diff --git a/automation/vars/default.yaml b/automation/vars/default.yaml index 8aeecd4fe..040f7daca 100644 --- a/automation/vars/default.yaml +++ b/automation/vars/default.yaml @@ -202,3 +202,37 @@ vas: - name: edpm-values src_file: values.yaml build_output: edpm.yaml + + bgp: + stages: + - path: examples/dt/bgp/control-plane/nncp + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=60s + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - path: examples/dt/bgp/control-plane + wait_conditions: + - >- + oc -n openstack wait osctlplane controlplane --for condition=Ready + --timeout=30m + values: + - name: network-values + src_file: nncp/values.yaml + build_output: ../control-plane.yaml + + - path: examples/dt/bgp/edpm + wait_conditions: + - >- + oc -n openstack wait + osdpd edpm-deployment --for condition=Ready --timeout=40m + values: + - name: edpm-values + src_file: values.yaml + build_output: dataplane.yaml diff --git a/dt/bgp/edpm/kustomization.yaml b/dt/bgp/edpm/kustomization.yaml new file mode 100644 index 000000000..ae6ccbaea --- /dev/null +++ b/dt/bgp/edpm/kustomization.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../lib/dataplane + +resources: + - nova_custom.yaml diff --git a/dt/bgp/edpm/nova_custom.yaml b/dt/bgp/edpm/nova_custom.yaml new file mode 100644 index 000000000..907575486 --- /dev/null +++ b/dt/bgp/edpm/nova_custom.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: dataplane.openstack.org/v1beta1 +kind: OpenStackDataPlaneService +metadata: + name: nova-custom +spec: + secrets: + - nova-cell1-compute-config + - nova-migration-ssh-key + playbook: osp.edpm.nova + tlsCert: + contents: + - dnsnames + - ips + networks: + - ctlplane + issuer: osp-rootca-issuer-internal + caCerts: combined-ca-bundle diff --git a/dt/bgp/kustomization.yaml b/dt/bgp/kustomization.yaml new file mode 100644 index 000000000..a2ad53fe3 --- /dev/null +++ b/dt/bgp/kustomization.yaml @@ -0,0 +1,175 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../lib/networking/metallb + - networking/bgpmetallb + - ../../lib/networking/netconfig + - ../../lib/networking/nad + - networking/nad + - ../../lib/control-plane + +patches: + # Add BGP networks to NetConfig + - target: + kind: NetConfig + name: netconfig + patch: |- + - op: add + path: /spec/networks/- + value: + dnsDomain: bgpnet0.example.com + name: bgpnet0 + subnets: + - _replaced_ + mtu: 1500 + - target: + kind: NetConfig + name: netconfig + patch: |- + - op: add + path: /spec/networks/- + value: + dnsDomain: bgpnet1.example.com + name: bgpnet1 + subnets: + - _replaced_ + mtu: 1500 + - target: + kind: NetConfig + name: netconfig + patch: |- + - op: add + path: /spec/networks/- + value: + dnsDomain: bgpmainnet.example.com + name: bgpmainnet + subnets: + - _replaced_ + mtu: 1500 + - target: + kind: NetConfig + name: netconfig + patch: |- + - op: add + path: /spec/networks/- + value: + dnsDomain: bgpmainnetv6.example.com + name: bgpmainnetv6 + subnets: + - _replaced_ + mtu: 1500 + # Enable octavia and heat + - target: + kind: OpenStackControlPlane + name: controlplane + patch: |- + - op: replace + path: /spec/octavia/enabled + value: true + - target: + kind: OpenStackControlPlane + name: controlplane + patch: |- + - op: replace + path: /spec/heat/enabled + value: true + # Connect ovnNorthd to internalapi + - target: + kind: OpenStackControlPlane + name: controlplane + patch: |- + - op: add + path: /spec/ovn/template/ovnNorthd + value: + networkAttachment: internalapi + +replacements: + # BGP NetConfig customizations + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.subnets.bgpnet0 + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=bgpnet0].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.subnets.bgpnet1 + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=bgpnet1].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.subnets.bgpmainnet + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=bgpmainnet].subnets + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.subnets.bgpmainnetv6 + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=bgpmainnetv6].subnets + + # Control plane customization to use glance with swift + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.customServiceConfig + options: + create: true + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.default.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.glanceAPIs.default.replicas + options: + create: true + - source: + kind: ConfigMap + name: service-values + fieldPath: data.swift.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.swift.enabled + options: + create: true diff --git a/dt/bgp/namespace.yaml b/dt/bgp/namespace.yaml new file mode 100644 index 000000000..60a6e8c42 --- /dev/null +++ b/dt/bgp/namespace.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: builtin +kind: NamespaceTransformer +metadata: + name: _ignored_ + namespace: openstack +setRoleBindingSubjects: none +unsetOnly: true +fieldSpecs: + - path: metadata/name + kind: Namespace + create: true diff --git a/dt/bgp/networking/bgpmetallb/kustomization.yaml b/dt/bgp/networking/bgpmetallb/kustomization.yaml new file mode 100644 index 000000000..9fde50421 --- /dev/null +++ b/dt/bgp/networking/bgpmetallb/kustomization.yaml @@ -0,0 +1,73 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - metallb_bgppeers.yaml + - metallb_bgpadvertisements.yaml + +replacements: + # BGP peer IP addresses + # node0 + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.bgp_peers.0 + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-0-0 + fieldPaths: + - spec.peerAddress + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.bgp_peers.1 + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-0-1 + fieldPaths: + - spec.peerAddress + # node1 + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.bgp_peers.0 + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-1-0 + fieldPaths: + - spec.peerAddress + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.bgp_peers.1 + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-1-1 + fieldPaths: + - spec.peerAddress + # node2 + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.bgp_peers.0 + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-2-0 + fieldPaths: + - spec.peerAddress + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.bgp_peers.1 + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-2-1 + fieldPaths: + - spec.peerAddress diff --git a/dt/bgp/networking/bgpmetallb/metallb_bgpadvertisements.yaml b/dt/bgp/networking/bgpmetallb/metallb_bgpadvertisements.yaml new file mode 100644 index 000000000..e2b5474c7 --- /dev/null +++ b/dt/bgp/networking/bgpmetallb/metallb_bgpadvertisements.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: metallb.io/v1beta1 +kind: BGPAdvertisement +metadata: + name: bgpadvertisement + namespace: metallb-system +spec: + ipAddressPools: + - ctlplane + - internalapi + - storage + - tenant + peers: + - bgp-peer-node-0-0 + - bgp-peer-node-0-1 + - bgp-peer-node-1-0 + - bgp-peer-node-1-1 + - bgp-peer-node-2-0 + - bgp-peer-node-2-1 diff --git a/dt/bgp/networking/bgpmetallb/metallb_bgppeers.yaml b/dt/bgp/networking/bgpmetallb/metallb_bgppeers.yaml new file mode 100644 index 000000000..9638251be --- /dev/null +++ b/dt/bgp/networking/bgpmetallb/metallb_bgppeers.yaml @@ -0,0 +1,96 @@ +--- +apiVersion: metallb.io/v1beta2 +kind: BGPPeer +metadata: + name: bgp-peer-node-0-0 + namespace: metallb-system +spec: + myASN: 64999 + peerASN: 64999 + peerAddress: _replaced_ + password: f00barZ + nodeSelectors: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: ["master-0"] +--- +apiVersion: metallb.io/v1beta2 +kind: BGPPeer +metadata: + name: bgp-peer-node-0-1 + namespace: metallb-system +spec: + myASN: 64999 + peerASN: 64999 + peerAddress: _replaced_ + password: f00barZ + nodeSelectors: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: ["master-0"] +--- +apiVersion: metallb.io/v1beta2 +kind: BGPPeer +metadata: + name: bgp-peer-node-1-0 + namespace: metallb-system +spec: + myASN: 64999 + peerASN: 64999 + peerAddress: _replaced_ + password: f00barZ + nodeSelectors: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: ["master-1"] +--- +apiVersion: metallb.io/v1beta2 +kind: BGPPeer +metadata: + name: bgp-peer-node-1-1 + namespace: metallb-system +spec: + myASN: 64999 + peerASN: 64999 + peerAddress: _replaced_ + password: f00barZ + nodeSelectors: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: ["master-1"] +--- +apiVersion: metallb.io/v1beta2 +kind: BGPPeer +metadata: + name: bgp-peer-node-2-0 + namespace: metallb-system +spec: + myASN: 64999 + peerASN: 64999 + peerAddress: _replaced_ + password: f00barZ + nodeSelectors: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: ["master-2"] +--- +apiVersion: metallb.io/v1beta2 +kind: BGPPeer +metadata: + name: bgp-peer-node-2-1 + namespace: metallb-system +spec: + myASN: 64999 + peerASN: 64999 + peerAddress: _replaced_ + password: f00barZ + nodeSelectors: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: ["master-2"] diff --git a/dt/bgp/networking/nad/kustomization.yaml b/dt/bgp/networking/nad/kustomization.yaml new file mode 100644 index 000000000..273b3bd2f --- /dev/null +++ b/dt/bgp/networking/nad/kustomization.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - ocp_networks_netattach.yaml + +patches: + - target: + kind: NetworkAttachmentDefinition + labelSelector: "osp/net-attach-def-type=bgp" + path: ocp_network_template.yaml + +replacements: + # BGP NetworkAttachmentDefinition customization + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.net-attach-def.node0.bgpnet0 + targets: + - select: + kind: NetworkAttachmentDefinition + name: bgpnet-0-0 + fieldPaths: + - spec.config + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.net-attach-def.node0.bgpnet1 + targets: + - select: + kind: NetworkAttachmentDefinition + name: bgpnet-0-1 + fieldPaths: + - spec.config + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.net-attach-def.node1.bgpnet0 + targets: + - select: + kind: NetworkAttachmentDefinition + name: bgpnet-1-0 + fieldPaths: + - spec.config + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.net-attach-def.node1.bgpnet1 + targets: + - select: + kind: NetworkAttachmentDefinition + name: bgpnet-1-1 + fieldPaths: + - spec.config + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.net-attach-def.node2.bgpnet0 + targets: + - select: + kind: NetworkAttachmentDefinition + name: bgpnet-2-0 + fieldPaths: + - spec.config + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.net-attach-def.node2.bgpnet1 + targets: + - select: + kind: NetworkAttachmentDefinition + name: bgpnet-2-1 + fieldPaths: + - spec.config diff --git a/dt/bgp/networking/nad/ocp_network_template.yaml b/dt/bgp/networking/nad/ocp_network_template.yaml new file mode 100644 index 000000000..29f6deaf6 --- /dev/null +++ b/dt/bgp/networking/nad/ocp_network_template.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: nmstate.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: _ignored_ +spec: + config: | + _replaced_ diff --git a/dt/bgp/networking/nad/ocp_networks_netattach.yaml b/dt/bgp/networking/nad/ocp_networks_netattach.yaml new file mode 100644 index 000000000..2d4c62971 --- /dev/null +++ b/dt/bgp/networking/nad/ocp_networks_netattach.yaml @@ -0,0 +1,48 @@ +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: bgpnet-0-0 + labels: + osp/net: bgpnet-0-0 + osp/net-attach-def-type: bgp +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: bgpnet-0-1 + labels: + osp/net: bgpnet-0-1 + osp/net-attach-def-type: bgp +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: bgpnet-1-0 + labels: + osp/net: bgpnet-1-0 + osp/net-attach-def-type: bgp +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: bgpnet-1-1 + labels: + osp/net: bgpnet-1-1 + osp/net-attach-def-type: bgp +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: bgpnet-2-0 + labels: + osp/net: bgpnet-2-0 + osp/net-attach-def-type: bgp +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: bgpnet-2-1 + labels: + osp/net: bgpnet-2-1 + osp/net-attach-def-type: bgp diff --git a/examples/dt/bgp/control-plane/kustomization.yaml b/examples/dt/bgp/control-plane/kustomization.yaml new file mode 100644 index 000000000..cb212c475 --- /dev/null +++ b/examples/dt/bgp/control-plane/kustomization.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../dt/bgp/ + +resources: + - nncp/values.yaml + - service-values.yaml diff --git a/examples/dt/bgp/control-plane/nncp/.gitignore b/examples/dt/bgp/control-plane/nncp/.gitignore new file mode 100644 index 000000000..51ed8a956 --- /dev/null +++ b/examples/dt/bgp/control-plane/nncp/.gitignore @@ -0,0 +1 @@ +nncp.yaml diff --git a/examples/dt/bgp/control-plane/nncp/kustomization.yaml b/examples/dt/bgp/control-plane/nncp/kustomization.yaml new file mode 100644 index 000000000..0a5bf1342 --- /dev/null +++ b/examples/dt/bgp/control-plane/nncp/kustomization.yaml @@ -0,0 +1,269 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../lib/nncp + +resources: + - values.yaml + +patches: + - target: + kind: NodeNetworkConfigurationPolicy + patch: |- + - op: add + path: /spec/desiredState/interfaces/- + value: + description: BGP interface 1 + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + enabled: false + mtu: 1500 + name: _replaced_ + state: up + type: ethernet + - target: + kind: NodeNetworkConfigurationPolicy + patch: |- + - op: add + path: /spec/desiredState/interfaces/- + value: + description: BGP interface 2 + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + enabled: false + mtu: 1500 + name: _replaced_ + state: up + type: ethernet + - target: + kind: NodeNetworkConfigurationPolicy + patch: |- + - op: add + path: /spec/desiredState/interfaces/- + value: + description: loopback interface + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + name: _replaced_ + mtu: 65536 + state: up + + +replacements: + # BGP node0 IPs + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.bgp_ip.0 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-0 + fieldPaths: + - spec.desiredState.interfaces.5.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.bgp_ip.1 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-0 + fieldPaths: + - spec.desiredState.interfaces.6.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.loopback_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-0 + fieldPaths: + - spec.desiredState.interfaces.7.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.loopback_ipv6 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-0 + fieldPaths: + - spec.desiredState.interfaces.7.ipv6.address.0.ip + # BGP node1 IPs + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.bgp_ip.0 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.interfaces.5.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.bgp_ip.1 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.interfaces.6.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.loopback_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.interfaces.7.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.loopback_ipv6 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.interfaces.7.ipv6.address.0.ip + # BGP node2 IPs + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.bgp_ip.0 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-2 + fieldPaths: + - spec.desiredState.interfaces.5.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.bgp_ip.1 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-2 + fieldPaths: + - spec.desiredState.interfaces.6.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.loopback_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-2 + fieldPaths: + - spec.desiredState.interfaces.7.ipv4.address.0.ip + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.loopback_ipv6 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-2 + fieldPaths: + - spec.desiredState.interfaces.7.ipv6.address.0.ip + + # BGP values + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.ifaces.0 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.5.name + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.ifaces.1 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.6.name + - source: + kind: ConfigMap + name: network-values + fieldPath: data.loopback.iface + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.7.name + - source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.5.ipv4.address.0.prefix-length + - spec.desiredState.interfaces.6.ipv4.address.0.prefix-length + - source: + kind: ConfigMap + name: network-values + fieldPath: data.loopback.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.7.ipv4.address.0.prefix-length + - source: + kind: ConfigMap + name: network-values + fieldPath: data.loopback.prefix-length-ipv6 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.7.ipv6.address.0.prefix-length diff --git a/examples/dt/bgp/control-plane/nncp/values.yaml b/examples/dt/bgp/control-plane/nncp/values.yaml new file mode 100644 index 000000000..573197a05 --- /dev/null +++ b/examples/dt/bgp/control-plane/nncp/values.yaml @@ -0,0 +1,438 @@ +--- +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: ConfigMap +metadata: + name: network-values + annotations: + config.kubernetes.io/local-config: "true" +data: + # nodes + node_0: + name: master-0 + internalapi_ip: 172.17.0.5 + tenant_ip: 172.19.0.5 + ctlplane_ip: 192.168.122.10 + storage_ip: 172.18.0.5 + bgp_ip: + - 100.64.3.2 + - 100.65.3.2 + bgp_peers: + - 100.64.3.1 + - 100.65.3.1 + loopback_ip: 172.30.4.2 + loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:42 + node_1: + name: master-1 + internalapi_ip: 172.17.0.6 + tenant_ip: 172.19.0.6 + ctlplane_ip: 192.168.122.11 + storage_ip: 172.18.0.6 + bgp_ip: + - 100.64.3.6 + - 100.65.3.6 + bgp_peers: + - 100.64.3.5 + - 100.65.3.5 + loopback_ip: 172.30.4.3 + loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:43 + node_2: + name: master-2 + internalapi_ip: 172.17.0.7 + tenant_ip: 172.19.0.7 + ctlplane_ip: 192.168.122.12 + storage_ip: 172.18.0.7 + bgp_ip: + - 100.64.3.10 + - 100.65.3.10 + bgp_peers: + - 100.64.3.9 + - 100.65.3.9 + loopback_ip: 172.30.4.4 + loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:44 + + # networks + ctlplane: + dnsDomain: ctlplane.example.com + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.200 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + prefix-length: 24 + iface: enp8s0 + mtu: 1500 + lb_addresses: + - 192.168.122.80-192.168.122.90 + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70" + } + } + internalapi: + dnsDomain: internalapi.example.com + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + mtu: 1500 + prefix-length: 24 + iface: internalapi + vlan: 20 + base_iface: enp8s0 + lb_addresses: + - 172.17.0.80-172.17.0.90 + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70" + } + } + storage: + dnsDomain: storage.example.com + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + mtu: 1500 + prefix-length: 24 + iface: storage + vlan: 21 + base_iface: enp8s0 + lb_addresses: + - 172.18.0.80-172.18.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70" + } + } + tenant: + dnsDomain: tenant.example.com + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + mtu: 1500 + prefix-length: 24 + iface: tenant + vlan: 22 + base_iface: enp8s0 + lb_addresses: + - 172.19.0.80-172.19.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70" + } + } + external: + dnsDomain: external.example.com + subnets: + - allocationRanges: + - end: 10.0.0.250 + start: 10.0.0.100 + cidr: 10.0.0.0/24 + gateway: 10.0.0.1 + name: subnet1 + mtu: 1500 + + bgp: + prefix-length: 30 + ifaces: + - enp6s0 + - enp7s0 + asn: 64999 + peer_asn: 64999 + subnets: + bgpnet0: + - name: subnet0 + allocationRanges: + - end: 100.64.0.2 + start: 100.64.0.1 + cidr: 100.64.0.0/30 + gateway: 100.64.0.1 + routes: + - destination: 0.0.0.0/0 + nexthop: 100.64.0.1 + - name: subnet1 + allocationRanges: + - end: 100.64.1.2 + start: 100.64.1.1 + cidr: 100.64.1.0/30 + gateway: 100.64.1.1 + routes: + - destination: 0.0.0.0/0 + nexthop: 100.64.1.1 + - name: subnet2 + allocationRanges: + - end: 100.64.2.2 + start: 100.64.2.1 + cidr: 100.64.2.0/30 + gateway: 100.64.2.1 + routes: + - destination: 0.0.0.0/0 + nexthop: 100.64.2.1 + - name: subnet3 + allocationRanges: + - end: 100.64.3.2 + start: 100.64.3.1 + cidr: 100.64.3.0/30 + gateway: 100.64.3.1 + routes: + - destination: 0.0.0.0/0 + nexthop: 100.64.3.1 + bgpnet1: + - name: subnet0 + allocationRanges: + - end: 100.65.0.2 + start: 100.65.0.1 + cidr: 100.65.0.0/30 + gateway: 100.65.0.1 + routes: + - destination: 0.0.0.0/0 + nexthop: 100.65.0.1 + - name: subnet1 + allocationRanges: + - end: 100.65.1.2 + start: 100.65.1.1 + cidr: 100.65.1.0/30 + gateway: 100.65.1.1 + routes: + - destination: 0.0.0.0/0 + nexthop: 100.65.1.1 + - name: subnet2 + allocationRanges: + - end: 100.65.2.2 + start: 100.65.2.1 + cidr: 100.65.2.0/30 + gateway: 100.65.2.1 + routes: + - destination: 0.0.0.0/0 + nexthop: 100.65.2.1 + - name: subnet3 + allocationRanges: + - end: 100.65.3.2 + start: 100.65.3.1 + cidr: 100.65.3.0/30 + gateway: 100.65.3.1 + routes: + - destination: 0.0.0.0/0 + nexthop: 100.65.3.1 + bgpmainnet: + - name: subnet0 + cidr: 172.30.0.0/28 + allocationRanges: + - end: 172.30.0.14 + start: 172.30.0.2 + - name: subnet1 + cidr: 172.30.1.0/28 + allocationRanges: + - end: 172.30.1.14 + start: 172.30.1.2 + - name: subnet2 + cidr: 172.30.2.0/28 + allocationRanges: + - end: 172.30.2.14 + start: 172.30.2.2 + - name: subnet3 + cidr: 172.30.3.0/28 + allocationRanges: + - end: 172.30.3.14 + start: 172.30.3.2 + bgpmainnetv6: + - name: subnet0 + cidr: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0010/124 + allocationRanges: + - end: f00d:f00d:f00d:f00d:f00d:f00d:f00d:001e + start: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0012 + - name: subnet1 + cidr: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0020/124 + allocationRanges: + - end: f00d:f00d:f00d:f00d:f00d:f00d:f00d:002e + start: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0022 + - name: subnet2 + cidr: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0030/124 + allocationRanges: + - end: f00d:f00d:f00d:f00d:f00d:f00d:f00d:003e + start: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0032 + - name: subnet3 + cidr: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0040/124 + allocationRanges: + - end: f00d:f00d:f00d:f00d:f00d:f00d:f00d:004e + start: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0042 + net-attach-def: + node0: + bgpnet0: | + { + "cniVersion": "0.3.1", + "name": "bgpnet-0-0", + "type": "interface", + "master": "enp6s0", + "ipam": { + "type": "whereabouts", + "range": "100.64.3.0/30", + "range_start": "100.64.3.1", + "range_end": "100.64.3.2" + } + } + bgpnet1: | + { + "cniVersion": "0.3.1", + "name": "bgpnet-0-1", + "type": "interface", + "master": "enp7s0", + "ipam": { + "type": "whereabouts", + "range": "100.65.3.0/30", + "range_start": "100.65.3.1", + "range_end": "100.65.3.2" + } + } + node1: + bgpnet0: | + { + "cniVersion": "0.3.1", + "name": "bgpnet-1-0", + "type": "interface", + "master": "enp6s0", + "ipam": { + "type": "whereabouts", + "range": "100.64.3.4/30", + "range_start": "100.64.3.5", + "range_end": "100.64.3.6" + } + } + bgpnet1: | + { + "cniVersion": "0.3.1", + "name": "bgpnet-1-1", + "type": "interface", + "master": "enp7s0", + "ipam": { + "type": "whereabouts", + "range": "100.65.3.4/30", + "range_start": "100.65.3.5", + "range_end": "100.65.3.6" + } + } + node2: + bgpnet0: | + { + "cniVersion": "0.3.1", + "name": "bgpnet-2-0", + "type": "interface", + "master": "enp6s0", + "ipam": { + "type": "whereabouts", + "range": "100.64.3.8/30", + "range_start": "100.64.3.9", + "range_end": "100.64.3.10" + } + } + bgpnet1: | + { + "cniVersion": "0.3.1", + "name": "bgpnet-2-1", + "type": "interface", + "master": "enp7s0", + "ipam": { + "type": "whereabouts", + "range": "100.65.3.8/30", + "range_start": "100.65.3.9", + "range_end": "100.65.3.10" + } + } + + loopback: + prefix-length: 32 + prefix-length-ipv6: 128 + iface: lo + datacentre: + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } + + dns-resolver: + config: + server: + - 192.168.122.1 + search: [] + options: + - key: server + values: + - 192.168.122.1 + + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.122.1 + next-hop-interface: enp8s0 + + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + + lbServiceType: LoadBalancer + storageClass: local-storage + bridgeName: ospbr diff --git a/examples/dt/bgp/control-plane/service-values.yaml b/examples/dt/bgp/control-plane/service-values.yaml new file mode 100644 index 000000000..33aa5c624 --- /dev/null +++ b/examples/dt/bgp/control-plane/service-values.yaml @@ -0,0 +1,25 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-values + annotations: + config.kubernetes.io/local-config: "true" +data: + glance: + customServiceConfig: | + [DEFAULT] + enabled_backends = default_backend:swift + [glance_store] + default_backend = default_backend + [default_backend] + swift_store_create_container_on_put = True + swift_store_auth_version = 3 + swift_store_auth_address = {{ .KeystoneInternalURL }} + swift_store_endpoint_type = internalURL + swift_store_user = service:glance + swift_store_key = {{ .ServicePassword }} + default: + replicas: 1 + swift: + enabled: true diff --git a/examples/dt/bgp/edpm/kustomization.yaml b/examples/dt/bgp/edpm/kustomization.yaml new file mode 100644 index 000000000..579581a20 --- /dev/null +++ b/examples/dt/bgp/edpm/kustomization.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../dt/bgp/edpm/ + ## It's possible to replace ../../../../dt/bgp/edpm/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml diff --git a/examples/dt/bgp/edpm/values.yaml b/examples/dt/bgp/edpm/values.yaml new file mode 100644 index 000000000..8090ed990 --- /dev/null +++ b/examples/dt/bgp/edpm/values.yaml @@ -0,0 +1,272 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" +data: + deployment: + name: edpm-deployment + ssh_keys: + # Authorized keys that will have access to the dataplane computes via SSH + authorized: CHANGEME + # The private key that will have access to the dataplane computes via SSH + private: CHANGEME2 + # The public key that will have access to the dataplane computes via SSH + public: CHANGEME3 + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + edpm_ovn_bgp_agent_expose_tenant_networks: false + edpm_frr_bgp_ipv4_src_network: bgpmainnet + edpm_frr_bgp_ipv6_src_network: bgpmainnetv6 + edpm_frr_bgp_neighbor_password: f00barZ + edpm_frr_bgp_uplinks: + - nic3 + - nic4 + timesync_ntp_servers: + - hostname: clock.redhat.com + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username \ + # --password + # podman login -u -p registry.redhat.io + edpm_iscsid_image: '{{ registry_url }}/openstack-iscsid:{{ image_tag }}' + edpm_logrotate_crond_image: '{{ registry_url }}/openstack-cron:{{ image_tag }}' + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + edpm-compute-0: + nic2: 6a:fe:54:3f:8a:02 # CHANGEME + edpm-compute-1: + nic2: 6b:fe:54:3f:8a:02 # CHANGEME + edpm-compute-2: + nic2: 6c:fe:54:3f:8a:02 # CHANGEME + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: interface + name: nic2 + mtu: {{ min_viable_mtu }} + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + {% for network in nodeset_networks %} + {% if not network.lower().startswith('bgp') %} + - type: vlan + device: nic2 + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: + {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endif %} + {% endfor %} + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + use_dhcp: false + - type: interface + name: nic3 + use_dhcp: false + addresses: + - ip_netmask: {{ lookup('vars', 'bgpnet0_ip') }}/30 + - type: interface + name: nic4 + use_dhcp: false + addresses: + - ip_netmask: {{ lookup('vars', 'bgpnet1_ip') }}/30 + - type: interface + name: lo + addresses: + - ip_netmask: {{ lookup('vars', 'bgpmainnet_ip') }}/32 + - ip_netmask: {{ lookup('vars', 'bgpmainnetv6_ip') }}/128 + edpm_neutron_metadata_agent_image: '{{ registry_url }}/openstack-neutron-metadata-agent-ovn:{{ image_tag }}' + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + edpm_nova_compute_container_image: '{{ registry_url }}/openstack-nova-compute:{{ image_tag }}' + edpm_nova_libvirt_container_image: '{{ registry_url }}/openstack-nova-libvirt:{{ image_tag }}' + edpm_ovn_controller_agent_image: '{{ registry_url }}/openstack-ovn-controller:{{ image_tag }}' + edpm_frr_image: '{{ registry_url }}/openstack-frr:{{ image_tag }}' + edpm_selinux_mode: enforcing + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + edpm_sshd_configure_firewall: true + enable_debug: false + gather_facts: false + image_tag: current-podified + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth1 + registry_url: quay.io/podified-antelope-centos9 + service_net_map: + nova_api_network: internalapi + nova_libvirt_network: internalapi + networks: + - defaultRoute: true + name: CtlPlane + subnetName: subnet1 + - name: InternalApi + subnetName: subnet1 + - name: Storage + subnetName: subnet1 + - name: Tenant + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet0 + - name: BgpNet1 + subnetName: subnet0 + - name: BgpMainNet + subnetName: subnet0 + - name: BgpMainNetV6 + subnetName: subnet0 + - name: BgpNet0 + subnetName: subnet1 + - name: BgpNet1 + subnetName: subnet1 + - name: BgpMainNet + subnetName: subnet1 + - name: BgpMainNetV6 + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet2 + - name: BgpNet1 + subnetName: subnet2 + - name: BgpMainNet + subnetName: subnet2 + - name: BgpMainNetV6 + subnetName: subnet2 + nodes: + edpm-compute-0: + ansible: + ansibleHost: 192.168.122.100 + ansibleVars: + edpm_ovn_bgp_agent_local_ovn_peer_ips: + - 100.64.0.1 + - 100.65.0.1 + edpm_frr_bgp_peers: + - 100.64.0.1 + - 100.65.0.1 + hostName: edpm-compute-0 + networks: + - defaultRoute: true + fixedIP: 192.168.122.100 + name: CtlPlane + subnetName: subnet1 + - name: InternalApi + subnetName: subnet1 + - name: Storage + subnetName: subnet1 + - name: Tenant + subnetName: subnet1 + - name: Bgpnet1 + subnetName: subnet1 + fixedIP: 100.64.0.2 + - name: Bgpnet2 + subnetName: subnet1 + fixedIP: 100.65.0.2 + - name: Bgpmainnet + subnetName: subnet1 + fixedIP: 172.30.0.2 + - name: BgpmainnetV6 + subnetName: subnet1 + fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0012 + edpm-compute-1: + ansible: + ansibleHost: 192.168.122.101 + ansibleVars: + edpm_ovn_bgp_agent_local_ovn_peer_ips: + - 100.64.1.1 + - 100.65.1.1 + edpm_frr_bgp_peers: + - 100.64.1.1 + - 100.65.1.1 + hostName: edpm-compute-1 + networks: + - defaultRoute: true + fixedIP: 192.168.122.101 + name: CtlPlane + subnetName: subnet1 + - name: InternalApi + subnetName: subnet1 + - name: Storage + subnetName: subnet1 + - name: Tenant + subnetName: subnet1 + - name: Bgpnet1 + subnetName: subnet1 + fixedIP: 100.64.1.2 + - name: Bgpnet2 + subnetName: subnet1 + fixedIP: 100.65.1.2 + - name: Bgpmainnet + subnetName: subnet1 + fixedIP: 172.30.1.2 + - name: BgpmainnetV6 + subnetName: subnet1 + fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0022 + edpm-compute-2: + ansible: + ansibleHost: 192.168.122.102 + ansibleVars: + edpm_ovn_bgp_agent_local_ovn_peer_ips: + - 100.64.2.1 + - 100.65.2.1 + edpm_frr_bgp_peers: + - 100.64.2.1 + - 100.65.2.1 + hostName: edpm-compute-2 + networks: + - defaultRoute: true + fixedIP: 192.168.122.102 + name: CtlPlane + subnetName: subnet1 + - name: InternalApi + subnetName: subnet1 + - name: Storage + subnetName: subnet1 + - name: Tenant + subnetName: subnet1 + - name: Bgpnet1 + subnetName: subnet1 + fixedIP: 100.64.2.2 + - name: Bgpnet2 + subnetName: subnet1 + fixedIP: 100.65.2.2 + - name: Bgpmainnet + subnetName: subnet1 + fixedIP: 172.30.2.2 + - name: BgpmainnetV6 + subnetName: subnet1 + fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0034 + services: + - download-cache + - bootstrap + - configure-network + - validate-network + - frr + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - ovn-bgp-agent + - libvirt + - nova-custom + nova: + migration: + ssh_keys: + private: CHANGEME4 + public: CHANGEME5