apiVersion: v1 data: 03-ceph-nova.conf: CHANGEME_NOVA_CEPH_CONF kind: ConfigMap metadata: name: ceph-nova namespace: openstack --- apiVersion: v1 data: ceph.client.openstack.keyring: CHANGEME_CEPH_KEYRING ceph.conf: CHANGEME_CEPH_CONF kind: Secret metadata: name: ceph-conf-files namespace: openstack type: Opaque --- apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFBZEtuZlk3Y2wvS1Q3WG5qUkhlanAvZnZ4alk1WHNOUllBRS9WZjUvS3c5ZWYyQThMUEtJNWtKKzVHdDFWcG9ORWtlTzVUcGVOcVZ5OFh1SEE5citjTlNRR2RrTGEvQ1RmZkg5dzBkQy9Yc09zb09DaEQxUFJRQ0VqNXBoSlc0UnN0WDg4TEQ3cWV3UUsrMkNINGgrdVRDMno4QWovRVBCcnNLL2VzWStlOElCK2E0UT09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFIU3AzMk8zSmZ5aysxNTQwUjNvNmYzNzhZMk9WCjdEVVdBQlAxWCtmeXNQWG45Z1BDenlpT1pDZnVScmRWYWFEUkpIanVVNlhqYWxjdkY3aHdQYS9uRFVrQm5aQzJ2d2szM3gKL2NOSFF2MTdEcktEZ29ROVQwVUFoSSthWVNWdUViTFYvUEN3KzZuc0VDdnRnaCtJZnJrd3RzL0FJL3hEd2E3Q3YzckdQbgp2Q0FmbXVFQUFBRVFGWmwxV1JXWmRWa0FBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFCMHFkOWp0eVg4cFB0ZWVORWQ2T245Ky9HTmpsZXcxRmdBVDlWL244ckQxNS9ZRHdzOG9qbVFuN2thM1ZXbWcKMFNSNDdsT2w0MnBYTHhlNGNEMnY1dzFKQVoyUXRyOEpOOThmM0RSMEw5ZXc2eWc0S0VQVTlGQUlTUG1tRWxiaEd5MWZ6dwpzUHVwN0JBcjdZSWZpSDY1TUxiUHdDUDhROEd1d3I5NnhqNTd3Z0g1cmhBQUFBUWdES0R5Y21KL2oyUU9od2Q4Ky9LQ2x5CmI3V0RJZHNKa0pwaEpoYWtheUZkZFkwWDhRcUZFVEZGaHl6ZVRudTljclNGMHpaUktMTjNOSlpwRi9FeXNJQ04zQUFBQUEKOUZSRkJOSUdSbGNHeHZlU0JyWlhrQkFnTT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFBZEtuZlk3Y2wvS1Q3WG5qUkhlanAvZnZ4alk1WHNOUllBRS9WZjUvS3c5ZWYyQThMUEtJNWtKKzVHdDFWcG9ORWtlTzVUcGVOcVZ5OFh1SEE5citjTlNRR2RrTGEvQ1RmZkg5dzBkQy9Yc09zb09DaEQxUFJRQ0VqNXBoSlc0UnN0WDg4TEQ3cWV3UUsrMkNINGgrdVRDMno4QWovRVBCcnNLL2VzWStlOElCK2E0UT09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack type: Opaque --- apiVersion: v1 data: ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFVUEhxV2V5dWYreUJQWXU1VjFYN0FpNDA1RXFUCnY0L2FxWEtkY1dJblczNEd6UyswSjhqR1hHcUxicHVkdG4rYnFTbXZYV0dEOUZ1bnk0ZkxieDJreVA0QXpvMDZxSVUyRGcKNTlHVkhDUkdjeVo4eHZxd2FqeHlVeFprUWlzd2M3aTNLVEZqcnkwSGtlMy95M2MvaTdoSDc5ZHE1NThSazdZTVRkYlNjVgpUWmhRZzFVQUFBRVErdjhuaVByL0o0Z0FBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFGRHg2bG5zcm4vc2dUMkx1VmRWK3dJdU5PUktrNytQMnFseW5YRmlKMXQrQnMwdnRDZkl4bHhxaTI2Ym5iWi8KbTZrcHIxMWhnL1JicDh1SHkyOGRwTWorQU02Tk9xaUZOZzRPZlJsUndrUm5NbWZNYjZzR284Y2xNV1pFSXJNSE80dHlreApZNjh0QjVIdC84dDNQNHU0UisvWGF1ZWZFWk8yREUzVzBuRlUyWVVJTlZBQUFBUWdFVlRWMXZ2em56Mm02U2kyWnBwN3ptCnhSb1hGRkZYRDJCRVVPWVc5M1JMY2o2MTV2ZUxlUURjbU5qUEdWNlpra3RrYk41c3pUekJoalUzMzZFSGhkNWkrUUFBQUEKNU9iM1poSUcxcFozSmhkR2x2YmdFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFCUThlcFo3SzUvN0lFOWk3bFhWZnNDTGpUa1NwTy9qOXFwY3AxeFlpZGJmZ2JOTDdRbnlNWmNhb3R1bTUyMmY1dXBLYTlkWVlQMFc2ZkxoOHR2SGFUSS9nRE9qVHFvaFRZT0RuMFpVY0pFWnpKbnpHK3JCcVBISlRGbVJDS3pCenVMY3BNV092TFFlUjdmL0xkeitMdUVmdjEycm5ueEdUdGd4TjF0SnhWTm1GQ0RWUT09IE5vdmEgbWlncmF0aW9uCg== kind: Secret metadata: name: nova-migration-ssh-key namespace: openstack type: kubernetes.io/ssh-auth --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: gpu-computes-edpm namespace: openstack spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: dns_search_domains: [] edpm_bootstrap_command: | echo CHANGEME edpm_bootstrap_release_version_package: [] edpm_ceph_hci_pre_enabled_services: - ceph_mon - ceph_mgr - ceph_osd - ceph_rgw - ceph_nfs - ceph_rgw_frontend - ceph_nfs_frontend edpm_enable_chassis_gw: false edpm_fips_mode: check edpm_kernel_args: default_hugepagesz=1GB hugepagesz=1G hugepages=16 intel_iommu=on iommu=pt vfio-pci.ids=10de:20f1 rd.driver.pre=vfio-pci edpm_network_config_hide_sensitive_logs: false edpm_network_config_nmstate: false edpm_network_config_os_net_config_mappings: edpm-compute-0: nic1: aa:bb:cc:dd:ee:ff nic2: CHANGEME edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} mtu: {{ min_viable_mtu }} use_dhcp: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} routes: {{ ctlplane_host_routes }} members: - type: linux_bond name: bond0 mtu: {{ min_viable_mtu }} bonding_options: "mode=802.3ad lacp_rate=fast" members: - type: interface name: nic1 mtu: {{ min_viable_mtu }} primary: true - type: interface name: nic2 mtu: {{ min_viable_mtu }} {% for network in nodeset_networks %} - type: vlan mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} addresses: - ip_netmask: {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} {% endfor %} edpm_network_config_update: false edpm_nodes_validation_validate_controllers_icmp: false edpm_nodes_validation_validate_gateway_icmp: false edpm_ovn_availability_zones: [] edpm_ovn_bridge_mappings: - datacentre:br-ex edpm_reboot_strategy: force edpm_sshd_allowed_ranges: - 192.168.122.0/24 edpm_sshd_configure_firewall: true edpm_tuned_isolated_cores: 4-23,28-47 edpm_tuned_profile: cpu-partitioning-powersave gather_facts: false neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth0 rhc_release: 9.4 rhc_repositories: - name: '*' state: disabled - name: CHANGEME storage_mgmt_cidr: CHANGEME_STGMGMT_PREFIX_LEN storage_mgmt_host_routes: [] storage_mgmt_mtu: 9000 storage_mgmt_vlan_id: CHANGEME_STGMGMT_VLAN storage_mtu: 9000 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret extraMounts: - extraVolType: Ceph mounts: - mountPath: /etc/ceph name: ceph readOnly: true volumes: - name: ceph secret: secretName: ceph-conf-files managementNetwork: ctlplane networks: - defaultRoute: true name: ctlplane subnetName: subnet2 - name: internalapi subnetName: subnet2 - name: storage subnetName: subnet2 - name: tenant subnetName: subnet2 nodes: edpm-compute-0: ansible: ansibleHost: 192.168.122.100 bmhLabelSelector: nodeName: edpm-compute-0 hostName: compute-0 networkData: name: edpm-compute-0-network-data namespace: openstack networks: - defaultRoute: true fixedIP: 192.168.122.100 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.0.100 name: internalapi subnetName: subnet1 - fixedIP: 172.18.0.100 name: storage subnetName: subnet1 - fixedIP: 172.20.0.100 name: storagemgmt subnetName: subnet1 - fixedIP: 172.19.0.100 name: tenant subnetName: subnet1 - fixedIP: 10.0.0.100 name: external subnetName: subnet1 preProvisioned: true services: - bootstrap - configure-network - validate-network - install-os - ceph-hci-pre - configure-os - ssh-known-hosts - run-os - reboot-os - install-certs - ceph-client - ovn - neutron-metadata - libvirt - nova-custom-gpu-ceph - telemetry --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: neutron-metadata namespace: openstack spec: addCertMounts: false caCerts: combined-ca-bundle containerImageFields: - EdpmNeutronMetadataAgentImage dataSources: - secretRef: name: neutron-ovn-metadata-agent-neutron-config - secretRef: name: nova-cell1-metadata-neutron-config edpmServiceType: neutron-metadata playbook: osp.edpm.neutron_metadata tlsCerts: default: contents: - dnsnames - ips issuer: osp-rootca-issuer-ovn keyUsages: - digital signature - key encipherment - client auth networks: - ctlplane --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: nova-custom-gpu-ceph namespace: openstack spec: caCerts: combined-ca-bundle dataSources: - configMapRef: name: ceph-nova - configMapRef: name: cpu-pinning-nova - configMapRef: name: gpu-nova - secretRef: name: nova-cell1-compute-config - secretRef: name: nova-migration-ssh-key edpmServiceType: nova label: dataplane-deployment-nova-custom-gpu-ceph playbook: osp.edpm.nova tlsCerts: default: contents: - dnsnames - ips edpmRoleServiceName: nova issuer: osp-rootca-issuer-internal networks: - ctlplane