diff --git a/automation/vars/bmo01.yaml b/automation/vars/bmo01.yaml new file mode 100644 index 000000000..ac9ab099e --- /dev/null +++ b/automation/vars/bmo01.yaml @@ -0,0 +1,105 @@ +--- +vas: + bmo01: + stages: + - path: examples/dt/bmo01/control-plane/nncp + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=5m + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - pre_stage_run: + - name: Apply cinder-lvm label on master-0 + type: cr + definition: + metadata: + labels: + openstack.org/cinder-lvm: "" + kind: Node + resource_name: master-0 + state: patched + path: examples/dt/bmo01/control-plane + wait_conditions: + - >- + oc -n openstack wait openstackcontrolplane + controlplane + --for condition=Ready + --timeout=60m + values: + - name: network-values + src_file: nncp/values.yaml + - name: service-values + src_file: service-values.yaml + build_output: control-plane.yaml + + - pre_stage_run: + - name: Patch Provisioning CR + type: cr + definition: + spec: + watchAllNamespaces: true + virtualMediaViaExternalNetwork: true + namespace: openshift-machine-api + api_version: metal3.io/v1alpha1 + kind: Provisioning + resource_name: provisioning-configuration + state: patched + path: examples/dt/bmo01/dataplane/baremetalhosts + wait_conditions: + - >- + oc -n openstack wait baremetalhosts.metal3.io + -l app=openstack + --for jsonpath=status.provisioning.state=available + --timeout=10m + values: + - name: baremetalhost-values + src_file: values.yaml + build_output: baremetalhosts.yaml + + - path: examples/dt/bmo01/dataplane/secrets + wait_conditions: + - >- + oc -n openstack wait secrets dataplane-ansible-ssh-private-key-secret + --for jsonpath=metadata.uid + - >- + oc -n openstack wait secrets nova-migration-ssh-key + --for jsonpath=metadata.uid + values: + - name: secret-values + src_file: values.yaml + build_output: dataplane-secrets.yaml + + - path: examples/dt/bmo01/dataplane/nodesets + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodesets + nodeset-0 + --for condition=NodeSetBaremetalProvisionReady + --timeout=40m + - >- + oc -n openstack wait openstackdataplanenodesets + nodeset-1 + --for condition=NodeSetBaremetalProvisionReady + --timeout=40m + values: + - name: nodeset-values + src_file: values.yaml + build_output: dataplane-nodesets.yaml + + - path: examples/dt/bmo01/dataplane + wait_conditions: + - >- + oc -n openstack wait openstackdataplanedeployment + edpm-deployment + --for condition=Ready + --timeout=40m + values: + - name: deployment-values + src_file: values.yaml + build_output: edpm.yaml diff --git a/dt/bmo01/dataplane/baremetalhosts/baremetalhost_template.yaml b/dt/bmo01/dataplane/baremetalhosts/baremetalhost_template.yaml new file mode 100644 index 000000000..6015fe9d4 --- /dev/null +++ b/dt/bmo01/dataplane/baremetalhosts/baremetalhost_template.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: _ignored_ + namespace: openstack +spec: + architecture: x86_64 + automatedCleaningMode: metadata + bmc: + address: _replaced_ + credentialsName: _replaced_ + bootMACAddress: _replaced_ + bootMode: UEFI + rootDeviceHints: {} + online: false + preprovisioningNetworkDataName: _replaced_ diff --git a/dt/bmo01/dataplane/baremetalhosts/baremetalhosts.yaml b/dt/bmo01/dataplane/baremetalhosts/baremetalhosts.yaml new file mode 100644 index 000000000..e5d0d996e --- /dev/null +++ b/dt/bmo01/dataplane/baremetalhosts/baremetalhosts.yaml @@ -0,0 +1,60 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: leaf0-0-preprovision-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: leaf0-0 + namespace: openstack +--- +apiVersion: v1 +kind: Secret +metadata: + name: leaf0-1-preprovision-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: leaf0-1 + namespace: openstack +--- +apiVersion: v1 +kind: Secret +metadata: + name: leaf1-0-preprovision-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: leaf1-0 + namespace: openstack +--- +apiVersion: v1 +kind: Secret +metadata: + name: leaf1-1-preprovision-network-data + namespace: openstack +type: Opaque +stringData: {} +--- +apiVersion: metal3.io/v1alpha1 +kind: BareMetalHost +metadata: + labels: {} + name: leaf1-1 + namespace: openstack diff --git a/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml b/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml new file mode 100644 index 000000000..55200c52a --- /dev/null +++ b/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml @@ -0,0 +1,297 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - baremetalhosts.yaml + +patches: + - target: + kind: BareMetalHost + path: baremetalhost_template.yaml + - target: + kind: BareMetalHost + patch: | + - op: replace + path: /spec/bmc/credentialsName + value: bmc-secret + - target: + kind: BareMetalHost + name: leaf0-0 + patch: | + - op: replace + path: /spec/preprovisioningNetworkDataName + value: leaf0-0-preprovision-network-data + - target: + kind: BareMetalHost + name: leaf0-1 + patch: | + - op: replace + path: /spec/preprovisioningNetworkDataName + value: leaf0-1-preprovision-network-data + - target: + kind: BareMetalHost + name: leaf1-0 + patch: | + - op: replace + path: /spec/preprovisioningNetworkDataName + value: leaf1-0-preprovision-network-data + - target: + kind: BareMetalHost + name: leaf1-1 + patch: | + - op: replace + path: /spec/preprovisioningNetworkDataName + value: leaf1-1-preprovision-network-data + +replacements: + + # Labels + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.labels + targets: + - select: + kind: BareMetalHost + name: leaf0-0 + fieldPaths: + - metadata.labels + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.labels + targets: + - select: + kind: BareMetalHost + name: leaf0-1 + fieldPaths: + - metadata.labels + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.labels + targets: + - select: + kind: BareMetalHost + name: leaf1-0 + fieldPaths: + - metadata.labels + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.labels + targets: + - select: + kind: BareMetalHost + name: leaf1-1 + fieldPaths: + - metadata.labels + options: + create: true + + # BMC Address + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.bmc.address + targets: + - select: + kind: BareMetalHost + name: leaf0-0 + fieldPaths: + - spec.bmc.address + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.bmc.address + targets: + - select: + kind: BareMetalHost + name: leaf0-1 + fieldPaths: + - spec.bmc.address + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.bmc.address + targets: + - select: + kind: BareMetalHost + name: leaf1-0 + fieldPaths: + - spec.bmc.address + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.bmc.address + targets: + - select: + kind: BareMetalHost + name: leaf1-1 + fieldPaths: + - spec.bmc.address + options: + create: true + + # bootMACAddress + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.bootMACAddress + targets: + - select: + kind: BareMetalHost + name: leaf0-0 + fieldPaths: + - spec.bootMACAddress + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.bootMACAddress + targets: + - select: + kind: BareMetalHost + name: leaf0-1 + fieldPaths: + - spec.bootMACAddress + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.bootMACAddress + targets: + - select: + kind: BareMetalHost + name: leaf1-0 + fieldPaths: + - spec.bootMACAddress + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.bootMACAddress + targets: + - select: + kind: BareMetalHost + name: leaf1-1 + fieldPaths: + - spec.bootMACAddress + options: + create: true + + # rootDeviceHints + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.rootDeviceHints + targets: + - select: + kind: BareMetalHost + name: leaf0-0 + fieldPaths: + - spec.rootDeviceHints + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.rootDeviceHints + targets: + - select: + kind: BareMetalHost + name: leaf0-1 + fieldPaths: + - spec.rootDeviceHints + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.rootDeviceHints + targets: + - select: + kind: BareMetalHost + name: leaf1-0 + fieldPaths: + - spec.rootDeviceHints + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.rootDeviceHints + targets: + - select: + kind: BareMetalHost + name: leaf1-1 + fieldPaths: + - spec.rootDeviceHints + options: + create: true + + # preprovisioningNetworkData + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-0.preprovisioningNetworkData + targets: + - select: + kind: Secret + name: leaf0-0-preprovision-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf0-1.preprovisioningNetworkData + targets: + - select: + kind: Secret + name: leaf0-1-preprovision-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-0.preprovisioningNetworkData + targets: + - select: + kind: Secret + name: leaf1-0-preprovision-network-data + fieldPaths: + - stringData + options: + create: true + - source: + kind: ConfigMap + name: baremetalhost-values + fieldPath: data.leaf1-1.preprovisioningNetworkData + targets: + - select: + kind: Secret + name: leaf1-1-preprovision-network-data + fieldPaths: + - stringData + options: + create: true diff --git a/dt/bmo01/dataplane/kustomization.yaml b/dt/bmo01/dataplane/kustomization.yaml new file mode 100644 index 000000000..e022a289f --- /dev/null +++ b/dt/bmo01/dataplane/kustomization.yaml @@ -0,0 +1,31 @@ + +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true +components: + - ../../../lib/dataplane/deployment + +patches: + - target: + kind: OpenStackDataPlaneDeployment + name: .* + patch: |- + - op: replace + path: /spec/nodeSets + value: + - nodeset-0 + - nodeset-1 diff --git a/dt/bmo01/dataplane/nodesets/kustomization.yaml b/dt/bmo01/dataplane/nodesets/kustomization.yaml new file mode 100644 index 000000000..cf87dff60 --- /dev/null +++ b/dt/bmo01/dataplane/nodesets/kustomization.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +resources: + - openstackdataplanenodesets.yaml diff --git a/dt/bmo01/dataplane/nodesets/openstackdataplanenodesets.yaml b/dt/bmo01/dataplane/nodesets/openstackdataplanenodesets.yaml new file mode 100644 index 000000000..d6845124c --- /dev/null +++ b/dt/bmo01/dataplane/nodesets/openstackdataplanenodesets.yaml @@ -0,0 +1,128 @@ +--- +apiVersion: dataplane.openstack.org/v1beta1 +kind: OpenStackDataPlaneNodeSet +metadata: + name: nodeset-0 +spec: + env: + - name: ANSIBLE_FORCE_COLOR + value: "True" + preProvisioned: false + baremetalSetTemplate: + deploymentSSHSecret: dataplane-ansible-ssh-private-key-secret + bmhNamespace: openstack + cloudUserName: cloud-user + bmhLabelSelector: + app: openstack + nodeset: leaf0 + ctlplaneInterface: _replaced_ + networkAttachments: + - ctlplane + nodeTemplate: + ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret + managementNetwork: ctlplane + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet2 + - name: internalapi + subnetName: subnet2 + - name: storage + subnetName: subnet2 + - name: tenant + subnetName: subnet2 + services: + - bootstrap + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - libvirt + - nova + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + timesync_ntp_servers: [] + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: _replaced_ + neutron_physical_bridge_name: _replaced_ + neutron_public_interface_name: _replaced_ + + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: [] + + gather_facts: false +--- +apiVersion: dataplane.openstack.org/v1beta1 +kind: OpenStackDataPlaneNodeSet +metadata: + name: nodeset-1 +spec: + env: + - name: ANSIBLE_FORCE_COLOR + value: "True" + preProvisioned: false + baremetalSetTemplate: + deploymentSSHSecret: dataplane-ansible-ssh-private-key-secret + bmhNamespace: openstack + cloudUserName: cloud-user + bmhLabelSelector: + app: openstack + nodeset: leaf1 + ctlplaneInterface: _replaced_ + networkAttachments: + - ctlplane + nodeTemplate: + ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret + managementNetwork: ctlplane + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet3 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + services: + - bootstrap + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - libvirt + - nova + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + timesync_ntp_servers: [] + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: _replaced_ + neutron_physical_bridge_name: _replaced_ + neutron_public_interface_name: _replaced_ + + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: [] + + gather_facts: false diff --git a/dt/bmo01/dataplane/secrets/dataplane-ssh-secret.yaml b/dt/bmo01/dataplane/secrets/dataplane-ssh-secret.yaml new file mode 100644 index 000000000..4e5913196 --- /dev/null +++ b/dt/bmo01/dataplane/secrets/dataplane-ssh-secret.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: v1 +data: + authorized_keys: _replaced_ + ssh-privatekey: _replaced_ + ssh-publickey: _replaced_ +kind: Secret +metadata: + name: dataplane-ansible-ssh-private-key-secret + namespace: openstack +type: Opaque diff --git a/dt/bmo01/dataplane/secrets/kustomization.yaml b/dt/bmo01/dataplane/secrets/kustomization.yaml new file mode 100644 index 000000000..e18353217 --- /dev/null +++ b/dt/bmo01/dataplane/secrets/kustomization.yaml @@ -0,0 +1,81 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - dataplane-ssh-secret.yaml + - nova-migration-ssh-secret.yaml + +secretGenerator: + - name: libvirt-secret + behavior: create + literals: + - LibvirtPassword=12345678 + options: + disableNameSuffixHash: true + +# OpenStackDataPlaneNodeSet customizations +replacements: + # Dataplane SSH access secret customizations + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.ssh_keys.authorized + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.authorized_keys + options: + create: true + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.ssh_keys.private + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.ssh-privatekey + options: + create: true + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.ssh_keys.public + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.ssh-publickey + options: + create: true + + # Nova migration secret customizations + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.nova.migration.ssh_keys.private + targets: + - select: + kind: Secret + name: nova-migration-ssh-key + fieldPaths: + - data.ssh-privatekey + options: + create: true + - source: + kind: ConfigMap + name: dataplane-secret-values + fieldPath: data.nova.migration.ssh_keys.public + targets: + - select: + kind: Secret + name: nova-migration-ssh-key + fieldPaths: + - data.ssh-publickey + options: + create: true diff --git a/dt/bmo01/dataplane/secrets/nova-migration-ssh-secret.yaml b/dt/bmo01/dataplane/secrets/nova-migration-ssh-secret.yaml new file mode 100644 index 000000000..a9d15e0b6 --- /dev/null +++ b/dt/bmo01/dataplane/secrets/nova-migration-ssh-secret.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +data: + ssh-privatekey: _replaced_ + ssh-publickey: _replaced_ +kind: Secret +metadata: + name: nova-migration-ssh-key + namespace: openstack +type: kubernetes.io/ssh-auth diff --git a/dt/bmo01/kustomization.yaml b/dt/bmo01/kustomization.yaml new file mode 100644 index 000000000..bca55efa1 --- /dev/null +++ b/dt/bmo01/kustomization.yaml @@ -0,0 +1,192 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../lib/networking/metallb + - netconfig + - ../../lib/networking/nad + - ../../lib/control-plane + +replacements: + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-iscsi.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-iscsi.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-iscsi.nodeSelector.openstack\.org/cinder-lvm + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-iscsi.nodeSelector.openstack\.org/cinder-lvm + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-iscsi.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-iscsi.customServiceConfig + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderBackup.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderBackup.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.default.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.glanceAPIs.default.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.customServiceConfig + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.default.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.glanceAPIs.default.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.swift.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.swift.enabled + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.octavia.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.octavia.enabled + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.heat.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.heat.enabled + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.telemetry.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.telemetry.enabled + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.ovn.ovnController.nicMappings + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.ovn.template.ovnController.nicMappings + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.neutron.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.neutron.template.customServiceConfig + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.nova.cellTemplates + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.nova.template.cellTemplates + options: + create: true diff --git a/dt/bmo01/netconfig/kustomization.yaml b/dt/bmo01/netconfig/kustomization.yaml new file mode 100644 index 000000000..a79f881b0 --- /dev/null +++ b/dt/bmo01/netconfig/kustomization.yaml @@ -0,0 +1,121 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - netconfig.yaml + +replacements: + # NetConfig dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=ctlplane].dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=internalapi].dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storage].dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=tenant].dnsDomain + + # NetConfig MTU + - source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=ctlplane].mtu + - source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=internalapi].mtu + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storage].mtu + - source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=tenant].mtu + + # NetConfig subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=ctlplane].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=internalapi].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storage].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=tenant].subnets diff --git a/dt/bmo01/netconfig/netconfig.yaml b/dt/bmo01/netconfig/netconfig.yaml new file mode 100644 index 000000000..86079e311 --- /dev/null +++ b/dt/bmo01/netconfig/netconfig.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: network.openstack.org/v1beta1 +kind: NetConfig +metadata: + name: netconfig + namespace: openstack +spec: + networks: + - dnsDomain: _replaced_ + name: ctlplane + subnets: + - _replaced_ + mtu: 1500 + - dnsDomain: _replaced_ + name: internalapi + subnets: + - _replaced_ + mtu: 1500 + - dnsDomain: _replaced_ + name: storage + subnets: + - _replaced_ + mtu: 1500 + - dnsDomain: _replaced_ + name: tenant + subnets: + - _replaced_ + mtu: 1500 diff --git a/dt/bmo01/nncp/kustomization.yaml b/dt/bmo01/nncp/kustomization.yaml new file mode 100644 index 000000000..5689bd721 --- /dev/null +++ b/dt/bmo01/nncp/kustomization.yaml @@ -0,0 +1,88 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../lib/nncp + +patches: + - target: + kind: NodeNetworkConfigurationPolicy + name: master-0 + patch: &routes |- + - op: add + path: /spec/desiredState/routes/config/- + value: + destination: 192.168.123.0/24 + metric: 150 + next-hop-address: _replaced_ + next-hop-interface: ospbr + - op: add + path: /spec/desiredState/routes/config/- + value: + destination: 192.168.124.0/24 + metric: 150 + next-hop-address: _replaced_ + next-hop-interface: ospbr + + - target: + kind: NodeNetworkConfigurationPolicy + name: master-1 + patch: *routes + + - target: + kind: NodeNetworkConfigurationPolicy + name: master-2 + patch: *routes + +replacements: + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.subnets.0.gateway + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-0 + fieldPaths: + - spec.desiredState.routes.config.0.next-hop-address + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.routes.config.0.next-hop-address + - select: + kind: NodeNetworkConfigurationPolicy + name: master-2 + fieldPaths: + - spec.desiredState.routes.config.0.next-hop-address + - select: + kind: NodeNetworkConfigurationPolicy + name: master-0 + fieldPaths: + - spec.desiredState.routes.config.1.next-hop-address + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.routes.config.1.next-hop-address + - select: + kind: NodeNetworkConfigurationPolicy + name: master-2 + fieldPaths: + - spec.desiredState.routes.config.1.next-hop-address diff --git a/examples/dt/bmo01/README.md b/examples/dt/bmo01/README.md new file mode 100644 index 000000000..b39ea10cd --- /dev/null +++ b/examples/dt/bmo01/README.md @@ -0,0 +1,55 @@ +# Deployed Topology - BMO spine-and-leaf + +Spine and Leaf topology of Red Hat OpenStack Services on OpenShift, with +dataplane nodes deployed with Baremetal Operator. It contains a collection +of custom resources (CRs) for deploying the test environment. + +## Purpose + +This topology is used for testing Baremetal Operator node provisioning in a +spine-and-leaf architecture. + +### Nodes + +| Role | Machine Type | Count | +| ----------------- | ------------ | ----- | +| Compact OpenShift | vm | 3 | +| OpenStack Compute | vm | 4 | + +### Networks + +| Name | Type | Interface | CIDR | +| ------------ | -------- | --------- | --------------- | +| Provisioning | untagged | nic1 | 172.22.0.0/24 | +| Machine | untagged | nic2 | 192.168.32.0/20 | +| RH OSP | trunk | nic3 | | +| RH OSP | trunk1 | | +| RH OSP | trunk1 | | + +#### Networks in RH OSP + +| Name | Type | CIDR | +| ----------- | ----------- | ---------------------------------------------------- | +| ctlplane | untagged | 192.168.122.0/24, 192.168.123.0/24, 192.168.123.0/24 | +| internalapi | VLAN tagged | 172.17.0.0/24 | +| storage | VLAN tagged | 172.18.0.0/24 | +| tenant | VLAN tagged | 172.19.0.0/24 | + +### Services, enabled features and configurations + +| Service | configuration | Lock-in coverage? | +| ---------------- | ---------------- | ------------------ | +| Cinder | LVM/iSCSI/lioadm | | +| Glance | Swift | | +| Swift | (default) | | +| Neutron | OVN | | +| Nova | (default) | | +| Keystone | (default) | | + + +## Workflow + +1. [Install the OpenStack K8S operators and their dependencies](../../common/README.md) +2. [Configure and deploy the OpenStack control plane](control-plane.md) +3. [Configure and deploy the OpenStack networker deployment](networker.md) +4. [Configure and deploy the OpenStack data plane](data-plane.md) diff --git a/examples/dt/bmo01/control-plane.md b/examples/dt/bmo01/control-plane.md new file mode 100644 index 000000000..0a6022e46 --- /dev/null +++ b/examples/dt/bmo01/control-plane.md @@ -0,0 +1,94 @@ +# Configuring networking and deploy the OpenStack control plane + +## Assumptions + +- A storage class called `local-storage` should already exist. +- Cluster observability operator is already deployed. If not, follow the + steps found [below](#cluster-observability-operator). + +### Cluster observability operator + +Cluster Observability Operator must be installed as it is required by OpenStack +Telemetry operator. If not installed, the below steps can be followed + +```bash +cat > subscription.yaml << EOF +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: observability-operator + namespace: openshift-operators + labels: + operators.coreos.com/observability-operator.openshift-operators: "" +spec: + channel: development + installPlanApproval: Automatic + name: cluster-observability-operator + source: redhat-operators + sourceNamespace: openshift-marketplace +EOF + +# Apply the cr +oc apply -f subscription.yaml + +# Wait for the deployment to be ready +oc wait -n openshift-operators deployments/observability-operator \ + --for condition=Available \ + --timeout=300s +``` + +## Initialize + +Switch to the "openstack" namespace + +```bash +oc project openstack +``` + +Change to the uni01alpha directory + +```bash +cd architecture/examples/dt/bmo +``` + +Edit [service-values.yaml](control-plane/service-values.yaml) and +[control-plane/nncp/values.yaml](control-plane/nncp/values.yaml). + +Apply node network configuration + +```bash +pushd control-plane/nncp +kustomize build > nncp.yaml +oc apply -f nncp.yaml +oc wait nncp \ + -l osp/nncm-config-type=standard \ + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured \ + --timeout=300s +popd +``` + +Generate the control-plane and networking CRs. + +```bash +pushd control-plane +kustomize build > control-plane.yaml +``` + +## Create CRs + +> **_NOTE:_** Since Cinder is using LVM backend, set +> `openstack.org/cinder-lvm=` label on one of the nodes: +> +> `oc label node openstack.org/cinder-lvm=` + +```bash +oc apply -f control-plane.yaml +popd +``` + +Wait for control plane to be available + +```bash +oc wait osctlplane controlplane --for condition=Ready --timeout=600s +``` diff --git a/examples/dt/bmo01/control-plane/kustomization.yaml b/examples/dt/bmo01/control-plane/kustomization.yaml new file mode 100644 index 000000000..3d3ce09bc --- /dev/null +++ b/examples/dt/bmo01/control-plane/kustomization.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../dt/bmo01 + +resources: + - nncp/values.yaml + - service-values.yaml diff --git a/examples/dt/bmo01/control-plane/nncp/kustomization.yaml b/examples/dt/bmo01/control-plane/nncp/kustomization.yaml new file mode 100644 index 000000000..45d6fb445 --- /dev/null +++ b/examples/dt/bmo01/control-plane/nncp/kustomization.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../dt/bmo01/nncp + +resources: + - values.yaml diff --git a/examples/dt/bmo01/control-plane/nncp/values.yaml b/examples/dt/bmo01/control-plane/nncp/values.yaml new file mode 100644 index 000000000..8cabda2dd --- /dev/null +++ b/examples/dt/bmo01/control-plane/nncp/values.yaml @@ -0,0 +1,224 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: network-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + openstack-operator-image: "quay.io/openstack-k8s-operators/openstack-operator-index:latest" + + ocp: + cluster_network_cidr: 192.168.16.0/20 + service_network_cidr: 172.30.0.0/16 + + node_0: + name: master-0 + internalapi_ip: 172.17.0.10 + tenant_ip: 172.19.0.10 + ctlplane_ip: 192.168.122.10 + storage_ip: 172.18.0.10 + node_1: + name: master-1 + internalapi_ip: 172.17.0.11 + tenant_ip: 172.19.0.11 + ctlplane_ip: 192.168.122.11 + storage_ip: 172.18.0.11 + node_2: + name: master-2 + internalapi_ip: 172.17.0.12 + tenant_ip: 172.19.0.12 + ctlplane_ip: 192.168.122.12 + storage_ip: 172.18.0.12 + + ctlplane: + dnsDomain: ctlplane.openstack.lab + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.200 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + - allocationRanges: + - end: 192.168.123.120 + start: 192.168.123.100 + - end: 192.168.123.200 + start: 192.168.123.150 + cidr: 192.168.123.0/24 + gateway: 192.168.123.1 + name: subnet2 + - allocationRanges: + - end: 192.168.124.120 + start: 192.168.124.100 + - end: 192.168.124.200 + start: 192.168.124.150 + cidr: 192.168.124.0/24 + gateway: 192.168.124.1 + name: subnet3 + prefix-length: 24 + iface: enp7s0 + mtu: 9000 + lb_addresses: + - 192.168.122.80-192.168.122.90 + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70" + } + } + + internalapi: + dnsDomain: internalapi.openstack.lab + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + mtu: 1500 + prefix-length: 24 + iface: internalapi + vlan: 20 + base_iface: enp7s0 + lb_addresses: + - 172.17.0.80-172.17.0.90 + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70" + } + } + + storage: + dnsDomain: storage.openstack.lab + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + mtu: 9000 + prefix-length: 24 + iface: storage + vlan: 21 + base_iface: enp7s0 + lb_addresses: + - 172.18.0.80-172.18.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70" + } + } + + tenant: + dnsDomain: tenant.openstack.lab + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + mtu: 1500 + prefix-length: 24 + iface: tenant + vlan: 22 + base_iface: enp7s0 + lb_addresses: + - 172.19.0.80-172.19.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70" + } + } + + external: + dnsDomain: external.openstack.lab + subnets: + - allocationRanges: + - end: 192.168.122.250 + start: 192.168.122.201 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + mtu: 1500 + + datacentre: + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } + + dns-resolver: + config: + server: + - 192.168.122.1 + search: [] + options: + - key: server + values: + - 192.168.122.1 + + routes: + config: [] + + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + + lbServiceType: LoadBalancer + storageClass: lvms-local-storage + bridgeName: ospbr diff --git a/examples/dt/bmo01/control-plane/service-values.yaml b/examples/dt/bmo01/control-plane/service-values.yaml new file mode 100644 index 000000000..bb8dba39d --- /dev/null +++ b/examples/dt/bmo01/control-plane/service-values.yaml @@ -0,0 +1,114 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: service-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + preserveJobs: false + cinderVolumes: + lvm-iscsi: + replicas: 1 + nodeSelector: + openstack.org/cinder-lvm: "" + customServiceConfig: | + [lvm] + image_volume_cache_enabled = false + volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver + volume_group = cinder-volumes + target_protocol = iscsi + target_helper = lioadm + volume_backend_name = lvm_iscsi + target_ip_address=172.18.0.10 + target_secondary_ip_addresses = 172.19.0.10 + + cinderBackup: + replicas: 0 + + glance: + customServiceConfig: | + [DEFAULT] + debug = True + enabled_backends = default_backend:swift + + [glance_store] + default_backend = default_backend + + [default_backend] + swift_store_create_container_on_put = True + swift_store_auth_version = 3 + swift_store_auth_address = {{ .KeystoneInternalURL }} + swift_store_endpoint_type = internalURL + swift_store_user = service:glance + swift_store_key = {{ .ServicePassword }} + default: + replicas: 3 + + nova: + cellTemplates: + cell0: + cellDatabaseInstance: openstack + cellDatabaseAccount: nova-cell0 + cellMessageBusInstance: rabbitmq + hasAPIAccess: true + + swift: + enabled: true + + octavia: + enabled: false + + heat: + enabled: false + + telemetry: + enabled: false + + ovn: + ovnController: + nicMappings: + datacentre: ocpbr + + neutron: + customServiceConfig: | + [DEFAULT] + vlan_transparent = true + agent_down_time = 600 + router_distributed = true + router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler + allow_automatic_l3agent_failover = true + debug = true + + [agent] + report_interval = 300 + + [database] + max_retries = -1 + db_max_retries = -1 + + [keystone_authtoken] + region_name = regionOne + memcache_use_advanced_pool = True + + [oslo_messaging_notifications] + driver = noop + + [oslo_middleware] + enable_proxy_headers_parsing = true + + [oslo_policy] + policy_file = /etc/neutron/policy.yaml + + [ovs] + igmp_snooping_enable = true + + [ovn] + ovsdb_probe_interval = 60000 + ovn_emit_need_to_frag = true + + [ml2] + type_drivers = geneve,vxlan,vlan,flat,local + tenant_network_types = geneve,flat diff --git a/examples/dt/bmo01/data-plane.md b/examples/dt/bmo01/data-plane.md new file mode 100644 index 000000000..7d411960b --- /dev/null +++ b/examples/dt/bmo01/data-plane.md @@ -0,0 +1,151 @@ +# Deploying the OpenStack dataplane + +## Assumptions + +- The [control plane](control-plane.md) has been successfully deployed. + +## Initialize + +Switch to the "openstack" namespace + +```bash +oc project openstack +``` + +Change to the dataplane directory + +```bash +cd architecture/examples/dt/bmo/dataplane +``` + +### Configure BMO - Provisioning to watch all namespaces + +``` +oc patch provisioning provisioning-configuration --type merge -p '{"spec":{"watchAllNamespaces": true }}' +``` + +### Configure BMO - Provisioning to use external network for virtual-media + +``` +oc patch provisioning provisioning-configuration --type merge -p '{"spec":{"virtualMediaViaExternalNetwork": true }}' +``` + +### Create the BareMetalHost CRs + +``` +pushd baremetalhosts +``` + +Modify the [values.yaml](dataplane/baremetalhosts/values.yaml), for each of the nodes (`leaf0-0`, `leaf0-1`, `leaf1-0` and `leaf1-1`) set: +- `bmc.address` +- `bootMACAddress` +- `rootDeviceHints` +- `preprovisioningNetworkData` + +Modify the [bmc-secret.env](dataplane/baremetalhosts/bmc-secret.env) *env* with the BMC `username` and `password`, for example: +``` +username=root +password=S3cr3t +``` + +``` +kustomize build > baremetalhosts.yaml +oc apply -f baremetalhosts.yaml +``` + +Wait for BareMetalHosts to reach state: `active` + +``` +oc get bmh -w + +NAME STATE CONSUMER ONLINE ERROR AGE +leaf0-0 inspecting false 53s +leaf0-1 inspecting false 53s +leaf1-0 inspecting false 53s +leaf1-1 inspecting false 53s +leaf1-0 preparing false 3m38s +leaf1-0 available false 3m38s +leaf1-0 available false 3m38s +leaf1-1 preparing false 4m38s +leaf0-1 preparing false 4m38s +leaf0-0 preparing false 4m38s +leaf1-1 available false 4m38s +leaf0-1 available false 4m38s +leaf0-0 available false 4m38s +leaf1-1 available false 4m38s +leaf0-1 available false 4m38s +leaf0-0 available false 4m38s +``` + +``` +popd +``` + +## Create the dataplane secrets + +``` +pushd secrets +``` + +Modify the [values.yaml](values.yaml) with the following information + +- SSH keys to be used for accessing the deployed compute nodes. +- SSH keys to be use for Nova migration. + +> All values must be in base64 encoded format. + +### Compute access + +1. Set `data['authorized']` with the value of all OpenStack Compute host SSH + keys. +2. Set `data['private']` with the contents of the SSH private key to be used + for accessing the dataplane compute nodes. +3. Set `data['public']` with the contents of the SSH public key used for + accessing the dataplane compute nodes. + +### Nova migration + +1. Set `data['nova']['migration']['ssh_keys']['private']` with the content of + the SSH private key to be used for potential future migration. +2. Set `data['nova']['migration']['ssh_keys']['public']` with the content of + the SSH public key to be used for potential future migration. + +### Generate the dataplane-secrets CRs. + +```bash +kustomize build > dataplane-secrets.yaml +``` + +### Create CRs the dataplane-secrets CRs. + +```bash +oc apply -f dataplane-secrets.yaml +``` + +``` +popd +``` + +## Create the dataplane-nodeset CRs + +Generate the dataplane CRs. + +``` +pushd nodesets +``` + +```bash +kustomize build > dataplane-nodesets.yaml +``` + +## Create CRs + +```bash +oc apply -f dataplane-nodesets.yaml +``` + +Wait for dataplane deployment to finish + +```bash +oc wait osdpd edpm-deployment --for condition=Ready --timeout=1200s +``` diff --git a/examples/dt/bmo01/dataplane/baremetalhosts/bmc-secret.env b/examples/dt/bmo01/dataplane/baremetalhosts/bmc-secret.env new file mode 100644 index 000000000..ff0f7d4f3 --- /dev/null +++ b/examples/dt/bmo01/dataplane/baremetalhosts/bmc-secret.env @@ -0,0 +1,2 @@ +username=admin +password=password diff --git a/examples/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml b/examples/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml new file mode 100644 index 000000000..997b3be4c --- /dev/null +++ b/examples/dt/bmo01/dataplane/baremetalhosts/kustomization.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../dt/bmo01/dataplane/baremetalhosts + +resources: + - values.yaml + +secretGenerator: + - name: bmc-secret + behavior: create + envs: + - bmc-secret.env + options: + disableNameSuffixHash: true diff --git a/examples/dt/bmo01/dataplane/baremetalhosts/values.yaml b/examples/dt/bmo01/dataplane/baremetalhosts/values.yaml new file mode 100644 index 000000000..a62a751be --- /dev/null +++ b/examples/dt/bmo01/dataplane/baremetalhosts/values.yaml @@ -0,0 +1,130 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: baremetalhost-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + leaf0-0: + name: leaf0-0 + labels: + app: openstack + nodeset: leaf0 + bmc: + address: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/df2bf92f-3e2c-47e1-b1fa-0d2e06bd1b1d + bootMACAddress: 52:54:04:15:a8:d9 + rootDeviceHints: + deviceName: /dev/sda + preprovisioningNetworkData: + nmstate: | + interfaces: + - name: enp5s0 + type: ethernet + state: up + ipv4: + enabled: true + address: + - ip: 192.168.130.100 + prefix-length: 24 + dns-resolver: + config: + server: + - 192.168.122.1 + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.130.1 + next-hop-interface: enp5s0 + leaf0-1: + name: leaf0-1 + labels: + app: openstack + nodeset: leaf0 + bmc: + address: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/455a0036-11f9-4417-a150-9ee858cd7b3d + bootMACAddress: 52:54:05:59:03:e9 + rootDeviceHints: + deviceName: /dev/sda + preprovisioningNetworkData: + nmstate: | + interfaces: + - name: enp5s0 + type: ethernet + state: up + ipv4: + enabled: true + address: + - ip: 192.168.130.101 + prefix-length: 24 + dns-resolver: + config: + server: + - 192.168.122.1 + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.130.1 + next-hop-interface: enp5s0 + leaf1-0: + name: leaf1-0 + labels: + app: openstack + nodeset: leaf1 + bmc: + address: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/adbcfb62-afe9-488d-8e67-c3fd711e46e8 + bootMACAddress: 52:54:06:49:2a:d2 + rootDeviceHints: + deviceName: /dev/sda + preprovisioningNetworkData: + nmstate: | + interfaces: + - name: enp5s0 + type: ethernet + state: up + ipv4: + enabled: true + address: + - ip: 192.168.131.100 + prefix-length: 24 + dns-resolver: + config: + server: + - 192.168.122.1 + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.131.1 + next-hop-interface: enp5s0 + leaf1-1: + name: leaf1-1 + labels: + app: openstack + nodeset: leaf1 + bmc: + address: redfish-virtualmedia+http://sushy.utility:8000/redfish/v1/Systems/f5da12a3-b71d-4b81-9805-ebd5a2cd7bdf + bootMACAddress: 52:54:07:5f:0c:f4 + rootDeviceHints: + deviceName: /dev/sda + preprovisioningNetworkData: + nmstate: | + interfaces: + - name: enp5s0 + type: ethernet + state: up + ipv4: + enabled: true + address: + - ip: 192.168.131.101 + prefix-length: 24 + dns-resolver: + config: + server: + - 192.168.122.1 + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.131.1 + next-hop-interface: enp5s0 diff --git a/examples/dt/bmo01/dataplane/kustomization.yaml b/examples/dt/bmo01/dataplane/kustomization.yaml new file mode 100644 index 000000000..c8cf036f2 --- /dev/null +++ b/examples/dt/bmo01/dataplane/kustomization.yaml @@ -0,0 +1,10 @@ + +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../dt/bmo01/dataplane + +resources: + - values.yaml diff --git a/examples/dt/bmo01/dataplane/nodesets/kustomization.yaml b/examples/dt/bmo01/dataplane/nodesets/kustomization.yaml new file mode 100644 index 000000000..0a910c155 --- /dev/null +++ b/examples/dt/bmo01/dataplane/nodesets/kustomization.yaml @@ -0,0 +1,182 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../dt/bmo01/dataplane/nodesets + +resources: + - values.yaml + +replacements: + # nodeset-0 values + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.ctlplaneInterface + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.baremetalSetTemplate.ctlplaneInterface + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.neutron_physical_bridge_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_physical_bridge_name + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.neutron_public_interface_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_public_interface_name + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.edpm_network_config_template + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_network_config_template + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.edpm_sshd_allowed_ranges + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_sshd_allowed_ranges + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.timesync_ntp_servers + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.timesync_ntp_servers + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset0.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-0 + fieldPaths: + - spec.nodes + options: + create: true + + # nodeset-1 values + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.ctlplaneInterface + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.baremetalSetTemplate.ctlplaneInterface + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.neutron_physical_bridge_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_physical_bridge_name + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.neutron_public_interface_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_public_interface_name + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.edpm_network_config_template + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_network_config_template + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.edpm_sshd_allowed_ranges + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_sshd_allowed_ranges + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.timesync_ntp_servers + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.timesync_ntp_servers + options: + create: true + - source: + kind: ConfigMap + name: nodeset-values + fieldPath: data.nodeset1.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: nodeset-1 + fieldPaths: + - spec.nodes + options: + create: true diff --git a/examples/dt/bmo01/dataplane/nodesets/values.yaml b/examples/dt/bmo01/dataplane/nodesets/values.yaml new file mode 100644 index 000000000..bbdb74bd2 --- /dev/null +++ b/examples/dt/bmo01/dataplane/nodesets/values.yaml @@ -0,0 +1,126 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + ntp_servers: &ntp_servers + - hostname: pool.ntp.org + sshd_allowed_ranges: &ssh_allowed_ranges + - 192.168.123.0/24 + - 192.168.124.0/24 + network_config_template: &network_config_template | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + mtu: {{ min_viable_mtu }} + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: {{ ctlplane_host_routes }} + members: + - type: interface + name: nic1 + mtu: {{ min_viable_mtu }} + primary: true + {% for network in nodeset_networks %} + - type: vlan + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: >- + {{ + lookup('vars', networks_lower[network] ~ '_ip') + }}/{{ + lookup('vars', networks_lower[network] ~ '_cidr') + }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endfor %} + + nodeset0: + ctlplaneInterface: enp5s0 + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: enp5s0 + edpm_network_config_template: *network_config_template + edpm_sshd_allowed_ranges: *ssh_allowed_ranges + timesync_ntp_servers: *ntp_servers + nodes: + edpm-compute-0-0: + ansible: + ansibleHost: 192.168.123.100 + hostName: edpm-compute-0-0 + networks: + - defaultRoute: true + fixedIP: 192.168.123.100 + name: ctlplane + subnetName: subnet2 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + edpm-compute-0-1: + ansible: + ansibleHost: 192.168.123.101 + hostName: edpm-compute-0-1 + networks: + - defaultRoute: true + fixedIP: 192.168.123.101 + name: ctlplane + subnetName: subnet2 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + + nodeset1: + ctlplaneInterface: enp5s0 + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: enp5s0 + edpm_network_config_template: *network_config_template + edpm_sshd_allowed_ranges: *ssh_allowed_ranges + timesync_ntp_servers: *ntp_servers + nodes: + edpm-compute-1-0: + ansible: + ansibleHost: 192.168.124.100 + hostName: edpm-compute-1-0 + networks: + - defaultRoute: true + fixedIP: 192.168.124.100 + name: ctlplane + subnetName: subnet3 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + edpm-compute-1-1: + ansible: + ansibleHost: 192.168.124.101 + hostName: edpm-compute-1-1 + networks: + - defaultRoute: true + fixedIP: 192.168.124.101 + name: ctlplane + subnetName: subnet3 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 diff --git a/examples/dt/bmo01/dataplane/secrets/kustomization.yaml b/examples/dt/bmo01/dataplane/secrets/kustomization.yaml new file mode 100644 index 000000000..2f48bc6f5 --- /dev/null +++ b/examples/dt/bmo01/dataplane/secrets/kustomization.yaml @@ -0,0 +1,10 @@ + +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../dt/bmo01/dataplane/secrets + +resources: + - values.yaml diff --git a/examples/dt/bmo01/dataplane/secrets/values.yaml b/examples/dt/bmo01/dataplane/secrets/values.yaml new file mode 100644 index 000000000..5232e2388 --- /dev/null +++ b/examples/dt/bmo01/dataplane/secrets/values.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: dataplane-secret-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + ssh_keys: + authorized: _replaced_ + private: _replaced_ + public: _replaced_ + + nova: + migration: + ssh_keys: + private: _replaced_ + public: _replaced_kustomization.yaml diff --git a/examples/dt/bmo01/dataplane/values.yaml b/examples/dt/bmo01/dataplane/values.yaml new file mode 100644 index 000000000..e44f7937e --- /dev/null +++ b/examples/dt/bmo01/dataplane/values.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: edpm-deployment-values + annotations: + config.kubernetes.io/local-config: "true" + +data: {}