Skip to content

Commit

Permalink
Merge pull request openstack-k8s-operators#343 from beagles/uni06zeta…
Browse files Browse the repository at this point in the history 
…-octavia

[uni06zeta] Add missing networking and service values

The DT CR is missing a few key values for enabling octavia.

Reviewed-by: John Fulton <[email protected]>
  • Loading branch information
@softwarefactory-project-zuul
softwarefactory-project-zuul[bot] authored Jul 29, 2024
2 parents 7e113ed + 11cff01 commit fbfb1a6
Show file tree
Hide file tree
Showing 8 changed files with 414 additions and 4 deletions.
111 changes: 110 additions & 1 deletion dt/uni06zeta/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,9 @@ components:
- ../../lib/networking/nad
- ../../lib/control-plane

resources:
- resources/octavia-network-attachment-definition.yaml

replacements:
- source:
kind: ConfigMap
Expand Down Expand Up @@ -137,7 +140,102 @@ replacements:
options:
create: true

# TODO: octavia
- source:
kind: ConfigMap
name: service-values
fieldPath: data.octavia.enabled
targets:
- select:
kind: OpenStackControlPlane
fieldPaths:
- spec.octavia.enabled
options:
create: true

- source:
kind: ConfigMap
name: service-values
fieldPath: data.octavia.amphoraImageContainerImage
targets:
- select:
kind: OpenStackControlPlane
fieldPaths:
- spec.octavia.template.amphoraImageContainerImage
options:
create: true

- source:
kind: ConfigMap
name: service-values
fieldPath: data.octavia.apacheContainerImage
targets:
- select:
kind: OpenStackControlPlane
fieldPaths:
- spec.octavia.template.apacheContainerImage
options:
create: true

- source:
kind: ConfigMap
name: service-values
fieldPath: data.octavia.availabilityZones
targets:
- select:
kind: OpenStackControlPlane
fieldPaths:
- spec.octavia.template.lbMgmtNetwork.availabilityZones
options:
create: true

- source:
kind: ConfigMap
name: service-values
fieldPath: data.octavia.octaviaAPI.networkAttachments
targets:
- select:
kind: OpenStackControlPlane
fieldPaths:
- spec.octavia.template.octaviaAPI.networkAttachments
options:
create: true

- source:
kind: ConfigMap
name: service-values
fieldPath: data.octavia.octaviaHousekeeping.networkAttachments
targets:
- select:
kind: OpenStackControlPlane
fieldPaths:
- spec.octavia.template.octaviaHousekeeping.networkAttachments
options:
create: true

- source:
kind: ConfigMap
name: service-values
fieldPath: data.octavia.octaviaHealthManager.networkAttachments
targets:
- select:
kind: OpenStackControlPlane
fieldPaths:
- spec.octavia.template.octaviaHealthManager.networkAttachments
options:
create: true

- source:
kind: ConfigMap
name: service-values
fieldPath: data.octavia.octaviaWorker.networkAttachments
targets:
- select:
kind: OpenStackControlPlane
fieldPaths:
- spec.octavia.template.octaviaWorker.networkAttachments
options:
create: true

- source:
kind: ConfigMap
name: service-values
Expand All @@ -161,3 +259,14 @@ replacements:
- spec.neutron.template.customServiceConfig
options:
create: true

- source:
kind: ConfigMap
name: network-values
fieldPath: data.octavia.net-attach-def
targets:
- select:
kind: NetworkAttachmentDefinition
name: octavia
fieldPaths:
- spec.config
187 changes: 187 additions & 0 deletions dt/uni06zeta/nncp/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,187 @@
---
apiVersion: kustomize.config.k8s.io/v1alpha1
kind: Component

transformers:
- |-
apiVersion: builtin
kind: NamespaceTransformer
metadata:
name: _ignored_
namespace: openstack
setRoleBindingSubjects: none
unsetOnly: true
fieldSpecs:
- path: metadata/name
kind: Namespace
create: true
components:
- ../../../lib/nncp

patches:
- target:
kind: NodeNetworkConfigurationPolicy
name: master-0
patch: |-
- op: add
path: /spec/desiredState/interfaces/-
value:
description: Octavia vlan host interface
name: octavia
state: up
type: vlan
vlan:
base-iface: _replaced_
id: _replaced_
- target:
kind: NodeNetworkConfigurationPolicy
name: master-0
patch: |-
- op: add
path: /spec/desiredState/interfaces/-
value:
description: Octavia bridge
mtu: 1500
name: octbr
type: linux-bridge
bridge:
options:
stp:
enabled: false
port:
- name: octavia
- target:
kind: NodeNetworkConfigurationPolicy
name: master-1
patch: |-
- op: add
path: /spec/desiredState/interfaces/-
value:
description: Octavia vlan host interface
name: octavia
state: up
type: vlan
vlan:
base-iface: _replaced_
id: _replaced_
- target:
kind: NodeNetworkConfigurationPolicy
name: master-1
patch: |-
- op: add
path: /spec/desiredState/interfaces/-
value:
description: Octavia bridge
mtu: 1500
name: octbr
type: linux-bridge
bridge:
options:
stp:
enabled: false
port:
- name: octavia
- target:
kind: NodeNetworkConfigurationPolicy
name: master-2
patch: |-
- op: add
path: /spec/desiredState/interfaces/-
value:
description: Octavia vlan host interface
name: octavia
state: up
type: vlan
vlan:
base-iface: _replaced_
id: _replaced_
- target:
kind: NodeNetworkConfigurationPolicy
name: master-2
patch: |-
- op: add
path: /spec/desiredState/interfaces/-
value:
description: Octavia bridge
mtu: 1500
name: octbr
type: linux-bridge
bridge:
options:
stp:
enabled: false
port:
- name: octavia
replacements:
- source:
kind: ConfigMap
name: network-values
fieldPath: data.octavia.base_iface
targets:
- select:
kind: NodeNetworkConfigurationPolicy
name: master-0
fieldPaths:
- spec.desiredState.interfaces.[name=octavia].vlan.base-iface

- source:
kind: ConfigMap
name: network-values
fieldPath: data.octavia.vlan
targets:
- select:
kind: NodeNetworkConfigurationPolicy
name: master-0
fieldPaths:
- spec.desiredState.interfaces.[name=octavia].vlan.id

- source:
kind: ConfigMap
name: network-values
fieldPath: data.octavia.base_iface
targets:
- select:
kind: NodeNetworkConfigurationPolicy
name: master-1
fieldPaths:
- spec.desiredState.interfaces.[name=octavia].vlan.base-iface

- source:
kind: ConfigMap
name: network-values
fieldPath: data.octavia.vlan
targets:
- select:
kind: NodeNetworkConfigurationPolicy
name: master-1
fieldPaths:
- spec.desiredState.interfaces.[name=octavia].vlan.id

- source:
kind: ConfigMap
name: network-values
fieldPath: data.octavia.base_iface
targets:
- select:
kind: NodeNetworkConfigurationPolicy
name: master-2
fieldPaths:
- spec.desiredState.interfaces.[name=octavia].vlan.base-iface

- source:
kind: ConfigMap
name: network-values
fieldPath: data.octavia.vlan
targets:
- select:
kind: NodeNetworkConfigurationPolicy
name: master-2
fieldPaths:
- spec.desiredState.interfaces.[name=octavia].vlan.id
8 changes: 8 additions & 0 deletions dt/uni06zeta/resources/octavia-network-attachment-definition.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: octavia
labels:
osp/net: octavia
osp/net-attach-def-type: standard
8 changes: 8 additions & 0 deletions dt/uni06zeta/resources/octavia-network-attachment-defintion.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: octavia
labels:
osp/net: octavia
osp/net-attach-def-type: standard
54 changes: 54 additions & 0 deletions examples/dt/uni06zeta/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,60 @@ the operators, recommended to create dedicated label for each target serving nod
and configure the storage ips of each cinder-volume instance with LVM backend.


#### Octavia

Octavia is enabled with the appropriate network attachments configured to
deploy Octavia. It manages amphorae VMs through a self-service tenant network.
The Octavia Amphora controllers get access to it through a Neutron externally
routed flat provider network configured as a SNAT-less gateway for a neutron
router linked to the tenant networks. Host routes on the tenant network's
subnet and routes on the network attachment provide the required `next hop`
routing to establish the necessary bidirectional routing.

This arrangement requires a network attachment for connecting the OVN and
Amphora Controller pods (octavia-housekeeping, octavia-healthmanager,
octavia-worker). Because Neutron ML2/OVN implements provider networks by
bridging the relevant physical interface - in this case the network-attachment,
there is an additional requirement that this attachment function when
bridged. As the default macvlan attachments do not function when bridged, a
bridge network attachment is used.

Bridge attachments do not directly provide connectivity outside of the OCP
node. To implement this, the NodeNetworkConfigurationPolicy creates an VLAN
interface as is typical for the other networks, but does not configure an IP
pool as it is not needed. It is also not configured for metallb as it is solely
as part of a way to establish a L2 network link between nodes. The
NodeNetworkConfigurationPolicy also configures an octbr linux bridge which is
configured as the bridge for the network attachment mentioned above. It is also
configured to add the VLAN interface as a port, effectively linking the nodes
and the network attachments.

```YAML
spec:
octavia:
enabled: true
template:
octaviaAPI:
networkAttachments:
- internalapi
octaviaHousekeeping:
networkAttachments:
- octavia
octaviaWorker:
networkAttachments:
- octavia
octaviaHealthManager:
networkAttachments:
- octavia

ovn:
template:
ovncontroller:
nicMappings:
datacentre: ospbr
octavia: octbr
```
## Testing tree
| Test framework | When to run | Special configuration |
Expand Down
Loading

0 comments on commit fbfb1a6

Please sign in to comment.