Skip to content

Commit

Permalink
Remove NetworkConfig override handling
Browse files Browse the repository at this point in the history
This change removes the CRD level override for network config files.
Instead, this allows us to use the Ansible variable directly to set any
require network config customizations.

Depends-On: openstack-k8s-operators/edpm-ansible#243

Signed-off-by: Brendan Shephard <[email protected]>
  • Loading branch information
bshephar committed Sep 14, 2023
1 parent d984646 commit c3d2220
Show file tree
Hide file tree
Showing 19 changed files with 397 additions and 175 deletions.
14 changes: 4 additions & 10 deletions api/bases/dataplane.openstack.org_openstackdataplanenodesets.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1035,11 +1035,10 @@ spec:
type: array
managementNetwork:
type: string
networkConfig:
properties:
template:
type: string
type: object
networkAttachments:
items:
type: string
type: array
networkData:
properties:
name:
Expand Down Expand Up @@ -1840,11 +1839,6 @@ spec:
type: string
managementNetwork:
type: string
networkConfig:
properties:
template:
type: string
type: object
networkData:
properties:
name:
Expand Down
39 changes: 24 additions & 15 deletions api/v1beta1/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ package v1beta1

import (
"encoding/json"
"reflect"

infranetworkv1 "github.com/openstack-k8s-operators/infra-operator/apis/network/v1beta1"
"github.com/openstack-k8s-operators/lib-common/modules/storage"
Expand Down Expand Up @@ -52,11 +53,6 @@ type NodeSection struct {
// +kubebuilder:validation:Optional
HostName string `json:"hostName,omitempty"`

// NetworkConfig - Network configuration details. Contains os-net-config
// related properties.
// +kubebuilder:validation:Optional
NetworkConfig NetworkConfigSection `json:"networkConfig"`

// Networks - Instance networks
// +kubebuilder:validation:Optional
Networks []infranetworkv1.IPSetNetwork `json:"networks,omitempty"`
Expand Down Expand Up @@ -93,10 +89,10 @@ type NodeTemplate struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
AnsibleSSHPrivateKeySecret string `json:"ansibleSSHPrivateKeySecret"`

// NetworkConfig - Network configuration details. Contains os-net-config
// related properties.
// NetworkAttachments is a list of NetworkAttachment resource names to pass to the ansibleee resource
// which allows to connect the ansibleee runner to the given network
// +kubebuilder:validation:Optional
NetworkConfig NetworkConfigSection `json:"networkConfig,omitempty"`
NetworkAttachments []string `json:"networkAttachments,omitempty"`

// Networks - Instance networks
// +kubebuilder:validation:Optional
Expand Down Expand Up @@ -143,13 +139,26 @@ type DeployStrategySection struct {
AnsibleSkipTags string `json:"ansibleSkipTags,omitempty"`
}

// NetworkConfigSection is a specification of the Network configuration details
type NetworkConfigSection struct {

// Template - Contains a Ansible j2 nic config template to use when applying node
// network configuration
// +kubebuilder:validation:Optional
Template string `json:"template,omitempty" yaml:"template,omitempty"`
// UniqueSpecFields - the array of fields that must be unique between role and nodes
var UniqueSpecFields = []string{"NetworkAttachments"}

// AssertUniquenessBetween - compare specs for uniqueness
func AssertUniquenessBetween(spec interface{}, otherSpec interface{}, suffix string) []string {
vSpec := reflect.ValueOf(spec)
vOtherSpec := reflect.ValueOf(otherSpec)

var errorMsgs []string
for _, field := range UniqueSpecFields {
value := vSpec.FieldByName(field)
otherValue := vOtherSpec.FieldByName(field)
if value.IsZero() || otherValue.IsZero() {
continue
}
if !reflect.DeepEqual(value.Interface(), otherValue.Interface()) {
errorMsgs = append(errorMsgs, field+" mismatch between "+suffix)
}
}
return errorMsgs
}

// AnsibleEESpec is a specification of the ansible EE attributes
Expand Down
22 changes: 5 additions & 17 deletions api/v1beta1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -1035,11 +1035,10 @@ spec:
type: array
managementNetwork:
type: string
networkConfig:
properties:
template:
type: string
type: object
networkAttachments:
items:
type: string
type: array
networkData:
properties:
name:
Expand Down Expand Up @@ -1840,11 +1839,6 @@ spec:
type: string
managementNetwork:
type: string
networkConfig:
properties:
template:
type: string
type: object
networkData:
properties:
name:
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,164 @@
apiVersion: dataplane.openstack.org/v1beta1
kind: OpenStackDataPlaneNodeSet
metadata:
name: openstack-edpm-ipam
spec:
env:
- name: ANSIBLE_FORCE_COLOR
value: "True"
- name: ANSIBLE_ENABLE_TASK_DEBUGGER
value: "True"
services:
- configure-network
- validate-network
- install-os
- configure-os
- run-os
- ovn
- libvirt
- nova
deployStrategy:
deploy: true
baremetalSetTemplate:
bmhNamespace: openstack
deploymentSSHSecret: dataplane-ansible-ssh-private-key-secret
bmhLabelSelector:
app: openstack
ctlplaneInterface: enp1s0
dnsSearchDomains:
- osptest.openstack.org
cloudUserName: cloud-admin
nodeTemplate:
ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret
nodes:
edpm-compute-0:
hostName: edpm-compute-0
ansible:
ansibleUser: root
ansibleHost: 192.168.122.100
ansibleVars:
ctlplane_ip: 192.168.122.100
internal_api_ip: 172.17.0.100
storage_ip: 172.18.0.100
tenant_ip: 172.19.0.100
fqdn_internal_api: edpm-compute-0.example.com
networks:
- name: CtlPlane
subnetName: subnet1
defaultRoute: true
fixedIP: 192.168.122.100
- name: InternalApi
subnetName: subnet1
- name: Storage
subnetName: subnet1
- name: Tenant
subnetName: subnet1
managementNetwork: ctlplane
ansible:
ansibleUser: root
ansiblePort: 22
ansibleVars:
service_net_map:
nova_api_network: internal_api
nova_libvirt_network: internal_api
edpm_chrony_ntp_servers:
- clock.redhat.com
# edpm_network_config
# Default nic config template for a EDPM compute node
# These vars are edpm_network_config role vars
edpm_network_config_hide_sensitive_logs: false
edpm_network_config_template: |
---
{% set mtu_list = [ctlplane_mtu] %}
{% for network in role_networks %}
{{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }}
{%- endfor %}
{% set min_viable_mtu = mtu_list | max %}
network_config:
- type: ovs_bridge
name: {{ neutron_physical_bridge_name }}
mtu: {{ min_viable_mtu }}
use_dhcp: false
dns_servers: {{ ctlplane_dns_nameservers }}
domain: {{ dns_search_domains }}
addresses:
- ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_subnet_cidr }}
routes: {{ ctlplane_host_routes }}
members:
- type: interface
name: nic1
mtu: {{ min_viable_mtu }}
# force the MAC address of the bridge to this interface
primary: true
{% for network in role_networks %}
- type: vlan
mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }}
vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }}
addresses:
- ip_netmask:
{{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }}
routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }}
{% endfor %}
# These vars are for the network config templates themselves and are
# considered EDPM network defaults.
neutron_physical_bridge_name: br-ex
neutron_public_interface_name: eth0
ctlplane_mtu: 1500
ctlplane_subnet_cidr: 24
ctlplane_gateway_ip: 192.168.122.1
ctlplane_host_routes:
- ip_netmask: 0.0.0.0/0
next_hop: 192.168.122.1
external_mtu: 1500
external_vlan_id: 44
external_cidr: '24'
external_host_routes: []
internal_api_mtu: 1500
internal_api_vlan_id: 20
internal_api_cidr: '24'
internal_api_host_routes: []
storage_mtu: 1500
storage_vlan_id: 21
storage_cidr: '24'
storage_host_routes: []
tenant_mtu: 1500
tenant_vlan_id: 22
tenant_cidr: '24'
tenant_host_routes: []
role_networks:
- InternalApi
- Storage
- Tenant
networks_lower:
External: external
InternalApi: internal_api
Storage: storage
Tenant: tenant
# edpm_nodes_validation
edpm_nodes_validation_validate_controllers_icmp: false
edpm_nodes_validation_validate_gateway_icmp: false
edpm_ovn_metadata_agent_DEFAULT_transport_url: rabbit://[email protected]:5672
edpm_ovn_metadata_agent_metadata_agent_ovn_ovn_sb_connection: tcp:10.217.5.121:6642
edpm_ovn_metadata_agent_metadata_agent_DEFAULT_nova_metadata_host: 127.0.0.1
edpm_ovn_metadata_agent_metadata_agent_DEFAULT_metadata_proxy_shared_secret: 12345678
edpm_ovn_metadata_agent_DEFAULT_bind_host: 127.0.0.1
ctlplane_dns_nameservers:
- 192.168.122.1
dns_search_domains: []
edpm_ovn_dbs:
- 192.168.122.1
registry_url: quay.io/podified-antelope-centos9
image_tag: current-podified
edpm_ovn_controller_agent_image: "{{ registry_url }}/openstack-ovn-controller:{{ image_tag }}"
edpm_iscsid_image: "{{ registry_url }}/openstack-iscsid:{{ image_tag }}"
edpm_logrotate_crond_image: "{{ registry_url }}/openstack-cron:{{ image_tag }}"
edpm_nova_compute_container_image: "{{ registry_url }}/openstack-nova-compute:{{ image_tag }}"
edpm_nova_libvirt_container_image: "{{ registry_url }}/openstack-nova-libvirt:{{ image_tag }}"
edpm_ovn_metadata_agent_image: "{{ registry_url }}/openstack-neutron-metadata-agent-ovn:{{ image_tag }}"
gather_facts: false
enable_debug: false
# edpm firewall, change the allowed CIDR if needed
edpm_sshd_configure_firewall: true
edpm_sshd_allowed_ranges: ['192.168.122.0/24']
# SELinux module
edpm_selinux_mode: enforcing
34 changes: 33 additions & 1 deletion config/samples/dataplane_v1beta1_openstackdataplanenodeset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,39 @@ spec:
# Default nic config template for a EDPM compute node
# These vars are edpm_network_config role vars
edpm_network_config_hide_sensitive_logs: false
edpm_network_config_template: templates/single_nic_vlans/single_nic_vlans.j2
edpm_network_config_template: |
---
{% set mtu_list = [ctlplane_mtu] %}
{% for network in role_networks %}
{{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }}
{%- endfor %}
{% set min_viable_mtu = mtu_list | max %}
network_config:
- type: ovs_bridge
name: {{ neutron_physical_bridge_name }}
mtu: {{ min_viable_mtu }}
use_dhcp: false
dns_servers: {{ ctlplane_dns_nameservers }}
domain: {{ dns_search_domains }}
addresses:
- ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_subnet_cidr }}
routes: {{ ctlplane_host_routes }}
members:
- type: interface
name: nic1
mtu: {{ min_viable_mtu }}
# force the MAC address of the bridge to this interface
primary: true
{% for network in role_networks %}
- type: vlan
mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }}
vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }}
addresses:
- ip_netmask:
{{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }}
routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }}
{% endfor %}
# These vars are for the network config templates themselves and are
# considered EDPM network defaults.
neutron_physical_bridge_name: br-ex
Expand Down
Loading

0 comments on commit c3d2220

Please sign in to comment.