feat(infra): Ubuntu 24.04 LTS

Signed-off-by: Peter Mikus <peter.mikus@protonmail.ch> Change-Id: Ib1f079f7fecb0c1f0f477bc565205165295202bd
author: pmikus <peter.mikus@protonmail.ch> 2024-07-26 14:02:11 +0200
committer: pmikus <peter.mikus@protonmail.ch> 2024-07-29 14:31:29 +0200
commit: 7cb889875738124395962881d6879dcb17c6767c (patch)
tree: 77c7da258c5ce58b24444ae8c01578ce6ec9b89d
parent: 8e4705f2ec6e2e346909736a36ecb07f05741742 (diff)
13 files changed, 41 insertions, 27 deletions
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.70.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.70.yaml
index 2337277144..3dbdeaaf15 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.70.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.70.yaml
@@ -11,6 +11,7 @@ vfs_data_file: "csit-initialize-vfs-alt.sh"
 cpu_microarchitecture: "altra"
 
 intel_700_matrix: "dpdk22.07"
+mellanox_matrix: "dpdk23.11"
 
 # User management.
 users:
@@ -29,7 +30,7 @@ users:
 sshd_disable_password_login: true
 
 # Nomad settings.
-nomad_version: "1.6.1"
+nomad_version: "1.8.2"
 nomad_certificates:
   - src: "{{ file_nomad_ca_pem }}"
     dest: "{{ nomad_tls_ca_file }}"
@@ -64,6 +65,7 @@ nomad_servers:
 
 # Consul settigs.
 nomad_use_consul: true
+consul_version: "1.19.1"
 consul_certificates:
   - src: "{{ file_consul_ca_pem }}"
     dest: "{{ consul_ca_file }}"
@@ -87,7 +89,7 @@ consul_retry_servers:
 consul_service_mgr: "systemd"
 
 # Vault settings.
-vault_version: "1.13.1"
+vault_version: "1.17.2"
 
 # Docker settings.
 docker_daemon:
diff --git a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.71.yaml b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.71.yaml
index 1d414b32c7..baee725a4f 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.71.yaml
+++ b/fdio.infra.ansible/inventories/lf_inventory/host_vars/10.30.51.71.yaml
@@ -10,7 +10,8 @@ inventory_ipmi_hostname: "10.30.50.71"
 vfs_data_file: "csit-initialize-vfs-alt.sh"
 cpu_microarchitecture: "altra"
 
-intel_700_matrix: "dpdk22.07"
+intel_700_matrix: "dpdk22.03"
+mellanox_matrix: "dpdk23.11"
 
 # User management.
 users:
@@ -29,7 +30,7 @@ users:
 sshd_disable_password_login: true
 
 # Nomad settings.
-nomad_version: "1.6.1"
+nomad_version: "1.8.2"
 nomad_certificates:
   - src: "{{ file_nomad_ca_pem }}"
     dest: "{{ nomad_tls_ca_file }}"
@@ -64,6 +65,7 @@ nomad_servers:
 
 # Consul settigs.
 nomad_use_consul: true
+consul_version: "1.19.1"
 consul_certificates:
   - src: "{{ file_consul_ca_pem }}"
     dest: "{{ consul_ca_file }}"
@@ -87,7 +89,7 @@ consul_retry_servers:
 consul_service_mgr: "systemd"
 
 # Vault settings.
-vault_version: "1.13.1"
+vault_version: "1.17.2"
 
 # Docker settings.
 docker_daemon:
diff --git a/fdio.infra.ansible/inventories/lf_inventory/hosts b/fdio.infra.ansible/inventories/lf_inventory/hosts
index 420adc3a8d..604122c5c9 100644
--- a/fdio.infra.ansible/inventories/lf_inventory/hosts
+++ b/fdio.infra.ansible/inventories/lf_inventory/hosts
@@ -53,8 +53,8 @@ all:
       hosts:
         10.30.51.30: #s30-t15-sut1 - sapphirerapids
         10.30.51.31: #s31-t16-sut1 - sapphirerapids
-        10.30.51.70: #s55-t13-sut1 - thunderx2 9980
-        10.30.51.71: #s56-t14-sut1 - thunderx2 9980
+        10.30.51.70: #s70-t13-sut1 - thunderx2 9980
+        10.30.51.71: #s71-t14-sut1 - thunderx2 9980
     nomad:
       hosts:
         10.30.51.21: #s21-nomad - sapphirerapids
diff --git a/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile
index 88af96bfa8..4514ec3679 100644
--- a/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile
+++ b/fdio.infra.ansible/roles/docker_images/files/base/Dockerfile
@@ -137,4 +137,4 @@ RUN echo 'root:Csit1234' | chpasswd \
  && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config \
  && echo "export VISIBLE=now" >> /etc/profile
 
-RUN service ssh start
-\ No newline at end of file
+RUN service ssh start
diff --git a/fdio.infra.ansible/roles/intel/defaults/main.yaml b/fdio.infra.ansible/roles/intel/defaults/main.yaml
index 603b1367b9..dbc31e87c4 100644
--- a/fdio.infra.ansible/roles/intel/defaults/main.yaml
+++ b/fdio.infra.ansible/roles/intel/defaults/main.yaml
@@ -48,6 +48,11 @@ intel_download_url: "https://downloadmirror.intel.com"
 intel_extract_dir: "/opt"
 
 intel_700_compatibility_matrix:
+  dpdk22.03:
+    # custom for vpp_device
+    i40e: "2.25.11"
+    iavf: "4.11.3"
+    nvm: "8.70"
   dpdk22.07:
     # https://doc.dpdk.org/guides/rel_notes/release_22_07.html
     i40e: "2.19.3"
@@ -89,6 +94,7 @@ intel_qat_compatibility_matrix:
 intel_i40e_url:
   "2.19.3": "i40e%20stable/2.19.3/i40e-2.19.3.tar.gz/download"
   "2.23.17": "i40e%20stable/2.23.17/i40e-2.23.17.tar.gz/download"
+  "2.25.11": "i40e%20stable/2.25.11/i40e-2.25.11.tar.gz/download"
 
 intel_ice_url:
   "1.9.7": "ice%20stable/1.9.7/ice-1.9.7.tar.gz/download"
diff --git a/fdio.infra.ansible/roles/mellanox/defaults/main.yaml b/fdio.infra.ansible/roles/mellanox/defaults/main.yaml
index de66be2d6b..fae5551c22 100644
--- a/fdio.infra.ansible/roles/mellanox/defaults/main.yaml
+++ b/fdio.infra.ansible/roles/mellanox/defaults/main.yaml
@@ -27,4 +27,4 @@ mellanox_compatibility_matrix:
     ofed: "5.9-0.5.6.0"
   dpdk23.11:
     # https://doc.dpdk.org/guides/rel_notes/release_23_11.html
-    ofed: "23.07-0.5.0.0"
+    ofed: "24.04-0.7.0.0"
diff --git a/fdio.infra.ansible/vpp_device.yaml b/fdio.infra.ansible/vpp_device.yaml
index 21676811c7..61c8016d0a 100644
--- a/fdio.infra.ansible/vpp_device.yaml
+++ b/fdio.infra.ansible/vpp_device.yaml
@@ -22,6 +22,8 @@
 #      tags: kernel
     - role: intel
       tags: intel
+    - role: mellanox
+      tags: mellanox
     - role: docker
       tags: docker
     - role: docker_images
diff --git a/fdio.infra.terraform/terraform-vault-aws-secret-backend/main.tf b/fdio.infra.terraform/terraform-vault-aws-secret-backend/main.tf
index a65c390792..814121986f 100644
--- a/fdio.infra.terraform/terraform-vault-aws-secret-backend/main.tf
+++ b/fdio.infra.terraform/terraform-vault-aws-secret-backend/main.tf
@@ -19,7 +19,10 @@ resource "vault_aws_secret_backend_role" "admin" {
     {
       "Effect": "Allow",
       "Action": [
-        "iam:*", "ec2:*"
+        "iam:*",
+        "ec2:*",
+        "s3:*",
+        "elasticbeanstalk:*"
       ],
       "Resource": "*"
     }
diff --git a/fdio.infra/pxe/docker-dnsmasq/Dockerfile b/fdio.infra/pxe/docker-dnsmasq/Dockerfile
index 4ac1ec21ed..aa342975e0 100644
--- a/fdio.infra/pxe/docker-dnsmasq/Dockerfile
+++ b/fdio.infra/pxe/docker-dnsmasq/Dockerfile
@@ -10,10 +10,10 @@ RUN apt update \
  && mkdir -p /var/lib/tftpboot/casper/ubuntu-noble-amd64/ \
  && mkdir -p /var/lib/tftpboot/casper/ubuntu-noble-arm64/
 
-ENV ISO_NOBLE_AMD64 https://releases.ubuntu.com/releases/noble/ubuntu-24.04-live-server-amd64.iso
-ENV ISO_NOBLE_ARM64 https://cdimage.ubuntu.com/releases/noble/release/ubuntu-24.04-live-server-arm64.iso
-ENV EFI_NOBLE_AMD64 http://archive.ubuntu.com/ubuntu/dists/jammy/main/uefi/grub2-amd64/current/grubnetx64.efi.signed
-ENV EFI_NOBLE_ARM64 http://ports.ubuntu.com/ubuntu-ports/dists/jammy/main/uefi/grub2-arm64/current/grubnetaa64.efi.signed
+ENV ISO_NOBLE_AMD64=https://releases.ubuntu.com/releases/noble/ubuntu-24.04-live-server-amd64.iso
+ENV ISO_NOBLE_ARM64=https://cdimage.ubuntu.com/releases/noble/release/ubuntu-24.04-live-server-arm64.iso
+ENV EFI_NOBLE_AMD64=http://archive.ubuntu.com/ubuntu/dists/jammy/main/uefi/grub2-amd64/current/grubnetx64.efi.signed
+ENV EFI_NOBLE_ARM64=http://ports.ubuntu.com/ubuntu-ports/dists/jammy/main/uefi/grub2-arm64/current/grubnetaa64.efi.signed
 
 RUN echo "Preparing Grub EFI Binary" \
  && wget $EFI_NOBLE_AMD64 -O /var/lib/tftpboot/grubx64.efi \
diff --git a/fdio.infra/pxe/docker-dnsmasq/etc/dnsmasq.conf b/fdio.infra/pxe/docker-dnsmasq/etc/dnsmasq.conf
index f3a25303e6..320eba64e2 100755
--- a/fdio.infra/pxe/docker-dnsmasq/etc/dnsmasq.conf
+++ b/fdio.infra/pxe/docker-dnsmasq/etc/dnsmasq.conf
@@ -66,8 +66,8 @@ dhcp-host=7c:c2:55:25:3b:2e,10.30.51.57,s57-t23-tg1,infinite # eno1
 dhcp-host=7c:c2:55:27:58:42,10.30.51.58,s58-t24-sut1,infinite # eno1
 dhcp-host=7c:c2:55:27:58:5c,10.30.51.59,s59-t24-tg1,infinite # eno1
 dhcp-host=e0:d5:5e:ae:70:26,10.30.51.69,s27-t211-sut1,infinite # eno1
-dhcp-host=b4:2e:99:ab:1d:e8,10.30.51.70,s55-t13-sut1,infinite # enp8s0f0
-dhcp-host=b4:2e:99:ab:1d:dc,10.30.51.71,s56-t14-sut1,infinite # enp8s0f0
+dhcp-host=d8:5e:d3:e7:aa:4c,10.30.51.70,s70-t13-sut1,infinite # eno1/enP2p1s0f0
+dhcp-host=d8:5e:d3:e7:a9:6c,10.30.51.71,s71-t14-sut1,infinite # eno1/enP2p1s0f0
 dhcp-host=90:e2:ba:55:be:32,10.30.51.72,s62-t34-sut1,infinite # enp1s0f0
 dhcp-host=90:e2:ba:49:db:b4,10.30.51.73,s63-t34-sut2,infinite # enp1s0f0
 dhcp-host=3c:ec:ef:b9:cc:56,10.30.51.74,s64-t34-tg1,infinite # eno1
@@ -91,7 +91,6 @@ dhcp-host=d8:5e:d3:02:b1:bb,10.30.51.91,s91-nomad,infinite #eno1
 dhcp-host=d8:5e:d3:02:b1:9f,10.30.51.92,s92-nomad,infinite #eno1
 dhcp-host=a4:bf:01:55:ac:39,10.30.51.93,s93-t39-sut1,infinite # enp4s0
 dhcp-host=a4:bf:01:55:af:5e,10.30.51.94,s94-t39-sut2,infinite # enp4s0
-
 # Hosts DHCP settings yul1_2 subnet.
 dhcp-host=ac:1f:6b:ac:d7:d6,10.32.8.18,s33-t27-sut1,infinite # eno1
 dhcp-host=ac:1f:6b:ac:d7:8c,10.32.8.19,s34-t27-tg1,infinite # eno1
diff --git a/fdio.infra/pxe/docker-dnsmasq/tftpboot/grub/grub.cfg-d8:5e:d3:e7:a9:6c b/fdio.infra/pxe/docker-dnsmasq/tftpboot/grub/grub.cfg-d8:5e:d3:e7:a9:6c
index 6b6474f3e1..5b4cdc9c79 100644
--- a/fdio.infra/pxe/docker-dnsmasq/tftpboot/grub/grub.cfg-d8:5e:d3:e7:a9:6c
+++ b/fdio.infra/pxe/docker-dnsmasq/tftpboot/grub/grub.cfg-d8:5e:d3:e7:a9:6c
@@ -1,4 +1,4 @@
 menuentry "Install s71-t14-sut1" {
-    linux    /casper/ubuntu-jammy-arm64/vmlinuz ip=:::::eno1:dhcp url=http://10.30.51.24:8081/ubuntu_jammy_arm64/ubuntu-22.04.1-live-server-arm64.iso autoinstall ds=nocloud-net\;s=http://10.30.51.24:8081/ubuntu_jammy_arm64/d8:5e:d3:e7:a9:6c/ ---
-    initrd   /casper/ubuntu-jammy-arm64/initrd
-}
-\ No newline at end of file
+    linux    /casper/ubuntu-noble-arm64/vmlinuz ip=:::::eno1:dhcp url=http://10.30.51.24:8081/ubuntu_noble_arm64/ubuntu-24.04-live-server-arm64.iso autoinstall ds=nocloud-net\;s=http://10.30.51.24:8081/ubuntu_noble_arm64/d8:5e:d3:e7:a9:6c/ ---
+    initrd   /casper/ubuntu-noble-arm64/initrd
+}
diff --git a/fdio.infra/pxe/docker-dnsmasq/tftpboot/grub/grub.cfg-d8:5e:d3:e7:aa:4c b/fdio.infra/pxe/docker-dnsmasq/tftpboot/grub/grub.cfg-d8:5e:d3:e7:aa:4c
index 3c2098270d..632c6b96a7 100644
--- a/fdio.infra/pxe/docker-dnsmasq/tftpboot/grub/grub.cfg-d8:5e:d3:e7:aa:4c
+++ b/fdio.infra/pxe/docker-dnsmasq/tftpboot/grub/grub.cfg-d8:5e:d3:e7:aa:4c
@@ -1,4 +1,4 @@
 menuentry "Install s70-t13-sut1" {
-    linux    /casper/ubuntu-jammy-arm64/vmlinuz ip=:::::eno1:dhcp url=http://10.30.51.24:8081/ubuntu_jammy_arm64/ubuntu-22.04.1-live-server-arm64.iso autoinstall ds=nocloud-net\;s=http://10.30.51.24:8081/ubuntu_jammy_arm64/d8:5e:d3:e7:aa:4c/ ---
-    initrd   /casper/ubuntu-jammy-arm64/initrd
-}
-\ No newline at end of file
+    linux    /casper/ubuntu-noble-arm64/vmlinuz ip=:::::eno1:dhcp url=http://10.30.51.24:8081/ubuntu_noble_arm64/ubuntu-24.01-live-server-arm64.iso autoinstall ds=nocloud-net\;s=http://10.30.51.24:8081/ubuntu_noble_arm64/d8:5e:d3:e7:aa:4c/ ---
+    initrd   /casper/ubuntu-noble-arm64/initrd
+}
diff --git a/fdio.infra/pxe/docker-nginx/Dockerfile b/fdio.infra/pxe/docker-nginx/Dockerfile
index 536d4472ac..39f47b73d6 100644
--- a/fdio.infra/pxe/docker-nginx/Dockerfile
+++ b/fdio.infra/pxe/docker-nginx/Dockerfile
@@ -6,8 +6,8 @@ LABEL Version="2.0"
 RUN apt update \
  && apt install -y wget
 
-ENV ISO_NOBLE_AMD64 https://releases.ubuntu.com/releases/noble/ubuntu-24.04-live-server-amd64.iso
-ENV ISO_NOBLE_ARM64 https://cdimage.ubuntu.com/releases/noble/release/ubuntu-24.04-live-server-arm64.iso
+ENV ISO_NOBLE_AMD64=https://releases.ubuntu.com/releases/noble/ubuntu-24.04-live-server-amd64.iso
+ENV ISO_NOBLE_ARM64=https://cdimage.ubuntu.com/releases/noble/release/ubuntu-24.04-live-server-arm64.iso
 
 RUN echo "Preparing ISO Pre-cache" \
  && wget $ISO_NOBLE_AMD64 -O /ubuntu-24.04-live-server-amd64.iso \
@@ -19,8 +19,8 @@ FROM nginx:stable-alpine
 LABEL Description="nginx service image"
 LABEL Version="2.0"
 
-ENV NGINX_NOBLE_AMD64 /usr/share/nginx/html/ubuntu_noble_amd64/
-ENV NGINX_NOBLE_ARM64 /usr/share/nginx/html/ubuntu_noble_arm64/
+ENV NGINX_NOBLE_AMD64=/usr/share/nginx/html/ubuntu_noble_amd64/
+ENV NGINX_NOBLE_ARM64=/usr/share/nginx/html/ubuntu_noble_arm64/
 
 RUN mkdir -p $NGINX_NOBLE_AMD64 \
  && mkdir -p $NGINX_NOBLE_ARM64
author	pmikus <peter.mikus@protonmail.ch>	2024-07-26 14:02:11 +0200
committer	pmikus <peter.mikus@protonmail.ch>	2024-07-29 14:31:29 +0200
commit	7cb889875738124395962881d6879dcb17c6767c (patch)
tree	77c7da258c5ce58b24444ae8c01578ce6ec9b89d
parent	8e4705f2ec6e2e346909736a36ecb07f05741742 (diff)