane_params.py for conformance.
Tests:
1. Installation
[PASS] AIO-SX IPv4 full install on virtualBox
[PASS] AIO-DX IPv6 full install on virtualBox
[PASS] AIO-DX IPv4 full install on a physical lab
[PASS] AIO-DX IPv6 full install on a physical lab
2. Network configuration change
For this test, a regular AIO-SX setup on VirtualBox is used with
default settings:
Address pools
- oam-ipv4: 10.20.6.0/24
- management-ipv4: 192.168.204.0/24
- cluster-host-ipv4: 192.168.206.0/24
Interfaces
- lo (lo, platform): management, cluster-host
- enp0s3 (oam0, platform): oam
- enp0s9 (data0, data)
- enp0s10 (data1, data)
Procedure:
- Lock host
- Execute sequence of commands
- Unlock host
- Wait for the host to unlock-reboot
- Check that kernel networking config reflects sysinv config
- Check that files in /etc/network/ were correctly generated
- Check that logs in /var/log/user.log are coherent
- Reboot host
- Check that interfaces are correctly initialized on boot
[PASS] Test 2.1: Add IPv6 stack, add addresses and routes to data1
system addrpool-add oam-ipv6 fd00:: 64 --ranges fd00::1-fd00::ffff \
--order random --floating-address fd00::3 --gateway-address fd00::1
system addrpool-add management-ipv6 fd01:: 64 \
--ranges fd01::1-fd01::ffff --order random \
--floating-address fd01::1 --controller0-address \
fd01::2 --controller1-address fd01::3
system addrpool-add cluster-host-ipv6 fd02:: 64 \
--ranges fd02::1-fd02::ffff --order random --floating-address \
fd02::1 --controller0-address fd02::2 --controller1-address fd02::3
system network-addrpool-assign oam oam-ipv6
system network-addrpool-assign mgmt management-ipv6
system network-addrpool-assign cluster-host cluster-host-ipv6
system host-if-modify controller-0 data1 --ipv4-mode static \
--ipv6-mode static
system host-addr-add controller-0 data1 177.201.1.2 24
system host-addr-add controller-0 data1 bd01:201::1:2 64
system host-route-add controller-0 data1 208.166.11.0 24 177.201.1.111
system host-route-add controller-0 data1 af04:11:: 64 bd01:201::111
[PASS] Test 2.2: Move mgmt and cluster-host networks from lo to eth
mgmt_intnet=$(system interface-network-list controller-0 | \
grep "mgmt" | awk '{print $4}')
clhost_intnet=$(system interface-network-list controller-0 | \
grep "cluster-host" | awk '{print $4}')
system interface-network-remove $mgmt_intnet
system interface-network-remove $clhost_intnet
system host-if-modify controller-0 enp0s8 -n mgmt0 -c platform
system interface-network-assign controller-0 mgmt0 mgmt
system interface-network-assign controller-0 mgmt0 cluster-host
system host-route-add controller-0 mgmt0 208.166.1.0 24 192.168.204.111
system host-route-add controller-0 mgmt0 af04:1:: 64 fd01::111
system host-route-add controller-0 mgmt0 208.166.2.0 24 192.168.206.111
system host-route-add controller-0 mgmt0 af04:2:: 64 fd02::111
[PASS] Test 2.3: Move mgmt and cluster-host networks to VLANs
mgmt_intnet=$(system interface-network-list controller-0 | \
grep "mgmt" | awk '{print $4}');
clhost_intnet=$(system interface-network-list controller-0 | \
grep "cluster-host" | awk '{print $4}');
system interface-network-remove $mgmt_intnet
system interface-network-remove $clhost_intnet
while read i; do uuid=$(echo "$i" | awk '{print $2}'); system \
host-route-delete "$uuid"; done <<< $(system host-route-list \
controller-0 | grep "mgmt0");
system host-if-modify controller-0 mgmt0 -n pxeboot0
system host-if-add controller-0 mgmt0 vlan pxeboot0 -V 10 -c platform
system host-if-add controller-0 cluster0 vlan pxeboot0 -V 11 -c platform
system host-if-add controller-0 datavlan1 vlan data1 -V 201 -c data \
--ipv4-mode static --ipv6-mode static
system interface-network-assign controller-0 pxeboot0 pxeboot
system interface-network-assign controller-0 mgmt0 mgmt
system interface-network-assign controller-0 cluster0 cluster-host
system host-addr-add controller-0 datavlan1 177.202.1.2 24
system host-addr-add controller-0 datavlan1 bd01:202::1:2 64
system host-route-add controller-0 mgmt0 208.166.1.0 24 192.168.204.111
system host-route-add controller-0 mgmt0 af04:1:: 64 fd01::111
system host-route-add controller-0 cluster0 \
208.166.2.0 24 192.168.206.111
system host-route-add controller-0 cluster0 af04:2:: 64 fd02::111
system host-route-add controller-0 datavlan1 \
208.166.21.0 24 177.202.1.111
system host-route-add controller-0 datavlan1 af04:21:: 64 bd01:202::111
[PASS] Test 2.4: Move pxeboot, mgmt and cluster-host to a bonding
pxeboot_intnet=$(system interface-network-list controller-0 | \
grep "pxeboot" | awk '{print $4}')
mgmt_intnet=$(system interface-network-list controller-0 | \
grep "mgmt" | awk '{print $4}')
clhost_intnet=$(system interface-network-list controller-0 | \
grep "cluster-host" | awk '{print $4}')
system interface-network-remove $pxeboot_intnet
system interface-network-remove $mgmt_intnet
system interface-network-remove $clhost_intnet
system host-if-delete controller-0 mgmt0
system host-if-delete controller-0 cluster0
system host-if-modify controller-0 pxeboot0 -c none
system host-if-modify controller-0 data0 -c none
system host-if-add controller-0 bond0 ae enp0s8 enp0s9 -c platform
system interface-network-assign controller-0 bond0 mgmt
system interface-network-assign controller-0 bond0 cluster-host
system host-route-add controller-0 bond0 208.166.1.0 24 192.168.204.111
system host-route-add controller-0 bond0 af04:1:: 64 fd01::111
system host-route-add controller-0 bond0 208.166.2.0 24 192.168.206.111
system host-route-add controller-0 bond0 af04:2:: 64 fd02::111
[PASS] Test 2.5: Move mgmt and cluster-host to vlans on top of a bonding
mgmt_intnet=$(system interface-network-list controller-0 | \
grep "mgmt" | awk '{print $4}')
clhost_intnet=$(system interface-network-list controller-0 | \
grep "cluster-host" | awk '{print $4}')
system interface-network-remove $mgmt_intnet
system interface-network-remove $clhost_intnet
system host-if-add controller-0 mgmt0 vlan bond0 -V 10 -c platform
system host-if-add controller-0 cluster0 vlan bond0 -V 11 -c platform
system interface-network-assign controller-0 mgmt0 mgmt
system interface-network-assign controller-0 cluster0 cluster-host
while read i; do uuid=$(echo "$i" | awk '{print $2}'); system \
host-route-delete "$uuid"; done <<< $(system host-route-list \
controller-0 | grep "bond0");
system host-route-add controller-0 mgmt0 208.166.1.0 24 192.168.204.111
system host-route-add controller-0 mgmt0 af04:1:: 64 fd01::111
system host-route-add controller-0 cluster0 \
208.166.2.0 24 192.168.206.111
system host-route-add controller-0 cluster0 af04:2:: 64 fd02::111
3. Distributed cloud
[PASS] Subcloud enrollment, OAM over ethernet, same subnet
[PASS] Subcloud enrollment, OAM over VLAN, different VLAN ID,
different subnet
Story: 2011338
Task: 51635
Change-Id: I0a9e095dcff5c59a0e543b481c8d0856e8485340
Signed-off-by: Lucas Ratusznei Fonseca <lucas.ratuszneifonseca@windriver.com>
This reverts commit 4d7a0438f626638c7a5b307ca32bfd2616f7661e.
Reason for revert: generated auto file in incorrect order, causing ifup to fail for some labels during startup.
Change-Id: Ic549a293bf28edf29f9d49d2a954791af4711f20
New classes and scripts are added to handle sm, kubelet, kubeadm,
kube-proxy, calico, multus, and certsans.
New variables exported to the hiera are used in this change, in
conjunction with the existing ones:
platform::kubernetes::params::node_ip_secondary
platform::network::cluster_pod::params::*
platform::network::cluster_pod::ipv4::params::
platform::network::cluster_pod::ipv6::params::*
platform::network::cluster_service::params::*
platform::network::cluster_service::ipv4::params::
platform::network::cluster_service::ipv6::params::*
Test Plan:
==========
In all tests pods were brought up and the datapath was validated
directly and through a service
[PASS] in AIO-DX IPv4, configure dual-stack and back to single-stack
[PASS] in AIO-DX IPv6, configure dual-stack and back to single-stack
[PASS] in AIO-SX IPv4, configure dual-stack and back to single-stack
[PASS] in AIO-SX IPv6, configure dual-stack and back to single-stack
[PASS] in Standard IPv4, configure dual-stack and back to single-stack
[PASS] in Standard IPv6, configure dual-stack and back to single-stack
Story: 2011027
Task: 50203
Change-Id: Ifb908c097960f90c5eabeca8cc02d2f60ae4d731
Signed-off-by: Andre Kantek <andrefernandozanella.kantek@windriver.com>
The '.sh' files are examined by bashate but now the linters
command will also run a shellcheck on them.
The majority of the shellcheck errors that are failing
have been suppressed, and can be updated and fixed by
subsequent submissions.
Shell scripts that do not end in .sh will also be examined
by bashate and shellcheck.
Story: 2008943
Task: 42561
Signed-off-by: albailey <Al.Bailey@windriver.com>
Change-Id: I735e62bfd25434e0a3dfbbec7f80d59074f2ecc0
Pin hacking to < 4.0.1 to fix zuul gate issues.
Test:
Ran tox -e pep8 command to validate the pep8 job and result.
Related-Bug: 1926172
Signed-off-by: Charles Short <charles.short@windriver.com>
Change-Id: Ia85b584d7ff4e5e7cb19a820d6f6323aa672f52e
The bandit target is python3, and the package
fails to be installed in a python2 env.
Partial-Bug: #1907678
Signed-off-by: albailey <Al.Bailey@windriver.com>
Change-Id: I9d683c99274dc3120995e0376ace53644dc2a050
flake8 2.5.5 fails on ubuntu-focal zuul machines running python3.8
with the following error:
AttributeError: 'FlakesChecker' object has no attribute 'CONSTANT'
The update removes the version constraint to use newer flake8.
Change-Id: I8f82c818fd9653da14f042fffa4acf304fd76789
Partial-Bug: 1895054
Signed-off-by: Don Penney <don.penney@windriver.com>
Setting up the bandit tool for the scanning of HIGH severity issues
in the python codes under Starlingx/stx-puppet folder.
Expecting this merge will enable zuul job for CI/CD of bandit scan.
Configuration files:
1. tox.ini for adding bandit environment and command.
2. test-requirements.txt for adding bandit version.
3. .zuul.yaml file for adding bandit job and configuring under
check job to run code scan every time before code commit.
Test:
Run tox -e bandit command inside the fault folder to validate the
bandit scan and result.
Story: 2007541
Task: 39687
Depends-On: https://review.opendev.org/#/c/721294/
Change-Id: I2982268db2b5e75feeb287bc95420fedc9b0d816
Signed-off-by: Sharath Kumar K <sharath.kumar@intel.com>
This job adds a single linters tox target.
The linters target is an aggregation of linters for
this repo including:
- bashate
Other linters such as yamllint and puppet-lint can be added
to this repo by later commits.
Certain bashate codes are suppressed.
They can be enabled by later commits.
This commit also adds basic contributing and hacking docs.
Change-Id: I90f75018196d866fdf68977ea0c151778da1fc02
Story: 2006166
Task: 36548
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
Lucas Ratusznei Fonseca