diff --git a/automation/vars/bgp_dt02.yaml b/automation/vars/bgp_dt02.yaml new file mode 100644 index 000000000..27606a5ac --- /dev/null +++ b/automation/vars/bgp_dt02.yaml @@ -0,0 +1,200 @@ +--- +vas: + bgp_dt02: + stages: + - pre_stage_run: + - name: 01 Apply taint on worker-3 + type: cr + definition: + spec: + taints: + - effect: NoSchedule + key: testOperator + value: 'true' + - effect: NoExecute + key: testOperator + value: 'true' + kind: Node + resource_name: worker-3 + state: patched + - name: 02 Disable rp_filters on OCP nodes + type: cr + definition: + spec: + profile: + - data: | + [main] + summary=Optimize systems running OpenShift (provider specific parent profile) + include=-provider-${f:exec:cat:/var/lib/ocp-tuned/provider},openshift + + [sysctl] + net.ipv4.conf.enp7s0.rp_filter=0 + net.ipv4.conf.enp8s0.rp_filter=0 + name: openshift-no-reapply-sysctl + recommend: + - match: + # applied to all nodes except worker-3, because worker-3 has no enp8s0 + - label: kubernetes.io/hostname + value: worker-0 + - label: kubernetes.io/hostname + value: worker-1 + - label: kubernetes.io/hostname + value: worker-2 + - label: node-role.kubernetes.io/master + operand: + tunedConfig: + reapply_sysctl: false + priority: 15 + profile: openshift-no-reapply-sysctl + api_version: tuned.openshift.io/v1 + kind: Tuned + resource_name: openshift-no-reapply-sysctl + namespace: openshift-cluster-node-tuning-operator + state: present + name: nncp-configuration + path: examples/dt/bgp_dt01/control-plane/networking/nncp + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=300s + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - name: networking + path: examples/dt/bgp_dt01/control-plane/networking + wait_conditions: + - >- + oc -n metallb-system wait pod + -l app=metallb -l component=speaker + --for condition=Ready + values: + - name: network-values + src_file: nncp/values.yaml + build_output: networking.yaml + + - name: control-plane + path: examples/dt/bgp_dt01/control-plane + wait_conditions: + - >- + oc -n openstack wait openstackcontrolplane + controlplane + --for condition=Ready + --timeout=30m + values: + - name: network-values + src_file: networking/nncp/values.yaml + - name: service-values + src_file: service-values.yaml + build_output: control-plane.yaml + post_stage_run: + - name: Create BGPConfiguration after controplane is deployed + type: cr + definition: + spec: {} + api_version: network.openstack.org/v1beta1 + kind: BGPConfiguration + resource_name: bgpconfiguration + namespace: openstack + state: present + + - name: edpm-computes-r0-nodeset + path: examples/dt/bgp_dt02/edpm/computes/r0 + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodeset + r0-compute-nodes + --for condition=SetupReady + --timeout=600s + values: + - name: edpm-r0-compute-nodeset-values + src_file: values.yaml + build_output: edpm-r0-compute-nodeset.yaml + + - name: edpm-computes-r1-nodeset + path: examples/dt/bgp_dt02/edpm/computes/r1 + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodeset + r1-compute-nodes + --for condition=SetupReady + --timeout=600s + values: + - name: edpm-r1-compute-nodeset-values + src_file: values.yaml + build_output: edpm-r1-compute-nodeset.yaml + + - name: edpm-computes-r2-nodeset + path: examples/dt/bgp_dt02/edpm/computes/r2 + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodeset + r2-compute-nodes + --for condition=SetupReady + --timeout=600s + values: + - name: edpm-r2-compute-nodeset-values + src_file: values.yaml + build_output: edpm-r2-compute-nodeset.yaml + + - name: edpm-networkers-r0-nodeset + path: examples/dt/bgp_dt02/edpm/networkers/r0 + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodeset + r0-networker-nodes + --for condition=SetupReady + --timeout=600s + values: + - name: edpm-r0-networker-nodeset-values + src_file: values.yaml + build_output: edpm-r0-networker-nodeset.yaml + + - name: edpm-networkers-r1-nodeset + path: examples/dt/bgp_dt02/edpm/networkers/r1 + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodeset + r1-networker-nodes + --for condition=SetupReady + --timeout=600s + values: + - name: edpm-r1-networker-nodeset-values + src_file: values.yaml + build_output: edpm-r1-networker-nodeset.yaml + + - name: edpm-networkers-r2-nodeset + path: examples/dt/bgp_dt02/edpm/networkers/r2 + wait_conditions: + - >- + oc -n openstack wait openstackdataplanenodeset + r2-networker-nodes + --for condition=SetupReady + --timeout=600s + values: + - name: edpm-r2-networker-nodeset-values + src_file: values.yaml + build_output: edpm-r2-networker-nodeset.yaml + + - name: edpm-deployment + path: examples/dt/bgp_dt02/edpm/deployment + wait_conditions: + - >- + oc -n openstack wait openstackdataplanedeployment + edpm-deployment + --for condition=Ready + --timeout=120m + values: + - name: edpm-deployment-values + src_file: values.yaml + build_output: edpm-deployment.yaml + post_stage_run: + - name: Wait until computes are ready + type: playbook + source: "nova_wait_for_compute_service.yml" + extra_vars: + _number_of_computes: 3 + _cell_conductor: nova-cell0-conductor-0 diff --git a/examples/dt/bgp_dt01/control-plane/networking/kustomization.yaml b/examples/dt/bgp_dt01/control-plane/networking/kustomization.yaml index 674458523..59a074f72 100644 --- a/examples/dt/bgp_dt01/control-plane/networking/kustomization.yaml +++ b/examples/dt/bgp_dt01/control-plane/networking/kustomization.yaml @@ -158,6 +158,62 @@ replacements: name: bgp-peer-node-6-0 fieldPaths: - spec.peerAddress + # BGP peer ASN per node + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_3.peer_asn + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-3-0 + fieldPaths: + - spec.peerASN + - select: + kind: BGPPeer + name: bgp-peer-node-3-1 + fieldPaths: + - spec.peerASN + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_4.peer_asn + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-4-0 + fieldPaths: + - spec.peerASN + - select: + kind: BGPPeer + name: bgp-peer-node-4-1 + fieldPaths: + - spec.peerASN + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_5.peer_asn + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-5-0 + fieldPaths: + - spec.peerASN + - select: + kind: BGPPeer + name: bgp-peer-node-5-1 + fieldPaths: + - spec.peerASN + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_6.peer_asn + targets: + - select: + kind: BGPPeer + name: bgp-peer-node-6-0 + fieldPaths: + - spec.peerASN # BGP NetworkAttachmentDefinition customization - source: kind: ConfigMap diff --git a/examples/dt/bgp_dt01/control-plane/networking/nncp/values.yaml b/examples/dt/bgp_dt01/control-plane/networking/nncp/values.yaml index 45992b68e..bee0e51ed 100644 --- a/examples/dt/bgp_dt01/control-plane/networking/nncp/values.yaml +++ b/examples/dt/bgp_dt01/control-plane/networking/nncp/values.yaml @@ -13,6 +13,7 @@ data: internalapi_ip: 172.17.0.5 ctlplane_ip: 192.168.122.10 storage_ip: 172.18.0.5 + peer_asn: 64999 bgp_ip: - 100.64.0.10 - 100.65.0.10 @@ -45,6 +46,7 @@ data: internalapi_ip: 172.17.0.6 ctlplane_ip: 192.168.122.11 storage_ip: 172.18.0.6 + peer_asn: 64999 bgp_ip: - 100.64.1.10 - 100.65.1.10 @@ -77,6 +79,7 @@ data: internalapi_ip: 172.17.0.7 ctlplane_ip: 192.168.122.12 storage_ip: 172.18.0.7 + peer_asn: 64999 bgp_ip: - 100.64.2.10 - 100.65.2.10 @@ -109,6 +112,7 @@ data: internalapi_ip: 172.17.0.8 ctlplane_ip: 192.168.122.13 storage_ip: 172.18.0.8 + peer_asn: 64999 bgp_ip: - 100.64.10.2 bgp_peers: diff --git a/examples/dt/bgp_dt01/edpm/computes/r0/values.yaml b/examples/dt/bgp_dt01/edpm/computes/r0/values.yaml index bca8b8739..60247d520 100644 --- a/examples/dt/bgp_dt01/edpm/computes/r0/values.yaml +++ b/examples/dt/bgp_dt01/edpm/computes/r0/values.yaml @@ -20,6 +20,8 @@ data: ansibleUser: cloud-admin ansiblePort: 22 ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_ovn_bgp_agent_reconcile_interval: 999999 edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" edpm_ovn_bridge_mappings: - "datacentre:br-ex" diff --git a/examples/dt/bgp_dt01/edpm/computes/r1/values.yaml b/examples/dt/bgp_dt01/edpm/computes/r1/values.yaml index 2851e3a89..6eecd1c1b 100644 --- a/examples/dt/bgp_dt01/edpm/computes/r1/values.yaml +++ b/examples/dt/bgp_dt01/edpm/computes/r1/values.yaml @@ -20,6 +20,8 @@ data: ansibleUser: cloud-admin ansiblePort: 22 ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_ovn_bgp_agent_reconcile_interval: 999999 edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" edpm_ovn_bridge_mappings: - "datacentre:br-ex" diff --git a/examples/dt/bgp_dt01/edpm/computes/r2/values.yaml b/examples/dt/bgp_dt01/edpm/computes/r2/values.yaml index 45b9d8bea..14b4968b5 100644 --- a/examples/dt/bgp_dt01/edpm/computes/r2/values.yaml +++ b/examples/dt/bgp_dt01/edpm/computes/r2/values.yaml @@ -20,6 +20,8 @@ data: ansibleUser: cloud-admin ansiblePort: 22 ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_ovn_bgp_agent_reconcile_interval: 999999 edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" edpm_ovn_bridge_mappings: - "datacentre:br-ex" diff --git a/examples/dt/bgp_dt01/edpm/networkers/r0/values.yaml b/examples/dt/bgp_dt01/edpm/networkers/r0/values.yaml index 8e2d8a739..6ea8ef503 100644 --- a/examples/dt/bgp_dt01/edpm/networkers/r0/values.yaml +++ b/examples/dt/bgp_dt01/edpm/networkers/r0/values.yaml @@ -20,6 +20,8 @@ data: ansibleUser: cloud-admin ansiblePort: 22 ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_ovn_bgp_agent_reconcile_interval: 999999 edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" edpm_ovn_bridge_mappings: - "datacentre:br-ex" diff --git a/examples/dt/bgp_dt01/edpm/networkers/r1/values.yaml b/examples/dt/bgp_dt01/edpm/networkers/r1/values.yaml index 76ef19aa9..67cb6d207 100644 --- a/examples/dt/bgp_dt01/edpm/networkers/r1/values.yaml +++ b/examples/dt/bgp_dt01/edpm/networkers/r1/values.yaml @@ -20,6 +20,8 @@ data: ansibleUser: cloud-admin ansiblePort: 22 ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_ovn_bgp_agent_reconcile_interval: 999999 edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" edpm_ovn_bridge_mappings: - "datacentre:br-ex" diff --git a/examples/dt/bgp_dt01/edpm/networkers/r2/values.yaml b/examples/dt/bgp_dt01/edpm/networkers/r2/values.yaml index de4e5dc13..0b9af1130 100644 --- a/examples/dt/bgp_dt01/edpm/networkers/r2/values.yaml +++ b/examples/dt/bgp_dt01/edpm/networkers/r2/values.yaml @@ -20,6 +20,8 @@ data: ansibleUser: cloud-admin ansiblePort: 22 ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_ovn_bgp_agent_reconcile_interval: 999999 edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" edpm_ovn_bridge_mappings: - "datacentre:br-ex" diff --git a/examples/dt/bgp_dt02/edpm/computes/r0 b/examples/dt/bgp_dt02/edpm/computes/r0 new file mode 120000 index 000000000..554adca97 --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/computes/r0 @@ -0,0 +1 @@ +../../../bgp_dt01/edpm/computes/r0 \ No newline at end of file diff --git a/examples/dt/bgp_dt02/edpm/computes/r1/kustomization.yaml b/examples/dt/bgp_dt02/edpm/computes/r1/kustomization.yaml new file mode 100644 index 000000000..5f25be887 --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/computes/r1/kustomization.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../../dt/bgp/edpm/nodeset + ## It's possible to replace ../../../../../../dt/bgp/edpm/nodeset with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml + +patches: + - target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: replace + path: /metadata/name + value: r1-compute-nodes diff --git a/examples/dt/bgp_dt02/edpm/computes/r1/values.yaml b/examples/dt/bgp_dt02/edpm/computes/r1/values.yaml new file mode 100644 index 000000000..02a2ee5b0 --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/computes/r1/values.yaml @@ -0,0 +1,171 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + ssh_keys: + # Authorized keys that will have access to the dataplane computes via SSH + authorized: CHANGEME + # The private key that will have access to the dataplane computes via SSH + private: CHANGEME2 + # The public key that will have access to the dataplane computes via SSH + public: CHANGEME3 + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_frr_bgp_asn: 64899 + edpm_frr_bgp_uplinks_scope: external + edpm_frr_bgp_neighbor_ttl_security_hops: 0 + edpm_ovn_bgp_agent_reconcile_interval: 999999 + edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" + edpm_ovn_bridge_mappings: + - "datacentre:br-ex" + - "octavia:br-octavia" + edpm_ovn_bgp_agent_expose_tenant_networks: true + edpm_frr_bgp_ipv4_src_network: bgpmainnet + edpm_frr_bgp_ipv6_src_network: bgpmainnetv6 + edpm_frr_bgp_neighbor_password: f00barZ + timesync_ntp_servers: + - hostname: pool.ntp.org + # conntrack is necessary for some tobiko tests + edpm_bootstrap_command: | + dnf -y install conntrack-tools + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + edpm-r1-compute-0: + nic2: 6a:fe:54:3f:8a:02 # CHANGEME + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + use_dhcp: false + use_dhcpv6: true # needed to enable IPv6 on bridges + - type: ovs_bridge + name: br-octavia + use_dhcp: false + use_dhcpv6: true # needed to enable IPv6 on bridges + - type: interface + name: nic1 + use_dhcp: true + defroute: false + - type: interface + name: nic2 + use_dhcp: false + defroute: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + - type: interface + name: nic3 + use_dhcp: false + addresses: + - ip_netmask: {{ bgpnet0_ip }}/30 + - type: interface + name: nic4 + use_dhcp: false + addresses: + - ip_netmask: {{ bgpnet1_ip }}/30 + - type: interface + name: lo + addresses: + - ip_netmask: {{ bgpmainnet_ip }}/32 + - ip_netmask: {{ bgpmainnetv6_ip }}/128 + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + edpm_sshd_configure_firewall: true + gather_facts: false + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth1 + networks: + - defaultRoute: true + name: CtlPlane + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet0 + - name: BgpNet1 + subnetName: subnet0 + - name: BgpMainNet + subnetName: subnet0 + - name: BgpMainNetV6 + subnetName: subnet0 + - name: BgpNet0 + subnetName: subnet1 + - name: BgpNet1 + subnetName: subnet1 + - name: BgpMainNet + subnetName: subnet1 + - name: BgpMainNetV6 + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet2 + - name: BgpNet1 + subnetName: subnet2 + - name: BgpMainNet + subnetName: subnet2 + - name: BgpMainNetV6 + subnetName: subnet2 + nodes: + edpm-r1-compute-0: + hostName: edpm-r1-compute-0 + ansible: + ansibleHost: 192.168.123.100 + ansibleVars: + edpm_ovn_bgp_agent_local_ovn_peer_ips: + - 100.64.1.1 + - 100.65.1.1 + edpm_frr_bgp_peers: + - 100.64.1.1 + - 100.65.1.1 + networks: + - defaultRoute: true + fixedIP: 192.168.123.100 + name: CtlPlane + subnetName: subnet1 + - name: Bgpnet0 + subnetName: subnet1 + fixedIP: 100.64.1.2 + - name: Bgpnet1 + subnetName: subnet1 + fixedIP: 100.65.1.2 + - name: Bgpmainnet + subnetName: subnet1 + fixedIP: 99.99.1.2 + - name: BgpmainnetV6 + subnetName: subnet1 + fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0023 + services: + - bootstrap + - download-cache + - install-os + - configure-os + - configure-network + - frr + - validate-network + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - ovn-bgp-agent + - libvirt + - nova + nova: + migration: + ssh_keys: + private: CHANGEME4 + public: CHANGEME5 diff --git a/examples/dt/bgp_dt02/edpm/computes/r2/kustomization.yaml b/examples/dt/bgp_dt02/edpm/computes/r2/kustomization.yaml new file mode 100644 index 000000000..c0d49bb19 --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/computes/r2/kustomization.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../../dt/bgp/edpm/nodeset + ## It's possible to replace ../../../../../../dt/bgp/edpm/nodeset with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml + +patches: + - target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: replace + path: /metadata/name + value: r2-compute-nodes diff --git a/examples/dt/bgp_dt02/edpm/computes/r2/values.yaml b/examples/dt/bgp_dt02/edpm/computes/r2/values.yaml new file mode 100644 index 000000000..6ba05241e --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/computes/r2/values.yaml @@ -0,0 +1,171 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + ssh_keys: + # Authorized keys that will have access to the dataplane computes via SSH + authorized: CHANGEME + # The private key that will have access to the dataplane computes via SSH + private: CHANGEME2 + # The public key that will have access to the dataplane computes via SSH + public: CHANGEME3 + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_frr_bgp_asn: 64899 + edpm_frr_bgp_uplinks_scope: external + edpm_frr_bgp_neighbor_ttl_security_hops: 0 + edpm_ovn_bgp_agent_reconcile_interval: 999999 + edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" + edpm_ovn_bridge_mappings: + - "datacentre:br-ex" + - "octavia:br-octavia" + edpm_ovn_bgp_agent_expose_tenant_networks: true + edpm_frr_bgp_ipv4_src_network: bgpmainnet + edpm_frr_bgp_ipv6_src_network: bgpmainnetv6 + edpm_frr_bgp_neighbor_password: f00barZ + timesync_ntp_servers: + - hostname: pool.ntp.org + # conntrack is necessary for some tobiko tests + edpm_bootstrap_command: | + dnf -y install conntrack-tools + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + edpm-r2-compute-0: + nic2: 6a:fe:54:3f:8a:02 # CHANGEME + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + use_dhcp: false + use_dhcpv6: true # needed to enable IPv6 on bridges + - type: ovs_bridge + name: br-octavia + use_dhcp: false + use_dhcpv6: true # needed to enable IPv6 on bridges + - type: interface + name: nic1 + use_dhcp: true + defroute: false + - type: interface + name: nic2 + use_dhcp: false + defroute: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + - type: interface + name: nic3 + use_dhcp: false + addresses: + - ip_netmask: {{ bgpnet0_ip }}/30 + - type: interface + name: nic4 + use_dhcp: false + addresses: + - ip_netmask: {{ bgpnet1_ip }}/30 + - type: interface + name: lo + addresses: + - ip_netmask: {{ bgpmainnet_ip }}/32 + - ip_netmask: {{ bgpmainnetv6_ip }}/128 + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + edpm_sshd_configure_firewall: true + gather_facts: false + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth1 + networks: + - defaultRoute: true + name: CtlPlane + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet0 + - name: BgpNet1 + subnetName: subnet0 + - name: BgpMainNet + subnetName: subnet0 + - name: BgpMainNetV6 + subnetName: subnet0 + - name: BgpNet0 + subnetName: subnet1 + - name: BgpNet1 + subnetName: subnet1 + - name: BgpMainNet + subnetName: subnet1 + - name: BgpMainNetV6 + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet2 + - name: BgpNet1 + subnetName: subnet2 + - name: BgpMainNet + subnetName: subnet2 + - name: BgpMainNetV6 + subnetName: subnet2 + nodes: + edpm-r2-compute-0: + hostName: edpm-r2-compute-0 + ansible: + ansibleHost: 192.168.124.100 + ansibleVars: + edpm_ovn_bgp_agent_local_ovn_peer_ips: + - 100.64.2.1 + - 100.65.2.1 + edpm_frr_bgp_peers: + - 100.64.2.1 + - 100.65.2.1 + networks: + - defaultRoute: true + fixedIP: 192.168.124.100 + name: CtlPlane + subnetName: subnet1 + - name: Bgpnet0 + subnetName: subnet2 + fixedIP: 100.64.2.2 + - name: Bgpnet1 + subnetName: subnet2 + fixedIP: 100.65.2.2 + - name: Bgpmainnet + subnetName: subnet1 + fixedIP: 99.99.2.2 + - name: BgpmainnetV6 + subnetName: subnet1 + fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0033 + services: + - bootstrap + - download-cache + - install-os + - configure-os + - configure-network + - frr + - validate-network + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - ovn-bgp-agent + - libvirt + - nova + nova: + migration: + ssh_keys: + private: CHANGEME4 + public: CHANGEME5 diff --git a/examples/dt/bgp_dt02/edpm/deployment b/examples/dt/bgp_dt02/edpm/deployment new file mode 120000 index 000000000..4a81688c5 --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/deployment @@ -0,0 +1 @@ +../../bgp_dt01/edpm/deployment \ No newline at end of file diff --git a/examples/dt/bgp_dt02/edpm/networkers/r0 b/examples/dt/bgp_dt02/edpm/networkers/r0 new file mode 120000 index 000000000..584416ccf --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/networkers/r0 @@ -0,0 +1 @@ +../../../bgp_dt01/edpm/networkers/r0 \ No newline at end of file diff --git a/examples/dt/bgp_dt02/edpm/networkers/r1/kustomization.yaml b/examples/dt/bgp_dt02/edpm/networkers/r1/kustomization.yaml new file mode 100644 index 000000000..15d3da509 --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/networkers/r1/kustomization.yaml @@ -0,0 +1,29 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../../dt/bgp/edpm/nodeset + ## It's possible to replace ../../../../../../dt/bgp/edpm/nodeset with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml + +patches: + - target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: replace + path: /metadata/name + value: r1-networker-nodes + + - target: + kind: Secret + name: nova-migration-ssh-key + patch: |- + - op: add + path: /metadata/annotations + value: + config.kubernetes.io/local-config: true diff --git a/examples/dt/bgp_dt02/edpm/networkers/r1/values.yaml b/examples/dt/bgp_dt02/edpm/networkers/r1/values.yaml new file mode 100644 index 000000000..4a5966e2d --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/networkers/r1/values.yaml @@ -0,0 +1,171 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + ssh_keys: + # Authorized keys that will have access to the dataplane computes via SSH + authorized: CHANGEME + # The private key that will have access to the dataplane computes via SSH + private: CHANGEME2 + # The public key that will have access to the dataplane computes via SSH + public: CHANGEME3 + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_frr_bgp_asn: 64899 + edpm_frr_bgp_uplinks_scope: external + edpm_frr_bgp_neighbor_ttl_security_hops: 0 + edpm_ovn_bgp_agent_reconcile_interval: 999999 + edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" + edpm_ovn_bridge_mappings: + - "datacentre:br-ex" + - "octavia:br-octavia" + edpm_ovn_bgp_agent_expose_tenant_networks: true + edpm_frr_bgp_ipv4_src_network: bgpmainnet + edpm_frr_bgp_ipv6_src_network: bgpmainnetv6 + edpm_frr_bgp_neighbor_password: f00barZ + timesync_ntp_servers: + - hostname: pool.ntp.org + # conntrack is necessary for some tobiko tests + edpm_bootstrap_command: | + dnf -y install conntrack-tools + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + edpm-r1-networker-0: + nic2: 6d:fe:54:3f:8a:02 # CHANGEME + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + use_dhcp: false + use_dhcpv6: true # needed to enable IPv6 on bridges + - type: ovs_bridge + name: br-octavia + use_dhcp: false + use_dhcpv6: true # needed to enable IPv6 on bridges + - type: interface + name: nic1 + use_dhcp: true + defroute: false + - type: interface + name: nic2 + use_dhcp: false + defroute: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + - type: interface + name: nic3 + use_dhcp: false + addresses: + - ip_netmask: {{ bgpnet0_ip }}/30 + - type: interface + name: nic4 + use_dhcp: false + addresses: + - ip_netmask: {{ bgpnet1_ip }}/30 + - type: interface + name: lo + addresses: + - ip_netmask: {{ bgpmainnet_ip }}/32 + - ip_netmask: {{ bgpmainnetv6_ip }}/128 + edpm_enable_chassis_gw: true + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + edpm_sshd_configure_firewall: true + gather_facts: false + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth1 + networks: + - defaultRoute: true + name: CtlPlane + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet0 + - name: BgpNet1 + subnetName: subnet0 + - name: BgpMainNet + subnetName: subnet0 + - name: BgpMainNetV6 + subnetName: subnet0 + - name: BgpNet0 + subnetName: subnet1 + - name: BgpNet1 + subnetName: subnet1 + - name: BgpMainNet + subnetName: subnet1 + - name: BgpMainNetV6 + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet2 + - name: BgpNet1 + subnetName: subnet2 + - name: BgpMainNet + subnetName: subnet2 + - name: BgpMainNetV6 + subnetName: subnet2 + nodes: + edpm-r1-networker-0: + hostName: edpm-r1-networker-0 + ansible: + ansibleHost: 192.168.123.200 + ansibleVars: + edpm_ovn_bgp_agent_local_ovn_peer_ips: + - 100.64.1.5 + - 100.65.1.5 + edpm_frr_bgp_peers: + - 100.64.1.5 + - 100.65.1.5 + networks: + - defaultRoute: true + fixedIP: 192.168.123.200 + name: CtlPlane + subnetName: subnet1 + - name: Bgpnet0 + subnetName: subnet1 + fixedIP: 100.64.1.6 + - name: Bgpnet1 + subnetName: subnet1 + fixedIP: 100.65.1.6 + - name: Bgpmainnet + subnetName: subnet1 + fixedIP: 99.99.1.3 + - name: BgpmainnetV6 + subnetName: subnet1 + fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0023 + services: + - bootstrap + - download-cache + - install-os + - configure-os + - configure-network + - frr + - validate-network + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - ovn-bgp-agent + nova: + migration: + ssh_keys: + private: CHANGEME4 + public: CHANGEME5 diff --git a/examples/dt/bgp_dt02/edpm/networkers/r2/kustomization.yaml b/examples/dt/bgp_dt02/edpm/networkers/r2/kustomization.yaml new file mode 100644 index 000000000..afa56e577 --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/networkers/r2/kustomization.yaml @@ -0,0 +1,29 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../../dt/bgp/edpm/nodeset + ## It's possible to replace ../../../../../../dt/bgp/edpm/nodeset with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml + +patches: + - target: + kind: OpenStackDataPlaneNodeSet + name: .* + patch: |- + - op: replace + path: /metadata/name + value: r2-networker-nodes + + - target: + kind: Secret + name: nova-migration-ssh-key + patch: |- + - op: add + path: /metadata/annotations + value: + config.kubernetes.io/local-config: true diff --git a/examples/dt/bgp_dt02/edpm/networkers/r2/values.yaml b/examples/dt/bgp_dt02/edpm/networkers/r2/values.yaml new file mode 100644 index 000000000..a6c49f53c --- /dev/null +++ b/examples/dt/bgp_dt02/edpm/networkers/r2/values.yaml @@ -0,0 +1,171 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + ssh_keys: + # Authorized keys that will have access to the dataplane computes via SSH + authorized: CHANGEME + # The private key that will have access to the dataplane computes via SSH + private: CHANGEME2 + # The public key that will have access to the dataplane computes via SSH + public: CHANGEME3 + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + edpm_nodes_validation_check_for_fqdn: false + edpm_frr_bgp_asn: 64899 + edpm_frr_bgp_uplinks_scope: external + edpm_frr_bgp_neighbor_ttl_security_hops: 0 + edpm_ovn_bgp_agent_reconcile_interval: 999999 + edpm_ovn_encap_ip: "{{ bgpmainnet_ip }}" + edpm_ovn_bridge_mappings: + - "datacentre:br-ex" + - "octavia:br-octavia" + edpm_ovn_bgp_agent_expose_tenant_networks: true + edpm_frr_bgp_ipv4_src_network: bgpmainnet + edpm_frr_bgp_ipv6_src_network: bgpmainnetv6 + edpm_frr_bgp_neighbor_password: f00barZ + timesync_ntp_servers: + - hostname: pool.ntp.org + # conntrack is necessary for some tobiko tests + edpm_bootstrap_command: | + dnf -y install conntrack-tools + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + edpm-r2-networker-0: + nic2: 6d:fe:54:3f:8a:02 # CHANGEME + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + use_dhcp: false + use_dhcpv6: true # needed to enable IPv6 on bridges + - type: ovs_bridge + name: br-octavia + use_dhcp: false + use_dhcpv6: true # needed to enable IPv6 on bridges + - type: interface + name: nic1 + use_dhcp: true + defroute: false + - type: interface + name: nic2 + use_dhcp: false + defroute: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + - type: interface + name: nic3 + use_dhcp: false + addresses: + - ip_netmask: {{ bgpnet0_ip }}/30 + - type: interface + name: nic4 + use_dhcp: false + addresses: + - ip_netmask: {{ bgpnet1_ip }}/30 + - type: interface + name: lo + addresses: + - ip_netmask: {{ bgpmainnet_ip }}/32 + - ip_netmask: {{ bgpmainnetv6_ip }}/128 + edpm_enable_chassis_gw: true + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + edpm_sshd_configure_firewall: true + gather_facts: false + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth1 + networks: + - defaultRoute: true + name: CtlPlane + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet0 + - name: BgpNet1 + subnetName: subnet0 + - name: BgpMainNet + subnetName: subnet0 + - name: BgpMainNetV6 + subnetName: subnet0 + - name: BgpNet0 + subnetName: subnet1 + - name: BgpNet1 + subnetName: subnet1 + - name: BgpMainNet + subnetName: subnet1 + - name: BgpMainNetV6 + subnetName: subnet1 + - name: BgpNet0 + subnetName: subnet2 + - name: BgpNet1 + subnetName: subnet2 + - name: BgpMainNet + subnetName: subnet2 + - name: BgpMainNetV6 + subnetName: subnet2 + nodes: + edpm-r2-networker-0: + hostName: edpm-r2-networker-0 + ansible: + ansibleHost: 192.168.124.200 + ansibleVars: + edpm_ovn_bgp_agent_local_ovn_peer_ips: + - 100.64.2.5 + - 100.65.2.5 + edpm_frr_bgp_peers: + - 100.64.2.5 + - 100.65.2.5 + networks: + - defaultRoute: true + fixedIP: 192.168.124.200 + name: CtlPlane + subnetName: subnet1 + - name: Bgpnet0 + subnetName: subnet1 + fixedIP: 100.64.2.6 + - name: Bgpnet1 + subnetName: subnet1 + fixedIP: 100.65.2.6 + - name: Bgpmainnet + subnetName: subnet1 + fixedIP: 99.99.2.3 + - name: BgpmainnetV6 + subnetName: subnet1 + fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0033 + services: + - bootstrap + - download-cache + - install-os + - configure-os + - configure-network + - frr + - validate-network + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - ovn-bgp-agent + nova: + migration: + ssh_keys: + private: CHANGEME4 + public: CHANGEME5