From 0d7750297472ebc854d2d2fdfba1bd31ca6436cb Mon Sep 17 00:00:00 2001 From: Eduardo Olivares Date: Wed, 13 Dec 2023 18:47:52 +0100 Subject: [PATCH] BGP DTs Includes examples/dt/bgp/common/control-plane/nncp/ Configuration 1 (kernel-routing-nbdb-driver): - BGP - Ceph and Networker nodes - DVR - expose-tenant-networks disabled - default sync-interval - kernel routing - NBDB driver - FRR: interface-level BGP peers - FRR: different ASN per rack - Tempest (neutron+octavia) + Tobiko (scenario+sanity+faults) Configuration 2 (ovn-routing-nbdb-driver): - BGP - Networker nodes - DVR - expose-tenant-networks enabled - sync-interval configured with high value - OVN routing - NBDB driver - FRR: IP-level BGP peers - FRR: different ASN per rack - Tempest (neutron+octavia) + Tobiko (scenario+sanity+faults) Configuration 3 (ovn-routing-nbdb-driver-nondvr): - BGP - Networker nodes - DVR disabled - expose-tenant-networks enabled - default sync-interval - OVN routing - NBDB driver - FRR: IP-level BGP peers - FRR: different ASN per rack - Tempest (neutron+octavia) + Tobiko (scenario+sanity+faults) Configuration 4 (kernel-routing-sbdb-driver-ipv6): - BGP - Networker nodes - IPv6 single-stack controlplane - DVR - expose-tenant-networks disabled - default sync-interval - kernel routing - SBDB driver - FRR: IP-level BGP peers - FRR: different ASN per rack - Tempest (neutron+octavia) + Tobiko (scenario+sanity+faults) --- automation/vars/default.yaml | 14 + .../control-plane/nncp/kustomization.yaml | 24 + .../bgp/common/control-plane/nncp/values.yaml | 236 +++++++ .../dt/bgp/common/lib/nncp/kustomization.yaml | 624 ++++++++++++++++++ .../common/lib/nncp/ocp_node_template.yaml | 134 ++++ .../bgp/common/lib/nncp/ocp_nodes_nncp.yaml | 21 + .../bgp/kernel-routing-nbdb-driver/README.md | 57 ++ .../kernel-routing-sbdb-driver-ipv6/README.md | 57 ++ .../ovn-routing-nbdb-driver-nondvr/README.md | 55 ++ .../dt/bgp/ovn-routing-nbdb-driver/README.md | 55 ++ 10 files changed, 1277 insertions(+) create mode 100644 examples/dt/bgp/common/control-plane/nncp/kustomization.yaml create mode 100644 examples/dt/bgp/common/control-plane/nncp/values.yaml create mode 100644 examples/dt/bgp/common/lib/nncp/kustomization.yaml create mode 100644 examples/dt/bgp/common/lib/nncp/ocp_node_template.yaml create mode 100644 examples/dt/bgp/common/lib/nncp/ocp_nodes_nncp.yaml create mode 100644 examples/dt/bgp/kernel-routing-nbdb-driver/README.md create mode 100644 examples/dt/bgp/kernel-routing-sbdb-driver-ipv6/README.md create mode 100644 examples/dt/bgp/ovn-routing-nbdb-driver-nondvr/README.md create mode 100644 examples/dt/bgp/ovn-routing-nbdb-driver/README.md diff --git a/automation/vars/default.yaml b/automation/vars/default.yaml index 254c7ced9..424964b5f 100644 --- a/automation/vars/default.yaml +++ b/automation/vars/default.yaml @@ -160,3 +160,17 @@ vas: - name: edpm-values src_file: values.yaml build_output: dataplane.yaml + + bgp: + stages: + - path: examples/dt/bgp/common/control-plane/nncp + validations: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=60s + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml diff --git a/examples/dt/bgp/common/control-plane/nncp/kustomization.yaml b/examples/dt/bgp/common/control-plane/nncp/kustomization.yaml new file mode 100644 index 000000000..4378b3f4b --- /dev/null +++ b/examples/dt/bgp/common/control-plane/nncp/kustomization.yaml @@ -0,0 +1,24 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: +# Set namespace to OpenStack on all namespaced objects without a namespace +- |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../lib/nncp + +resources: + - values.yaml + diff --git a/examples/dt/bgp/common/control-plane/nncp/values.yaml b/examples/dt/bgp/common/control-plane/nncp/values.yaml new file mode 100644 index 000000000..2ffabf778 --- /dev/null +++ b/examples/dt/bgp/common/control-plane/nncp/values.yaml @@ -0,0 +1,236 @@ +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: ConfigMap +metadata: + name: network-values + annotations: + config.kubernetes.io/local-config: "true" +data: + # nodes + node_0: + name: master-0 + internalapi_ip: 172.17.0.5 + tenant_ip: 172.19.0.5 + ctlplane_ip: 192.168.122.10 + storage_ip: 172.18.0.5 + bgp_ip: + - 100.64.4.2 + - 100.65.4.2 + loopback_ip: 172.30.4.2 + loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:42 + node_1: + name: master-1 + internalapi_ip: 172.17.0.6 + tenant_ip: 172.19.0.6 + ctlplane_ip: 192.168.122.11 + storage_ip: 172.18.0.6 + bgp_ip: + - 100.64.4.6 + - 100.65.4.6 + loopback_ip: 172.30.4.3 + loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:43 + node_2: + name: master-2 + internalapi_ip: 172.17.0.7 + tenant_ip: 172.19.0.7 + ctlplane_ip: 192.168.122.12 + storage_ip: 172.18.0.7 + bgp_ip: + - 100.64.4.10 + - 100.65.4.10 + loopback_ip: 172.30.4.4 + loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:44 + + # networks + ctlplane: + dnsDomain: ctlplane.example.com + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.200 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + prefix-length: 24 + iface: enp8s0 + mtu: 9000 + lb_addresses: + - 192.168.122.80-192.168.122.90 + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70" + } + } + internalapi: + dnsDomain: internalapi.example.com + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + mtu: 1500 + prefix-length: 24 + iface: internalapi + vlan: 20 + base_iface: enp8s0 + lb_addresses: + - 172.17.0.80-172.17.0.90 + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70" + } + } + storage: + dnsDomain: storage.example.com + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + mtu: 9000 + prefix-length: 24 + iface: storage + vlan: 21 + base_iface: enp8s0 + lb_addresses: + - 172.18.0.80-172.18.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70" + } + } + storagemgmt: # used on RHEL, not used on OpenShift + dnsDomain: storagemgmt.example.com + subnets: + - allocationRanges: + - end: 172.20.0.250 + start: 172.20.0.100 + cidr: 172.20.0.0/24 + name: subnet1 + vlan: 23 + mtu: 9000 + tenant: + dnsDomain: tenant.example.com + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + mtu: 1500 + prefix-length: 24 + iface: tenant + vlan: 22 + base_iface: enp8s0 + lb_addresses: + - 172.19.0.80-172.19.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70" + } + } + external: + dnsDomain: external.example.com + subnets: + - allocationRanges: + - end: 10.0.0.250 + start: 10.0.0.100 + cidr: 10.0.0.0/24 + gateway: 10.0.0.1 + name: subnet1 + mtu: 1500 + + bgp: + prefix-length: 30 + ifaces: + - enp6s0 + - enp7s0 + loopback: + prefix-length: 32 + prefix-length-ipv6: 128 + iface: lo + datacentre: + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } + + dns-resolver: + config: + server: + - 192.168.122.1 + search: [] + options: + - key: server + values: + - 192.168.122.1 + + routes: + config: + - destination: 0.0.0.0/0 + next-hop-address: 192.168.122.1 + next-hop-interface: enp8s0 + + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + + lbServiceType: LoadBalancer + storageClass: local-storage + bridgeName: ospbr diff --git a/examples/dt/bgp/common/lib/nncp/kustomization.yaml b/examples/dt/bgp/common/lib/nncp/kustomization.yaml new file mode 100644 index 000000000..163ed7066 --- /dev/null +++ b/examples/dt/bgp/common/lib/nncp/kustomization.yaml @@ -0,0 +1,624 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: +- ocp_nodes_nncp.yaml + +patches: +- target: + kind: NodeNetworkConfigurationPolicy + labelSelector: "osp/nncm-config-type=standard" + path: ocp_node_template.yaml + +replacements: +# BGP node0 IPs +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.bgp_ip.0 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.5.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.bgp_ip.1 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.6.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.loopback_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.7.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.loopback_ipv6 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.7.ipv6.address.0.ip +# BGP node1 IPs +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.bgp_ip.0 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.5.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.bgp_ip.1 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.6.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.loopback_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.7.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.loopback_ipv6 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.7.ipv6.address.0.ip +# BGP node2 IPs +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.bgp_ip.0 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.5.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.bgp_ip.1 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.6.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.loopback_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.7.ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.loopback_ipv6 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.7.ipv6.address.0.ip + +# Common network interfaces and vlans +- source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.base_iface + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].vlan.base-iface +- source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.vlan + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].vlan.id +- source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.mtu + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].mtu +- source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.base_iface + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].vlan.base-iface +- source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.vlan + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].vlan.id +- source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.mtu + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].mtu +- source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.base_iface + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=storage].vlan.base-iface +- source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.vlan + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=storage].vlan.id +- source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.mtu + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[name=storage].mtu +# ctlplane type is ethernet (not vlan) +- source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.iface + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.3.name + - spec.desiredState.interfaces.[type=linux-bridge].bridge.port.0.name +- source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.mtu + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.3.mtu + - spec.desiredState.interfaces.[type=linux-bridge].mtu + +# Static Node IPs: node-0 +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.internalapi_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.tenant_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.ctlplane_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.storage_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.[name=storage].ipv4.address.0.ip + +# Static Node IPs: node-1 +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.internalapi_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.tenant_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.ctlplane_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.storage_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.[name=storage].ipv4.address.0.ip + +# Static Node IPs: node-2 +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.internalapi_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.tenant_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.ctlplane_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.ip +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.storage_ip + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.[name=storage].ipv4.address.0.ip + +# prefix-length: node-0 +- source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - spec.desiredState.interfaces.[name=storage].ipv4.address.0.prefix-length + +# prefix-length: node-1 +- source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - spec.desiredState.interfaces.[name=storage].ipv4.address.0.prefix-length + +# prefix-length: node-2 +- source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.internalapi.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.tenant.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.storage.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - spec.desiredState.interfaces.[name=storage].ipv4.address.0.prefix-length + +# Node names +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.name + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - metadata.name + - spec.nodeSelector.[kubernetes.io/hostname] +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.name + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - metadata.name + - spec.nodeSelector.[kubernetes.io/hostname] +- source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.name + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - metadata.name + - spec.nodeSelector.[kubernetes.io/hostname] + +# DNS +- source: + kind: ConfigMap + name: network-values + fieldPath: data.dns-resolver.config + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.dns-resolver.config + +# Routes +- source: + kind: ConfigMap + name: network-values + fieldPath: data.routes.config.0.destination + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.routes.config.0.destination +- source: + kind: ConfigMap + name: network-values + fieldPath: data.routes.config.0.next-hop-address + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.routes.config.0.next-hop-address +- source: + kind: ConfigMap + name: network-values + fieldPath: data.bridgeName + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.routes.config.0.next-hop-interface + - spec.desiredState.interfaces.[type=linux-bridge].name +# BGP values +- source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.ifaces.0 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.5.name +- source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.ifaces.1 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.6.name +- source: + kind: ConfigMap + name: network-values + fieldPath: data.loopback.iface + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.7.name +- source: + kind: ConfigMap + name: network-values + fieldPath: data.bgp.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.5.ipv4.address.0.prefix-length + - spec.desiredState.interfaces.6.ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.loopback.prefix-length + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.7.ipv4.address.0.prefix-length +- source: + kind: ConfigMap + name: network-values + fieldPath: data.loopback.prefix-length-ipv6 + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.7.ipv6.address.0.prefix-length diff --git a/examples/dt/bgp/common/lib/nncp/ocp_node_template.yaml b/examples/dt/bgp/common/lib/nncp/ocp_node_template.yaml new file mode 100644 index 000000000..01e355d92 --- /dev/null +++ b/examples/dt/bgp/common/lib/nncp/ocp_node_template.yaml @@ -0,0 +1,134 @@ +apiVersion: nmstate.io/v1 +kind: NodeNetworkConfigurationPolicy +metadata: + name: _ignored_ +spec: + desiredState: + dns-resolver: + config: + search: [] + server: [] + routes: + config: + - destination: _replaced_ + next-hop-address: _replaced_ + next-hop-interface: _replaced_ + interfaces: + - description: internalapi vlan interface + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + enabled: false + name: internalapi + state: up + type: vlan + vlan: + base-iface: _replaced_ + id: _replaced_ + mtu: 1500 + - description: storage vlan interface + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + enabled: false + name: storage + state: up + type: vlan + vlan: + base-iface: _replaced_ + id: _replaced_ + mtu: 1500 + - description: tenant vlan interface + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + enabled: false + name: tenant + state: up + type: vlan + vlan: + base-iface: _replaced_ + id: _replaced_ + mtu: 1500 + - description: ctlplane interface + name: _replaced_ + state: up + type: ethernet + mtu: 1500 + - description: linux-bridge over ctlplane interface + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + enabled: false + name: _replaced_ + state: up + type: linux-bridge + bridge: + options: + stp: + enabled: false + port: + - name: _replaced_ + vlan: {} + mtu: 1500 + - description: BGP interface 1 + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + enabled: false + mtu: 1500 + name: _replaced_ + state: up + type: ethernet + - description: BGP interface 2 + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + enabled: false + mtu: 1500 + name: _replaced_ + state: up + type: ethernet + - description: loopback interface + ipv4: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + ipv6: + address: + - ip: _replaced_ + prefix-length: _replaced_ + enabled: true + dhcp: false + name: _replaced_ + mtu: 65536 + state: up + nodeSelector: + kubernetes.io/hostname: _replaced_ + node-role.kubernetes.io/worker: "" diff --git a/examples/dt/bgp/common/lib/nncp/ocp_nodes_nncp.yaml b/examples/dt/bgp/common/lib/nncp/ocp_nodes_nncp.yaml new file mode 100644 index 000000000..1fd174705 --- /dev/null +++ b/examples/dt/bgp/common/lib/nncp/ocp_nodes_nncp.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: nmstate.io/v1 +kind: NodeNetworkConfigurationPolicy +metadata: + name: node-0 + labels: + osp/nncm-config-type: standard +--- +apiVersion: nmstate.io/v1 +kind: NodeNetworkConfigurationPolicy +metadata: + name: node-1 + labels: + osp/nncm-config-type: standard +--- +apiVersion: nmstate.io/v1 +kind: NodeNetworkConfigurationPolicy +metadata: + name: node-2 + labels: + osp/nncm-config-type: standard diff --git a/examples/dt/bgp/kernel-routing-nbdb-driver/README.md b/examples/dt/bgp/kernel-routing-nbdb-driver/README.md new file mode 100644 index 000000000..5d3608820 --- /dev/null +++ b/examples/dt/bgp/kernel-routing-nbdb-driver/README.md @@ -0,0 +1,57 @@ +# RHOSO Deployed Topology - BGP using kernel routing and OVN NB DB driver + +## General information +| Revision | Change | Date | +|--------: | :-------------------- | :--------------: | +| v0.1 | Initial publication | 2024-01-12 | + +## Node topology +| Node role | bm/vm | amount | +| --------------------------------------------- | ----- | ------ | +| Openshift master/worker combo-node cluster | vm | 3 | +| Compute nodes | vm | 3 | +| Networker nodes | vm | 3 | +| Ceph nodes | vm | 3 | +| Leaf routers | vm | 6 | +| Spine routers | vm | 2 | +| External routers | vm | 1 | +| External VMs | vm | 1 | + +## Services, enabled features and configurations +| Service | configuration | Lock-in coverage? | +| ------------------------------------------- | ---------------------------------------------------------------------------------------- | ------------------ | +| Neutron | ML2/OVN, DVR | Must have | +| Octavia | | Must have | +| OVN-BGP-Agent | kernel-routing, nbdb-driver expose-tenant-networks disabled, sync-interval default value | Must have | +| FRR | different ASN per rack, interface-level BGP peers | Must have | + +## Considerations/Constraints +1. Virtual networks should be created to connect the VMs between them. +2. All the VMs that are neither Openstack nor Openshift nodes need to be + properly configured in order to support the BGP protocol. +3. The spine/leaf topology separates the overcloud nodes into different L2 + network segments, called racks. Each rack includes one compute, one + networker, one ceph and two leafs. +4. A separate provisioning network is necessary to install Openstack on those + nodes. +5. Once Openstack is installed on them, controlplane and dataplane connectivity + between them and with external machines (extvm) is achieved using the BGP + protocol. +6. Tests are executed from the extvm machine, in order to verify external + connectivity. + +## Testing tree +| Test framework | Stage to run | Special configuration | Test case to report | +| ------------------------ | ------------ | --------------------------------------------------------------------- | :----------------------: | +| Tempest/neutron+octavia | stage 6 | skips due to usupported features (multicast, FIP port-forwarding, etc)| scenario | +| Tobiko/Faults | stage 7 | | sanity, scenario, faults | + +## Stages +All stages must be executed in the order listed below. Everything is required unless otherwise indicated. +1. [Pre-deployment: create virtual networks, virtual routers and nodes](bgp-pre-deplyment.md) +2. [Install the OpenStack K8S operators and their dependencies](../../common/) +3. [Configure networking and deploy the Openstack control plane](bgp-control-plane.md) +4. [Configure and deploy the initial data plane to prepare for Ceph installation](bgp-pre-data-plane) +5. [Update the control plane and finish deploying the data plane after Ceph has been installed](bgp-post-data-plane) +6. [Execute non destructive testing](bgp-tempest.md) +7. [Execute HA testing](bgp-tobiko.md) diff --git a/examples/dt/bgp/kernel-routing-sbdb-driver-ipv6/README.md b/examples/dt/bgp/kernel-routing-sbdb-driver-ipv6/README.md new file mode 100644 index 000000000..b00c5c784 --- /dev/null +++ b/examples/dt/bgp/kernel-routing-sbdb-driver-ipv6/README.md @@ -0,0 +1,57 @@ +# RHOSO Deployed Topology - BGP using kernel routing and OVN SB DB driver and IPv6 single-stack control plane + +## General information +| Revision | Change | Date | +|--------: | :-------------------- | :--------------: | +| v0.1 | Initial publication | 2024-01-12 | + +## Node topology +| Node role | bm/vm | amount | +| --------------------------------------------- | ----- | ------ | +| Openshift master/worker combo-node cluster | vm | 3 | +| Compute nodes | vm | 3 | +| Networker nodes | vm | 3 | +| Leaf routers | vm | 6 | +| Spine routers | vm | 2 | +| External routers | vm | 1 | +| External VMs | vm | 1 | + +## Services, enabled features and configurations +| Service | configuration | Lock-in coverage? | +| ------------------------------------------- | ---------------------------------------------------------------------------------------- | ------------------ | +| Neutron | ML2/OVN, DVR | Must have | +| Octavia | | Must have | +| OVN-BGP-Agent | kernel-routing, sbdb-driver expose-tenant-networks disabled, sync-interval default value | Must have | +| FRR | different ASN per rack, IP-level BGP peers | Must have | + +## Considerations/Constraints +1. Virtual networks should be created to connect the VMs between them. +2. All the VMs that are neither Openstack nor Openshift nodes need to be + properly configured in order to support the BGP protocol. +3. The spine/leaf topology separates the overcloud nodes into different L2 + network segments, called racks. Each rack includes one compute, one + networker, one ceph and two leafs. +4. A separate provisioning network is necessary to install Openstack on those + nodes. +5. All the controlplane interfaces should be configured with IPv6 single-stack +5. Once Openstack is installed on the nodes, controlplane and dataplane + connectivity between them and with external machines (extvm) is achieved + using the BGP protocol. +6. Tests are executed from the extvm machine, in order to verify external + connectivity. + +## Testing tree +| Test framework | Stage to run | Special configuration | Test case to report | +| ------------------------ | ------------ | --------------------------------------------------------------------- | :----------------------: | +| Tempest/neutron+octavia | stage 6 | skips due to usupported features (multicast, FIP port-forwarding, etc)| scenario | +| Tobiko/Faults | stage 7 | | sanity, scenario, faults | + +## Stages +All stages must be executed in the order listed below. Everything is required unless otherwise indicated. +1. [Pre-deployment: create virtual networks, virtual routers and nodes](bgp-pre-deplyment.md) +2. [Install the OpenStack K8S operators and their dependencies](../../common/) +3. [Configure networking and deploy the Openstack control plane](bgp-control-plane-ipv6.md) +4. [Configure and deploy the initial data plane to prepare for Ceph installation](bgp-pre-data-plane) +5. [Update the control plane and finish deploying the data plane after Ceph has been installed](bgp-post-data-plane) +6. [Execute non destructive testing](bgp-tempest.md) +7. [Execute HA testing](bgp-tobiko.md) diff --git a/examples/dt/bgp/ovn-routing-nbdb-driver-nondvr/README.md b/examples/dt/bgp/ovn-routing-nbdb-driver-nondvr/README.md new file mode 100644 index 000000000..c9221bb61 --- /dev/null +++ b/examples/dt/bgp/ovn-routing-nbdb-driver-nondvr/README.md @@ -0,0 +1,55 @@ +# RHOSO Deployed Topology - BGP using OVN routing and OVN NB DB driver + +## General information +| Revision | Change | Date | +|--------: | :-------------------- | :--------------: | +| v0.1 | Initial publication | 2024-01-12 | + +## Node topology +| Node role | bm/vm | amount | +| --------------------------------------------- | ----- | ------ | +| Openshift master/worker combo-node cluster | vm | 3 | +| Compute nodes | vm | 3 | +| Networker nodes | vm | 3 | +| Leaf routers | vm | 6 | +| Spine routers | vm | 2 | +| External routers | vm | 1 | +| External VMs | vm | 1 | + +## Services, enabled features and configurations +| Service | configuration | Lock-in coverage? | +| ------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------------ | +| Neutron | ML2/OVN, DVR disabled | Must have | +| Octavia | | Must have | +| OVN-BGP-Agent | ovn-routing, nbdb-driver expose-tenant-networks enabled, sync-interval default value | Must have | +| FRR | different ASN per rack, IP-level BGP peers | Must have | + +## Considerations/Constraints +1. Virtual networks should be created to connect the VMs between them. +2. All the VMs that are neither Openstack nor Openshift nodes need to be + properly configured in order to support the BGP protocol. +3. The spine/leaf topology separates the overcloud nodes into different L2 + network segments, called racks. Each rack includes one compute, one + networker and two leafs. +4. A separate provisioning network is necessary to install Openstack on those + nodes. +5. Once Openstack is installed on them, controlplane and dataplane connectivity + between them and with external machines (extvm) is achieved using the BGP + protocol. +6. Tests are executed from the extvm machine, in order to verify external + connectivity. + +## Testing tree +| Test framework | Stage to run | Special configuration | Test case to report | +| ------------------------ | ------------ | --------------------------------------------------------------------- | :----------------------: | +| Tempest/neutron+octavia | stage 5 | skips due to usupported features (multicast, FIP port-forwarding, etc)| scenario | +| Tobiko/Faults | stage 6 | | sanity, scenario, faults | + +## Stages +All stages must be executed in the order listed below. Everything is required unless otherwise indicated. +1. [Pre-deployment: create virtual networks, virtual routers and nodes](bgp-pre-deplyment.md) +2. [Install the OpenStack K8S operators and their dependencies](../../common/) +3. [Configure networking and deploy the Openstack control plane](bgp-control-plane.md) +4. [Configure and deploy the data plane](bgp-data-plane) +5. [Execute non destructive testing](bgp-tempest.md) +6. [Execute HA testing](bgp-tobiko.md) diff --git a/examples/dt/bgp/ovn-routing-nbdb-driver/README.md b/examples/dt/bgp/ovn-routing-nbdb-driver/README.md new file mode 100644 index 000000000..30172d1de --- /dev/null +++ b/examples/dt/bgp/ovn-routing-nbdb-driver/README.md @@ -0,0 +1,55 @@ +# RHOSO Deployed Topology - BGP using OVN routing and OVN NB DB driver + +## General information +| Revision | Change | Date | +|--------: | :-------------------- | :--------------: | +| v0.1 | Initial publication | 2024-01-12 | + +## Node topology +| Node role | bm/vm | amount | +| --------------------------------------------- | ----- | ------ | +| Openshift master/worker combo-node cluster | vm | 3 | +| Compute nodes | vm | 3 | +| Networker nodes | vm | 3 | +| Leaf routers | vm | 6 | +| Spine routers | vm | 2 | +| External routers | vm | 1 | +| External VMs | vm | 1 | + +## Services, enabled features and configurations +| Service | configuration | Lock-in coverage? | +| ------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------------------ | +| Neutron | ML2/OVN, DVR | Must have | +| Octavia | | Must have | +| OVN-BGP-Agent | ovn-routing, nbdb-driver expose-tenant-networks enabled, sync-interval set to a high value | Must have | +| FRR | different ASN per rack, IP-level BGP peers | Must have | + +## Considerations/Constraints +1. Virtual networks should be created to connect the VMs between them. +2. All the VMs that are neither Openstack nor Openshift nodes need to be + properly configured in order to support the BGP protocol. +3. The spine/leaf topology separates the overcloud nodes into different L2 + network segments, called racks. Each rack includes one compute, one + networker and two leafs. +4. A separate provisioning network is necessary to install Openstack on those + nodes. +5. Once Openstack is installed on them, controlplane and dataplane connectivity + between them and with external machines (extvm) is achieved using the BGP + protocol. +6. Tests are executed from the extvm machine, in order to verify external + connectivity. + +## Testing tree +| Test framework | Stage to run | Special configuration | Test case to report | +| ------------------------ | ------------ | --------------------------------------------------------------------- | :----------------------: | +| Tempest/neutron+octavia | stage 5 | skips due to usupported features (multicast, FIP port-forwarding, etc)| scenario | +| Tobiko/Faults | stage 6 | | sanity, scenario, faults | + +## Stages +All stages must be executed in the order listed below. Everything is required unless otherwise indicated. +1. [Pre-deployment: create virtual networks, virtual routers and nodes](bgp-pre-deplyment.md) +2. [Install the OpenStack K8S operators and their dependencies](../../common/) +3. [Configure networking and deploy the Openstack control plane](bgp-control-plane.md) +4. [Configure and deploy the data plane](bgp-data-plane) +5. [Execute non destructive testing](bgp-tempest.md) +6. [Execute HA testing](bgp-tobiko.md)