apiVersion: v1 data: 03-ceph-nova.conf: CHANGEME_NOVA_CEPH_CONF kind: ConfigMap metadata: name: ceph-nova namespace: openstack --- apiVersion: v1 data: ceph.client.openstack.keyring: CHANGEME_CEPH_KEYRING ceph.conf: CHANGEME_CEPH_CONF kind: Secret metadata: name: ceph-conf-files namespace: openstack type: Opaque --- apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFIMFhmaXhDbEQ2SHBwdXF0dkQ4dS9UZHZLSmRRekoyWXhIb2JoSVI5djBvVjhVUVk1K05aWjVveC9QRVN1VnVVc0poU1lYdnhOTTFINXJJQjJ4d0pXTkhnRW9oTGJ3dXRsaDJFeDVHMXZPa2gxSXJtQWVoakVYQzlOdVNKbXhHOWhqUzBPYTA4QlpHOXkwOHRrL3hPRDZMVjFVSkI5ME1HSXJpY1FIeXZYUGlSSVo1QT09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUI5RjM0c1FwUStoNmFicXJidy9MdjAzYnlpWFVNCnlkbU1SNkc0U0VmYjlLRmZGRUdPZmpXV2VhTWZ6eEVybGJsTENZVW1GNzhUVE5SK2F5QWRzY0NWalI0QktJUzI4THJaWWQKaE1lUnRienBJZFNLNWdIb1l4Rnd2VGJraVpzUnZZWTB0RG10UEFXUnZjdFBMWlA4VGcraTFkVkNRZmREQmlLNG5FQjhyMQp6NGtTR2VRQUFBRVFOakY3MURZeGU5UUFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFmUmQrTEVLVVBvZW1tNnEyOFB5NzlOMjhvbDFETW5aakVlaHVFaEgyL1NoWHhSQmpuNDFsbm1qSDg4Uks1VzUKU3dtRkpoZS9FMHpVZm1zZ0hiSEFsWTBlQVNpRXR2QzYyV0hZVEhrYlc4NlNIVWl1WUI2R01SY0wwMjVJbWJFYjJHTkxRNQpyVHdGa2IzTFR5MlQvRTRQb3RYVlFrSDNRd1lpdUp4QWZLOWMrSkVobmtBQUFBUWdHck1ubGFGZFZKdnh0Y2c2RDJDVG91CjVQMERxNTVpbDQ4bE5SbEIxOUF4aFd4Qzl4cTlONlF2RHdhNldVbzdTZ1MyUnJxSk9Pclh0MDBOZEhIZEV2MnVYZ0FBQUEKOUZSRkJOSUdSbGNHeHZlU0JyWlhrQkFnTT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFIMFhmaXhDbEQ2SHBwdXF0dkQ4dS9UZHZLSmRRekoyWXhIb2JoSVI5djBvVjhVUVk1K05aWjVveC9QRVN1VnVVc0poU1lYdnhOTTFINXJJQjJ4d0pXTkhnRW9oTGJ3dXRsaDJFeDVHMXZPa2gxSXJtQWVoakVYQzlOdVNKbXhHOWhqUzBPYTA4QlpHOXkwOHRrL3hPRDZMVjFVSkI5ME1HSXJpY1FIeXZYUGlSSVo1QT09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack type: Opaque --- apiVersion: v1 data: ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUE5OHJyOWc5Y1dtMWFyWFRHWFprd2NLaGdnSGJtCjN0Mkh5TDR1ZEZiUEJHS0lIRVZwajIzL0tYRThjaHFlMm1FLzlmeWdObDZpZjlmQkdBZW12OGNNSlpJQlNtY0k3d1ZUK2sKbTFtWk94Y3NtLzRaak1kMXFpanBmSzk1UkRrcG91TFBnOWxuWkhtUmEvTVh6S0M3eWxqYlkxdGJESWF5QzF0bnJmd0p0Ygp6Q1BVN0NFQUFBRVE5L0kwSHZmeU5CNEFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFQZks2L1lQWEZwdFdxMTB4bDJaTUhDb1lJQjI1dDdkaDhpK0xuUld6d1JpaUJ4RmFZOXQveWx4UEhJYW50cGgKUC9YOG9EWmVvbi9Yd1JnSHByL0hEQ1dTQVVwbkNPOEZVL3BKdFptVHNYTEp2K0dZekhkYW9vNlh5dmVVUTVLYUxpejRQWgpaMlI1a1d2ekY4eWd1OHBZMjJOYld3eUdzZ3RiWjYzOENiVzh3ajFPd2hBQUFBUWdIUkpkSHVoSVVDMDhHOHl3eXhzUnFsCmFQV1k0bUpwUXNaRkVSQ1dway9Kc1FmdUdVR1d3SUo3Y1JWcm1xZFYrbUpDOXNIc2pRb0FQV29OR2s0L25JZHpPQUFBQUEKNU9iM1poSUcxcFozSmhkR2x2YmdFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFEM3l1djJEMXhhYlZxdGRNWmRtVEJ3cUdDQWR1YmUzWWZJdmk1MFZzOEVZb2djUldtUGJmOHBjVHh5R3A3YVlULzEvS0EyWHFKLzE4RVlCNmEveHd3bGtnRktad2p2QlZQNlNiV1prN0Z5eWIvaG1NeDNXcUtPbDhyM2xFT1NtaTRzK0QyV2RrZVpGcjh4Zk1vTHZLV050alcxc01ocklMVzJldC9BbTF2TUk5VHNJUT09IE5vdmEgbWlncmF0aW9uCg== kind: Secret metadata: name: nova-migration-ssh-key namespace: openstack type: kubernetes.io/ssh-auth --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: gpu-computes-edpm namespace: openstack spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: dns_search_domains: [] edpm_bootstrap_command: | echo CHANGEME edpm_bootstrap_release_version_package: [] edpm_ceph_hci_pre_enabled_services: - ceph_mon - ceph_mgr - ceph_osd - ceph_rgw - ceph_nfs - ceph_rgw_frontend - ceph_nfs_frontend edpm_enable_chassis_gw: false edpm_fips_mode: check edpm_kernel_args: default_hugepagesz=1GB hugepagesz=1G hugepages=16 intel_iommu=on iommu=pt vfio-pci.ids=10de:20f1 rd.driver.pre=vfio-pci edpm_network_config_hide_sensitive_logs: false edpm_network_config_nmstate: false edpm_network_config_os_net_config_mappings: edpm-compute-0: nic1: aa:bb:cc:dd:ee:ff nic2: CHANGEME edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} mtu: {{ min_viable_mtu }} use_dhcp: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} routes: {{ ctlplane_host_routes }} members: - type: linux_bond name: bond0 mtu: {{ min_viable_mtu }} bonding_options: "mode=802.3ad lacp_rate=fast" members: - type: interface name: nic1 mtu: {{ min_viable_mtu }} primary: true - type: interface name: nic2 mtu: {{ min_viable_mtu }} {% for network in nodeset_networks %} - type: vlan mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} addresses: - ip_netmask: {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} {% endfor %} edpm_network_config_update: false edpm_nodes_validation_validate_controllers_icmp: false edpm_nodes_validation_validate_gateway_icmp: false edpm_ovn_availability_zones: [] edpm_ovn_bridge_mappings: - datacentre:br-ex edpm_reboot_strategy: force edpm_sshd_allowed_ranges: - 192.168.122.0/24 edpm_sshd_configure_firewall: true edpm_tuned_isolated_cores: 4-23,28-47 edpm_tuned_profile: cpu-partitioning-powersave gather_facts: false neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth0 rhc_release: 9.4 rhc_repositories: - name: '*' state: disabled - name: CHANGEME storage_mgmt_cidr: CHANGEME_STGMGMT_PREFIX_LEN storage_mgmt_host_routes: [] storage_mgmt_mtu: 9000 storage_mgmt_vlan_id: CHANGEME_STGMGMT_VLAN storage_mtu: 9000 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret extraMounts: - extraVolType: Ceph mounts: - mountPath: /etc/ceph name: ceph readOnly: true volumes: - name: ceph secret: secretName: ceph-conf-files managementNetwork: ctlplane networks: - defaultRoute: true name: ctlplane subnetName: subnet2 - name: internalapi subnetName: subnet2 - name: storage subnetName: subnet2 - name: tenant subnetName: subnet2 nodes: edpm-compute-0: ansible: ansibleHost: 192.168.122.100 bmhLabelSelector: nodeName: edpm-compute-0 hostName: compute-0 networkData: name: edpm-compute-0-network-data namespace: openstack networks: - defaultRoute: true fixedIP: 192.168.122.100 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.0.100 name: internalapi subnetName: subnet1 - fixedIP: 172.18.0.100 name: storage subnetName: subnet1 - fixedIP: 172.20.0.100 name: storagemgmt subnetName: subnet1 - fixedIP: 172.19.0.100 name: tenant subnetName: subnet1 - fixedIP: 10.0.0.100 name: external subnetName: subnet1 preProvisioned: true services: - bootstrap - configure-network - validate-network - install-os - ceph-hci-pre - configure-os - ssh-known-hosts - run-os - reboot-os - install-certs - ceph-client - ovn - neutron-metadata - libvirt - nova-custom-gpu-ceph - telemetry --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: neutron-metadata namespace: openstack spec: addCertMounts: false caCerts: combined-ca-bundle containerImageFields: - EdpmNeutronMetadataAgentImage dataSources: - secretRef: name: neutron-ovn-metadata-agent-neutron-config - secretRef: name: nova-cell1-metadata-neutron-config edpmServiceType: neutron-metadata playbook: osp.edpm.neutron_metadata tlsCerts: default: contents: - dnsnames - ips issuer: osp-rootca-issuer-ovn keyUsages: - digital signature - key encipherment - client auth networks: - ctlplane --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: nova-custom-gpu-ceph namespace: openstack spec: caCerts: combined-ca-bundle dataSources: - configMapRef: name: ceph-nova - configMapRef: name: cpu-pinning-nova - configMapRef: name: gpu-nova - secretRef: name: nova-cell1-compute-config - secretRef: name: nova-migration-ssh-key edpmServiceType: nova label: dataplane-deployment-nova-custom-gpu-ceph playbook: osp.edpm.nova tlsCerts: default: contents: - dnsnames - ips edpmRoleServiceName: nova issuer: osp-rootca-issuer-internal networks: - ctlplane