From a6f957e0643898db3d728c534108922a6f51e572 Mon Sep 17 00:00:00 2001 From: afazekas Date: Wed, 3 Apr 2024 17:45:00 +0200 Subject: [PATCH] uni06zeta initial version This is based on other peding changes referenced below. ATM heavly miss using the validations for arbitrary command call, which expected to move elsewhere in the future or solved in another way. It can produce a passing minimal CI job ATM. Line-length warning limit extended some config lines are really long, and less readable when wrapped. https://github.com/openstack-k8s-operators/architecture/pull/73/files#diff-2b848ad66a53ba3c4f0a6111d518dcf85c4995f7299ee657c76c1a95a0058ebe https://github.com/openstack-k8s-operators/architecture/pull/45/commits/184193a7c2c91c6a9a39cd8043c9ad1591ee8432 https://github.com/openstack-k8s-operators/architecture/pull/83 --- .yamllint.yml | 2 +- automation/vars/uni06zeta.yaml | 74 ++++++ dt/uni06zeta/README.md | 11 + dt/uni06zeta/edpm/kustomization.yaml | 20 ++ dt/uni06zeta/kustomization.yaml | 155 +++++++++++++ dt/uni06zeta/namespace.yaml | 12 + examples/dt/uni06zeta/.gitignore | 1 + examples/dt/uni06zeta/README.md | 102 +++++++++ examples/dt/uni06zeta/control-plane.md | 55 +++++ .../dt/uni06zeta/control-plane/.gitignore | 1 + .../control-plane/kustomization.yaml | 10 + .../uni06zeta/control-plane/nncp/.gitignore | 1 + .../control-plane/nncp/kustomization.yaml | 23 ++ .../uni06zeta/control-plane/nncp/values.yaml | 212 ++++++++++++++++++ .../control-plane/service-values.yaml | 124 ++++++++++ examples/dt/uni06zeta/data-plane.md | 62 +++++ examples/dt/uni06zeta/kustomization.yaml | 9 + examples/dt/uni06zeta/values.yaml | 135 +++++++++++ 18 files changed, 1008 insertions(+), 1 deletion(-) create mode 100644 automation/vars/uni06zeta.yaml create mode 100644 dt/uni06zeta/README.md create mode 100644 dt/uni06zeta/edpm/kustomization.yaml create mode 100644 dt/uni06zeta/kustomization.yaml create mode 100644 dt/uni06zeta/namespace.yaml create mode 100644 examples/dt/uni06zeta/.gitignore create mode 100644 examples/dt/uni06zeta/README.md create mode 100644 examples/dt/uni06zeta/control-plane.md create mode 100644 examples/dt/uni06zeta/control-plane/.gitignore create mode 100644 examples/dt/uni06zeta/control-plane/kustomization.yaml create mode 100644 examples/dt/uni06zeta/control-plane/nncp/.gitignore create mode 100644 examples/dt/uni06zeta/control-plane/nncp/kustomization.yaml create mode 100644 examples/dt/uni06zeta/control-plane/nncp/values.yaml create mode 100644 examples/dt/uni06zeta/control-plane/service-values.yaml create mode 100644 examples/dt/uni06zeta/data-plane.md create mode 100644 examples/dt/uni06zeta/kustomization.yaml create mode 100644 examples/dt/uni06zeta/values.yaml diff --git a/.yamllint.yml b/.yamllint.yml index e1b420d68..6e869be18 100644 --- a/.yamllint.yml +++ b/.yamllint.yml @@ -5,5 +5,5 @@ ignore: rules: line-length: - max: 100 + max: 256 level: warning diff --git a/automation/vars/uni06zeta.yaml b/automation/vars/uni06zeta.yaml new file mode 100644 index 000000000..447fc6700 --- /dev/null +++ b/automation/vars/uni06zeta.yaml @@ -0,0 +1,74 @@ +--- +vas: + uni06zeta: + stages: + - path: examples/dt/uni06zeta/control-plane/nncp + validations: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=60s + + - >- + oc label node master-0 openstack.org/cinder-lvm='' + + - >- + ssh hypervisor sudo ip link add link osp_trunk name vlan218 type vlan id 218 + + - >- + ssh hypervisor sudo ip addr add 172.38.0.1/24 dev vlan218 + + - >- + ssh hypervisor sudo ip link set dev vlan218 up + + - >- + ssh hypervisor sudo iptables -A POSTROUTING -s 172.38.0.0/24 ! -d 172.38.0.0/24 -j MASQUERADE -t nat + + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - path: examples/dt/uni06zeta/control-plane + validations: + - >- + oc -n openstack wait openstackcontrolplane + controlplane + --for condition=Ready + --timeout=600s + + - >- + oc rsh -n openstack openstackclient openstack container create + volumebackups + + - >- + oc rsh -n openstack openstackclient openstack credential create + --type ec2 --project admin admin + '{"access": "401e5f2c73eb45d3b0256dc8dbe65cf5", + "secret": "6032b0bbcced409d955568be27382c44"}' + + - >- + mkdir -p /home/zuul/src/github.com/openstack-k8s-operators/ci-framework/roles/ci_gen_kustomize_values/templates/common/edpm-values + + - >- + cp /home/zuul/src/github.com/openstack-k8s-operators/ci-framework/roles/ci_gen_kustomize_values/templates/hci/edpm-values/values.yaml.j2 + /home/zuul/src/github.com/openstack-k8s-operators/ci-framework/roles/ci_gen_kustomize_values/templates/common/edpm-values/ + + values: + - name: network-values + - name: service-values + src_file: service-values.yaml + build_output: control-plane.yaml + + - path: examples/dt/uni06zeta + validations: + - >- + oc -n openstack wait openstackdataplanedeployment + edpm-deployment + --for condition=Ready + --timeout=1200s + values: + - name: edpm-values + src_file: values.yaml + build_output: edpm.yaml diff --git a/dt/uni06zeta/README.md b/dt/uni06zeta/README.md new file mode 100644 index 000000000..86f5fca33 --- /dev/null +++ b/dt/uni06zeta/README.md @@ -0,0 +1,11 @@ +# Deployed Topology - Zeta + +If you are looking for information on how to deploy the zeta based DT, then +please the [README](../../examples/dt/uni06zeta/README.md) in the examples +directory. + +This directory `dt/uni06zeta/`, exists so that the +[kustomization.yaml](../../examples/dt/uni06zeta/kustomization.yaml) in +the examples directory of uni06zeta topology, reference it by path as a +component. It's contents are likely uninteresting unless you want to understand +how kustomize was implemented in this repository. diff --git a/dt/uni06zeta/edpm/kustomization.yaml b/dt/uni06zeta/edpm/kustomization.yaml new file mode 100644 index 000000000..e48fb83e8 --- /dev/null +++ b/dt/uni06zeta/edpm/kustomization.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../lib/dataplane diff --git a/dt/uni06zeta/kustomization.yaml b/dt/uni06zeta/kustomization.yaml new file mode 100644 index 000000000..44eb663a0 --- /dev/null +++ b/dt/uni06zeta/kustomization.yaml @@ -0,0 +1,155 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../lib/networking + - ../../lib/control-plane + +replacements: + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-nvme-tcp.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-nvme-tcp.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-nvme-tcp.nodeSelector.openstack\.org/cinder-lvm + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-nvme-tcp.nodeSelector.openstack\.org/cinder-lvm + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderVolumes.lvm-nvme-tcp.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderVolumes.lvm-nvme-tcp.customServiceConfig + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderBackup.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderBackup.customServiceConfig + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.cinderBackup.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.cinder.template.cinderBackup.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.default.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.glanceAPIs.default.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.customServiceConfig + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.default.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.glanceAPIs.default.replicas + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.swift.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.swift.enabled + options: + create: true + + # TODO: octavia + - source: + kind: ConfigMap + name: service-values + fieldPath: data.ovn.ovnController.availability-zones + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.ovn.template.ovnController.external-ids.availability-zones + options: + create: true + + - source: + kind: ConfigMap + name: service-values + fieldPath: data.neutron.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.neutron.template.customServiceConfig + options: + create: true diff --git a/dt/uni06zeta/namespace.yaml b/dt/uni06zeta/namespace.yaml new file mode 100644 index 000000000..60a6e8c42 --- /dev/null +++ b/dt/uni06zeta/namespace.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: builtin +kind: NamespaceTransformer +metadata: + name: _ignored_ + namespace: openstack +setRoleBindingSubjects: none +unsetOnly: true +fieldSpecs: + - path: metadata/name + kind: Namespace + create: true diff --git a/examples/dt/uni06zeta/.gitignore b/examples/dt/uni06zeta/.gitignore new file mode 100644 index 000000000..1ae5f072d --- /dev/null +++ b/examples/dt/uni06zeta/.gitignore @@ -0,0 +1 @@ +data-plane.yaml diff --git a/examples/dt/uni06zeta/README.md b/examples/dt/uni06zeta/README.md new file mode 100644 index 000000000..4f2367809 --- /dev/null +++ b/examples/dt/uni06zeta/README.md @@ -0,0 +1,102 @@ +# Deployed Topology - Zeta + +This document contains a list of integration test suites that would be +executed against the below specified topology of Red Hat OpenStack Services +on OpenShift. It also contains a collection of custom resources (CRs) for +deploying the test environment. + +## Purpose + +Focused on components with a bit of heterogenous configuration (please see below). + +## Environment + +### Nodes + + +## Node topology +| Node role | bm/vm | amount | +| ------------------------------------------------ | ----- | ------ | +| Openshift master/worker combo-node cluster | vm | 3 | +| Compute nodes | vm | 2 | +| HCI Ceph (TBD, see below) | vm | - | + +### Networks + +| Name | Type | Interface | +| ---- | ---- | --------- | +| Provisioning | untagged | nic1 | +| Machine | untagged | nic2 | +| RH OSP | trunk | nic3 | + +#### Networks in RH OSP + +| Name | Type | +| ---- | ---- | +| ctlplane | untagged | +| internalapi | VLAN tagged | +| Storage | VLAN tagged | +| Tenant | VLAN tagged | + +### Services, enabled features and configurations + +| Service | configuration | Lock-in coverage? | +| ---------------- | ------------------------- | ------------------ | +| Cinder | nvemof-tcp / lvm | Must have | +| Cinder Backup | Swift/S3/zstd | Must have | +| Glance | Swift | Must have | +| Swift | (default) | Must have | +| Octavia | (ovn) | Must have | +| Horizon | N/A | Must have | +| Barbican | (default) | Must have | +| Neutron | OVN/no-dvr/provider_vlans | Must have | + +#### Support services + +The following table lists services which are not the main focus of the testing +(which may be covered by additional scenarios), but are required for the DT to +work properly and can be deployed with any/default configuration. + +| Service | Reason | +| ---------------- |--------------------------- | +| Barbican | needed by other services | +| Neutron | needed by other services | +| Nova | needed by scenario testing | +| Swift | needed by scenario testing | +| Keystone | needed by all services | + +### Additional configuration + +- Always-on, default services and features: TLSe +- Logical volume with the name cinder-volumes exists on a OpenShift node. +- The S3 backend for cinder-backup requires a valid S3 implementation, which could be provided by HCI Ceph services or by Swift, if Swift can be deployed first. +cinder-backup expected to compress the backups. + +#### Cinder backend - LVM + +It is assumed that worker nodes or the master nodes have extra disks(or loopack device) +and there exists a logical volume group with the name *cinder-volumes*. If not, a +for example a `MachineConfig` can be used to create one. + +The LVM backend for Cinder is a special case as the storage data is on the +OpenShift node and has no external storage systems. The target ips are not managed by +the operators, recommended to create dedicated label for each target serving node +and configure the storage ips of each cinder-volume instance with LVM backend. + + +## Testing tree + +| Test framework | When to run | Special configuration | +| ---------------- | -------------------- | ----------------------| +| relevant volume tests | tempest stage | | +| relevant image tests | tempest stage | | +| relevant object-storage tests | tempest stage | | +| relevant networking tests | tempest stage | full CentOS/RHEL image | +| horizon integration | own stage (post-tempest)| | + + +## Workflow + +1. [Install the OpenStack K8S operators and their dependencies](../../common/README.md) +2. [Configure and deploy the OpenStack control plane](control-plane.md) +3. [Configure and deploy the OpenStack data plane](data-plane.md) diff --git a/examples/dt/uni06zeta/control-plane.md b/examples/dt/uni06zeta/control-plane.md new file mode 100644 index 000000000..1d365c3a1 --- /dev/null +++ b/examples/dt/uni06zeta/control-plane.md @@ -0,0 +1,55 @@ +# Configuring networking and deploy the OpenStack control plane + +## Assumptions + +- A storage class called `local-storage` should already exist. + +## Initialize + +Switch to the "openstack" namespace + +```bash +oc project openstack +``` + +Change to the uni06zeta directory + +```bash +cd architecture/examples/dt/uni06zeta +``` + +Edit [service-values.yaml](service-values.yaml) and +[nncp/values.yaml](nncp/values.yaml). + +Apply node network configuration + +```bash +pushd control-plane/nncp +kustomize build > nncp.yaml +oc apply -f nncp.yaml +oc wait nncp \ + -l osp/nncm-config-type=standard \ + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured \ + --timeout=300s +popd +``` + +Generate the control-plane and networking CRs. + +```bash +pushd control-plane +kustomize build > control-plane.yaml +``` + +## Create CRs + +```bash +oc apply -f control-plane.yaml +popd +``` + +Wait for control plane to be available + +```bash +oc wait osctlplane controlplane --for condition=Ready --timeout=600s +``` diff --git a/examples/dt/uni06zeta/control-plane/.gitignore b/examples/dt/uni06zeta/control-plane/.gitignore new file mode 100644 index 000000000..3df8f53be --- /dev/null +++ b/examples/dt/uni06zeta/control-plane/.gitignore @@ -0,0 +1 @@ +control-plane.yaml diff --git a/examples/dt/uni06zeta/control-plane/kustomization.yaml b/examples/dt/uni06zeta/control-plane/kustomization.yaml new file mode 100644 index 000000000..2a5f8f8e7 --- /dev/null +++ b/examples/dt/uni06zeta/control-plane/kustomization.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../dt/uni06zeta + +resources: + - nncp/values.yaml + - service-values.yaml diff --git a/examples/dt/uni06zeta/control-plane/nncp/.gitignore b/examples/dt/uni06zeta/control-plane/nncp/.gitignore new file mode 100644 index 000000000..51ed8a956 --- /dev/null +++ b/examples/dt/uni06zeta/control-plane/nncp/.gitignore @@ -0,0 +1 @@ +nncp.yaml diff --git a/examples/dt/uni06zeta/control-plane/nncp/kustomization.yaml b/examples/dt/uni06zeta/control-plane/nncp/kustomization.yaml new file mode 100644 index 000000000..0b92b40fb --- /dev/null +++ b/examples/dt/uni06zeta/control-plane/nncp/kustomization.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../lib/nncp + +resources: + - values.yaml diff --git a/examples/dt/uni06zeta/control-plane/nncp/values.yaml b/examples/dt/uni06zeta/control-plane/nncp/values.yaml new file mode 100644 index 000000000..e2dc85ac1 --- /dev/null +++ b/examples/dt/uni06zeta/control-plane/nncp/values.yaml @@ -0,0 +1,212 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: network-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + openstack-operator-image: "quay.io/openstack-k8s-operators/openstack-operator-index:latest" + + node_0: + name: master-0 + internalapi_ip: 172.17.0.5 + tenant_ip: 172.19.0.5 + ctlplane_ip: 192.168.122.10 + storage_ip: 172.18.0.5 + node_1: + name: master-1 + internalapi_ip: 172.17.0.6 + tenant_ip: 172.19.0.6 + ctlplane_ip: 192.168.122.11 + storage_ip: 172.18.0.6 + node_2: + name: master-2 + internalapi_ip: 172.17.0.7 + tenant_ip: 172.19.0.7 + ctlplane_ip: 192.168.122.12 + storage_ip: 172.18.0.7 + + ctlplane: + dnsDomain: ctlplane.example.com + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.200 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + prefix-length: 24 + iface: enp6s0 + mtu: 9000 + lb_addresses: + - 192.168.122.80-192.168.122.90 + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70" + } + } + internalapi: + dnsDomain: internalapi.example.com + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + mtu: 1500 + prefix-length: 24 + iface: internalapi + vlan: 20 + base_iface: enp6s0 + lb_addresses: + - 172.17.0.80-172.17.0.90 + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70" + } + } + storage: + dnsDomain: storage.example.com + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + mtu: 9000 + prefix-length: 24 + iface: storage + vlan: 21 + base_iface: enp6s0 + lb_addresses: + - 172.18.0.80-172.18.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70" + } + } + storagemgmt: + dnsDomain: storagemgmt.example.com + subnets: + - allocationRanges: + - end: 172.20.0.250 + start: 172.20.0.100 + cidr: 172.20.0.0/24 + name: subnet1 + vlan: 23 + mtu: 9000 + + tenant: + dnsDomain: tenant.example.com + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + mtu: 1500 + prefix-length: 24 + iface: tenant + vlan: 22 + base_iface: enp6s0 + lb_addresses: + - 172.19.0.80-172.19.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70" + } + } + external: + dnsDomain: external.example.com + subnets: + - allocationRanges: + - end: 10.0.0.250 + start: 10.0.0.100 + cidr: 10.0.0.0/24 + gateway: 10.0.0.1 + name: subnet1 + mtu: 1500 + datacentre: + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } + dns-resolver: + config: + server: + - 192.168.122.1 + search: [] + options: + - key: server + values: + - 192.168.122.1 + + routes: + config: + - destination: 192.168.122.0/24 + next-hop-address: 192.168.122.1 + next-hop-interface: ospbr + + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + + lbServiceType: LoadBalancer + storageClass: host-nfs-storageclass + bridgeName: ospbr diff --git a/examples/dt/uni06zeta/control-plane/service-values.yaml b/examples/dt/uni06zeta/control-plane/service-values.yaml new file mode 100644 index 000000000..be5ec4070 --- /dev/null +++ b/examples/dt/uni06zeta/control-plane/service-values.yaml @@ -0,0 +1,124 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: service-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + cinderVolumes: + lvm-nvme-tcp: + replicas: 1 + nodeSelector: + openstack.org/cinder-lvm: "" + customServiceConfig: | + [lvm] + volume_backend_name=lvm_nvme_tcp + volume_driver=cinder.volume.drivers.lvm.LVMVolumeDriver + target_helper=nvmet + target_protocol=nvmet_tcp + target_port=4420 + target_prefix=nvme-subsystem-1 + nvmeof_conn_info_version=2 + target_ip_address=172.18.0.5 + target_secondary_ip_addresses = 172.19.0.5 + + cinderBackup: + customServiceConfig: | + [DEFAULT] + backup_driver = cinder.backup.drivers.swift.SwiftBackupDriver + backup_compression_algorithm = zstd + backup_s3_endpoint_url = https://swift-public-openstack.apps.ocp.openstack.lab/ + backup_s3_store_access_key = 401e5f2c73eb45d3b0256dc8dbe65cf5 + backup_s3_store_secret_key = 6032b0bbcced409d955568be27382c44 + backup_s3_store_bucket = volumebackups + backup_driver = cinder.backup.drivers.s3.S3BackupDriver + replicas: 1 + + glance: + customServiceConfig: | + [DEFAULT] + enabled_backends = default_backend:swift + + [glance_store] + default_backend = default_backend + + [default_backend] + swift_store_create_container_on_put = True + swift_store_auth_version = 3 + swift_store_auth_address = {{ .KeystoneInternalURL }} + swift_store_endpoint_type = internalURL + swift_store_user = service:glance + swift_store_key = {{ .ServicePassword }} + default: + replicas: 1 + + swift: + enabled: true + + octavia: + enabled: true + + ovn: + ovnController: + availability-zones: + - zone-1 + + neutron: + customServiceConfig: | + [DEFAULT] + dns_domain = openstackgate.local + vlan_transparent = true + service_plugins = ovn-router,qos,segments,trunk,port_forwarding + dhcp_agent_notification = false + agent_down_time = 600 + router_distributed = false + enable_dvr = false + router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler + allow_automatic_l3agent_failover = true + l3_ha = False + max_l3_agents_per_router = 3 + debug = true + log_dir = /var/log/neutron + control_exchange = neutron + [agent] + report_interval = 300 + [database] + max_retries = -1 + db_max_retries = -1 + [keystone_authtoken] + region_name = regionOne + memcache_use_advanced_pool = True + auth_type = password + [nova] + region_name = regionOne + endpoint_type = internal + [oslo_messaging_notifications] + driver = noop + [oslo_middleware] + enable_proxy_headers_parsing = true + [oslo_policy] + policy_file = /etc/neutron/policy.yaml + [placement] + region_name = regionOne + [ovs] + igmp_snooping_enable = true + [ovn] + ovn_emit_need_to_frag = true + enable_distributed_floating_ip = false + [ml2] + type_drivers = geneve,vlan + tenant_network_types = geneve,vlan + extension_drivers = qos,port_security,dns_domain_ports + [ml2_type_geneve] + vni_ranges = 1:65536 + max_header_size = 38 + [ml2_type_vlan] + network_vlan_ranges = tenant:1000:2000,datacentre:218:218 + + nova: + customServiceConfig: | + [filter_scheduler] + enabled_filters = AggregateInstanceExtraSpecsFilter, AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,DifferentHostFilter,SameHostFilter,AllHostsFilter,ServerGroupAffinityFilter,ServerGroupAntiAffinityFilter diff --git a/examples/dt/uni06zeta/data-plane.md b/examples/dt/uni06zeta/data-plane.md new file mode 100644 index 000000000..b86ff7aa9 --- /dev/null +++ b/examples/dt/uni06zeta/data-plane.md @@ -0,0 +1,62 @@ +# Deploying the OpenStack dataplane + +## Assumptions + +- The [control plane](control-plane.md) has been successfully deployed. + +## Initialize + +Switch to the "openstack" namespace + +```bash +oc project openstack +``` + +Change to the alpha's directory + +```bash +cd architecture/examples/dt/uni06zeta +``` + +Modify the [values.yaml](values.yaml) with the following information + +- SSH keys to be used for accessing the deployed compute nodes. +- SSH keys to be use for Nova migration. + +> All values must be in base64 encoded format. + +### Compute access + +1. Set `data['authorized']` with the value of all OpenStack Compute host SSH + keys. +2. Set `data['private']` with the contents of the SSH private key to be used + for accessing the dataplane compute nodes. +3. Set `data['public']` with the contents of the SSH public key used for + accessing the dataplane compute nodes. + +### Nova migration + +1. Set `data['nova']['migration']['ssh_keys']['private']` with the content of + the SSH private key to be used for potential future migration. +2. Set `data['nova']['migration']['ssh_keys']['public']` with the content of + the SSH public key to be used for potential future migration. + +## CRs + +Generate the dataplane CRs. + +```bash +kustomize build > data-plane.yaml +``` + +## Create CRs + +```bash +oc apply -f data-plane.yaml +``` + +Wait for dataplane deployment to finish + +```bash +oc wait osdpd edpm-deployment --for condition=Ready --timeout=1200s +``` diff --git a/examples/dt/uni06zeta/kustomization.yaml b/examples/dt/uni06zeta/kustomization.yaml new file mode 100644 index 000000000..cf7e1b1ed --- /dev/null +++ b/examples/dt/uni06zeta/kustomization.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../dt/uni06zeta/edpm + +resources: + - values.yaml diff --git a/examples/dt/uni06zeta/values.yaml b/examples/dt/uni06zeta/values.yaml new file mode 100644 index 000000000..035d7c6aa --- /dev/null +++ b/examples/dt/uni06zeta/values.yaml @@ -0,0 +1,135 @@ +--- +apiVersion: v1 +kind: ConfigMap + +metadata: + name: edpm-values + annotations: + config.kubernetes.io/local-config: "true" + +data: + ssh_keys: + authorized: _replaced_ + private: _replaced_ + public: _replaced_ + + nova: + migration: + ssh_keys: + private: _replaced_ + public: _replaced_ + + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + service_net_map: + nova_api_network: internalapi + nova_libvirt_network: internalapi + timesync_ntp_servers: + - hostname: clock.redhat.com + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + mtu: {{ min_viable_mtu }} + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: {{ ctlplane_host_routes }} + members: + - type: interface + name: nic2 + mtu: {{ min_viable_mtu }} + primary: true + {% for network in nodeset_networks %} + - type: vlan + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endfor %} + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth0 + + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + + edpm_selinux_mode: enforcing + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + + enable_debug: false + gather_facts: false + + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + + nodes: + edpm-compute-0: + ansible: + ansibleHost: 192.168.122.100 + hostName: edpm-compute-0 + networks: + - defaultRoute: true + fixedIP: 192.168.122.100 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + + edpm-compute-1: + ansible: + ansibleHost: 192.168.122.101 + hostName: edpm-compute-1 + networks: + - defaultRoute: true + fixedIP: 192.168.122.101 + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + + services: + - bootstrap + - download-cache + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - ovn + - neutron-metadata + - libvirt + - nova