From 8fd759c5f1f72a658560160053251eb981269b13 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Harald=20Jens=C3=A5s?= Date: Tue, 1 Oct 2024 23:31:47 +0200 Subject: [PATCH] DT - BMO deploy with preprovisioningNetworkData Depends-On: https://github.com/openstack-k8s-operators/ci-framework/pull/2425 --- .ci/automation-schema.yaml | 2 + automation/mocks/bmo01.yaml | 43 + automation/net-env/bmo01.yaml | 788 ++++++++++++ automation/vars/bmo01.yaml | 110 ++ .../baremetalhost_template.yaml | 20 + .../baremetalhosts/baremetalhosts.yaml | 60 + .../baremetalhosts/kustomization.yaml | 310 +++++ dt/bmo01/dataplane/kustomization.yaml | 30 + .../dataplane/nodesets/kustomization.yaml | 72 ++ .../nodesets/network-data-secrets.yaml | 32 + .../nodesets/openstackdataplanenodesets.yaml | 133 +++ .../secrets/dataplane-ssh-secret.yaml | 11 + dt/bmo01/dataplane/secrets/kustomization.yaml | 95 ++ .../secrets/nova-migration-ssh-secret.yaml | 10 + dt/bmo01/kustomization.yaml | 180 +++ dt/bmo01/netconfig/kustomization.yaml | 121 ++ dt/bmo01/netconfig/netconfig.yaml | 28 + dt/bmo01/nncp/kustomization.yaml | 43 + examples/dt/bmo01/README.md | 74 ++ examples/dt/bmo01/control-plane.md | 60 + .../dt/bmo01/control-plane/kustomization.yaml | 10 + .../control-plane/nncp/kustomization.yaml | 9 + .../dt/bmo01/control-plane/nncp/values.yaml | 394 ++++++ .../bmo01/control-plane/service-values.yaml | 109 ++ examples/dt/bmo01/data-plane.md | 143 +++ .../dataplane/baremetalhosts/bmc-secret.env | 2 + .../baremetalhosts/kustomization.yaml | 31 + .../dataplane/baremetalhosts/values.yaml | 131 ++ .../dt/bmo01/dataplane/kustomization.yaml | 9 + .../dataplane/nodesets/kustomization.yaml | 230 ++++ .../dt/bmo01/dataplane/nodesets/values.yaml | 235 ++++ .../dataplane/secrets/kustomization.yaml | 9 + .../dt/bmo01/dataplane/secrets/values.yaml | 20 + examples/dt/bmo01/dataplane/values.yaml | 10 + examples/dt/bmo01/osp-k8s-spine-leaf.svg | 1057 +++++++++++++++++ zuul.d/projects.yaml | 1 + zuul.d/validations.yaml | 17 + 37 files changed, 4639 insertions(+) create mode 100644 automation/mocks/bmo01.yaml create mode 100644 automation/net-env/bmo01.yaml create mode 100644 automation/vars/bmo01.yaml create mode 100644 dt/bmo01/dataplane/baremetalhosts/baremetalhost_template.yaml create mode 100644 dt/bmo01/dataplane/baremetalhosts/baremetalhosts.yaml create mode 100644 dt/bmo01/dataplane/baremetalhosts/kustomization.yaml create mode 100644 dt/bmo01/dataplane/kustomization.yaml create mode 100644 dt/bmo01/dataplane/nodesets/kustomization.yaml create mode 100644 dt/bmo01/dataplane/nodesets/network-data-secrets.yaml create mode 100644 dt/bmo01/dataplane/nodesets/openstackdataplanenodesets.yaml create mode 100644 dt/bmo01/dataplane/secrets/dataplane-ssh-secret.yaml create mode 100644 dt/bmo01/dataplane/secrets/kustomization.yaml create mode 100644 dt/bmo01/dataplane/secrets/nova-migration-ssh-secret.yaml create mode 100644 dt/bmo01/kustomization.yaml create mode 100644 dt/bmo01/netconfig/kustomization.yaml create mode 100644 dt/bmo01/netconfig/netconfig.yaml create mode 100644 dt/bmo01/nncp/kustomization.yaml create mode 100644 examples/dt/bmo01/README.md create mode 100644 examples/dt/bmo01/control-plane.md create mode 100644 examples/dt/bmo01/control-plane/kustomization.yaml create mode 100644 examples/dt/bmo01/control-plane/nncp/kustomization.yaml create mode 100644 examples/dt/bmo01/control-plane/nncp/values.yaml create mode 100644 examples/dt/bmo01/control-plane/service-values.yaml create mode 100644 examples/dt/bmo01/data-plane.md create mode 100644 examples/dt/bmo01/dataplane/baremetalhosts/bmc-secret.env create mode 100644 examples/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml create mode 100644 examples/dt/bmo01/dataplane/baremetalhosts/values.yaml create mode 100644 examples/dt/bmo01/dataplane/kustomization.yaml create mode 100644 examples/dt/bmo01/dataplane/nodesets/kustomization.yaml create mode 100644 examples/dt/bmo01/dataplane/nodesets/values.yaml create mode 100644 examples/dt/bmo01/dataplane/secrets/kustomization.yaml create mode 100644 examples/dt/bmo01/dataplane/secrets/values.yaml create mode 100644 examples/dt/bmo01/dataplane/values.yaml create mode 100644 examples/dt/bmo01/osp-k8s-spine-leaf.svg diff --git a/.ci/automation-schema.yaml b/.ci/automation-schema.yaml index e47fc0cfb..c9f025d6e 100644 --- a/.ci/automation-schema.yaml +++ b/.ci/automation-schema.yaml @@ -19,6 +19,8 @@ _hook: inventory: str(required=False) extra_vars: map(required=False) definition: map(required=False) + api_version: str(required=False) + namespace: str(required=False) resource_name: str(required=False) state: str(required=False) kind: str(required=False) diff --git a/automation/mocks/bmo01.yaml b/automation/mocks/bmo01.yaml new file mode 100644 index 000000000..762100fe1 --- /dev/null +++ b/automation/mocks/bmo01.yaml @@ -0,0 +1,43 @@ +--- +cifmw_install_ca_url: http://example.com/example.pem +cifmw_repo_setup_rhos_release_rpm: http://example.com/rhos-release.rpm +cifmw_repo_setup_rhos_release_args: example-args +cifmw_ci_gen_kustomize_values_remove_keys_expressions: + - ^node(_[0-9]+)?$ +cifmw_baremetal_hosts: + leaf0-0: + boot_mode: legacy + connection: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/3e8d850a-fed0-436e-a353-61328877c947 + nics: + - mac: 52:54:04:58:1e:2a + network: trunk1 + password: password + username: admin + uuid: 3e8d850a-fed0-436e-a353-61328877c947 + leaf0-1: + boot_mode: legacy + connection: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/a208f619-46cb-4e72-815d-e8d3cf88b9ce + nics: + - mac: 52:54:05:17:94:6b + network: trunk1 + password: password + username: admin + uuid: a208f619-46cb-4e72-815d-e8d3cf88b9ce + leaf1-0: + boot_mode: legacy + connection: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/a0c6bd33-9d30-440b-8d70-9784f6ff7378 + nics: + - mac: 52:54:06:39:e4:4b + network: trunk2 + password: password + username: admin + uuid: a0c6bd33-9d30-440b-8d70-9784f6ff7378 + leaf1-1: + boot_mode: legacy + connection: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/0beaadd5-75bb-430a-b566-49e4f68208d5 + nics: + - mac: 52:54:07:16:d9:8e + network: trunk2 + password: password + username: admin + uuid: 0beaadd5-75bb-430a-b566-49e4f68208d5 diff --git a/automation/net-env/bmo01.yaml b/automation/net-env/bmo01.yaml new file mode 100644 index 000000000..1a806fb22 --- /dev/null +++ b/automation/net-env/bmo01.yaml @@ -0,0 +1,788 @@ +--- +instances: + controller-0: + hostname: controller-0 + name: controller-0 + networks: {} + leaf0-0: + name: leaf0-0 + networks: + ctlplane1: + ip_v4: 192.168.123.100 + is_trunk_parent: true + mac_addr: 52:54:04:af:14:31 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: ctlplane1 + prefix_length_v4: 24 + skip_nm: false + internalapi1: + ip_v4: 172.17.1.100 + is_trunk_parent: false + mac_addr: 52:54:00:7c:54:48 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: internalapi1 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane1 + vlan_id: 20 + storage1: + ip_v4: 172.18.1.100 + is_trunk_parent: false + mac_addr: 52:54:00:2a:83:9d + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: storage1 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane1 + vlan_id: 21 + tenant1: + ip_v4: 172.19.1.100 + is_trunk_parent: false + mac_addr: 52:54:00:76:12:1a + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: tenant1 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane1 + vlan_id: 22 + leaf0-1: + name: leaf0-1 + networks: + ctlplane1: + ip_v4: 192.168.123.101 + is_trunk_parent: true + mac_addr: 52:54:05:f6:af:dc + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: ctlplane1 + prefix_length_v4: 24 + skip_nm: false + internalapi1: + ip_v4: 172.17.1.101 + is_trunk_parent: false + mac_addr: 52:54:00:36:43:e6 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: internalapi1 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane1 + vlan_id: 20 + storage1: + ip_v4: 172.18.1.101 + is_trunk_parent: false + mac_addr: 52:54:00:6a:4c:f6 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: storage1 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane1 + vlan_id: 21 + tenant1: + ip_v4: 172.19.1.101 + is_trunk_parent: false + mac_addr: 52:54:00:31:d0:6a + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: tenant1 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane1 + vlan_id: 22 + leaf1-0: + name: leaf1-0 + networks: + ctlplane2: + ip_v4: 192.168.124.100 + is_trunk_parent: true + mac_addr: 52:54:06:bc:de:3c + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: ctlplane2 + prefix_length_v4: 24 + skip_nm: false + internalapi2: + ip_v4: 172.17.2.100 + is_trunk_parent: false + mac_addr: 52:54:00:1a:4f:1c + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: internalapi2 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane2 + vlan_id: 20 + storage2: + ip_v4: 172.18.2.100 + is_trunk_parent: false + mac_addr: 52:54:00:53:63:f8 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: storage2 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane2 + vlan_id: 21 + tenant2: + ip_v4: 172.19.2.100 + is_trunk_parent: false + mac_addr: 52:54:00:08:e3:1c + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: tenant2 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane2 + vlan_id: 22 + leaf1-1: + name: leaf1-1 + networks: + ctlplane2: + ip_v4: 192.168.124.101 + is_trunk_parent: true + mac_addr: 52:54:07:2e:32:e5 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: ctlplane2 + prefix_length_v4: 24 + skip_nm: false + internalapi2: + ip_v4: 172.17.2.101 + is_trunk_parent: false + mac_addr: 52:54:00:6f:18:6d + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: internalapi2 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane2 + vlan_id: 20 + storage2: + ip_v4: 172.18.2.101 + is_trunk_parent: false + mac_addr: 52:54:00:36:ed:eb + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: storage2 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane2 + vlan_id: 21 + tenant2: + ip_v4: 172.19.2.101 + is_trunk_parent: false + mac_addr: 52:54:00:4c:2f:2c + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: tenant2 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane2 + vlan_id: 22 + ocp-master-0: + hostname: master-0 + name: ocp-master-0 + networks: + ctlplane: + interface_name: enp7s0 + ip_v4: 192.168.122.10 + is_trunk_parent: true + mac_addr: 52:54:00:d8:04:a9 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: ctlplane + prefix_length_v4: 24 + skip_nm: false + internalapi: + interface_name: enp7s0.20 + ip_v4: 172.17.0.10 + is_trunk_parent: false + mac_addr: 52:54:00:68:4b:ce + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: internalapi + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 20 + storage: + interface_name: enp7s0.21 + ip_v4: 172.18.0.10 + is_trunk_parent: false + mac_addr: 52:54:00:05:23:2c + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: storage + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 21 + tenant: + interface_name: enp7s0.22 + ip_v4: 172.19.0.10 + is_trunk_parent: false + mac_addr: 52:54:00:06:80:f0 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: tenant + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 22 + ocp-master-1: + hostname: master-1 + name: ocp-master-1 + networks: + ctlplane: + interface_name: enp7s0 + ip_v4: 192.168.122.11 + is_trunk_parent: true + mac_addr: 52:54:01:80:72:86 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: ctlplane + prefix_length_v4: 24 + skip_nm: false + internalapi: + interface_name: enp7s0.20 + ip_v4: 172.17.0.11 + is_trunk_parent: false + mac_addr: 52:54:00:71:78:e6 + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: internalapi + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 20 + storage: + interface_name: enp7s0.21 + ip_v4: 172.18.0.11 + is_trunk_parent: false + mac_addr: 52:54:00:76:3d:ba + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: storage + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 21 + tenant: + interface_name: enp7s0.22 + ip_v4: 172.19.0.11 + is_trunk_parent: false + mac_addr: 52:54:00:7a:5d:1d + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: tenant + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 22 + ocp-master-2: + hostname: master-2 + name: ocp-master-2 + networks: + ctlplane: + interface_name: enp7s0 + ip_v4: 192.168.122.12 + is_trunk_parent: true + mac_addr: 52:54:02:18:f3:cb + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: ctlplane + prefix_length_v4: 24 + skip_nm: false + internalapi: + interface_name: enp7s0.20 + ip_v4: 172.17.0.12 + is_trunk_parent: false + mac_addr: 52:54:00:66:a0:7c + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: internalapi + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 20 + storage: + interface_name: enp7s0.21 + ip_v4: 172.18.0.12 + is_trunk_parent: false + mac_addr: 52:54:00:09:45:3b + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: storage + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 21 + tenant: + interface_name: enp7s0.22 + ip_v4: 172.19.0.12 + is_trunk_parent: false + mac_addr: 52:54:00:22:70:9f + mtu: 1500 + netmask_v4: 255.255.255.0 + network_name: tenant + parent_interface: enp7s0 + prefix_length_v4: 24 + skip_nm: false + trunk_parent: ctlplane + vlan_id: 22 +networks: + ctlplane: + dns_v4: + - 192.168.122.1 + dns_v6: [] + gw_v4: 192.168.122.1 + mtu: 1500 + network_name: ctlplane + network_v4: 192.168.122.0/24 + search_domain: ctlplane.example.com + tools: + metallb: + ipv4_ranges: + - end: 192.168.122.90 + end_host: 90 + length: 11 + start: 192.168.122.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 192.168.122.70 + end_host: 70 + length: 41 + start: 192.168.122.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 192.168.122.120 + end_host: 120 + length: 21 + start: 192.168.122.100 + start_host: 100 + - end: 192.168.122.200 + end_host: 200 + length: 51 + start: 192.168.122.150 + start_host: 150 + ipv6_ranges: [] + ctlplane1: + dns_v4: + - 192.168.122.1 + dns_v6: [] + gw_v4: 192.168.123.1 + mtu: 1500 + network_name: ctlplane1 + network_v4: 192.168.123.0/24 + search_domain: ctlplane1.example.com + tools: + metallb: + ipv4_ranges: + - end: 192.168.123.90 + end_host: 90 + length: 11 + start: 192.168.123.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 192.168.123.70 + end_host: 70 + length: 41 + start: 192.168.123.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 192.168.123.120 + end_host: 120 + length: 21 + start: 192.168.123.100 + start_host: 100 + - end: 192.168.123.200 + end_host: 200 + length: 51 + start: 192.168.123.150 + start_host: 150 + ipv6_ranges: [] + ctlplane2: + dns_v4: + - 192.168.122.1 + dns_v6: [] + gw_v4: 192.168.124.1 + mtu: 1500 + network_name: ctlplane2 + network_v4: 192.168.124.0/24 + search_domain: ctlplane2.example.com + tools: + metallb: + ipv4_ranges: + - end: 192.168.124.90 + end_host: 90 + length: 11 + start: 192.168.124.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 192.168.124.70 + end_host: 70 + length: 41 + start: 192.168.124.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 192.168.124.120 + end_host: 120 + length: 21 + start: 192.168.124.100 + start_host: 100 + - end: 192.168.124.200 + end_host: 200 + length: 51 + start: 192.168.124.150 + start_host: 150 + ipv6_ranges: [] + internalapi: + dns_v4: [] + dns_v6: [] + gw_v4: 172.17.0.1 + mtu: 1500 + network_name: internalapi + network_v4: 172.17.0.0/24 + search_domain: internalapi.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.17.0.90 + end_host: 90 + length: 11 + start: 172.17.0.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.17.0.70 + end_host: 70 + length: 41 + start: 172.17.0.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.17.0.250 + end_host: 250 + length: 151 + start: 172.17.0.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 20 + internalapi1: + dns_v4: [] + dns_v6: [] + gw_v4: 172.17.1.1 + mtu: 1500 + network_name: internalapi1 + network_v4: 172.17.1.0/24 + search_domain: internalapi1.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.17.1.90 + end_host: 90 + length: 11 + start: 172.17.1.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.17.1.70 + end_host: 70 + length: 41 + start: 172.17.1.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.17.1.250 + end_host: 250 + length: 151 + start: 172.17.1.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 20 + internalapi2: + dns_v4: [] + dns_v6: [] + gw_v4: 172.17.2.1 + mtu: 1500 + network_name: internalapi2 + network_v4: 172.17.2.0/24 + search_domain: internalapi2.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.17.2.90 + end_host: 90 + length: 11 + start: 172.17.2.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.17.2.70 + end_host: 70 + length: 41 + start: 172.17.2.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.17.2.250 + end_host: 250 + length: 151 + start: 172.17.2.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 20 + storage: + dns_v4: [] + dns_v6: [] + mtu: 1500 + network_name: storage + network_v4: 172.18.0.0/24 + search_domain: storage.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.18.0.90 + end_host: 90 + length: 11 + start: 172.18.0.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.18.0.70 + end_host: 70 + length: 41 + start: 172.18.0.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.18.0.250 + end_host: 250 + length: 151 + start: 172.18.0.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 21 + storage1: + dns_v4: [] + dns_v6: [] + mtu: 1500 + network_name: storage1 + network_v4: 172.18.1.0/24 + search_domain: storage1.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.18.1.90 + end_host: 90 + length: 11 + start: 172.18.1.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.18.1.70 + end_host: 70 + length: 41 + start: 172.18.1.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.18.1.250 + end_host: 250 + length: 151 + start: 172.18.1.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 21 + storage2: + dns_v4: [] + dns_v6: [] + mtu: 1500 + network_name: storage2 + network_v4: 172.18.2.0/24 + search_domain: storage2.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.18.2.90 + end_host: 90 + length: 11 + start: 172.18.2.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.18.2.70 + end_host: 70 + length: 41 + start: 172.18.2.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.18.2.250 + end_host: 250 + length: 151 + start: 172.18.2.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 21 + tenant: + dns_v4: [] + dns_v6: [] + mtu: 1500 + network_name: tenant + network_v4: 172.19.0.0/24 + search_domain: tenant.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.19.0.90 + end_host: 90 + length: 11 + start: 172.19.0.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.19.0.70 + end_host: 70 + length: 41 + start: 172.19.0.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.19.0.250 + end_host: 250 + length: 151 + start: 172.19.0.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 22 + tenant1: + dns_v4: [] + dns_v6: [] + mtu: 1500 + network_name: tenant1 + network_v4: 172.19.1.0/24 + search_domain: tenant1.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.19.1.90 + end_host: 90 + length: 11 + start: 172.19.1.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.19.1.70 + end_host: 70 + length: 41 + start: 172.19.1.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.19.1.250 + end_host: 250 + length: 151 + start: 172.19.1.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 22 + tenant2: + dns_v4: [] + dns_v6: [] + mtu: 1500 + network_name: tenant2 + network_v4: 172.19.2.0/24 + search_domain: tenant2.example.com + tools: + metallb: + ipv4_ranges: + - end: 172.19.2.90 + end_host: 90 + length: 11 + start: 172.19.2.80 + start_host: 80 + ipv6_ranges: [] + multus: + ipv4_ranges: + - end: 172.19.2.70 + end_host: 70 + length: 41 + start: 172.19.2.30 + start_host: 30 + ipv4_routes: [] + ipv6_ranges: [] + ipv6_routes: [] + netconfig: + ipv4_ranges: + - end: 172.19.2.250 + end_host: 250 + length: 151 + start: 172.19.2.100 + start_host: 100 + ipv6_ranges: [] + vlan_id: 22 +routers: {} diff --git a/automation/vars/bmo01.yaml b/automation/vars/bmo01.yaml new file mode 100644 index 000000000..58c84bb64 --- /dev/null +++ b/automation/vars/bmo01.yaml @@ -0,0 +1,110 @@ +--- +vas: + bmo01: + stages: + - path: examples/dt/bmo01/control-plane/nncp + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=5m + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - pre_stage_run: + - name: Apply cinder-lvm label on master-0 + type: cr + definition: + metadata: + labels: + openstack.org/cinder-lvm: "" + kind: Node + resource_name: master-0 + state: patched + path: examples/dt/bmo01/control-plane + wait_conditions: + - >- + oc -n openstack wait openstackcontrolplane + controlplane + --for condition=Ready + --timeout=60m + values: + - name: network-values + src_file: nncp/values.yaml + - name: service-values + src_file: service-values.yaml + build_output: control-plane.yaml + + - pre_stage_run: + - name: Patch Provisioning CR + type: cr + definition: + spec: + watchAllNamespaces: true + virtualMediaViaExternalNetwork: true + namespace: openshift-machine-api + api_version: metal3.io/v1alpha1 + kind: Provisioning + resource_name: provisioning-configuration + state: patched + path: examples/dt/bmo01/dataplane/baremetalhosts + wait_conditions: + - >- + oc -n openstack wait baremetalhosts.metal3.io + -l app=openstack + --for jsonpath=status.provisioning.state=available + --timeout=10m + values: + - name: baremetalhost-values + src_file: values.yaml + build_output: baremetalhosts.yaml + + - path: examples/dt/bmo01/dataplane/secrets + wait_conditions: + - >- + oc -n openstack wait secrets dataplane-ansible-ssh-private-key-secret + --for jsonpath=metadata.uid + - >- + oc -n openstack wait secrets nova-migration-ssh-key + --for jsonpath=metadata.uid + values: + - name: secret-values + src_file: values.yaml + build_output: dataplane-secrets.yaml + + - path: examples/dt/bmo01/dataplane/nodesets + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodesets + nodeset-0 + --for condition=NodeSetBaremetalProvisionReady + --timeout=40m + - >- + oc -n openstack wait openstackdataplanenodesets + nodeset-1 + --for condition=NodeSetBaremetalProvisionReady + --timeout=40m + values: + - name: nodeset-values + src_file: values.yaml + build_output: dataplane-nodesets.yaml + + - path: examples/dt/bmo01/dataplane + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodesets + nodeset-0 + --for condition=Ready + --timeout=40m + - >- + oc -n openstack wait openstackdataplanenodesets + nodeset-1 + --for condition=Ready + --timeout=40m + values: + - name: deployment-values + src_file: values.yaml + build_output: edpm.yaml diff --git a/dt/bmo01/dataplane/baremetalhosts/baremetalhost_template.yaml b/dt/bmo01/dataplane/baremetalhosts/baremetalhost_template.yaml new file mode 100644 index 000000000..4c3e5e27a --- /dev/null +++ b/dt/bmo01/dataplane/baremetalhosts/baremetalhost_template.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: _ignored_ + namespace: openstack + annotations: + inspect.metal3.io: _replaced_ +spec: + architecture: x86_64 + automatedCleaningMode: metadata + bmc: + address: _replaced_ + credentialsName: _replaced_ + bootMACAddress: _replaced_ + bootMode: UEFI + rootDeviceHints: {} + online: false + preprovisioningNetworkDataName: _replaced_ diff --git a/dt/bmo01/dataplane/baremetalhosts/baremetalhosts.yaml b/dt/bmo01/dataplane/baremetalhosts/baremetalhosts.yaml new file mode 100644 index 000000000..e5d0d996e --- /dev/null +++ b/dt/bmo01/dataplane/baremetalhosts/baremetalhosts.yaml @@ -0,0 +1,60 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: leaf0-0-preprovision-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: leaf0-0 + namespace: openstack +--- +apiVersion: v1 +kind: Secret +metadata: + name: leaf0-1-preprovision-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: leaf0-1 + namespace: openstack +--- +apiVersion: v1 +kind: Secret +metadata: + name: leaf1-0-preprovision-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: leaf1-0 + namespace: openstack +--- +apiVersion: v1 +kind: Secret +metadata: + name: leaf1-1-preprovision-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: leaf1-1 + namespace: openstack diff --git a/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml b/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml new file mode 100644 index 000000000..1452d1761 --- /dev/null +++ b/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml @@ -0,0 +1,310 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - baremetalhosts.yaml + +patches: + - target: + kind: BareMetalHost + path: baremetalhost_template.yaml + - target: + kind: BareMetalHost + patch: | + - op: replace + path: /spec/bmc/credentialsName + value: bmc-secret + - target: + kind: BareMetalHost + name: leaf0-0 + patch: | + - op: replace + path: /spec/preprovisioningNetworkDataName + value: leaf0-0-preprovision-network-data + - target: + kind: BareMetalHost + name: leaf0-1 + patch: | + - op: replace + path: /spec/preprovisioningNetworkDataName + value: leaf0-1-preprovision-network-data + - target: + kind: BareMetalHost + name: leaf1-0 + patch: | + - op: replace + path: /spec/preprovisioningNetworkDataName + value: leaf1-0-preprovision-network-data + - target: + kind: BareMetalHost + name: leaf1-1 + patch: | + - op: replace + path: /spec/preprovisioningNetworkDataName + value: leaf1-1-preprovision-network-data + +replacements: + + # Labels + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.labels + targets: + - select: + kind: BareMetalHost + name: leaf0-0 + fieldPaths: + - metadata.labels + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.labels + targets: + - select: + kind: BareMetalHost + name: leaf0-1 + fieldPaths: + - metadata.labels + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.labels + targets: + - select: + kind: BareMetalHost + name: leaf1-0 + fieldPaths: + - metadata.labels + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.labels + targets: + - select: + kind: BareMetalHost + name: leaf1-1 + fieldPaths: + - metadata.labels + options: + create: true + + # Enable/Disable Metal3 Inspection + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.metal3_inspection + targets: + - select: + kind: BareMetalHost + fieldPaths: + - metadata.annotations.inspect\.metal3\.io + options: + create: true + + # BMC Address + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.bmc.address + targets: + - select: + kind: BareMetalHost + name: leaf0-0 + fieldPaths: + - spec.bmc.address + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.bmc.address + targets: + - select: + kind: BareMetalHost + name: leaf0-1 + fieldPaths: + - spec.bmc.address + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.bmc.address + targets: + - select: + kind: BareMetalHost + name: leaf1-0 + fieldPaths: + - spec.bmc.address + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.bmc.address + targets: + - select: + kind: BareMetalHost + name: leaf1-1 + fieldPaths: + - spec.bmc.address + options: + create: true + + # bootMACAddress + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.bootMACAddress + targets: + - select: + kind: BareMetalHost + name: leaf0-0 + fieldPaths: + - spec.bootMACAddress + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.bootMACAddress + targets: + - select: + kind: BareMetalHost + name: leaf0-1 + fieldPaths: + - spec.bootMACAddress + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.bootMACAddress + targets: + - select: + kind: BareMetalHost + name: leaf1-0 + fieldPaths: + - spec.bootMACAddress + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.bootMACAddress + targets: + - select: + kind: BareMetalHost + name: leaf1-1 + fieldPaths: + - spec.bootMACAddress + options: + create: true + + # rootDeviceHints + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.rootDeviceHints + targets: + - select: + kind: BareMetalHost + name: leaf0-0 + fieldPaths: + - spec.rootDeviceHints + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.rootDeviceHints + targets: + - select: + kind: BareMetalHost + name: leaf0-1 + fieldPaths: + - spec.rootDeviceHints + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.rootDeviceHints + targets: + - select: + kind: BareMetalHost + name: leaf1-0 + fieldPaths: + - spec.rootDeviceHints + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.rootDeviceHints + targets: + - select: + kind: BareMetalHost + name: leaf1-1 + fieldPaths: + - spec.rootDeviceHints + options: + create: true + + # preprovisioningNetworkData + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.preprovisioningNetworkData + targets: + - select: + kind: Secret + name: leaf0-0-preprovision-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.preprovisioningNetworkData + targets: + - select: + kind: Secret + name: leaf0-1-preprovision-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.preprovisioningNetworkData + targets: + - select: + kind: Secret + name: leaf1-0-preprovision-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.preprovisioningNetworkData + targets: + - select: + kind: Secret + name: leaf1-1-preprovision-network-data + fieldPaths: + - stringData + options: + create: true diff --git a/dt/bmo01/dataplane/kustomization.yaml b/dt/bmo01/dataplane/kustomization.yaml new file mode 100644 index 000000000..d8910834a --- /dev/null +++ b/dt/bmo01/dataplane/kustomization.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true +components: + - ../../../lib/dataplane/deployment + +patches: + - target: + kind: OpenStackDataPlaneDeployment + name: .* + patch: |- + - op: replace + path: /spec/nodeSets + value: + - nodeset-0 + - nodeset-1 diff --git a/dt/bmo01/dataplane/nodesets/kustomization.yaml b/dt/bmo01/dataplane/nodesets/kustomization.yaml new file mode 100644 index 000000000..66bec9899 --- /dev/null +++ b/dt/bmo01/dataplane/nodesets/kustomization.yaml @@ -0,0 +1,72 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +resources: + - network-data-secrets.yaml + - openstackdataplanenodesets.yaml + +replacements: + # networkData + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.baremetalHostsNetworkData.edpm-compute-0-0 + targets: + - select: + kind: Secret + name: edpm-compute-0-0-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.baremetalHostsNetworkData.edpm-compute-0-1 + targets: + - select: + kind: Secret + name: edpm-compute-0-1-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.baremetalHostsNetworkData.edpm-compute-1-0 + targets: + - select: + kind: Secret + name: edpm-compute-1-0-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.baremetalHostsNetworkData.edpm-compute-1-1 + targets: + - select: + kind: Secret + name: edpm-compute-1-1-network-data + fieldPaths: + - stringData + options: + create: true diff --git a/dt/bmo01/dataplane/nodesets/network-data-secrets.yaml b/dt/bmo01/dataplane/nodesets/network-data-secrets.yaml new file mode 100644 index 000000000..502feef40 --- /dev/null +++ b/dt/bmo01/dataplane/nodesets/network-data-secrets.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: edpm-compute-0-0-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: v1 +kind: Secret +metadata: + name: edpm-compute-0-1-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: v1 +kind: Secret +metadata: + name: edpm-compute-1-0-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: v1 +kind: Secret +metadata: + name: edpm-compute-1-1-network-data + namespace: openstack +type: Opaque +stringData: {} diff --git a/dt/bmo01/dataplane/nodesets/openstackdataplanenodesets.yaml b/dt/bmo01/dataplane/nodesets/openstackdataplanenodesets.yaml new file mode 100644 index 000000000..5cc78a9eb --- /dev/null +++ b/dt/bmo01/dataplane/nodesets/openstackdataplanenodesets.yaml @@ -0,0 +1,133 @@ +--- +apiVersion: dataplane.openstack.org/v1beta1 +kind: OpenStackDataPlaneNodeSet +metadata: + name: nodeset-0 +spec: + env: + - name: ANSIBLE_FORCE_COLOR + value: "True" + preProvisioned: false + baremetalSetTemplate: + deploymentSSHSecret: dataplane-ansible-ssh-private-key-secret + bmhNamespace: openstack + cloudUserName: cloud-user + bmhLabelSelector: + app: openstack + nodeset: leaf0 + ctlplaneInterface: _replaced_ + + networkAttachments: + - ctlplane + nodeTemplate: + ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret + managementNetwork: ctlplane + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet2 + - name: internalapi + subnetName: subnet2 + - name: storage + subnetName: subnet2 + - name: tenant + subnetName: subnet2 + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + timesync_ntp_servers: [] + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: _replaced_ + neutron_physical_bridge_name: _replaced_ + neutron_public_interface_name: _replaced_ + edpm_bootstrap_command: _replaced_ + + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: [] + + gather_facts: false + services: + - download-cache + - bootstrap + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - libvirt + - nova +--- +apiVersion: dataplane.openstack.org/v1beta1 +kind: OpenStackDataPlaneNodeSet +metadata: + name: nodeset-1 +spec: + env: + - name: ANSIBLE_FORCE_COLOR + value: "True" + preProvisioned: false + baremetalSetTemplate: + deploymentSSHSecret: dataplane-ansible-ssh-private-key-secret + bmhNamespace: openstack + cloudUserName: cloud-user + bmhLabelSelector: + app: openstack + nodeset: leaf1 + ctlplaneInterface: _replaced_ + networkAttachments: + - ctlplane + nodeTemplate: + ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret + managementNetwork: ctlplane + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet3 + - name: internalapi + subnetName: subnet3 + - name: storage + subnetName: subnet3 + - name: tenant + subnetName: subnet3 + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + timesync_ntp_servers: [] + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: _replaced_ + neutron_physical_bridge_name: _replaced_ + neutron_public_interface_name: _replaced_ + edpm_bootstrap_command: _replaced_ + + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: [] + + gather_facts: false + services: + - bootstrap + - download-cache + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - libvirt + - nova diff --git a/dt/bmo01/dataplane/secrets/dataplane-ssh-secret.yaml b/dt/bmo01/dataplane/secrets/dataplane-ssh-secret.yaml new file mode 100644 index 000000000..4e5913196 --- /dev/null +++ b/dt/bmo01/dataplane/secrets/dataplane-ssh-secret.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: v1 +data: + authorized_keys: _replaced_ + ssh-privatekey: _replaced_ + ssh-publickey: _replaced_ +kind: Secret +metadata: + name: dataplane-ansible-ssh-private-key-secret + namespace: openstack +type: Opaque diff --git a/dt/bmo01/dataplane/secrets/kustomization.yaml b/dt/bmo01/dataplane/secrets/kustomization.yaml new file mode 100644 index 000000000..ae8a272d2 --- /dev/null +++ b/dt/bmo01/dataplane/secrets/kustomization.yaml @@ -0,0 +1,95 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +resources: + - dataplane-ssh-secret.yaml + - nova-migration-ssh-secret.yaml + +secretGenerator: + - name: libvirt-secret + behavior: create + literals: + - LibvirtPassword=12345678 + options: + disableNameSuffixHash: true + +# OpenStackDataPlaneNodeSet customizations +replacements: + # Dataplane SSH access secret customizations + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.ssh_keys.authorized + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.authorized_keys + options: + create: true + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.ssh_keys.private + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.ssh-privatekey + options: + create: true + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.ssh_keys.public + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.ssh-publickey + options: + create: true + + # Nova migration secret customizations + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.nova.migration.ssh_keys.private + targets: + - select: + kind: Secret + name: nova-migration-ssh-key + fieldPaths: + - data.ssh-privatekey + options: + create: true + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.nova.migration.ssh_keys.public + targets: + - select: + kind: Secret + name: nova-migration-ssh-key + fieldPaths: + - data.ssh-publickey + options: + create: true diff --git a/dt/bmo01/dataplane/secrets/nova-migration-ssh-secret.yaml b/dt/bmo01/dataplane/secrets/nova-migration-ssh-secret.yaml new file mode 100644 index 000000000..a9d15e0b6 --- /dev/null +++ b/dt/bmo01/dataplane/secrets/nova-migration-ssh-secret.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +data: + ssh-privatekey: _replaced_ + ssh-publickey: _replaced_ +kind: Secret +metadata: + name: nova-migration-ssh-key + namespace: openstack +type: kubernetes.io/ssh-auth diff --git a/dt/bmo01/kustomization.yaml b/dt/bmo01/kustomization.yaml new file mode 100644 index 000000000..e27ac3c78 --- /dev/null +++ b/dt/bmo01/kustomization.yaml @@ -0,0 +1,180 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../lib/networking/metallb + - netconfig + - ../../lib/networking/nad + - ../../lib/control-plane + +replacements: + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-iscsi.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-iscsi.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-iscsi.nodeSelector.openstack\.org/cinder-lvm + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-iscsi.nodeSelector.openstack\.org/cinder-lvm + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-iscsi.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-iscsi.customServiceConfig + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderBackup.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderBackup.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.default.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.glanceAPIs.default.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.customServiceConfig + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.default.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.glanceAPIs.default.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.swift.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.swift.enabled + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.octavia.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.octavia.enabled + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.heat.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.heat.enabled + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.telemetry.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.telemetry.enabled + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.ovn.ovnController.nicMappings + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.ovn.template.ovnController.nicMappings + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.neutron.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.neutron.template.customServiceConfig + options: + create: true diff --git a/dt/bmo01/netconfig/kustomization.yaml b/dt/bmo01/netconfig/kustomization.yaml new file mode 100644 index 000000000..a79f881b0 --- /dev/null +++ b/dt/bmo01/netconfig/kustomization.yaml @@ -0,0 +1,121 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - netconfig.yaml + +replacements: + # NetConfig dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=ctlplane].dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=internalapi].dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storage].dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=tenant].dnsDomain + + # NetConfig MTU + - source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=ctlplane].mtu + - source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=internalapi].mtu + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storage].mtu + - source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=tenant].mtu + + # NetConfig subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=ctlplane].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=internalapi].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storage].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=tenant].subnets diff --git a/dt/bmo01/netconfig/netconfig.yaml b/dt/bmo01/netconfig/netconfig.yaml new file mode 100644 index 000000000..86079e311 --- /dev/null +++ b/dt/bmo01/netconfig/netconfig.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: network.openstack.org/v1beta1 +kind: NetConfig +metadata: + name: netconfig + namespace: openstack +spec: + networks: + - dnsDomain: _replaced_ + name: ctlplane + subnets: + - _replaced_ + mtu: 1500 + - dnsDomain: _replaced_ + name: internalapi + subnets: + - _replaced_ + mtu: 1500 + - dnsDomain: _replaced_ + name: storage + subnets: + - _replaced_ + mtu: 1500 + - dnsDomain: _replaced_ + name: tenant + subnets: + - _replaced_ + mtu: 1500 diff --git a/dt/bmo01/nncp/kustomization.yaml b/dt/bmo01/nncp/kustomization.yaml new file mode 100644 index 000000000..b93c335aa --- /dev/null +++ b/dt/bmo01/nncp/kustomization.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../lib/nncp + +replacements: + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.routes.config + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-0 + fieldPaths: + - spec.desiredState.routes.config + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.routes.config + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.routes.config diff --git a/examples/dt/bmo01/README.md b/examples/dt/bmo01/README.md new file mode 100644 index 000000000..e8f90f542 --- /dev/null +++ b/examples/dt/bmo01/README.md @@ -0,0 +1,74 @@ +# Deployed Topology - BMO spine-and-leaf + +Spine and Leaf topology of Red Hat OpenStack Services on OpenShift, with +dataplane nodes deployed with Baremetal Operator. It contains a collection +of custom resources (CRs) for deploying the test environment. + +![Spine and Leaf conceptual diagram](osp-k8s-spine-leaf.svg) + +## Purpose + +This topology is used for testing Baremetal Operator node provisioning in a +spine-and-leaf architecture. + +### Nodes + +| Role | Machine Type | Count | +| ----------------- | ------------ | ----- | +| Compact OpenShift | vm | 3 | +| OpenStack Compute | vm | 4 | + +### Networks + +| Name | Type | Interface | CIDR | +| ------------ | -------- | --------- | --------------- | +| Provisioning | untagged | nic1 | 172.22.0.0/24 | +| Machine | untagged | nic2 | 192.168.32.0/20 | +| RH OSP | trunk | nic3 | | +| RH OSP | trunk1 | | +| RH OSP | trunk1 | | + +#### Networks in RH OSP + +| Name | Type | CIDR | +| ----------- | ----------- | ---------------------------------------------------- | +| ctlplane | untagged | 192.168.122.0/24, 192.168.123.0/24, 192.168.123.0/24 | +| internalapi | VLAN tagged | 172.17.0.0/24, 172.17.1.0/24, 172.17.1.0/24 | +| storage | VLAN tagged | 172.18.0.0/24, 172.18.0.0/24, 172.18.0.0/24 | +| tenant | VLAN tagged | 172.19.0.0/24, 172.19.0.0/24, 172.19.0.0/24 | + +#### Router addresses + +| Network | leaf-0 | leaf-1 | leaf-2 | +| ----------- | ------------- | ------------- | ------------- | +| ctlplane | 192.168.122.1 | 192.168.123.1 | 192.168.124.1 | +| internalapi | 172.17.0.1 | 172.17.1.1 | 172.17.2.1 | +| storage | 172.18.0.1 | 172.18.1.1 | 172.18.2.1 | +| tenant | 172.19.0.1 | 172.19.1.1 | 172.19.2.1 | + + +#### Dataplane node baremetal provisioning network + +The OCP external network (``machine network``) is used for provisioning, and +connections to the RH OSP ``ctlplane`` network is also on the OCP nodes. To +avoid asymmetric routing during dataplane node provisioning, additional IP +ranges (``192.168.130.0/24`` and ``192.168.131.0/24``) are used for the Metal3 +deploy ramdisk. + +### Services, enabled features and configurations + +| Service | configuration | Lock-in coverage? | +| ---------------- | ---------------- | ------------------ | +| Cinder | LVM/iSCSI/lioadm | | +| Glance | Swift | | +| Swift | (default) | | +| Neutron | OVN | | +| Nova | (default) | | +| Keystone | (default) | | + + +## Workflow + +1. [Install the OpenStack K8S operators and their dependencies](../../common/README.md) +2. [Configure and deploy the OpenStack control plane](control-plane.md) +3. [Configure and deploy the OpenStack data plane](data-plane.md) diff --git a/examples/dt/bmo01/control-plane.md b/examples/dt/bmo01/control-plane.md new file mode 100644 index 000000000..50ea41d3c --- /dev/null +++ b/examples/dt/bmo01/control-plane.md @@ -0,0 +1,60 @@ +# Configuring networking and deploy the OpenStack control plane + +## Assumptions + +- A storage class called `local-storage` should already exist. + +## Initialize + +Switch to the "openstack" namespace + +```bash +oc project openstack +``` + +Change to the bmo01 directory + +```bash +cd architecture/examples/dt/bmo01 +``` + +Edit [service-values.yaml](control-plane/service-values.yaml) and +[control-plane/nncp/values.yaml](control-plane/nncp/values.yaml). + +Apply node network configuration + +```bash +pushd control-plane/nncp +kustomize build > nncp.yaml +oc apply -f nncp.yaml +oc wait nncp \ + -l osp/nncm-config-type=standard \ + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured \ + --timeout=300s +popd +``` + +Generate the control-plane and networking CRs. + +```bash +pushd control-plane +kustomize build > control-plane.yaml +``` + +## Create CRs + +> **_NOTE:_** Since Cinder is using LVM backend, set +> `openstack.org/cinder-lvm=` label on one of the nodes: +> +> `oc label node openstack.org/cinder-lvm=` + +```bash +oc apply -f control-plane.yaml +popd +``` + +Wait for control plane to be available + +```bash +oc wait osctlplane controlplane --for condition=Ready --timeout=600s +``` diff --git a/examples/dt/bmo01/control-plane/kustomization.yaml b/examples/dt/bmo01/control-plane/kustomization.yaml new file mode 100644 index 000000000..3d3ce09bc --- /dev/null +++ b/examples/dt/bmo01/control-plane/kustomization.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../dt/bmo01 + +resources: + - nncp/values.yaml + - service-values.yaml diff --git a/examples/dt/bmo01/control-plane/nncp/kustomization.yaml b/examples/dt/bmo01/control-plane/nncp/kustomization.yaml new file mode 100644 index 000000000..45d6fb445 --- /dev/null +++ b/examples/dt/bmo01/control-plane/nncp/kustomization.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../dt/bmo01/nncp + +resources: + - values.yaml diff --git a/examples/dt/bmo01/control-plane/nncp/values.yaml b/examples/dt/bmo01/control-plane/nncp/values.yaml new file mode 100644 index 000000000..dbeb1a25f --- /dev/null +++ b/examples/dt/bmo01/control-plane/nncp/values.yaml @@ -0,0 +1,394 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: network-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + openstack-operator-image: "quay.io/openstack-k8s-operators/openstack-operator-index:latest" + + ocp: + cluster_network_cidr: 192.168.16.0/20 + service_network_cidr: 172.30.0.0/16 + + node_0: + name: master-0 + internalapi_ip: 172.17.0.10 + tenant_ip: 172.19.0.10 + ctlplane_ip: 192.168.122.10 + storage_ip: 172.18.0.10 + node_1: + name: master-1 + internalapi_ip: 172.17.0.11 + tenant_ip: 172.19.0.11 + ctlplane_ip: 192.168.122.11 + storage_ip: 172.18.0.11 + node_2: + name: master-2 + internalapi_ip: 172.17.0.12 + tenant_ip: 172.19.0.12 + ctlplane_ip: 192.168.122.12 + storage_ip: 172.18.0.12 + + ctlplane: + dnsDomain: ctlplane.openstack.lab + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.200 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + routes: + - destination: 192.168.123.0/24 + nexthop: 192.168.122.1 + - destination: 192.168.124.0/24 + nexthop: 192.168.122.1 + name: subnet1 + - allocationRanges: + - end: 192.168.123.120 + start: 192.168.123.100 + - end: 192.168.123.200 + start: 192.168.123.150 + cidr: 192.168.123.0/24 + gateway: 192.168.123.1 + routes: + - destination: 192.168.122.0/24 + nexthop: 192.168.123.1 + - destination: 192.168.124.0/24 + nexthop: 192.168.123.1 + name: subnet2 + - allocationRanges: + - end: 192.168.124.120 + start: 192.168.124.100 + - end: 192.168.124.200 + start: 192.168.124.150 + cidr: 192.168.124.0/24 + gateway: 192.168.124.1 + routes: + - destination: 192.168.122.0/24 + nexthop: 192.168.124.1 + - destination: 192.168.123.0/24 + nexthop: 192.168.124.1 + name: subnet3 + prefix-length: 24 + iface: enp7s0 + mtu: 1500 + lb_addresses: + - 192.168.122.80-192.168.122.90 + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70", + "routes": [ + { + "dst": "192.168.123.0/24", + "gw": "192.168.122.1" + }, + { + "dst": "192.168.124.0/24", + "gw": "192.168.122.1" + } + ] + } + } + + internalapi: + dnsDomain: internalapi.openstack.lab + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + gateway: 172.17.0.1 + routes: + - destination: 172.17.1.0/24 + nexthop: 172.17.0.1 + - destination: 172.17.2.0/24 + nexthop: 172.17.0.1 + name: subnet1 + vlan: 20 + - allocationRanges: + - end: 172.17.1.250 + start: 172.17.1.100 + cidr: 172.17.1.0/24 + gateway: 172.17.1.1 + routes: + - destination: 172.17.0.0/24 + nexthop: 172.17.1.1 + - destination: 172.17.2.0/24 + nexthop: 172.17.1.1 + name: subnet2 + vlan: 30 + - allocationRanges: + - end: 172.17.2.250 + start: 172.17.2.100 + cidr: 172.17.2.0/24 + gateway: 172.17.2.1 + routes: + - destination: 172.17.0.0/24 + nexthop: 172.17.2.1 + - destination: 172.17.1.0/24 + nexthop: 172.17.2.1 + name: subnet3 + vlan: 40 + mtu: 1500 + prefix-length: 24 + iface: internalapi + vlan: 20 + base_iface: enp7s0 + lb_addresses: + - 172.17.0.80-172.17.0.90 + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70", + "routes": [ + { + "dst": "172.17.1.0/24", + "gw": "172.17.0.1" + }, + { + "dst": "172.17.2.0/24", + "gw": "172.17.0.1" + } + ] + } + } + + storage: + dnsDomain: storage.openstack.lab + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + gateway: 172.18.0.1 + routes: + - destination: 172.18.1.0/24 + nexthop: 172.18.0.1 + - destination: 172.18.2.0/24 + nexthop: 172.18.0.1 + name: subnet1 + vlan: 21 + - allocationRanges: + - end: 172.18.1.250 + start: 172.18.1.100 + cidr: 172.18.1.0/24 + gateway: 172.18.1.1 + routes: + - destination: 172.18.0.0/24 + nexthop: 172.18.1.1 + - destination: 172.18.2.0/24 + nexthop: 172.18.1.1 + name: subnet2 + vlan: 31 + - allocationRanges: + - end: 172.18.2.250 + start: 172.18.2.100 + cidr: 172.18.2.0/24 + gateway: 172.18.2.1 + routes: + - destination: 172.18.0.0/24 + nexthop: 172.18.2.1 + - destination: 172.18.1.0/24 + nexthop: 172.18.2.1 + name: subnet3 + vlan: 41 + mtu: 1500 + prefix-length: 24 + iface: storage + vlan: 21 + base_iface: enp7s0 + lb_addresses: + - 172.18.0.80-172.18.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70", + "routes": [ + { + "dst": "172.18.1.0/24", + "gw": "172.18.0.1" + }, + { + "dst": "172.18.2.0/24", + "gw": "172.18.0.1" + } + ] + } + } + + tenant: + dnsDomain: tenant.openstack.lab + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + gateway: 172.19.0.1 + routes: + - destination: 172.19.1.0/24 + nexthop: 172.19.0.1 + - destination: 172.19.2.0/24 + nexthop: 172.19.0.1 + name: subnet1 + vlan: 22 + - allocationRanges: + - end: 172.19.1.250 + start: 172.19.1.100 + cidr: 172.19.1.0/24 + gateway: 172.19.1.1 + routes: + - destination: 172.19.0.0/24 + nexthop: 172.19.1.1 + - destination: 172.19.2.0/24 + nexthop: 172.19.1.1 + name: subnet2 + vlan: 32 + - allocationRanges: + - end: 172.19.2.250 + start: 172.19.2.100 + cidr: 172.19.2.0/24 + gateway: 172.19.2.1 + routes: + - destination: 172.19.0.0/24 + nexthop: 172.19.2.1 + - destination: 172.19.1.0/24 + nexthop: 172.19.2.1 + name: subnet3 + vlan: 42 + mtu: 1500 + prefix-length: 24 + iface: tenant + vlan: 22 + base_iface: enp7s0 + lb_addresses: + - 172.19.0.80-172.19.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70", + "routes": [ + { + "dst": "172.19.1.0/24", + "gw": "172.19.0.1" + }, + { + "dst": "172.19.2.0/24", + "gw": "172.19.0.1" + } + ] + } + } + + datacentre: + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } + + dns-resolver: + config: + server: + - 192.168.122.1 + search: [] + options: + - key: server + values: + - 192.168.122.1 + + routes: + config: + # ctlplane + - destination: 192.168.123.0/24 + metric: 150 + next-hop-address: 192.168.122.1 + next-hop-interface: ospbr + - destination: 192.168.124.0/24 + metric: 150 + next-hop-address: 192.168.122.1 + next-hop-interface: ospbr + # internalapi + - destination: 172.17.1.0/24 + metric: 150 + next-hop-address: 172.17.0.1 + next-hop-interface: internalapi + - destination: 172.17.2.0/24 + metric: 150 + next-hop-address: 172.17.0.1 + next-hop-interface: internalapi + # storage + - destination: 172.18.1.0/24 + metric: 150 + next-hop-address: 172.18.0.1 + next-hop-interface: storage + - destination: 172.18.2.0/24 + metric: 150 + next-hop-address: 172.18.0.1 + next-hop-interface: storage + # tenant + - destination: 172.19.1.0/24 + metric: 150 + next-hop-address: 172.19.0.1 + next-hop-interface: tenant + - destination: 172.19.2.0/24 + metric: 150 + next-hop-address: 172.19.0.1 + next-hop-interface: tenant + + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + + lbServiceType: LoadBalancer + storageClass: lvms-local-storage + bridgeName: ospbr diff --git a/examples/dt/bmo01/control-plane/service-values.yaml b/examples/dt/bmo01/control-plane/service-values.yaml new file mode 100644 index 000000000..44e39ac7d --- /dev/null +++ b/examples/dt/bmo01/control-plane/service-values.yaml @@ -0,0 +1,109 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: service-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + preserveJobs: false + cinderVolumes: + lvm-iscsi: + replicas: 1 + nodeSelector: + openstack.org/cinder-lvm: "" + customServiceConfig: | + [lvm] + image_volume_cache_enabled = false + volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver + volume_group = cinder-volumes + target_protocol = iscsi + target_helper = lioadm + volume_backend_name = lvm_iscsi + target_ip_address=172.18.0.10 + target_secondary_ip_addresses = 172.19.0.10 + + cinderBackup: + replicas: 0 + + glance: + customServiceConfig: | + [DEFAULT] + debug = True + enabled_backends = default_backend:swift + + [glance_store] + default_backend = default_backend + + [default_backend] + swift_store_create_container_on_put = True + swift_store_auth_version = 3 + swift_store_auth_address = {{ .KeystoneInternalURL }} + swift_store_endpoint_type = internalURL + swift_store_user = service:glance + swift_store_key = {{ .ServicePassword }} + default: + replicas: 3 + + swift: + enabled: true + + octavia: + enabled: false + + heat: + enabled: false + + telemetry: + enabled: false + + ovn: + ovnController: + nicMappings: + datacentre: ocpbr + external-ids: + enable-chassis-as-gateway: true + + neutron: + customServiceConfig: | + [DEFAULT] + vlan_transparent = true + agent_down_time = 600 + router_distributed = true + router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler + allow_automatic_l3agent_failover = true + debug = true + + [agent] + report_interval = 300 + + [database] + max_retries = -1 + db_max_retries = -1 + + [keystone_authtoken] + region_name = regionOne + memcache_use_advanced_pool = True + + [oslo_messaging_notifications] + driver = noop + + [oslo_middleware] + enable_proxy_headers_parsing = true + + [oslo_policy] + policy_file = /etc/neutron/policy.yaml + + [ovs] + igmp_snooping_enable = true + + [ovn] + ovsdb_probe_interval = 60000 + ovn_emit_need_to_frag = true + enable_distributed_floating_ip=False + + [ml2] + type_drivers = geneve,vxlan,vlan,flat,local + tenant_network_types = geneve,flat diff --git a/examples/dt/bmo01/data-plane.md b/examples/dt/bmo01/data-plane.md new file mode 100644 index 000000000..93e60ff25 --- /dev/null +++ b/examples/dt/bmo01/data-plane.md @@ -0,0 +1,143 @@ +# Deploying the OpenStack dataplane + +## Assumptions + +- The [control plane](control-plane.md) has been successfully deployed. + +## Initialize + +Switch to the "openstack" namespace + +```bash +oc project openstack +``` + +Change to the dataplane directory + +```bash +cd architecture/examples/dt/bmo01/dataplane +``` + +### Configure BMO - Provisioning to watch all namespaces + +``` +oc patch provisioning provisioning-configuration --type merge -p '{"spec":{"watchAllNamespaces": true }}' +``` + +### Configure BMO - Provisioning to use external network for virtual-media + +``` +oc patch provisioning provisioning-configuration --type merge -p '{"spec":{"virtualMediaViaExternalNetwork": true }}' +``` + +### Create the BareMetalHost CRs + +``` +pushd baremetalhosts +``` + +Modify the [values.yaml](dataplane/baremetalhosts/values.yaml), for each of the nodes (`leaf0-0`, `leaf0-1`, `leaf1-0` and `leaf1-1`) set: +- `bmc.address` +- `bootMACAddress` +- `rootDeviceHints` +- `preprovisioningNetworkData` + +Modify the [bmc-secret.env](dataplane/baremetalhosts/bmc-secret.env) *env* with the BMC `username` and `password`, for example: +``` +username=root +password=S3cr3t +``` + +``` +kustomize build > baremetalhosts.yaml +oc apply -f baremetalhosts.yaml +``` + +Wait for BareMetalHosts to reach state: `active` + +``` +oc get bmh -w + +NAME STATE CONSUMER ONLINE ERROR AGE +leaf1-0 preparing false 1m38s +leaf1-1 preparing false 1m38s +leaf0-1 preparing false 1m38s +leaf0-0 preparing false 1m38s +leaf1-0 available false 2m38s +leaf0-1 available false 2m38s +leaf0-0 available false 2m38s +leaf1-1 available false 2m38s +``` + +``` +popd +``` + +## Create the dataplane secrets + +``` +pushd secrets +``` + +Modify the [values.yaml](values.yaml) with the following information + +- SSH keys to be used for accessing the deployed compute nodes. +- SSH keys to be use for Nova migration. + +> All values must be in base64 encoded format. + +### Compute access + +1. Set `data['authorized']` with the value of all OpenStack Compute host SSH + keys. +2. Set `data['private']` with the contents of the SSH private key to be used + for accessing the dataplane compute nodes. +3. Set `data['public']` with the contents of the SSH public key used for + accessing the dataplane compute nodes. + +### Nova migration + +1. Set `data['nova']['migration']['ssh_keys']['private']` with the content of + the SSH private key to be used for potential future migration. +2. Set `data['nova']['migration']['ssh_keys']['public']` with the content of + the SSH public key to be used for potential future migration. + +### Generate the dataplane-secrets CRs. + +```bash +kustomize build > dataplane-secrets.yaml +``` + +### Create CRs the dataplane-secrets CRs. + +```bash +oc apply -f dataplane-secrets.yaml +``` + +``` +popd +``` + +## Create the dataplane-nodeset CRs + +Generate the dataplane CRs. + +``` +pushd nodesets +``` + +```bash +kustomize build > dataplane-nodesets.yaml +``` + +## Create CRs + +```bash +oc apply -f dataplane-nodesets.yaml +``` + +Wait for dataplane deployment to finish + +```bash +oc wait osdpd edpm-deployment --for condition=Ready --timeout=1200s +``` diff --git a/examples/dt/bmo01/dataplane/baremetalhosts/bmc-secret.env b/examples/dt/bmo01/dataplane/baremetalhosts/bmc-secret.env new file mode 100644 index 000000000..ff0f7d4f3 --- /dev/null +++ b/examples/dt/bmo01/dataplane/baremetalhosts/bmc-secret.env @@ -0,0 +1,2 @@ +username=admin +password=password diff --git a/examples/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml b/examples/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml new file mode 100644 index 000000000..997b3be4c --- /dev/null +++ b/examples/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../dt/bmo01/dataplane/baremetalhosts + +resources: + - values.yaml + +secretGenerator: + - name: bmc-secret + behavior: create + envs: + - bmc-secret.env + options: + disableNameSuffixHash: true diff --git a/examples/dt/bmo01/dataplane/baremetalhosts/values.yaml b/examples/dt/bmo01/dataplane/baremetalhosts/values.yaml new file mode 100644 index 000000000..913eb56ae --- /dev/null +++ b/examples/dt/bmo01/dataplane/baremetalhosts/values.yaml @@ -0,0 +1,131 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: baremetalhost-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + metal3_inspection: disabled + leaf0-0: + name: leaf0-0 + labels: + app: openstack + nodeset: leaf0 + bmc: + address: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/df2bf92f-3e2c-47e1-b1fa-0d2e06bd1b1d + bootMACAddress: 52:54:04:15:a8:d9 + rootDeviceHints: + deviceName: /dev/sda + preprovisioningNetworkData: + nmstate: | + interfaces: + - name: enp5s0 + type: ethernet + state: up + ipv4: + enabled: true + address: + - ip: 192.168.130.100 + prefix-length: 24 + dns-resolver: + config: + server: + - 192.168.122.1 + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.130.1 + next-hop-interface: enp5s0 + leaf0-1: + name: leaf0-1 + labels: + app: openstack + nodeset: leaf0 + bmc: + address: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/455a0036-11f9-4417-a150-9ee858cd7b3d + bootMACAddress: 52:54:05:59:03:e9 + rootDeviceHints: + deviceName: /dev/sda + preprovisioningNetworkData: + nmstate: | + interfaces: + - name: enp5s0 + type: ethernet + state: up + ipv4: + enabled: true + address: + - ip: 192.168.130.101 + prefix-length: 24 + dns-resolver: + config: + server: + - 192.168.122.1 + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.130.1 + next-hop-interface: enp5s0 + leaf1-0: + name: leaf1-0 + labels: + app: openstack + nodeset: leaf1 + bmc: + address: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/adbcfb62-afe9-488d-8e67-c3fd711e46e8 + bootMACAddress: 52:54:06:49:2a:d2 + rootDeviceHints: + deviceName: /dev/sda + preprovisioningNetworkData: + nmstate: | + interfaces: + - name: enp5s0 + type: ethernet + state: up + ipv4: + enabled: true + address: + - ip: 192.168.131.100 + prefix-length: 24 + dns-resolver: + config: + server: + - 192.168.122.1 + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.131.1 + next-hop-interface: enp5s0 + leaf1-1: + name: leaf1-1 + labels: + app: openstack + nodeset: leaf1 + bmc: + address: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/f5da12a3-b71d-4b81-9805-ebd5a2cd7bdf + bootMACAddress: 52:54:07:5f:0c:f4 + rootDeviceHints: + deviceName: /dev/sda + preprovisioningNetworkData: + nmstate: | + interfaces: + - name: enp5s0 + type: ethernet + state: up + ipv4: + enabled: true + address: + - ip: 192.168.131.101 + prefix-length: 24 + dns-resolver: + config: + server: + - 192.168.122.1 + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.131.1 + next-hop-interface: enp5s0 diff --git a/examples/dt/bmo01/dataplane/kustomization.yaml b/examples/dt/bmo01/dataplane/kustomization.yaml new file mode 100644 index 000000000..ae38515d3 --- /dev/null +++ b/examples/dt/bmo01/dataplane/kustomization.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../dt/bmo01/dataplane + +resources: + - values.yaml diff --git a/examples/dt/bmo01/dataplane/nodesets/kustomization.yaml b/examples/dt/bmo01/dataplane/nodesets/kustomization.yaml new file mode 100644 index 000000000..7350ec3f2 --- /dev/null +++ b/examples/dt/bmo01/dataplane/nodesets/kustomization.yaml @@ -0,0 +1,230 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../dt/bmo01/dataplane/nodesets + +resources: + - values.yaml + +replacements: + # nodeset-0 values + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.ctlplaneInterface + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.baremetalSetTemplate.ctlplaneInterface + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.neutron_physical_bridge_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_physical_bridge_name + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.neutron_public_interface_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_public_interface_name + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.edpm_network_config_template + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_network_config_template + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.edpm_sshd_allowed_ranges + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_sshd_allowed_ranges + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.timesync_ntp_servers + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.timesync_ntp_servers + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.edpm_bootstrap_command + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_bootstrap_command + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodes + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.edpm_ovn_bridge_mappings + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_ovn_bridge_mappings + options: + create: true + + # nodeset-1 values + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.ctlplaneInterface + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.baremetalSetTemplate.ctlplaneInterface + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.neutron_physical_bridge_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_physical_bridge_name + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.neutron_public_interface_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_public_interface_name + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.edpm_network_config_template + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_network_config_template + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.edpm_sshd_allowed_ranges + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_sshd_allowed_ranges + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.timesync_ntp_servers + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.timesync_ntp_servers + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.edpm_bootstrap_command + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_bootstrap_command + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodes + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.edpm_ovn_bridge_mappings + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_ovn_bridge_mappings + options: + create: true diff --git a/examples/dt/bmo01/dataplane/nodesets/values.yaml b/examples/dt/bmo01/dataplane/nodesets/values.yaml new file mode 100644 index 000000000..855682813 --- /dev/null +++ b/examples/dt/bmo01/dataplane/nodesets/values.yaml @@ -0,0 +1,235 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + network_config_template: &network_config_template | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + mtu: {{ min_viable_mtu }} + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: {{ ctlplane_host_routes }} + members: + - type: interface + name: nic1 + mtu: {{ min_viable_mtu }} + primary: true + {% for network in nodeset_networks %} + - type: vlan + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: >- + {{ + lookup('vars', networks_lower[network] ~ '_ip') + }}/{{ + lookup('vars', networks_lower[network] ~ '_cidr') + }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endfor %} + + nodeset0: + ctlplaneInterface: enp5s0 + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: enp5s0 + edpm_ovn_bridge_mappings: + - "datacentre_leaf0:br-ex" + edpm_network_config_template: *network_config_template + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + - 192.168.123.0/24 + - 192.168.124.0/24 + - 192.168.32.9/20 + timesync_ntp_servers: + - hostname: pool.ntp.org + edpm_bootstrap_command: | + # _replace_ + echo "Bootstrap script." + baremetalHostsNetworkData: + edpm-compute-0-0: + networkData: | + links: + - name: enp5s0 + id: enp5s0 + type: vif + networks: + - link: enp5s0 + id: enp5s0 + type: ipv4 + network_id: enp5s0 + ip_address: 192.168.123.100 + netmask: 255.255.255.0 + routes: + - network: 0.0.0.0 + netmask: 0.0.0.0 + gateway: 192.168.123.1 + services: + - type: dns + address: 192.168.122.1 + edpm-compute-0-1: + networkData: | + links: + - name: enp5s0 + id: enp5s0 + type: vif + networks: + - link: enp5s0 + id: enp5s0 + type: ipv4 + network_id: enp5s0 + ip_address: 192.168.123.101 + netmask: 255.255.255.0 + routes: + - network: 0.0.0.0 + netmask: 0.0.0.0 + gateway: 192.168.123.1 + services: + - type: dns + address: 192.168.122.1 + nodes: + edpm-compute-0-0: + networkData: + name: edpm-compute-0-0-network-data + namespace: openstack + ansible: + ansibleHost: 192.168.123.100 + hostName: edpm-compute-0-0 + networks: + - defaultRoute: true + fixedIP: 192.168.123.100 + name: ctlplane + subnetName: subnet2 + - name: internalapi + subnetName: subnet2 + - name: storage + subnetName: subnet2 + - name: tenant + subnetName: subnet2 + edpm-compute-0-1: + networkData: + name: edpm-compute-0-1-network-data + namespace: openstack + ansible: + ansibleHost: 192.168.123.101 + hostName: edpm-compute-0-1 + networks: + - defaultRoute: true + fixedIP: 192.168.123.101 + name: ctlplane + subnetName: subnet2 + - name: internalapi + subnetName: subnet2 + - name: storage + subnetName: subnet2 + - name: tenant + subnetName: subnet2 + + nodeset1: + ctlplaneInterface: enp5s0 + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: enp5s0 + edpm_ovn_bridge_mappings: + - "datacentre_leaf1:br-ex" + edpm_network_config_template: *network_config_template + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + - 192.168.123.0/24 + - 192.168.124.0/24 + - 192.168.32.9/20 + timesync_ntp_servers: + - hostname: pool.ntp.org + edpm_bootstrap_command: | + # _replace_ + echo "Bootstrap script." + baremetalHostsNetworkData: + edpm-compute-1-0: + networkData: | + links: + - name: enp5s0 + id: enp5s0 + type: vif + networks: + - link: enp5s0 + id: enp5s0 + type: ipv4 + network_id: enp5s0 + ip_address: 192.168.124.100 + netmask: 255.255.255.0 + routes: + - network: 0.0.0.0 + netmask: 0.0.0.0 + gateway: 192.168.124.1 + services: + - type: dns + address: 192.168.122.1 + edpm-compute-1-1: + networkData: | + links: + - name: enp5s0 + id: enp5s0 + type: vif + networks: + - link: enp5s0 + id: enp5s0 + type: ipv4 + network_id: enp5s0 + ip_address: 192.168.124.101 + netmask: 255.255.255.0 + routes: + - network: 0.0.0.0 + netmask: 0.0.0.0 + gateway: 192.168.124.1 + services: + - type: dns + address: 192.168.122.1 + nodes: + edpm-compute-1-0: + networkData: + name: edpm-compute-1-0-network-data + namespace: openstack + ansible: + ansibleHost: 192.168.124.100 + hostName: edpm-compute-1-0 + networks: + - defaultRoute: true + fixedIP: 192.168.124.100 + name: ctlplane + subnetName: subnet3 + - name: internalapi + subnetName: subnet3 + - name: storage + subnetName: subnet3 + - name: tenant + subnetName: subnet3 + edpm-compute-1-1: + networkData: + name: edpm-compute-1-1-network-data + namespace: openstack + ansible: + ansibleHost: 192.168.124.101 + hostName: edpm-compute-1-1 + networks: + - defaultRoute: true + fixedIP: 192.168.124.101 + name: ctlplane + subnetName: subnet3 + - name: internalapi + subnetName: subnet3 + - name: storage + subnetName: subnet3 + - name: tenant + subnetName: subnet3 diff --git a/examples/dt/bmo01/dataplane/secrets/kustomization.yaml b/examples/dt/bmo01/dataplane/secrets/kustomization.yaml new file mode 100644 index 000000000..6e4b0affb --- /dev/null +++ b/examples/dt/bmo01/dataplane/secrets/kustomization.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../dt/bmo01/dataplane/secrets + +resources: + - values.yaml diff --git a/examples/dt/bmo01/dataplane/secrets/values.yaml b/examples/dt/bmo01/dataplane/secrets/values.yaml new file mode 100644 index 000000000..5232e2388 --- /dev/null +++ b/examples/dt/bmo01/dataplane/secrets/values.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: dataplane-secret-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + ssh_keys: + authorized: _replaced_ + private: _replaced_ + public: _replaced_ + + nova: + migration: + ssh_keys: + private: _replaced_ + public: _replaced_kustomization.yaml diff --git a/examples/dt/bmo01/dataplane/values.yaml b/examples/dt/bmo01/dataplane/values.yaml new file mode 100644 index 000000000..e44f7937e --- /dev/null +++ b/examples/dt/bmo01/dataplane/values.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: edpm-deployment-values + annotations: + config.kubernetes.io/local-config: "true" + +data: {} diff --git a/examples/dt/bmo01/osp-k8s-spine-leaf.svg b/examples/dt/bmo01/osp-k8s-spine-leaf.svg new file mode 100644 index 000000000..0f521b6d6 --- /dev/null +++ b/examples/dt/bmo01/osp-k8s-spine-leaf.svg @@ -0,0 +1,1057 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OCP-0 + + + + + + + + OCP-1 + + + + + + + + OCP-2 + + + + + + + + edpm-0 + + + + + + + + edpm-1 + + + + + + + + edpm-2 + + + + + + + + edpm-3 + + + + + + + + spine-0 + + + + + + + + spine-1 + + + + + + + + spine-2 + + + + + + + + leaf-0 + + + + + + + + leaf-2 + + + + + + + + leaf-1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/zuul.d/projects.yaml b/zuul.d/projects.yaml index ab6cb930c..a7741534d 100644 --- a/zuul.d/projects.yaml +++ b/zuul.d/projects.yaml @@ -4,6 +4,7 @@ - noop - rhoso-architecture-validate-bgp - rhoso-architecture-validate-bgp_dt01 + - rhoso-architecture-validate-bmo01 - rhoso-architecture-validate-dcn - rhoso-architecture-validate-hci - rhoso-architecture-validate-nfv-ovs-dpdk-sriov-hci diff --git a/zuul.d/validations.yaml b/zuul.d/validations.yaml index f9e72470d..34f21a06e 100644 --- a/zuul.d/validations.yaml +++ b/zuul.d/validations.yaml @@ -25,6 +25,23 @@ parent: rhoso-architecture-base-job vars: cifmw_architecture_scenario: bgp_dt01 +- job: + files: + - automation/mocks/bmo01.yaml + - automation/net-env/bmo01.yaml + - dt/bmo01 + - examples/dt/bmo01/control-plane + - examples/dt/bmo01/control-plane/nncp + - examples/dt/bmo01/dataplane + - examples/dt/bmo01/dataplane/baremetalhosts + - examples/dt/bmo01/dataplane/nodesets + - examples/dt/bmo01/dataplane/secrets + - lib + name: rhoso-architecture-validate-bmo01 + parent: rhoso-architecture-base-job + vars: + cifmw_architecture_scenario: bmo01 + cifmw_networking_env_def_file: automation/net-env/bmo01.yaml - job: files: - automation/net-env/dcn.yaml