From a7e6c6688aee70d20f139a133810f0a258cf6c27 Mon Sep 17 00:00:00 2001 From: jgilaber Date: Tue, 1 Oct 2024 16:08:26 +0200 Subject: [PATCH] [POC] Add an adoption VA to setup networking Create an adoption VA the will be used to install the operators, and setup nncp and netconfig. The idea is that this VA will be shared between all the different adoption uni-jobs. --- automation/vars/adoption.yaml | 27 ++ examples/va/adoption/.gitignore | 4 + examples/va/adoption/README.md | 39 +++ examples/va/adoption/control-plane/.gitignore | 1 + .../adoption/control-plane/kustomization.yaml | 12 + .../va/adoption/control-plane/nncp/.gitignore | 1 + .../control-plane/nncp/kustomization.yaml | 24 ++ .../adoption/control-plane/nncp/values.yaml | 195 +++++++++++ examples/va/adoption/networking.yaml | 322 ++++++++++++++++++ va/adoption/README.md | 11 + va/adoption/kustomization.yaml | 75 ++++ va/adoption/namespace.yaml | 12 + .../networking/metallb/kustomization.yaml | 36 ++ .../metallb/metallb_l2advertisement.yaml | 11 + .../networking/metallb/ocp_ip_pools.yaml | 8 + va/adoption/networking/nad/kustomization.yaml | 35 ++ .../nad/ocp_networks_netattach.yaml | 8 + .../networking/netconfig/kustomization.yaml | 36 ++ va/adoption/nncp/kustomization.yaml | 21 ++ 19 files changed, 878 insertions(+) create mode 100644 automation/vars/adoption.yaml create mode 100644 examples/va/adoption/.gitignore create mode 100644 examples/va/adoption/README.md create mode 100644 examples/va/adoption/control-plane/.gitignore create mode 100644 examples/va/adoption/control-plane/kustomization.yaml create mode 100644 examples/va/adoption/control-plane/nncp/.gitignore create mode 100644 examples/va/adoption/control-plane/nncp/kustomization.yaml create mode 100644 examples/va/adoption/control-plane/nncp/values.yaml create mode 100644 examples/va/adoption/networking.yaml create mode 100644 va/adoption/README.md create mode 100644 va/adoption/kustomization.yaml create mode 100644 va/adoption/namespace.yaml create mode 100644 va/adoption/networking/metallb/kustomization.yaml create mode 100644 va/adoption/networking/metallb/metallb_l2advertisement.yaml create mode 100644 va/adoption/networking/metallb/ocp_ip_pools.yaml create mode 100644 va/adoption/networking/nad/kustomization.yaml create mode 100644 va/adoption/networking/nad/ocp_networks_netattach.yaml create mode 100644 va/adoption/networking/netconfig/kustomization.yaml create mode 100644 va/adoption/nncp/kustomization.yaml diff --git a/automation/vars/adoption.yaml b/automation/vars/adoption.yaml new file mode 100644 index 000000000..11188ad17 --- /dev/null +++ b/automation/vars/adoption.yaml @@ -0,0 +1,27 @@ +--- +vas: + adoption: + stages: + - path: examples/va/adoption/control-plane/nncp + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=5m + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - path: examples/va/adoption/control-plane + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=5m + values: + - name: network-values + src_file: nncp/values.yaml + build_output: ../networking.yaml diff --git a/examples/va/adoption/.gitignore b/examples/va/adoption/.gitignore new file mode 100644 index 000000000..205810519 --- /dev/null +++ b/examples/va/adoption/.gitignore @@ -0,0 +1,4 @@ +nncp.yaml +control-plane.yaml +dataplane-pre-ceph.yaml +dataplane-post-ceph.yaml diff --git a/examples/va/adoption/README.md b/examples/va/adoption/README.md new file mode 100644 index 000000000..98b65c0aa --- /dev/null +++ b/examples/va/adoption/README.md @@ -0,0 +1,39 @@ +# Hyperconverged OpenStack and Ceph + +**Based on OpenStack K8S operators from the "main" branch of the [OpenStack Operator repo](https://github.com/openstack-k8s-operators/openstack-operator/commit/aa63bf3931f74722dd48af8a0914233b2b384330) on Dec 19th, 2023** + +This is a collection of CR templates that represent a validated Red Hat OpenStack Services on OpenShift deployment that has the following characteristics: + +- 3 master/worker combo-node OpenShift cluster +- 3-replica Galera database +- RabbitMQ +- OVN networking +- Network isolation over a single NIC +- 3 compute nodes +- CephHCI installed on compute nodes and used by various OSP services + - Cinder Volume using RBD for backend + - Cinder Backup using RBD for backend + - Glance using RBD for backend + - Nova using RBD for ephemeral storage + - Manila using CephFS for backend + +## Considerations + +1. These CRs are validated for the overall functionality of the OSP cloud deployed, but they nonetheless require customization for the particular environment in which they are utilized. In this sense they are _templates_ meant to be consumed and tweaked to fit the specific constraints of the hardware available. + +2. The CRs are applied against an OpenShift cluster in _stages_. That is, there is an ordering in which each grouping of CRs is fed to the cluster. It is _not_ a case of simply taking all CRs from all stages and applying them all at once. + +3. In stages 1 and 2 [kustomize](https://kustomize.io/) is used to genereate the control plane CRs dynamically. The `control-plane/nncp/values.yaml` file(s) must be updated to fit your environment. kustomize version 5 or newer required. + +4. In stages 3 and 4 [kustomize](https://kustomize.io/) is used to generate the dataplane CRs dynamically. The `edpm-pre-ceph/values.yaml`, `values.yaml` and `service-values.yaml` files must be updated to fit your environment. kustomize version 5 or newer required. + +5. Between stages 3 and 4, _it is assumed that the user installs Ceph on the 3 OSP compute nodes._ OpenStack K8S CRDs do not provide a way to install Ceph via any sort of combination of CRs. + +## Stages + +All stages must be executed in the order listed below. Everything is required unless otherwise indicated. + +1. [Install the OpenStack K8S operators and their dependencies](../../common/) +2. [Configuring networking and deploy the OpenStack control plane](control-plane.md) +3. [Configure and deploy the initial data plane to prepare for Ceph installation](dataplane-pre-ceph.md) +4. [Update the control plane and finish deploying the data plane after Ceph has been installed](dataplane-post-ceph.md) diff --git a/examples/va/adoption/control-plane/.gitignore b/examples/va/adoption/control-plane/.gitignore new file mode 100644 index 000000000..3df8f53be --- /dev/null +++ b/examples/va/adoption/control-plane/.gitignore @@ -0,0 +1 @@ +control-plane.yaml diff --git a/examples/va/adoption/control-plane/kustomization.yaml b/examples/va/adoption/control-plane/kustomization.yaml new file mode 100644 index 000000000..9dd0575ec --- /dev/null +++ b/examples/va/adoption/control-plane/kustomization.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../va/adoption/ + # - https://github.com/openstack-k8s-operators/architecture/va/hci?ref=main + ## It's possible to replace ../../../../va/hci/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - nncp/values.yaml diff --git a/examples/va/adoption/control-plane/nncp/.gitignore b/examples/va/adoption/control-plane/nncp/.gitignore new file mode 100644 index 000000000..51ed8a956 --- /dev/null +++ b/examples/va/adoption/control-plane/nncp/.gitignore @@ -0,0 +1 @@ +nncp.yaml diff --git a/examples/va/adoption/control-plane/nncp/kustomization.yaml b/examples/va/adoption/control-plane/nncp/kustomization.yaml new file mode 100644 index 000000000..626b73ed3 --- /dev/null +++ b/examples/va/adoption/control-plane/nncp/kustomization.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../va/adoption/nncp + +resources: + - values.yaml diff --git a/examples/va/adoption/control-plane/nncp/values.yaml b/examples/va/adoption/control-plane/nncp/values.yaml new file mode 100644 index 000000000..75e2e8f3d --- /dev/null +++ b/examples/va/adoption/control-plane/nncp/values.yaml @@ -0,0 +1,195 @@ +apiVersion: v1 +data: + bridgeName: ospbr + ctlplane: + dnsDomain: ctlplane.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + iface: enp7s0 + lb_addresses: + - 192.168.122.80-192.168.122.90 + mtu: 1500 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"ctlplane\",\n + \ \"type\": \"macvlan\",\n \"master\": \"ospbr\",\n \"ipam\": {\n \"type\": + \"whereabouts\",\n \"range\": \"192.168.122.0/24\",\n \"range_start\": + \"192.168.122.30\",\n \"range_end\": \"192.168.122.70\"\n }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.170 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + datacentre: + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"datacentre\",\n + \ \"type\": \"bridge\",\n \"bridge\": \"ospbr\",\n \"ipam\": {}\n}\n" + dns-resolver: + config: + search: [] + server: + - 192.168.122.1 + options: + - key: server + values: + - 192.168.122.1 + external: + dnsDomain: external.example.com + mtu: 1496 + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.21.0.250 + start: 172.21.0.100 + cidr: 172.21.0.0/24 + name: subnet1 + vlan: 44 + vlan: 44 + internalapi: + base_iface: enp7s0 + dnsDomain: internalapi.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + iface: internalapi + lb_addresses: + - 172.17.0.80-172.17.0.90 + mtu: 1496 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"internalapi\",\n + \ \"type\": \"macvlan\",\n \"master\": \"internalapi\",\n \"ipam\": + {\n \"type\": \"whereabouts\",\n \"range\": \"172.17.0.0/24\",\n + \ \"range_start\": \"172.17.0.30\",\n \"range_end\": \"172.17.0.70\"\n + \ }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + vlan: 20 + lbServiceType: LoadBalancer + node_0: + ctlplane_ip: 192.168.122.10 + internalapi_ip: 172.17.0.10 + name: master-0 + storage_ip: 172.18.0.10 + tenant_ip: 172.19.0.10 + node_1: + ctlplane_ip: 192.168.122.11 + internalapi_ip: 172.17.0.11 + name: master-1 + storage_ip: 172.18.0.11 + tenant_ip: 172.19.0.11 + node_2: + ctlplane_ip: 192.168.122.12 + internalapi_ip: 172.17.0.12 + name: master-2 + storage_ip: 172.18.0.12 + tenant_ip: 172.19.0.12 + ocpbm: + dnsDomain: ocpbm.example.com + mtu: 1500 + prefix-length: 24 + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + routes: + config: [] + storage: + base_iface: enp7s0 + dnsDomain: storage.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: storage + metallb.universe.tf/allow-shared-ip: storage + metallb.universe.tf/loadBalancerIPs: 172.18.0.80 + iface: storage + lb_addresses: + - 172.18.0.80-172.18.0.90 + mtu: 1496 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"storage\",\n + \ \"type\": \"macvlan\",\n \"master\": \"storage\",\n \"ipam\": {\n + \ \"type\": \"whereabouts\",\n \"range\": \"172.18.0.0/24\",\n \"range_start\": + \"172.18.0.30\",\n \"range_end\": \"172.18.0.70\"\n }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + vlan: 21 + storageClass: lvms-local-storage + storagemgmt: + dnsDomain: storagemgmt.example.com + mtu: 1500 + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.20.0.250 + start: 172.20.0.100 + cidr: 172.20.0.0/24 + name: subnet1 + vlan: 23 + vlan: 23 + swift: + base_iface: enp6s0 + dnsDomain: swift.example.com + iface: swift + lb_addresses: + - 172.22.0.80-172.22.0.90 + mtu: 1500 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"swift\",\n + \ \"type\": \"macvlan\",\n \"master\": \"swift\",\n \"ipam\": {\n \"type\": + \"whereabouts\",\n \"range\": \"172.22.0.0/24\",\n \"range_start\": + \"172.22.0.30\",\n \"range_end\": \"172.22.0.70\"\n }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.22.0.250 + start: 172.22.0.100 + cidr: 172.22.0.0/24 + name: subnet1 + vlan: 25 + vlan: 25 + tenant: + base_iface: enp7s0 + dnsDomain: tenant.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: tenant + metallb.universe.tf/allow-shared-ip: tenant + metallb.universe.tf/loadBalancerIPs: 172.19.0.80 + iface: tenant + lb_addresses: + - 172.19.0.80-172.19.0.90 + mtu: 1496 + net-attach-def: "{\n \"cniVersion\": \"0.3.1\",\n \"name\": \"tenant\",\n + \ \"type\": \"macvlan\",\n \"master\": \"tenant\",\n \"ipam\": {\n \"type\": + \"whereabouts\",\n \"range\": \"172.19.0.0/24\",\n \"range_start\": + \"172.19.0.30\",\n \"range_end\": \"172.19.0.70\"\n }\n}\n" + prefix-length: 24 + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + vlan: 22 +kind: ConfigMap +metadata: + annotations: + config.kubernetes.io/local-config: 'true' + name: network-values diff --git a/examples/va/adoption/networking.yaml b/examples/va/adoption/networking.yaml new file mode 100644 index 000000000..d79d041b9 --- /dev/null +++ b/examples/va/adoption/networking.yaml @@ -0,0 +1,322 @@ +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: ctlplane + osp/net-attach-def-type: standard + name: ctlplane + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70" + } + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: datacentre + osp/net-attach-def-type: standard + name: datacentre + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: internalapi + osp/net-attach-def-type: standard + name: internalapi + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70" + } + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: storage + osp/net-attach-def-type: standard + name: storage + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70" + } + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: swift + osp/net-attach-def-type: standard + name: swift + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "swift", + "type": "macvlan", + "master": "swift", + "ipam": { + "type": "whereabouts", + "range": "172.22.0.0/24", + "range_start": "172.22.0.30", + "range_end": "172.22.0.70" + } + } +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + labels: + osp/net: tenant + osp/net-attach-def-type: standard + name: tenant + namespace: openstack +spec: + config: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70" + } + } +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: ctlplane + namespace: metallb-system +spec: + addresses: + - 192.168.122.80-192.168.122.90 +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: internalapi + namespace: metallb-system +spec: + addresses: + - 172.17.0.80-172.17.0.90 +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: storage + namespace: metallb-system +spec: + addresses: + - 172.18.0.80-172.18.0.90 +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: swift + namespace: metallb-system +spec: + addresses: + - 172.22.0.80-172.22.0.90 +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + labels: + osp/lb-addresses-type: standard + name: tenant + namespace: metallb-system +spec: + addresses: + - 172.19.0.80-172.19.0.90 +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: ctlplane + namespace: metallb-system +spec: + interfaces: + - ospbr + ipAddressPools: + - ctlplane +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: internalapi + namespace: metallb-system +spec: + interfaces: + - internalapi + ipAddressPools: + - internalapi +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: storage + namespace: metallb-system +spec: + interfaces: + - storage + ipAddressPools: + - storage +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: swift + namespace: metallb-system +spec: + interfaces: + - swift + ipAddressPools: + - swift +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: tenant + namespace: metallb-system +spec: + interfaces: + - tenant + ipAddressPools: + - tenant +--- +apiVersion: network.openstack.org/v1beta1 +kind: NetConfig +metadata: + name: netconfig + namespace: openstack +spec: + networks: + - dnsDomain: ctlplane.example.com + mtu: 1500 + name: ctlplane + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.170 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + - dnsDomain: internalapi.example.com + mtu: 1496 + name: internalapi + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + - dnsDomain: external.example.com + mtu: 1496 + name: external + subnets: + - allocationRanges: + - end: 172.21.0.250 + start: 172.21.0.100 + cidr: 172.21.0.0/24 + name: subnet1 + vlan: 44 + - dnsDomain: storage.example.com + mtu: 1496 + name: storage + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + - dnsDomain: tenant.example.com + mtu: 1496 + name: tenant + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + - dnsDomain: swift.example.com + mtu: 1500 + name: swift + subnets: + - allocationRanges: + - end: 172.22.0.250 + start: 172.22.0.100 + cidr: 172.22.0.0/24 + name: subnet1 + vlan: 25 + - dnsDomain: storagemgmt.example.com + mtu: 1500 + name: storagemgmt + subnets: + - allocationRanges: + - end: 172.20.0.250 + start: 172.20.0.100 + cidr: 172.20.0.0/24 + name: subnet1 + vlan: 23 \ No newline at end of file diff --git a/va/adoption/README.md b/va/adoption/README.md new file mode 100644 index 000000000..522d5615b --- /dev/null +++ b/va/adoption/README.md @@ -0,0 +1,11 @@ +# VA: HCI + +If you are looking for information on how to deploy the HCI VA, then +please see the +[HCI README in the examples directory](../../examples/va/hci/README.md). + +This directory, `architecture/va/hci/`, exists so that the +[kustomization.yaml](../../examples/va/hci/kustomization.yaml) +in the examples directory for the HCI VA, reference it by path as a +component. Its contents are likely uninteresting unless you want to +understand how kustomize was implemented in this repository. diff --git a/va/adoption/kustomization.yaml b/va/adoption/kustomization.yaml new file mode 100644 index 000000000..f0e686cc0 --- /dev/null +++ b/va/adoption/kustomization.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../lib/networking/metallb + - networking/metallb + - ../../lib/networking/netconfig + - networking/netconfig + - ../../lib/networking/nad + - networking/nad + +# Add storagemgmt network template, as it is needed for CephHCI +patches: + - target: + version: v1beta1 + kind: NetConfig + name: netconfig + patch: |- + - op: add + path: /spec/networks/- + value: + dnsDomain: _replaced_ + name: storagemgmt + subnets: + - _replaced_ + mtu: 1500 + +# Add storagemgmt network replacements +replacements: + # NetConfig dnsDomain specific to this VA + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storagemgmt.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storagemgmt].dnsDomain + # NetConfig MTU specific to this VA + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storagemgmt.mtu + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storagemgmt].mtu + # NetConfig subnets specific to this VA + - source: + kind: ConfigMap + name: network-values + fieldPath: data.storagemgmt.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=storagemgmt].subnets diff --git a/va/adoption/namespace.yaml b/va/adoption/namespace.yaml new file mode 100644 index 000000000..60a6e8c42 --- /dev/null +++ b/va/adoption/namespace.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: builtin +kind: NamespaceTransformer +metadata: + name: _ignored_ + namespace: openstack +setRoleBindingSubjects: none +unsetOnly: true +fieldSpecs: + - path: metadata/name + kind: Namespace + create: true diff --git a/va/adoption/networking/metallb/kustomization.yaml b/va/adoption/networking/metallb/kustomization.yaml new file mode 100644 index 000000000..94b3620d3 --- /dev/null +++ b/va/adoption/networking/metallb/kustomization.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - metallb_l2advertisement.yaml + - ocp_ip_pools.yaml + +replacements: + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.lb_addresses + targets: + - select: + group: metallb.io + kind: IPAddressPool + name: swift + fieldPaths: + - spec.addresses + options: + create: true + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.iface + targets: + - select: + group: metallb.io + kind: L2Advertisement + name: swift + fieldPaths: + - spec.interfaces.0 + options: + create: true diff --git a/va/adoption/networking/metallb/metallb_l2advertisement.yaml b/va/adoption/networking/metallb/metallb_l2advertisement.yaml new file mode 100644 index 000000000..651c26eda --- /dev/null +++ b/va/adoption/networking/metallb/metallb_l2advertisement.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: swift + namespace: metallb-system +spec: + ipAddressPools: + - swift + interfaces: + - _replaced_ diff --git a/va/adoption/networking/metallb/ocp_ip_pools.yaml b/va/adoption/networking/metallb/ocp_ip_pools.yaml new file mode 100644 index 000000000..a7945afa1 --- /dev/null +++ b/va/adoption/networking/metallb/ocp_ip_pools.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + namespace: metallb-system + name: swift + labels: + osp/lb-addresses-type: standard diff --git a/va/adoption/networking/nad/kustomization.yaml b/va/adoption/networking/nad/kustomization.yaml new file mode 100644 index 000000000..1ce809c3f --- /dev/null +++ b/va/adoption/networking/nad/kustomization.yaml @@ -0,0 +1,35 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +resources: + - ocp_networks_netattach.yaml + +replacements: + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.net-attach-def + targets: + - select: + kind: NetworkAttachmentDefinition + name: swift + fieldPaths: + - spec.config + options: + create: true diff --git a/va/adoption/networking/nad/ocp_networks_netattach.yaml b/va/adoption/networking/nad/ocp_networks_netattach.yaml new file mode 100644 index 000000000..da7763fad --- /dev/null +++ b/va/adoption/networking/nad/ocp_networks_netattach.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: swift + labels: + osp/net: swift + osp/net-attach-def-type: standard diff --git a/va/adoption/networking/netconfig/kustomization.yaml b/va/adoption/networking/netconfig/kustomization.yaml new file mode 100644 index 000000000..b18740075 --- /dev/null +++ b/va/adoption/networking/netconfig/kustomization.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +patches: + - target: + kind: NetConfig + patch: |- + - op: add + path: /spec/networks/- + value: + name: swift + mtu: 1500 + dnsDomain: _replaced_ + subnets: + - _replaced_ + +replacements: + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.dnsDomain + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=swift].dnsDomain + - source: + kind: ConfigMap + name: network-values + fieldPath: data.swift.subnets + targets: + - select: + kind: NetConfig + fieldPaths: + - spec.networks.[name=swift].subnets diff --git a/va/adoption/nncp/kustomization.yaml b/va/adoption/nncp/kustomization.yaml new file mode 100644 index 000000000..9c29c7007 --- /dev/null +++ b/va/adoption/nncp/kustomization.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../lib/nncp