From 673c766eab7fbfb8671bf803373bb779273a2dba Mon Sep 17 00:00:00 2001 From: Fabricio Aguiar Date: Tue, 5 Mar 2024 14:16:10 +0000 Subject: [PATCH 1/2] Bump kustomize Signed-off-by: Fabricio Aguiar --- .github/workflows/kustom.yaml | 33 +++++++++++++++++++ Makefile | 2 +- config/crd/kustomization.yaml | 25 +++++++------- config/default/kustomization.yaml | 18 ++++++---- .../mutatingwebhookcainjection_patch.yaml | 15 +++++++++ ...> validatingwebhookcainjection_patch.yaml} | 14 -------- config/manifests/kustomization.yaml | 4 ++- config/scorecard/kustomization.yaml | 5 ++- 8 files changed, 81 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/kustom.yaml create mode 100644 config/default/mutatingwebhookcainjection_patch.yaml rename config/default/{webhookcainjection_patch.yaml => validatingwebhookcainjection_patch.yaml} (56%) diff --git a/.github/workflows/kustom.yaml b/.github/workflows/kustom.yaml new file mode 100644 index 000000000..d61abb74d --- /dev/null +++ b/.github/workflows/kustom.yaml @@ -0,0 +1,33 @@ +name: Kustomize Build +on: + workflow_dispatch: + push: + branches: + - main + pull_request: + branches: + - main + paths: + - config/samples/** + - examples/** +jobs: + kustomize: + runs-on: ubuntu-latest + steps: + - name: Install Go + uses: actions/setup-go@v3 + with: + go-version: 1.20.x + - uses: actions/checkout@v4 + with: + # this fetches all branches. Needed because we need gh-pages branch for deploy to work + fetch-depth: 0 + - name: kustomize build + run: | + make kustomize + cd examples + + for d in */ ; do + echo "=============== $d ===============" + ../bin/kustomize build "$d" + done diff --git a/Makefile b/Makefile index 3ec2ce2a8..244d08387 100644 --- a/Makefile +++ b/Makefile @@ -232,7 +232,7 @@ GINKGO ?= $(LOCALBIN)/ginkgo KUTTL ?= $(LOCALBIN)/kubectl-kuttl ## Tool Versions -KUSTOMIZE_VERSION ?= v3.8.7 +KUSTOMIZE_VERSION ?= v5.0.1 CONTROLLER_TOOLS_VERSION ?= v0.11.1 CRD_MARKDOWN_VERSION ?= v0.0.3 KUTTL_VERSION ?= 0.15.0 diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index f292bb167..bcd344393 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -7,25 +7,28 @@ resources: - bases/dataplane.openstack.org_openstackdataplanedeployments.yaml #+kubebuilder:scaffold:crdkustomizeresource -patchesStrategicMerge: +patches: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD -#- patches/webhook_in_openstackdataplanes.yaml -#- patches/webhook_in_openstackdataplaneroles.yaml -#- patches/webhook_in_openstackdataplanenodes.yaml -#- patches/webhook_in_openstackdataplaneservices.yaml -#- patches/webhook_in_openstackdataplanedeployments.yaml +#- path: patches/webhook_in_openstackdataplanes.yaml +#- path: patches/webhook_in_openstackdataplaneroles.yaml +#- path: patches/webhook_in_openstackdataplanenodes.yaml +#- path: patches/webhook_in_openstackdataplaneservices.yaml +#- path: patches/webhook_in_openstackdataplanedeployments.yaml #+kubebuilder:scaffold:crdkustomizewebhookpatch # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD -#- patches/cainjection_in_openstackdataplanes.yaml -#- patches/cainjection_in_openstackdataplaneroles.yaml -#- patches/cainjection_in_openstackdataplanenodes.yaml -#- patches/cainjection_in_openstackdataplaneservices.yaml -#- patches/cainjection_in_openstackdataplanedeployments.yaml +#- path: patches/cainjection_in_openstackdataplanes.yaml +#- path: patches/cainjection_in_openstackdataplaneroles.yaml +#- path: patches/cainjection_in_openstackdataplanenodes.yaml +#- path: patches/cainjection_in_openstackdataplaneservices.yaml +#- path: patches/cainjection_in_openstackdataplanedeployments.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: - kustomizeconfig.yaml + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 2e4ec336d..be8ec2c9a 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -12,7 +12,7 @@ namePrefix: dataplane-operator- #commonLabels: # someName: someValue -bases: +resources: - ../crd - ../rbac - ../manager @@ -24,27 +24,28 @@ bases: # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus -patchesStrategicMerge: +patches: # Protect the /metrics endpoint by putting it behind auth. # If you want your controller-manager to expose the /metrics # endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml +- path: manager_auth_proxy_patch.yaml # Mount the controller config file for loading manager configurations # through a ComponentConfig type -#- manager_config_patch.yaml +#- path: manager_config_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml -- manager_webhook_patch.yaml +- path: manager_webhook_patch.yaml # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. # 'CERTMANAGER' needs to be enabled to use ca injection -- webhookcainjection_patch.yaml +- path: mutatingwebhookcainjection_patch.yaml +- path: validatingwebhookcainjection_patch.yaml # Injects our custom images (ENV variable settings) -- manager_default_images.yaml +- path: manager_default_images.yaml # the following config is for teaching kustomize how to do var substitution vars: @@ -75,3 +76,6 @@ vars: # kind: Service # version: v1 # name: webhook-service + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization diff --git a/config/default/mutatingwebhookcainjection_patch.yaml b/config/default/mutatingwebhookcainjection_patch.yaml new file mode 100644 index 000000000..67ad5f1a1 --- /dev/null +++ b/config/default/mutatingwebhookcainjection_patch.yaml @@ -0,0 +1,15 @@ +# This patch add annotation to admission webhook config and +# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + labels: + app.kubernetes.io/name: mutatingwebhookconfiguration + app.kubernetes.io/instance: mutating-webhook-configuration + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: dataplane-operator + app.kubernetes.io/part-of: dataplane-operator + app.kubernetes.io/managed-by: kustomize + name: mutating-webhook-configuration + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) diff --git a/config/default/webhookcainjection_patch.yaml b/config/default/validatingwebhookcainjection_patch.yaml similarity index 56% rename from config/default/webhookcainjection_patch.yaml rename to config/default/validatingwebhookcainjection_patch.yaml index d2c96df17..5bf61e9eb 100644 --- a/config/default/webhookcainjection_patch.yaml +++ b/config/default/validatingwebhookcainjection_patch.yaml @@ -1,20 +1,6 @@ # This patch add annotation to admission webhook config and # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - labels: - app.kubernetes.io/name: mutatingwebhookconfiguration - app.kubernetes.io/instance: mutating-webhook-configuration - app.kubernetes.io/component: webhook - app.kubernetes.io/created-by: dataplane-operator - app.kubernetes.io/part-of: dataplane-operator - app.kubernetes.io/managed-by: kustomize - name: mutating-webhook-configuration - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) ---- -apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: labels: diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml index 8cb226327..483ac3340 100644 --- a/config/manifests/kustomization.yaml +++ b/config/manifests/kustomization.yaml @@ -9,7 +9,9 @@ resources: # [WEBHOOK] To enable webhooks, uncomment all the sections with [WEBHOOK] prefix. # Do NOT uncomment sections with prefix [CERTMANAGER], as OLM does not support cert-manager. # These patches remove the unnecessary "cert" volume and its manager container volumeMount. -#patchesJson6902: +# apiVersion: kustomize.config.k8s.io/v1beta1 +# kind: Kustomization +# patches: #- target: # group: apps # version: v1 diff --git a/config/scorecard/kustomization.yaml b/config/scorecard/kustomization.yaml index 50cd2d084..4e3c284f6 100644 --- a/config/scorecard/kustomization.yaml +++ b/config/scorecard/kustomization.yaml @@ -1,6 +1,9 @@ resources: - bases/config.yaml -patchesJson6902: + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +patches: - path: patches/basic.config.yaml target: group: scorecard.operatorframework.io From fe9ed9f064447fe0cee144e3da1bdd5f48a7ed3d Mon Sep 17 00:00:00 2001 From: Fabricio Aguiar Date: Tue, 5 Mar 2024 14:24:42 +0000 Subject: [PATCH 2/2] Replace samples with kustomize examples Signed-off-by: Fabricio Aguiar --- ...tackdataplanedeployment_post_ceph_hci.yaml | 16 -- ...stackdataplanedeployment_pre_ceph_hci.yaml | 17 -- ...a1_openstackdataplanedeployment_sriov.yaml | 7 - ...ane_v1beta1_openstackdataplanenodeset.yaml | 5 + ...1beta1_openstackdataplanenodeset_ceph.yaml | 147 ---------------- ...a1_openstackdataplanenodeset_ceph_hci.yaml | 130 -------------- ...nstackdataplanenodeset_customnetworks.yaml | 102 ----------- ...ta1_openstackdataplanenodeset_nmstate.yaml | 126 ------------- ...a1_openstackdataplanenodeset_ovs_dpdk.yaml | 126 ------------- ...beta1_openstackdataplanenodeset_swift.yaml | 143 --------------- config/samples/kustomization.yaml | 4 +- examples/baremetal/kustomization.yaml | 68 +++++++ examples/baremetal/values.yaml | 33 ++++ examples/base/config/nodesetname.yaml | 10 ++ .../crs/openstackdataplanedeployment.yaml | 5 +- .../base/crs/openstackdataplanenodeset.yaml | 60 +++---- examples/base/kustomization.yaml | 11 ++ examples/bgp/kustomization.yaml | 53 ++++++ examples/bgp/values.yaml | 104 +++++++++++ examples/bgp_ovn_cluster/kustomization.yaml | 53 ++++++ examples/bgp_ovn_cluster/values.yaml | 128 ++++++++++++++ examples/ceph/kustomization.yaml | 66 +++++++ examples/ceph/values.yaml | 51 ++++++ examples/customnetworks/kustomization.yaml | 69 ++++++++ examples/customnetworks/values.yaml | 39 ++++ examples/networker/kustomization.yaml | 47 +++++ examples/networker/values.yaml | 60 +++++++ examples/nmstate/kustomization.yaml | 42 +++++ examples/nmstate/values.yaml | 90 ++++++++++ examples/ovs_dpdk/kustomization.yaml | 80 +++++++++ examples/ovs_dpdk/values.yaml | 131 ++++++++++++++ examples/post_ceph_hci/kustomization.yaml | 60 +++++++ examples/post_ceph_hci/values.yaml | 166 ++++++++++++++++++ examples/pre_ceph_hci/kustomization.yaml | 48 +++++ examples/pre_ceph_hci/values.yaml | 150 ++++++++++++++++ examples/preprovisioned/kustomization.yaml | 7 + examples/sriov/kustomization.yaml | 43 +++++ examples/sriov/values.yaml | 24 +++ examples/swift/kustomization.yaml | 57 ++++++ examples/swift/values.yaml | 65 +++++++ 40 files changed, 1793 insertions(+), 850 deletions(-) delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanedeployment_post_ceph_hci.yaml delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanedeployment_pre_ceph_hci.yaml delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanedeployment_sriov.yaml delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanenodeset_ceph.yaml delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanenodeset_ceph_hci.yaml delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanenodeset_customnetworks.yaml delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanenodeset_nmstate.yaml delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanenodeset_ovs_dpdk.yaml delete mode 100644 config/samples/dataplane_v1beta1_openstackdataplanenodeset_swift.yaml create mode 100644 examples/baremetal/kustomization.yaml create mode 100644 examples/baremetal/values.yaml create mode 100644 examples/base/config/nodesetname.yaml rename config/samples/dataplane_v1beta1_openstackdataplanedeployment_ovs_dpdk.yaml => examples/base/crs/openstackdataplanedeployment.yaml (61%) rename config/samples/dataplane_v1beta1_openstackdataplanenodeset_sriov.yaml => examples/base/crs/openstackdataplanenodeset.yaml (74%) create mode 100644 examples/base/kustomization.yaml create mode 100644 examples/bgp/kustomization.yaml create mode 100644 examples/bgp/values.yaml create mode 100644 examples/bgp_ovn_cluster/kustomization.yaml create mode 100644 examples/bgp_ovn_cluster/values.yaml create mode 100644 examples/ceph/kustomization.yaml create mode 100644 examples/ceph/values.yaml create mode 100644 examples/customnetworks/kustomization.yaml create mode 100644 examples/customnetworks/values.yaml create mode 100644 examples/networker/kustomization.yaml create mode 100644 examples/networker/values.yaml create mode 100644 examples/nmstate/kustomization.yaml create mode 100644 examples/nmstate/values.yaml create mode 100644 examples/ovs_dpdk/kustomization.yaml create mode 100644 examples/ovs_dpdk/values.yaml create mode 100644 examples/post_ceph_hci/kustomization.yaml create mode 100644 examples/post_ceph_hci/values.yaml create mode 100644 examples/pre_ceph_hci/kustomization.yaml create mode 100644 examples/pre_ceph_hci/values.yaml create mode 100644 examples/preprovisioned/kustomization.yaml create mode 100644 examples/sriov/kustomization.yaml create mode 100644 examples/sriov/values.yaml create mode 100644 examples/swift/kustomization.yaml create mode 100644 examples/swift/values.yaml diff --git a/config/samples/dataplane_v1beta1_openstackdataplanedeployment_post_ceph_hci.yaml b/config/samples/dataplane_v1beta1_openstackdataplanedeployment_post_ceph_hci.yaml deleted file mode 100644 index a69bd94aa..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanedeployment_post_ceph_hci.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneDeployment -metadata: - name: deployment-post-ceph -spec: - nodeSets: - - openstack-edpm-hci - # Create this deployment after Ceph is deployed - # on EDPM nodes in an HCI scenario. Create a - # nova-custom-ceph service which uses a ConfigMap - # containing libvirt overrides for Ceph RBD. - servicesOverride: - - ceph-client - - ovn - - libvirt - - nova-custom-ceph diff --git a/config/samples/dataplane_v1beta1_openstackdataplanedeployment_pre_ceph_hci.yaml b/config/samples/dataplane_v1beta1_openstackdataplanedeployment_pre_ceph_hci.yaml deleted file mode 100644 index 0b1b02452..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanedeployment_pre_ceph_hci.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneDeployment -metadata: - name: deployment-pre-ceph -spec: - nodeSets: - - openstack-edpm-hci - # Create this deployment before Ceph is deployed - # on EDPM nodes in an HCI scenario. - servicesOverride: - - bootstrap - - configure-network - - validate-network - - install-os - - ceph-hci-pre - - configure-os - - run-os diff --git a/config/samples/dataplane_v1beta1_openstackdataplanedeployment_sriov.yaml b/config/samples/dataplane_v1beta1_openstackdataplanedeployment_sriov.yaml deleted file mode 100644 index c551907e8..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanedeployment_sriov.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneDeployment -metadata: - name: openstack-edpm-sriov -spec: - nodeSets: - - openstack-edpm-sriov diff --git a/config/samples/dataplane_v1beta1_openstackdataplanenodeset.yaml b/config/samples/dataplane_v1beta1_openstackdataplanenodeset.yaml index 19048761f..1ed41fef8 100644 --- a/config/samples/dataplane_v1beta1_openstackdataplanenodeset.yaml +++ b/config/samples/dataplane_v1beta1_openstackdataplanenodeset.yaml @@ -10,6 +10,7 @@ spec: - validate-network - install-os - configure-os + - ssh-known-hosts - run-os - reboot-os - install-certs @@ -41,6 +42,10 @@ spec: ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret ansible: ansibleVars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} diff --git a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ceph.yaml b/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ceph.yaml deleted file mode 100644 index ef5f06639..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ceph.yaml +++ /dev/null @@ -1,147 +0,0 @@ -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneNodeSet -metadata: - name: openstack-edpm-ceph - namespace: openstack -spec: - networkAttachments: - - ctlplane - nodeTemplate: - ansible: - ansiblePort: 22 - ansibleUser: cloud-admin - ansibleVars: - ctlplane_dns_nameservers: - - 192.168.122.1 - dns_search_domains: [] - timesync_ntp_servers: - - hostname: pool.ntp.org - edpm_network_config_hide_sensitive_logs: false - edpm_network_config_template: | - --- - {% set mtu_list = [ctlplane_mtu] %} - {% for network in role_networks %} - {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} - {%- endfor %} - {% set min_viable_mtu = mtu_list | max %} - network_config: - - type: ovs_bridge - name: {{ neutron_physical_bridge_name }} - mtu: {{ min_viable_mtu }} - use_dhcp: false - dns_servers: {{ ctlplane_dns_nameservers }} - domain: {{ dns_search_domains }} - addresses: - - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - routes: {{ ctlplane_host_routes }} - members: - - type: interface - name: nic1 - mtu: {{ min_viable_mtu }} - # force the MAC address of the bridge to this interface - primary: true - {% for network in role_networks %} - - type: vlan - mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} - vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - addresses: - - ip_netmask: - {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} - routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} - {% endfor %} - edpm_nodes_validation_validate_controllers_icmp: false - edpm_nodes_validation_validate_gateway_icmp: false - edpm_selinux_mode: enforcing - edpm_sshd_allowed_ranges: - - 192.168.122.0/24 - edpm_sshd_configure_firewall: true - enable_debug: false - neutron_physical_bridge_name: br-ex - neutron_public_interface_name: eth0 - ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret - # Create a secret called ceph-conf-files with the cephx key and - # ceph.conf file and mount it so the ceph-client service can copy - # those files to the EDPM nodes. - extraMounts: - - extraVolType: Logs - mounts: - - mountPath: /runner/artifacts - name: ansible-logs - volumes: - - name: ansible-logs - persistentVolumeClaim: - claimName: ansible-ee-logs - - extraVolType: Ceph - mounts: - - mountPath: /etc/ceph - name: ceph - readOnly: true - volumes: - - name: ceph - projected: - sources: - - secret: - name: ceph-conf-files - managementNetwork: ctlplane - nodes: - edpm-compute-0: - ansible: - ansibleHost: 192.168.122.100 - hostName: edpm-compute-0 - networks: - - defaultRoute: true - fixedIP: 192.168.122.100 - name: ctlplane - subnetName: subnet1 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - edpm-compute-1: - ansible: - ansibleHost: 192.168.122.101 - hostName: edpm-compute-1 - networks: - - defaultRoute: true - fixedIP: 192.168.122.101 - name: ctlplane - subnetName: subnet1 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - edpm-compute-2: - ansible: - ansibleHost: 192.168.122.102 - hostName: edpm-compute-2 - networks: - - defaultRoute: true - fixedIP: 192.168.122.102 - name: ctlplane - subnetName: subnet1 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - preProvisioned: true - # Create a nova-custom-ceph service which uses a ConfigMap - # containing libvirt overrides for Ceph RBD. - services: - - bootstrap - - configure-network - - validate-network - - install-os - - configure-os - - run-os - - ceph-client - - install-certs - - ovn - - neutron-metadata - - libvirt - - nova-custom-ceph diff --git a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ceph_hci.yaml b/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ceph_hci.yaml deleted file mode 100644 index 52f4cc873..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ceph_hci.yaml +++ /dev/null @@ -1,130 +0,0 @@ -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneNodeSet -metadata: - name: openstack-edpm-hci - namespace: openstack -spec: - networkAttachments: - - ctlplane - nodeTemplate: - ansible: - ansibleVars: - edpm_network_config_hide_sensitive_logs: false - edpm_network_config_template: | - --- - {% set mtu_list = [ctlplane_mtu] %} - {% for network in role_networks %} - {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} - {%- endfor %} - {% set min_viable_mtu = mtu_list | max %} - network_config: - - type: ovs_bridge - name: {{ neutron_physical_bridge_name }} - mtu: {{ min_viable_mtu }} - use_dhcp: false - dns_servers: {{ ctlplane_dns_nameservers }} - domain: {{ dns_search_domains }} - addresses: - - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - routes: {{ ctlplane_host_routes }} - members: - - type: interface - name: nic1 - mtu: {{ min_viable_mtu }} - # force the MAC address of the bridge to this interface - primary: true - {% for network in role_networks %} - - type: vlan - mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} - vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - addresses: - - ip_netmask: - {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} - routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} - {% endfor %} - edpm_nodes_validation_validate_controllers_icmp: false - edpm_nodes_validation_validate_gateway_icmp: false - ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret - # Add an `extraVolType: Ceph` with to mount the ceph-conf-files - # secret, after Ceph is deployed. - extraMounts: - - extraVolType: Logs - mounts: - - mountPath: /runner/artifacts - name: ansible-logs - volumes: - - name: ansible-logs - persistentVolumeClaim: - claimName: ansible-ee-logs - managementNetwork: ctlplane - nodes: - edpm-compute-0: - ansible: - ansibleHost: 192.168.122.100 - hostName: edpm-compute-0 - networks: - - defaultRoute: true - fixedIP: 192.168.122.100 - name: ctlplane - subnetName: subnet1 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: storageMgmt - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - edpm-compute-1: - ansible: - ansibleHost: 192.168.122.101 - hostName: edpm-compute-1 - networks: - - defaultRoute: true - fixedIP: 192.168.122.101 - name: ctlplane - subnetName: subnet1 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: storageMgmt - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - edpm-compute-2: - ansible: - ansibleHost: 192.168.122.102 - hostName: edpm-compute-2 - networks: - - defaultRoute: true - fixedIP: 192.168.122.102 - name: ctlplane - subnetName: subnet1 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: storageMgmt - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - preProvisioned: true - # Each OpenStackDataPlaneDeployment deployment-pre-ceph and - # deployment-post-ceph will override the services list. The - # full service list is defined here only so the non-custom - # services will be defined by the operator. - services: - - bootstrap - - configure-network - - validate-network - - install-os - - ceph-hci-pre - - configure-os - - run-os - - ceph-client - - install-certs - - ovn - - neutron-metadata - - libvirt - - nova-custom-ceph diff --git a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_customnetworks.yaml b/config/samples/dataplane_v1beta1_openstackdataplanenodeset_customnetworks.yaml deleted file mode 100644 index 13548b192..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_customnetworks.yaml +++ /dev/null @@ -1,102 +0,0 @@ ---- -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneNodeSet -metadata: - name: openstack-edpm-custom-network -spec: - preProvisioned: true - services: - - download-cache - - bootstrap - - configure-network - - validate-network - - install-os - - configure-os - - run-os - - reboot-os - - install-certs - - ovn - - neutron-metadata - - libvirt - - nova - - telemetry - nodes: - edpm-compute-0: - hostName: edpm-compute-0 - ansible: - ansibleHost: 192.168.1.5 - networks: - - name: ctlplane - subnetName: subnet1 - defaultRoute: true - fixedIP: 192.168.1.5 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - networkAttachments: - - ctlplane - nodeTemplate: - ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret - managementNetwork: ctlplane - ansible: - ansibleUser: cloud-admin - ansiblePort: 22 - ansibleVars: - # edpm_network_config - # Default nic config template for a EDPM compute node - # These vars are edpm_network_config role vars - edpm_network_config_template: | - --- - {% set mtu_list = [ctlplane_mtu] %} - {% for network in role_networks %} - {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} - {%- endfor %} - {% set min_viable_mtu = mtu_list | max %} - network_config: - - type: ovs_bridge - name: {{ neutron_physical_bridge_name }} - mtu: {{ min_viable_mtu }} - use_dhcp: false - dns_servers: {{ ctlplane_dns_nameservers }} - domain: {{ dns_search_domains }} - addresses: - - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - routes: {{ ctlplane_host_routes }} - members: - - type: interface - name: nic1 - mtu: {{ min_viable_mtu }} - # force the MAC address of the bridge to this interface - primary: true - {% for network in role_networks %} - - type: vlan - mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} - vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - addresses: - - ip_netmask: - {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} - routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} - {% endfor %} - edpm_network_config_hide_sensitive_logs: false - edpm_network_config_update: false - # - # These vars are for the network config templates themselves and are - # considered EDPM network defaults. - neutron_physical_bridge_name: br-ex - neutron_public_interface_name: enp7s0 - # edpm_nodes_validation - edpm_nodes_validation_validate_controllers_icmp: false - edpm_nodes_validation_validate_gateway_icmp: false - ctlplane_dns_nameservers: - - 192.168.1.254 - dns_search_domains: [] - edpm_ovn_dbs: - - 192.168.24.1 - gather_facts: false - enable_debug: false - # edpm firewall, change the allowed CIDR if needed - edpm_sshd_configure_firewall: true - edpm_sshd_allowed_ranges: ['192.168.0.0/24', '172.20.0.0/16'] diff --git a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_nmstate.yaml b/config/samples/dataplane_v1beta1_openstackdataplanenodeset_nmstate.yaml deleted file mode 100644 index 8426fdf4a..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_nmstate.yaml +++ /dev/null @@ -1,126 +0,0 @@ -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneNodeSet -metadata: - name: openstack-edpm -spec: - services: - - bootstrap - - download-cache - - configure-network - - validate-network - - install-os - - configure-os - - run-os - - reboot-os - - install-certs - - ovn - - neutron-metadata - - libvirt - - nova - - telemetry - preProvisioned: true - nodes: - edpm-compute-0: - role: edpm-compute - hostName: edpm-compute-0 - ansible: - ansibleHost: 192.168.122.100 - networks: - - name: ctlplane - subnetName: subnet1 - defaultRoute: true - fixedIP: 192.168.122.100 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - networkAttachments: - - ctlplane - nodeTemplate: - ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret - managementNetwork: ctlplane - ansible: - ansibleUser: cloud-admin - ansiblePort: 22 - ansibleVars: - timesync_ntp_servers: - - hostname: pool.ntp.org - # edpm_network_config - # Default nic config template for a EDPM compute node - # These vars are edpm_network_config role vars - edpm_network_config_hide_sensitive_logs: false - edpm_network_config_template: | - --- - {% set mtu_list = [ctlplane_mtu] %} - {% for network in role_networks %} - {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} - {%- endfor %} - {% set min_viable_mtu = mtu_list | max %} - dns-resolver: - config: - search: {{ dns_search_domains }} - server: {{ ctlplane_dns_nameservers }} - interfaces: - - name: {{ neutron_public_interface_name }} - type: ethernet - state: up - - name: {{ neutron_physical_bridge_name }} - type: ovs-interface - state: up - mtu: {{ min_viable_mtu }} - ipv4: - enabled: true - address: - - ip: {{ ctlplane_ip }} - prefix-length: {{ ctlplane_cidr }} - {% for network in role_networks %} - - name: {{ "vlan" ~ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - type: ovs-interface - state: up - mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} - ipv4: - enabled: true - address: - - ip: {{ lookup('vars', networks_lower[network] ~ '_ip') }} - prefix-length: {{ lookup('vars', networks_lower[network] ~ '_cidr') }} - {% endfor %} - - name: {{ neutron_physical_bridge_name }} - type: ovs-bridge - bridge: - options: - fail-mode: standalone - port: - - name: {{ neutron_public_interface_name }} - - name: {{ neutron_physical_bridge_name }} - {% for network in role_networks %} - - name: {{ "vlan" ~ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - vlan: - mode: access - tag: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - {% endfor %} - routes: - config: - - destination: {{ ctlplane_host_routes.ip_netmask }} - next-hop-address: {{ ctlplane_host_routes.next_hop }} - next-hop-interface: {{ neutron_physical_bridge_name }} - # edpm_network_config - nmstate - edpm_network_config_tool: 'nmstate' - # These vars are for the network config templates themselves and are - # considered EDPM network defaults. - neutron_physical_bridge_name: br-ex - neutron_public_interface_name: eth0 - # edpm_nodes_validation - edpm_nodes_validation_validate_controllers_icmp: false - edpm_nodes_validation_validate_gateway_icmp: false - ctlplane_dns_nameservers: - - 192.168.122.1 - dns_search_domains: [] - gather_facts: false - enable_debug: false - # edpm firewall, change the allowed CIDR if needed - edpm_sshd_configure_firewall: true - edpm_sshd_allowed_ranges: ['192.168.122.0/24'] - # SELinux module - edpm_selinux_mode: enforcing diff --git a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ovs_dpdk.yaml b/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ovs_dpdk.yaml deleted file mode 100644 index 348dc521c..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_ovs_dpdk.yaml +++ /dev/null @@ -1,126 +0,0 @@ -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneNodeSet -metadata: - name: openstack-edpm-ovs-dpdk -spec: - services: - - bootstrap - - download-cache - - reboot-os - - configure-ovs-dpdk - - configure-network - - validate-network - - install-os - - configure-os - - run-os - - ovn - - neutron-metadata - - libvirt - - nova - - telemetry - baremetalSetTemplate: - bmhLabelSelector: - app: openstack - ctlplaneInterface: enp1s0 - cloudUserName: cloud-admin - nodes: - edpm-compute-0: - hostName: edpm-compute-0 - networkAttachments: - - ctlplane - nodeTemplate: - ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret - networks: - - name: ctlplane - subnetName: subnet1 - defaultRoute: true - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - managementNetwork: ctlplane - ansible: - ansiblePort: 22 - ansibleVars: - timesync_ntp_servers: - - hostname: pool.ntp.org - # edpm_network_config - # Default nic config template for a EDPM compute node - # These vars are edpm_network_config role vars - edpm_network_config_hide_sensitive_logs: false - edpm_network_config_template: | - --- - {% set mtu_list = [ctlplane_mtu] %} - {% for network in role_networks %} - {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} - {%- endfor %} - {% set min_viable_mtu = mtu_list | max %} - network_config: - - type: ovs_bridge - name: {{ neutron_physical_bridge_name }} - mtu: {{ min_viable_mtu }} - use_dhcp: false - dns_servers: {{ ctlplane_dns_nameservers }} - domain: {{ dns_search_domains }} - addresses: - - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - routes: {{ ctlplane_host_routes }} - members: - - type: interface - name: nic1 - mtu: {{ min_viable_mtu }} - # force the MAC address of the bridge to this interface - primary: true - {% for network in role_networks if network not in ["external", "tenant"] %} - - type: vlan - mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} - vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - addresses: - - ip_netmask: - {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} - routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} - {% endfor %} - - type: ovs_user_bridge - name: br-link1 - use_dhcp: false - ovs_extra: "set port br-link1 tag={{ lookup('vars', networks_lower['tenant'] ~ '_vlan_id') }}" - addresses: - - ip_netmask: {{ lookup('vars', networks_lower['tenant'] ~ '_ip') }}/{{ lookup('vars', networks_lower['tenant'] ~ '_cidr') }} - - mtu: {{ lookup('vars', networks_lower['tenant'] ~ '_mtu') }} - members: - - type: ovs_dpdk_port - name: dpdk1 - members: - - type: interface - name: nic3 - - type: ovs_user_bridge - name: br-link2 - use_dhcp: false - mtu: 9000 - members: - - type: ovs_dpdk_port - name: dpdk2 - members: - - type: interface - name: nic4 - - neutron_physical_bridge_name: br-ex - # edpm_nodes_validation - edpm_nodes_validation_validate_controllers_icmp: false - edpm_nodes_validation_validate_gateway_icmp: false - # edpm nfv ovs dpdk config - edpm_kernel_args: "default_hugepagesz=1GB hugepagesz=1G hugepages=64 iommu=pt intel_iommu=on tsx=off isolcpus=2-11,14-23" - edpm_tuned_profile: "cpu-partitioning" - edpm_nova_libvirt_qemu_group: "hugetlbfs" - edpm_tuned_isolated_cores: "2-11,14-23" - edpm_ovs_dpdk_pmd_core_list: "1,13,2,14,3,15" - edpm_ovs_dpdk_socket_memory: "4096" - edpm_ovs_dpdk_memory_channels: "4" - edpm_ovs_dpdk_vhost_postcopy_support: "true" - edpm_ovn_bridge_mappings: ['dpdk2:br-link2','dpdk1:br-link1'] - gather_facts: false - enable_debug: false - edpm_sshd_allowed_ranges: ['192.168.122.0/24'] diff --git a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_swift.yaml b/config/samples/dataplane_v1beta1_openstackdataplanenodeset_swift.yaml deleted file mode 100644 index 7a65d5654..000000000 --- a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_swift.yaml +++ /dev/null @@ -1,143 +0,0 @@ -apiVersion: dataplane.openstack.org/v1beta1 -kind: OpenStackDataPlaneNodeSet -metadata: - name: openstack-edpm - namespace: openstack -spec: - networkAttachments: - - ctlplane - - storage - nodeTemplate: - ansible: - ansiblePort: 22 - ansibleUser: cloud-admin - ansibleVars: - # Swift disks defined here apply to all nodes. Node-specific disks - # might be defined in the nodes: section below - # - # weight, region and zone are not used in the playbook, but - # in swift-operator itself to determine Swift ring values. weight - # should be usually set to the GiB of the disk; region and - # zone are optional and might be used to enforce distribution of - # replicas - edpm_swift_disks: - - device: /dev/vdb - path: /srv/node/vdb - weight: 4000 - region: 0 - zone: 0 - ctlplane_dns_nameservers: - - 192.168.122.1 - ctlplane_gateway_ip: 192.168.122.1 - ctlplane_host_routes: - - ip_netmask: 0.0.0.0/0 - next_hop: 192.168.122.1 - ctlplane_mtu: 1500 - ctlplane_cidr: 24 - dns_search_domains: [] - timesync_ntp_servers: - - hostname: pool.ntp.org - edpm_network_config_hide_sensitive_logs: false - edpm_network_config_template: | - --- - {% set mtu_list = [ctlplane_mtu] %} - {% for network in role_networks %} - {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} - {%- endfor %} - {% set min_viable_mtu = mtu_list | max %} - network_config: - - type: ovs_bridge - name: {{ neutron_physical_bridge_name }} - mtu: {{ min_viable_mtu }} - use_dhcp: false - dns_servers: {{ ctlplane_dns_nameservers }} - domain: {{ dns_search_domains }} - addresses: - - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - routes: {{ ctlplane_host_routes }} - members: - - type: interface - name: nic1 - mtu: {{ min_viable_mtu }} - # force the MAC address of the bridge to this interface - primary: true - {% for network in role_networks %} - - type: vlan - mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} - vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - addresses: - - ip_netmask: - {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} - routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} - {% endfor %} - edpm_nodes_validation_validate_controllers_icmp: false - edpm_nodes_validation_validate_gateway_icmp: false - edpm_selinux_mode: enforcing - edpm_sshd_allowed_ranges: - - 192.168.122.0/24 - edpm_sshd_configure_firewall: true - enable_debug: false - external_cidr: "24" - external_host_routes: [] - external_mtu: 1500 - external_vlan_id: 44 - gather_facts: false - internalapi_cidr: "24" - internalapi_host_routes: [] - internalapi_mtu: 1500 - internalapi_vlan_id: 20 - networks_lower: - external: external - internalapi: internalapi - storage: storage - tenant: tenant - neutron_physical_bridge_name: br-ex - neutron_public_interface_name: eth0 - role_networks: - - internalapi - - storage - - tenant - storage_cidr: "24" - storage_host_routes: [] - storage_vlan_id: 21 - storage_mtu: 9000 - tenant_cidr: "24" - tenant_host_routes: [] - tenant_mtu: 1500 - tenant_vlan_id: 22 - ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret - managementNetwork: ctlplane - nodes: - edpm-swift-0: - ansible: - ansibleHost: 192.168.122.100 - ansibleVars: - # Same options as above for all nodes, this time for an individual - # node with an extra disk. With this template, the node will use both - # vdb and vdc - edpm_swift_disks: - - device: /dev/vdc - path: /srv/node/vdc - weight: 1000 - hostName: edpm-swift-0 - networks: - - defaultRoute: true - fixedIP: 192.168.122.100 - name: ctlplane - subnetName: subnet1 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: tenant - subnetName: subnet1 - preProvisioned: true - services: - - bootstrap - - configure-network - - validate-network - - install-os - - configure-os - - run-os - - install-certs - - swift diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index 5833b432c..681efd0b3 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -1,8 +1,6 @@ ## Append samples you want in your CSV to this file as resources ## resources: - - dataplane_v1beta1_openstackdataplanenodeset_baremetal_with_ipam.yaml - - dataplane_v1beta1_openstackdataplanenodeset_ceph.yaml - - dataplane_v1beta1_openstackdataplanenodeset_customnetworks.yaml + - dataplane_v1beta1_openstackdataplanenodeset.yaml - dataplane_v1beta1_openstackdataplaneservice.yaml - dataplane_v1beta1_openstackdataplanedeployment.yaml #+kubebuilder:scaffold:manifestskustomizesamples diff --git a/examples/baremetal/kustomization.yaml b/examples/baremetal/kustomization.yaml new file mode 100644 index 000000000..bf3657fd2 --- /dev/null +++ b/examples/baremetal/kustomization.yaml @@ -0,0 +1,68 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack +nameSuffix: -ipam + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars.edpm_sshd_allowed_ranges + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_sshd_allowed_ranges + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.baremetalsettemplate + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.baremetalSetTemplate + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.preProvisioned + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.preProvisioned + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.networks + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.networks + options: + create: true + +patches: +- target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: remove + path: /spec/nodes/edpm-compute-0/ansible + - op: remove + path: /spec/nodes/edpm-compute-0/networks diff --git a/examples/baremetal/values.yaml b/examples/baremetal/values.yaml new file mode 100644 index 000000000..8529fd7a8 --- /dev/null +++ b/examples/baremetal/values.yaml @@ -0,0 +1,33 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + preProvisioned: false + nodeset: + baremetalsettemplate: + bmhLabelSelector: + app: openstack + ctlplaneInterface: enp1s0 + cloudUserName: cloud-admin + nodetemplate: + ansible: + vars: + # edpm firewall, change the allowed CIDR if needed + edpm_sshd_allowed_ranges: ['192.168.111.0/24'] + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + nodes: + edpm-compute-0: + hostName: edpm-compute-0 diff --git a/examples/base/config/nodesetname.yaml b/examples/base/config/nodesetname.yaml new file mode 100644 index 000000000..317abd17c --- /dev/null +++ b/examples/base/config/nodesetname.yaml @@ -0,0 +1,10 @@ +# This file is for teaching kustomize how to substitute OpenStackDataPlaneNodeSet name reference in OpenStackDataPlaneDeployment +nameReference: +- kind: OpenStackDataPlaneNodeSet + version: v1beta1 + group: dataplane.openstack.org + fieldSpecs: + - kind: OpenStackDataPlaneDeployment + version: v1beta1 + group: dataplane.openstack.org + path: spec/nodeSets diff --git a/config/samples/dataplane_v1beta1_openstackdataplanedeployment_ovs_dpdk.yaml b/examples/base/crs/openstackdataplanedeployment.yaml similarity index 61% rename from config/samples/dataplane_v1beta1_openstackdataplanedeployment_ovs_dpdk.yaml rename to examples/base/crs/openstackdataplanedeployment.yaml index 7920b8b32..dab08661e 100644 --- a/config/samples/dataplane_v1beta1_openstackdataplanedeployment_ovs_dpdk.yaml +++ b/examples/base/crs/openstackdataplanedeployment.yaml @@ -1,7 +1,8 @@ apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneDeployment metadata: - name: openstack-edpm-ovs-dpdk + name: edpm-deployment + namespace: openstack spec: nodeSets: - - openstack-edpm-ovs-dpdk + - openstack-edpm diff --git a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_sriov.yaml b/examples/base/crs/openstackdataplanenodeset.yaml similarity index 74% rename from config/samples/dataplane_v1beta1_openstackdataplanenodeset_sriov.yaml rename to examples/base/crs/openstackdataplanenodeset.yaml index 3a807b9c5..da417c850 100644 --- a/config/samples/dataplane_v1beta1_openstackdataplanenodeset_sriov.yaml +++ b/examples/base/crs/openstackdataplanenodeset.yaml @@ -1,8 +1,11 @@ apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: - name: openstack-edpm-sriov + name: openstack-edpm spec: + env: + - name: ANSIBLE_FORCE_COLOR + value: "True" services: - bootstrap - download-cache @@ -10,44 +13,42 @@ spec: - validate-network - install-os - configure-os + - ssh-known-hosts - run-os - reboot-os - install-certs - - neutron-sriov + - ovn + - neutron-metadata - libvirt - nova + - telemetry preProvisioned: true - nodes: - edpm-compute-0: - hostName: edpm-compute-0 - ansible: - ansibleHost: 192.168.122.100 - networks: - - name: ctlplane - subnetName: subnet1 - defaultRoute: true - fixedIP: 192.168.122.100 - - name: internalapi - subnetName: subnet1 - - name: storage - subnetName: subnet1 - - name: tenant - subnetName: subnet1 networkAttachments: - - ctlplane + - ctlplane + nodes: + edpm-compute-0: + hostName: edpm-compute-0 + ansible: + ansibleHost: 192.168.122.100 + networks: + - name: ctlplane + subnetName: subnet1 + defaultRoute: true + fixedIP: 192.168.122.100 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 nodeTemplate: ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret - managementNetwork: ctlplane ansible: - ansibleUser: cloud-admin - ansiblePort: 22 ansibleVars: - timesync_ntp_servers: - - hostname: pool.ntp.org - # edpm_network_config - # Default nic config template for a EDPM compute node - # These vars are edpm_network_config role vars - edpm_network_config_hide_sensitive_logs: false + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} @@ -94,7 +95,4 @@ spec: gather_facts: false enable_debug: false # edpm firewall, change the allowed CIDR if needed - edpm_sshd_configure_firewall: true edpm_sshd_allowed_ranges: ['192.168.122.0/24'] - # SELinux module - edpm_selinux_mode: enforcing diff --git a/examples/base/kustomization.yaml b/examples/base/kustomization.yaml new file mode 100644 index 000000000..564293f80 --- /dev/null +++ b/examples/base/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: +- crs/openstackdataplanenodeset.yaml +- crs/openstackdataplanedeployment.yaml + +namespace: openstack + +configurations: +- config/nodesetname.yaml diff --git a/examples/bgp/kustomization.yaml b/examples/bgp/kustomization.yaml new file mode 100644 index 000000000..66cdabbf8 --- /dev/null +++ b/examples/bgp/kustomization.yaml @@ -0,0 +1,53 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.services + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.services + options: + create: true + +patches: +- target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: copy + from: /spec/nodes/edpm-compute-0 + path: /spec/nodes/edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/ansible/ansibleHost + value: 192.168.122.101 + - op: replace + path: /spec/nodes/edpm-compute-1/hostName + value: edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/networks/0/fixedIP + value: 192.168.122.101 diff --git a/examples/bgp/values.yaml b/examples/bgp/values.yaml new file mode 100644 index 000000000..fb5439e1b --- /dev/null +++ b/examples/bgp/values.yaml @@ -0,0 +1,104 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + nodetemplate: + ansible: + vars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + timesync_ntp_servers: + - hostname: pool.ntp.org + # edpm_network_config + # Default nic config template for a EDPM compute node + # These vars are edpm_network_config role vars + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in role_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: interface + name: nic1 + mtu: {{ ctlplane_mtu }} + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + use_dhcp: false + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + {% for network in role_networks %} + {% if lookup('vars', networks_lower[network] ~ '_vlan_id', default='') %} + - type: vlan + device: nic1 + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: + {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endif %} + {%- endfor %} + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + use_dhcp: false + - type: interface + name: nic2 + use_dhcp: false + addresses: + - ip_netmask: {{ lookup('vars', 'bgpnet1_ip') }}/30 + - type: interface + name: nic3 + use_dhcp: false + addresses: + - ip_netmask: {{ lookup('vars', 'bgpnet2_ip') }}/30 + - type: interface + name: lo + addresses: + - ip_netmask: {{ lookup('vars', 'bgpmainnet_ip') }}/32 + - ip_netmask: {{ lookup('vars', 'bgpmainnet6_ip') }}/128 + + # These vars are for the network config templates themselves and are + # considered EDPM network defaults. + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth0 + # edpm_nodes_validation + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + ctlplane_dns_nameservers: + - 192.168.122.1 + dns_search_domains: [] + # edpm firewall, change the allowed CIDR if needed + edpm_sshd_allowed_ranges: ['192.168.122.0/24'] + edpm_frr_bgp_uplinks: ['nic2', 'nic3'] + edpm_frr_bgp_neighbor_password: f00barZ + edpm_frr_bgp_ipv4_src_network: bgpmainnet + edpm_frr_bgp_ipv6_src_network: bgpmainnet6 + edpm_ovn_bgp_agent_expose_tenant_networks: true + services: + - download-cache + - bootstrap + - configure-network + - validate-network + - frr + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - ovn-bgp-agent + - libvirt + - nova + - telemetry diff --git a/examples/bgp_ovn_cluster/kustomization.yaml b/examples/bgp_ovn_cluster/kustomization.yaml new file mode 100644 index 000000000..66cdabbf8 --- /dev/null +++ b/examples/bgp_ovn_cluster/kustomization.yaml @@ -0,0 +1,53 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.services + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.services + options: + create: true + +patches: +- target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: copy + from: /spec/nodes/edpm-compute-0 + path: /spec/nodes/edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/ansible/ansibleHost + value: 192.168.122.101 + - op: replace + path: /spec/nodes/edpm-compute-1/hostName + value: edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/networks/0/fixedIP + value: 192.168.122.101 diff --git a/examples/bgp_ovn_cluster/values.yaml b/examples/bgp_ovn_cluster/values.yaml new file mode 100644 index 000000000..1e89f9aad --- /dev/null +++ b/examples/bgp_ovn_cluster/values.yaml @@ -0,0 +1,128 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + nodetemplate: + ansible: + vars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + timesync_ntp_servers: + - hostname: pool.ntp.org + # edpm_network_config + # Default nic config template for a EDPM compute node + # These vars are edpm_network_config role vars + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in role_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: interface + name: nic1 + mtu: {{ ctlplane_mtu }} + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + use_dhcp: false + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + {% for network in role_networks %} + {% if lookup('vars', networks_lower[network] ~ '_vlan_id', default='') %} + - type: vlan + device: nic1 + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: + {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endif %} + {%- endfor %} + - type: ovs_bridge + name: br-provider + use_dhcp: false + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + mtu: {{ min_viable_mtu }} + use_dhcp: false + addresses: + - ip_netmask: {{ lookup('vars', 'bgpnet1_ip') }}/30 + members: + - type: interface + name: nic2 + mtu: {{ min_viable_mtu }} + # force the MAC address of the bridge to this interface + primary: true + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }}-2 + mtu: {{ min_viable_mtu }} + use_dhcp: false + addresses: + - ip_netmask: {{ lookup('vars', 'bgpnet2_ip') }}/30 + members: + - type: interface + name: nic3 + mtu: {{ min_viable_mtu }} + # force the MAC address of the bridge to this interface + primary: true + - type: interface + name: lo + addresses: + - ip_netmask: {{ lookup('vars', 'bgpmainnet_ip') }}/32 + - ip_netmask: {{ lookup('vars', 'bgpmainnet6_ip') }}/128 + + # These vars are for the network config templates themselves and are + # considered EDPM network defaults. + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth0 + # edpm_nodes_validation + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + ctlplane_dns_nameservers: + - 192.168.122.1 + dns_search_domains: [] + gather_facts: false + enable_debug: false + # edpm firewall, change the allowed CIDR if needed + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: ['192.168.122.0/24'] + edpm_frr_bgp_uplinks: ['nic2', 'nic3'] + edpm_frr_bgp_neighbor_password: f00barZ + edpm_frr_bgp_ipv4_src_network: bgpmainnet + edpm_frr_bgp_ipv6_src_network: bgpmainnet6 + edpm_frr_bgp_peers: ['100.64.1.5', '100.65.1.5'] + edpm_ovn_bgp_agent_expose_tenant_networks: true + edpm_ovn_bgp_agent_local_ovn_routing: true + edpm_ovn_bridge_mappings: ['bgp:br-provider'] + edpm_ovn_bgp_agent_local_ovn_external_nics: ['eth1', 'eth2'] + edpm_ovn_bgp_agent_local_ovn_peer_ips: ['100.64.1.5', '100.65.1.5'] + edpm_ovn_bgp_agent_exposing_method: ovn + edpm_ovn_bgp_agent_provider_networks_pool_prefixes: '172.16.0.0/16' + services: + - download-cache + - bootstrap + - configure-network + - validate-network + - frr + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - ovn-bgp-agent + - libvirt + - nova + - telemetry diff --git a/examples/ceph/kustomization.yaml b/examples/ceph/kustomization.yaml new file mode 100644 index 000000000..c154e6c7e --- /dev/null +++ b/examples/ceph/kustomization.yaml @@ -0,0 +1,66 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack +nameSuffix: -ceph + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.services + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.services + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodetemplate.extramounts + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.extraMounts + options: + create: true + +patches: +- target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: copy + from: /spec/nodes/edpm-compute-0 + path: /spec/nodes/edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/ansible/ansibleHost + value: 192.168.122.101 + - op: replace + path: /spec/nodes/edpm-compute-1/hostName + value: edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/networks/0/fixedIP + value: 192.168.122.101 + - op: copy + from: /spec/nodes/edpm-compute-0 + path: /spec/nodes/edpm-compute-2 + - op: replace + path: /spec/nodes/edpm-compute-2/ansible/ansibleHost + value: 192.168.122.102 + - op: replace + path: /spec/nodes/edpm-compute-2/hostName + value: edpm-compute-2 + - op: replace + path: /spec/nodes/edpm-compute-2/networks/0/fixedIP + value: 192.168.122.102 diff --git a/examples/ceph/values.yaml b/examples/ceph/values.yaml new file mode 100644 index 000000000..2d42ba019 --- /dev/null +++ b/examples/ceph/values.yaml @@ -0,0 +1,51 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + # Create a nova-custom-ceph service which uses a ConfigMap + # containing libvirt overrides for Ceph RBD. + services: + - bootstrap + - download-cache + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - ceph-client + - install-certs + - ovn + - neutron-metadata + - libvirt + - nova-custom-ceph + nodetemplate: + # Create a secret called ceph-conf-files with the cephx key and + # ceph.conf file and mount it so the ceph-client service can copy + # those files to the EDPM nodes. + extramounts: + - extraVolType: Logs + mounts: + - mountPath: /runner/artifacts + name: ansible-logs + volumes: + - name: ansible-logs + persistentVolumeClaim: + claimName: ansible-ee-logs + - extraVolType: Ceph + mounts: + - mountPath: /etc/ceph + name: ceph + readOnly: true + volumes: + - name: ceph + projected: + sources: + - secret: + name: ceph-conf-files diff --git a/examples/customnetworks/kustomization.yaml b/examples/customnetworks/kustomization.yaml new file mode 100644 index 000000000..e18e6a55b --- /dev/null +++ b/examples/customnetworks/kustomization.yaml @@ -0,0 +1,69 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack +nameSuffix: -custom-network + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars.neutron_public_interface_name + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.neutron_public_interface_name + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars.ctlplane_dns_nameservers + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.ctlplane_dns_nameservers + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars.edpm_ovn_dbs + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_ovn_dbs + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars.edpm_sshd_allowed_ranges + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_sshd_allowed_ranges + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodes + options: + create: true diff --git a/examples/customnetworks/values.yaml b/examples/customnetworks/values.yaml new file mode 100644 index 000000000..36d656dd1 --- /dev/null +++ b/examples/customnetworks/values.yaml @@ -0,0 +1,39 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + nodetemplate: + ansible: + vars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + + neutron_public_interface_name: enp7s0 + ctlplane_dns_nameservers: + - 192.168.1.254 + edpm_ovn_dbs: + - 192.168.24.1 + edpm_sshd_allowed_ranges: ['192.168.0.0/24', '172.20.0.0/16'] + nodes: + edpm-compute-0: + hostName: edpm-compute-0 + ansible: + ansibleHost: 192.168.1.5 + networks: + - name: ctlplane + subnetName: subnet1 + defaultRoute: true + fixedIP: 192.168.1.5 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 diff --git a/examples/networker/kustomization.yaml b/examples/networker/kustomization.yaml new file mode 100644 index 000000000..d02dbce7c --- /dev/null +++ b/examples/networker/kustomization.yaml @@ -0,0 +1,47 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack +nameSuffix: -networker + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars.edpm_enable_chassis_gw + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_enable_chassis_gw + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.services + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.services + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodes + options: + create: true diff --git a/examples/networker/values.yaml b/examples/networker/values.yaml new file mode 100644 index 000000000..f83713705 --- /dev/null +++ b/examples/networker/values.yaml @@ -0,0 +1,60 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + nodetemplate: + ansible: + vars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + edpm_enable_chassis_gw: true + nodes: + edpm-networker-0: + hostName: edpm-networker-0 + ansible: + ansibleHost: 192.168.122.100 + networks: + - name: ctlplane + subnetName: subnet1 + defaultRoute: true + fixedIP: 192.168.122.100 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + edpm-networker-1: + hostName: edpm-networker-1 + ansible: + ansibleHost: 192.168.122.101 + networks: + - name: ctlplane + subnetName: subnet1 + defaultRoute: true + fixedIP: 192.168.122.101 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + services: + - download-cache + - bootstrap + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn diff --git a/examples/nmstate/kustomization.yaml b/examples/nmstate/kustomization.yaml new file mode 100644 index 000000000..993e22faa --- /dev/null +++ b/examples/nmstate/kustomization.yaml @@ -0,0 +1,42 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars + options: + create: true + +patches: +- target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: copy + from: /spec/nodes/edpm-compute-0 + path: /spec/nodes/edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/ansible/ansibleHost + value: 192.168.122.101 + - op: replace + path: /spec/nodes/edpm-compute-1/hostName + value: edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/networks/0/fixedIP + value: 192.168.122.101 diff --git a/examples/nmstate/values.yaml b/examples/nmstate/values.yaml new file mode 100644 index 000000000..743deb30e --- /dev/null +++ b/examples/nmstate/values.yaml @@ -0,0 +1,90 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + nodetemplate: + ansible: + vars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in role_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + dns-resolver: + config: + search: {{ dns_search_domains }} + server: {{ ctlplane_dns_nameservers }} + interfaces: + - name: {{ neutron_public_interface_name }} + type: ethernet + state: up + - name: {{ neutron_physical_bridge_name }} + type: ovs-interface + state: up + mtu: {{ min_viable_mtu }} + ipv4: + enabled: true + address: + - ip: {{ ctlplane_ip }} + prefix-length: {{ ctlplane_cidr }} + {% for network in role_networks %} + - name: {{ "vlan" ~ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + type: ovs-interface + state: up + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + ipv4: + enabled: true + address: + - ip: {{ lookup('vars', networks_lower[network] ~ '_ip') }} + prefix-length: {{ lookup('vars', networks_lower[network] ~ '_cidr') }} + {% endfor %} + - name: {{ neutron_physical_bridge_name }} + type: ovs-bridge + bridge: + options: + fail-mode: standalone + port: + - name: {{ neutron_public_interface_name }} + - name: {{ neutron_physical_bridge_name }} + {% for network in role_networks %} + - name: {{ "vlan" ~ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + vlan: + mode: access + tag: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + {% endfor %} + routes: + config: + - destination: {{ ctlplane_host_routes.ip_netmask }} + next-hop-address: {{ ctlplane_host_routes.next_hop }} + next-hop-interface: {{ neutron_physical_bridge_name }} + # edpm_network_config - nmstate + edpm_network_config_tool: 'nmstate' + # These vars are for the network config templates themselves and are + # considered EDPM network defaults. + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth0 + # edpm_nodes_validation + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + ctlplane_dns_nameservers: + - 192.168.122.1 + dns_search_domains: [] + gather_facts: false + enable_debug: false + # edpm firewall, change the allowed CIDR if needed + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: ['192.168.122.0/24'] + # SELinux module + edpm_selinux_mode: enforcing diff --git a/examples/ovs_dpdk/kustomization.yaml b/examples/ovs_dpdk/kustomization.yaml new file mode 100644 index 000000000..72aea2d1c --- /dev/null +++ b/examples/ovs_dpdk/kustomization.yaml @@ -0,0 +1,80 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack +nameSuffix: -ovs-dpdk + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.services + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.services + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodes + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.baremetalsettemplate + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.baremetalSetTemplate + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.preProvisioned + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.preProvisioned + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.networks + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.networks + options: + create: true diff --git a/examples/ovs_dpdk/values.yaml b/examples/ovs_dpdk/values.yaml new file mode 100644 index 000000000..fe118d2b6 --- /dev/null +++ b/examples/ovs_dpdk/values.yaml @@ -0,0 +1,131 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + preProvisioned: false + nodeset: + baremetalsettemplate: + bmhLabelSelector: + app: openstack + ctlplaneInterface: enp1s0 + cloudUserName: cloud-admin + nodetemplate: + ansible: + vars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in role_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + mtu: {{ min_viable_mtu }} + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: {{ ctlplane_host_routes }} + members: + - type: interface + name: nic1 + mtu: {{ min_viable_mtu }} + # force the MAC address of the bridge to this interface + primary: true + {% for network in role_networks if network not in ["external", "tenant"] %} + - type: vlan + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: + {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endfor %} + - type: ovs_user_bridge + name: br-link1 + use_dhcp: false + ovs_extra: "set port br-link1 tag={{ lookup('vars', networks_lower['tenant'] ~ '_vlan_id') }}" + addresses: + - ip_netmask: {{ lookup('vars', networks_lower['tenant'] ~ '_ip') }}/{{ lookup('vars', networks_lower['tenant'] ~ '_cidr') }} + + mtu: {{ lookup('vars', networks_lower['tenant'] ~ '_mtu') }} + members: + - type: ovs_dpdk_port + name: dpdk1 + members: + - type: interface + name: nic3 + - type: ovs_user_bridge + name: br-link2 + use_dhcp: false + mtu: 9000 + members: + - type: ovs_dpdk_port + name: dpdk2 + members: + - type: interface + name: nic4 + + neutron_physical_bridge_name: br-ex + # edpm_nodes_validation + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + # edpm nfv ovs dpdk config + edpm_kernel_args: "default_hugepagesz=1GB hugepagesz=1G hugepages=64 iommu=pt intel_iommu=on tsx=off isolcpus=2-11,14-23" + edpm_tuned_profile: "cpu-partitioning" + edpm_nova_libvirt_qemu_group: "hugetlbfs" + edpm_tuned_isolated_cores: "2-11,14-23" + edpm_ovs_dpdk_pmd_core_list: "1,13,2,14,3,15" + edpm_ovs_dpdk_socket_memory: "4096" + edpm_ovs_dpdk_memory_channels: "4" + edpm_ovs_dpdk_vhost_postcopy_support: "true" + edpm_ovn_bridge_mappings: ['dpdk2:br-link2','dpdk1:br-link1'] + gather_facts: false + enable_debug: false + edpm_sshd_allowed_ranges: ['192.168.122.0/24'] + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + - name: storagemgmt + subnetName: subnet1 + nodes: + edpm-compute-0: + hostName: edpm-compute-0 + edpm-compute-1: + hostName: edpm-compute-1 + services: + - bootstrap + - download-cache + - reboot-os + - configure-ovs-dpdk + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - install-certs + - ovn + - neutron-metadata + - libvirt + - nova + - telemetry diff --git a/examples/post_ceph_hci/kustomization.yaml b/examples/post_ceph_hci/kustomization.yaml new file mode 100644 index 000000000..a9d08da0a --- /dev/null +++ b/examples/post_ceph_hci/kustomization.yaml @@ -0,0 +1,60 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack + +nameSuffix: -ceph + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodes + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.extramounts + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.extraMounts + options: + create: true +# OpenStackDataPlaneDeployment customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.deployment.services + targets: + - select: + kind: OpenStackDataPlaneDeployment + fieldPaths: + - spec.servicesOverride + options: + create: true diff --git a/examples/post_ceph_hci/values.yaml b/examples/post_ceph_hci/values.yaml new file mode 100644 index 000000000..13d6b6580 --- /dev/null +++ b/examples/post_ceph_hci/values.yaml @@ -0,0 +1,166 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + nodetemplate: + ansible: + vars: + timesync_ntp_servers: + - hostname: clock.redhat.com + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + edpm_iscsid_image: '{{ registry_url }}/openstack-iscsid:{{ image_tag }}' + edpm_logrotate_crond_image: '{{ registry_url }}/openstack-cron:{{ image_tag }}' + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + edpm-compute: + nic2: enp7s0 + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in role_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + mtu: {{ min_viable_mtu }} + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: {{ ctlplane_host_routes }} + members: + - type: interface + name: nic2 + mtu: {{ min_viable_mtu }} + # force the MAC address of the bridge to this interface + primary: true + {% for network in role_networks %} + - type: vlan + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: + {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endfor %} + edpm_neutron_metadata_agent_image: '{{ registry_url }}/openstack-neutron-metadata-agent-ovn:{{ image_tag }}' + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + edpm_nova_compute_container_image: '{{ registry_url }}/openstack-nova-compute:{{ image_tag }}' + edpm_nova_libvirt_container_image: '{{ registry_url }}/openstack-nova-libvirt:{{ image_tag }}' + edpm_ovn_controller_agent_image: '{{ registry_url }}/openstack-ovn-controller:{{ image_tag }}' + edpm_selinux_mode: enforcing + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + edpm_sshd_configure_firewall: true + enable_debug: false + gather_facts: false + image_tag: current-podified + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth0 + registry_url: quay.io/podified-antelope-centos9 + service_net_map: + nova_api_network: internalapi + nova_libvirt_network: internalapi + edpm_ceph_hci_pre_enabled_services: + - ceph_mon + - ceph_mgr + - ceph_osd + - ceph_rgw + - ceph_nfs + - ceph_rgw_frontend + - ceph_nfs_frontend + storage_mtu: 9000 + storage_mgmt_mtu: 9000 + storage_mgmt_vlan_id: 23 + storage_mgmt_cidr: "24" + storage_mgmt_host_routes: [] + extramounts: + - extraVolType: Logs + mounts: + - mountPath: /runner/artifacts + name: ansible-logs + volumes: + - name: ansible-logs + persistentVolumeClaim: + claimName: ansible-ee-logs + - extraVolType: Ceph + mounts: + - mountPath: /etc/ceph + name: ceph + readOnly: true + volumes: + - name: ceph + projected: + sources: + - secret: + name: ceph-conf-files + nodes: + edpm-compute-0: + ansible: + ansibleHost: 192.168.122.100 + hostName: edpm-compute-0 + networks: + - defaultRoute: true + fixedIP: 192.168.122.100 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: storagemgmt + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + edpm-compute-1: + ansible: + ansibleHost: 192.168.122.101 + hostName: edpm-compute-1 + networks: + - defaultRoute: true + fixedIP: 192.168.122.101 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: storagemgmt + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + edpm-compute-2: + ansible: + ansibleHost: 192.168.122.102 + hostName: edpm-compute-2 + networks: + - defaultRoute: true + fixedIP: 192.168.122.102 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: storagemgmt + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + deployment: + services: + - ceph-client + - ovn + - libvirt + - nova-custom-ceph diff --git a/examples/pre_ceph_hci/kustomization.yaml b/examples/pre_ceph_hci/kustomization.yaml new file mode 100644 index 000000000..3bcbcd63d --- /dev/null +++ b/examples/pre_ceph_hci/kustomization.yaml @@ -0,0 +1,48 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack + +nameSuffix: -ceph + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodes + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.deployment.services + targets: + - select: + kind: OpenStackDataPlaneDeployment + fieldPaths: + - spec.servicesOverride + options: + create: true diff --git a/examples/pre_ceph_hci/values.yaml b/examples/pre_ceph_hci/values.yaml new file mode 100644 index 000000000..8ca589c39 --- /dev/null +++ b/examples/pre_ceph_hci/values.yaml @@ -0,0 +1,150 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + nodetemplate: + ansible: + vars: + timesync_ntp_servers: + - hostname: clock.redhat.com + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + edpm_iscsid_image: '{{ registry_url }}/openstack-iscsid:{{ image_tag }}' + edpm_logrotate_crond_image: '{{ registry_url }}/openstack-cron:{{ image_tag }}' + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + edpm-compute: + nic2: enp7s0 + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in role_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + mtu: {{ min_viable_mtu }} + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: {{ ctlplane_host_routes }} + members: + - type: interface + name: nic2 + mtu: {{ min_viable_mtu }} + # force the MAC address of the bridge to this interface + primary: true + {% for network in role_networks %} + - type: vlan + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: + {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endfor %} + edpm_neutron_metadata_agent_image: '{{ registry_url }}/openstack-neutron-metadata-agent-ovn:{{ image_tag }}' + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + edpm_nova_compute_container_image: '{{ registry_url }}/openstack-nova-compute:{{ image_tag }}' + edpm_nova_libvirt_container_image: '{{ registry_url }}/openstack-nova-libvirt:{{ image_tag }}' + edpm_ovn_controller_agent_image: '{{ registry_url }}/openstack-ovn-controller:{{ image_tag }}' + edpm_selinux_mode: enforcing + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + edpm_sshd_configure_firewall: true + enable_debug: false + gather_facts: false + image_tag: current-podified + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth0 + registry_url: quay.io/podified-antelope-centos9 + service_net_map: + nova_api_network: internalapi + nova_libvirt_network: internalapi + edpm_ceph_hci_pre_enabled_services: + - ceph_mon + - ceph_mgr + - ceph_osd + - ceph_rgw + - ceph_nfs + - ceph_rgw_frontend + - ceph_nfs_frontend + storage_mtu: 9000 + storage_mgmt_mtu: 9000 + storage_mgmt_vlan_id: 23 + storage_mgmt_cidr: "24" + storage_mgmt_host_routes: [] + nodes: + edpm-compute-0: + ansible: + ansibleHost: 192.168.122.100 + hostName: edpm-compute-0 + networks: + - defaultRoute: true + fixedIP: 192.168.122.100 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: storagemgmt + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + edpm-compute-1: + ansible: + ansibleHost: 192.168.122.101 + hostName: edpm-compute-1 + networks: + - defaultRoute: true + fixedIP: 192.168.122.101 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: storagemgmt + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + edpm-compute-2: + ansible: + ansibleHost: 192.168.122.102 + hostName: edpm-compute-2 + networks: + - defaultRoute: true + fixedIP: 192.168.122.102 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: storagemgmt + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + deployment: + services: + - bootstrap + - configure-network + - validate-network + - install-os + - ceph-hci-pre + - configure-os + - ssh-known-hosts + - run-os diff --git a/examples/preprovisioned/kustomization.yaml b/examples/preprovisioned/kustomization.yaml new file mode 100644 index 000000000..8772b2ffe --- /dev/null +++ b/examples/preprovisioned/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack + +components: +- ../base diff --git a/examples/sriov/kustomization.yaml b/examples/sriov/kustomization.yaml new file mode 100644 index 000000000..f2fce650d --- /dev/null +++ b/examples/sriov/kustomization.yaml @@ -0,0 +1,43 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack +nameSuffix: -sriov + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.services + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.services + options: + create: true + +patches: +- target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: copy + from: /spec/nodes/edpm-compute-0 + path: /spec/nodes/edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/ansible/ansibleHost + value: 192.168.122.101 + - op: replace + path: /spec/nodes/edpm-compute-1/hostName + value: edpm-compute-1 + - op: replace + path: /spec/nodes/edpm-compute-1/networks/0/fixedIP + value: 192.168.122.101 diff --git a/examples/sriov/values.yaml b/examples/sriov/values.yaml new file mode 100644 index 000000000..4db18aa23 --- /dev/null +++ b/examples/sriov/values.yaml @@ -0,0 +1,24 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + services: + - bootstrap + - download-cache + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - neutron-sriov + - libvirt + - nova + - telemetry diff --git a/examples/swift/kustomization.yaml b/examples/swift/kustomization.yaml new file mode 100644 index 000000000..5f45a6acb --- /dev/null +++ b/examples/swift/kustomization.yaml @@ -0,0 +1,57 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +namespace: openstack + +components: +- ../base + +resources: + - values.yaml + +replacements: +# OpenStackDataPlaneNodeSet customizations +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodetemplate.ansible.vars.edpm_swift_disks + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible.ansibleVars.edpm_swift_disks + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.services + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.services + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.networkattachments + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.networkAttachments + options: + create: true +- source: + kind: DataPlaneConfig + name: edpm-values + fieldPath: data.nodeset.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodes + options: + create: true diff --git a/examples/swift/values.yaml b/examples/swift/values.yaml new file mode 100644 index 000000000..e72ad707e --- /dev/null +++ b/examples/swift/values.yaml @@ -0,0 +1,65 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: DataPlaneConfig +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + nodeset: + networkattachments: + - ctlplane + - storage + nodetemplate: + ansible: + vars: + # Swift disks defined here apply to all nodes. Node-specific disks + # might be defined in the nodes: section below + # + # weight, region and zone are not used in the playbook, but + # in swift-operator itself to determine Swift ring values. weight + # should be usually set to the GiB of the disk; region and + # zone are optional and might be used to enforce distribution of + # replicas + edpm_swift_disks: + - device: /dev/vdb + path: /srv/node/vdb + weight: 4000 + region: 0 + zone: 0 + nodes: + edpm-swift-0: + ansible: + ansibleHost: 192.168.122.100 + ansibleVars: + # Same options as above for all nodes, this time for an individual + # node with an extra disk. With this template, the node will use both + # vdb and vdc + edpm_swift_disks: + - device: /dev/vdc + path: /srv/node/vdc + weight: 1000 + hostName: edpm-swift-0 + networks: + - defaultRoute: true + fixedIP: 192.168.122.100 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + services: + - bootstrap + - download-cache + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - swift