apiVersion: v1 data: 03-ceph-nova.conf: CHANGEME_NOVA_CEPH_CONF kind: ConfigMap metadata: name: ceph-nova namespace: openstack --- apiVersion: v1 data: ceph.client.openstack.keyring: CHANGEME_CEPH_KEYRING ceph.conf: CHANGEME_CEPH_CONF kind: Secret metadata: name: ceph-conf-files namespace: openstack type: Opaque --- apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFFYW96MkEvdWwwSW43WW1QMXVTcUFweHR6L2dMZnkrN1dmbWExUTg3UXY3TE1OS1ZzZEpMUThXRlNGR1NicEErY0dzaDc0REZtQ1VjeGpBNDVVOHdXVHV3RjNMeWVlK2lHd2lNZWNkc1ZPOHNmT25sN0dkb3NVb2RNVkJkbStEenpVcWZyTE1GMjErdHgyb1ErY2hQTjVnM2ttdjF0cERIWHJMZlpVOGFjM3ltT3I5dz09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUJHcU05Z1A3cGRDSisySmo5YmtxZ0tjYmMvNEMzCjh2dTFuNW10VVBPMEwreXpEU2xiSFNTMFBGaFVoUmttNlFQbkJySWUrQXhaZ2xITVl3T09WUE1GazdzQmR5OG5udm9oc0kKakhuSGJGVHZMSHpwNWV4bmFMRktIVEZRWFp2Zzg4MUtuNnl6QmR0ZnJjZHFFUG5JVHplWU41SnI5YmFReDE2eTMyVlBHbgpOOHBqcS9jQUFBRVE3TnN6ZGV6Yk0zVUFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFScWpQWUQrNlhRaWZ0aVkvVzVLb0NuRzNQK0F0L0w3dForWnJWRHp0Qy9zc3cwcFd4MGt0RHhZVklVWkp1a0QKNXdheUh2Z01XWUpSekdNRGpsVHpCWk83QVhjdko1NzZJYkNJeDV4MnhVN3l4ODZlWHNaMml4U2gweFVGMmI0UFBOU3Arcwpzd1hiWDYzSGFoRDV5RTgzbURlU2EvVzJrTWRlc3Q5bFR4cHpmS1k2djNBQUFBUVJYT0trYlhaSnk0SHdTM0xtWlRlL0toClZ0aDNKSjhWQ2Y4c1J5c3Ewam9KTCtnTm1hcHFaN1RUdERTYjl0dUh4RXhTeGtFTDZ4NjlTRWhibmEzTWtqWE1BQUFBRDAKVkVVRTBnWkdWd2JHOTVJR3RsZVFFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFFYW96MkEvdWwwSW43WW1QMXVTcUFweHR6L2dMZnkrN1dmbWExUTg3UXY3TE1OS1ZzZEpMUThXRlNGR1NicEErY0dzaDc0REZtQ1VjeGpBNDVVOHdXVHV3RjNMeWVlK2lHd2lNZWNkc1ZPOHNmT25sN0dkb3NVb2RNVkJkbStEenpVcWZyTE1GMjErdHgyb1ErY2hQTjVnM2ttdjF0cERIWHJMZlpVOGFjM3ltT3I5dz09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack type: Opaque --- apiVersion: v1 data: ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFoN0s1RzRKcXVUdE8zci9rT2N4cHN6OUptS05PCjJ1RWFmd0pOODNkMXAxdllSMTVleEcyM3pMMlg5bXZtWHVBNDlXZ2UybkdIc0RyTnFnS1hiczZMbFp3QTNHYkxpelYzOW4KcFE1dWRGVGNRejZFSFhETzF6RGptOWtBQ3RuYVFwUng0bm80Z1ZGTlBNK01WcGFvL3g1amJHTld2Y1JZajhSelhiNDlUUQpuaGVlQ3g4QUFBRVFFOHZSbEJQTDBaUUFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFJZXl1UnVDYXJrN1R0Ni81RG5NYWJNL1NaaWpUdHJoR244Q1RmTjNkYWRiMkVkZVhzUnR0OHk5bC9acjVsN2cKT1BWb0h0cHhoN0E2emFvQ2wyN09pNVdjQU54bXk0czFkL1o2VU9iblJVM0VNK2hCMXd6dGN3NDV2WkFBcloya0tVY2VKNgpPSUZSVFR6UGpGYVdxUDhlWTJ4alZyM0VXSS9FYzEyK1BVMEo0WG5nc2ZBQUFBUWdGVkQ0Q3YxTkxoWnpqZFpMMkZNa1ptClBEMlNJVzJ1dFh1T2NOU3B3TFh6UmlpUFN2ZHZCUXlncGphdmFITDBhVVVRdDVKelVaa2hXeXNMaGR4dml0V3R6d0FBQUEKNU9iM1poSUcxcFozSmhkR2x2YmdFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFDSHNya2JnbXE1TzA3ZXYrUTV6R216UDBtWW8wN2E0UnAvQWszemQzV25XOWhIWGw3RWJiZk12WmYyYStaZTREajFhQjdhY1lld09zMnFBcGR1em91Vm5BRGNac3VMTlhmMmVsRG01MFZOeERQb1FkY003WE1PT2IyUUFLMmRwQ2xISGllamlCVVUwOHo0eFdscWovSG1Oc1kxYTl4RmlQeEhOZHZqMU5DZUY1NExIdz09IE5vdmEgbWlncmF0aW9uCg== kind: Secret metadata: name: nova-migration-ssh-key namespace: openstack type: kubernetes.io/ssh-auth --- apiVersion: v1 data: AdminPassword: MTIzNDU2Nzg= AodhDatabasePassword: MTIzNDU2Nzg= AodhPassword: MTIzNDU2Nzg= BarbicanDatabasePassword: MTIzNDU2Nzg= BarbicanPassword: MTIzNDU2Nzg= BarbicanSimpleCryptoKEK: c0VGbWRGakRVcVJNMlZlbVlzbFY1eUdOV2pva2lvSlhzZzhOcmxjM2RyVT0= CeilometerPassword: MTIzNDU2Nzg= CinderDatabasePassword: MTIzNDU2Nzg= CinderPassword: MTIzNDU2Nzg= CloudKittyPassword: MTIzNDU2Nzg= DatabasePassword: MTIzNDU2Nzg= DbRootPassword: MTIzNDU2Nzg= DesignateDatabasePassword: MTIzNDU2Nzg= DesignatePassword: MTIzNDU2Nzg= GlanceDatabasePassword: MTIzNDU2Nzg= GlancePassword: MTIzNDU2Nzg= HeatAuthEncryptionKey: NzY3YzNlZDA1NmNiYWEzYjlkZmVkYjhjNmY4MjViZjA= HeatDatabasePassword: MTIzNDU2Nzg= HeatPassword: MTIzNDU2Nzg= IronicDatabasePassword: MTIzNDU2Nzg= IronicInspectorDatabasePassword: MTIzNDU2Nzg= IronicInspectorPassword: MTIzNDU2Nzg= IronicPassword: MTIzNDU2Nzg= KeystoneDatabasePassword: MTIzNDU2Nzg= ManilaDatabasePassword: MTIzNDU2Nzg= ManilaPassword: MTIzNDU2Nzg= MetadataSecret: MTIzNDU2Nzg0Mg== NeutronDatabasePassword: MTIzNDU2Nzg= NeutronPassword: MTIzNDU2Nzg= NovaAPIDatabasePassword: MTIzNDU2Nzg= NovaCell0DatabasePassword: MTIzNDU2Nzg= NovaCell1DatabasePassword: MTIzNDU2Nzg= NovaPassword: MTIzNDU2Nzg= OctaviaDatabasePassword: MTIzNDU2Nzg= OctaviaHeartbeatKey: MTIzNDU2Nzg= OctaviaPassword: MTIzNDU2Nzg= PlacementDatabasePassword: MTIzNDU2Nzg= PlacementPassword: MTIzNDU2Nzg= SwiftPassword: MTIzNDU2Nzg= WatcherPassword: MTIzNDU2Nzg= kind: Secret metadata: name: osp-secret namespace: openstack type: Opaque --- apiVersion: core.openstack.org/v1beta1 kind: OpenStackControlPlane metadata: name: controlplane namespace: openstack spec: barbican: apiOverride: route: {} template: barbicanAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer replicas: 3 barbicanKeystoneListener: replicas: 1 barbicanWorker: replicas: 3 databaseInstance: openstack preserveJobs: false secret: osp-secret cinder: apiOverride: route: {} template: apiTimeout: 600 cinderAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer replicas: 3 cinderBackup: customServiceConfig: | [DEFAULT] backup_driver = cinder.backup.drivers.ceph.CephBackupDriver backup_ceph_pool = backups backup_ceph_user = openstack networkAttachments: - storage replicas: 3 cinderScheduler: replicas: 1 cinderVolumes: ceph: customServiceConfig: | [DEFAULT] enabled_backends = ceph [ceph] volume_backend_name = ceph volume_driver = cinder.volume.drivers.rbd.RBDDriver rbd_ceph_conf = /etc/ceph/ceph.conf rbd_user = openstack rbd_pool = volumes rbd_flatten_volume_from_snapshot = False rbd_secret_uuid = _replaced_ customServiceConfig: | # Debug logs by default, jobs can override as needed. [DEFAULT] debug = true databaseInstance: openstack preserveJobs: false secret: osp-secret uniquePodNames: true designate: enabled: false template: customServiceConfig: | [DEFAULT] debug = true designateAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 replicas: 3 designateBackendbind9: networkAttachments: - designate replicas: 3 storageClass: local-storage storageRequest: 10Gi designateCentral: replicas: 1 designateMdns: networkAttachments: - designate replicas: 3 designateProducer: networkAttachments: - designate replicas: 2 designateUnbound: networkAttachments: - designate replicas: 1 designateWorker: networkAttachments: - designate replicas: 3 nsRecords: - hostname: ns1.example.org. priority: 1 - hostname: ns2.example.org. priority: 2 preserveJobs: false dns: template: options: - key: server values: - 2620:cf:cf:aaaa::1 override: service: metadata: annotations: metallb.universe.tf/address-pool: ctlplane metallb.universe.tf/allow-shared-ip: ctlplane metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:aaaa::80 spec: type: LoadBalancer replicas: 2 extraMounts: - extraVol: - extraVolType: Ceph mounts: - mountPath: /etc/ceph name: ceph readOnly: true propagation: - CinderVolume - CinderBackup - GlanceAPI - ManilaShare volumes: - name: ceph projected: sources: - secret: name: ceph-conf-files name: v1 region: r1 galera: enabled: true templates: openstack: replicas: 3 secret: osp-secret storageRequest: 5Gi openstack-cell1: replicas: 3 secret: osp-secret storageRequest: 5Gi glance: apiOverrides: default: route: {} template: customServiceConfig: | [DEFAULT] debug = True enabled_backends = default_backend:s3 [glance_store] default_backend = default_backend [default_backend] s3_store_create_bucket_on_put = True s3_store_bucket_url_format = "path" s3_store_large_object_size = 0 databaseInstance: openstack glanceAPIs: default: apiTimeout: 600 customServiceConfigSecrets: - s3glance networkAttachments: - storage override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer replicas: 3 preserveJobs: false storage: storageClass: local-storage storageRequest: 10Gi uniquePodNames: true heat: apiOverride: route: {} cnfAPIOverride: route: {} enabled: true template: databaseInstance: openstack heatAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer replicas: 3 heatEngine: replicas: 3 preserveJobs: false secret: osp-secret horizon: apiOverride: route: {} enabled: true template: preserveJobs: false replicas: 1 secret: osp-secret ironic: enabled: true template: databaseInstance: openstack ironicAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: ctlplane metallb.universe.tf/allow-shared-ip: ctlplane metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:aaaa::80 spec: type: LoadBalancer replicas: 1 ironicConductors: - customServiceConfig: | [pxe] kernel_append_params = console=ttyS0 [neutron] cleaning_network = provisioning provisioning_network = provisioning rescuing_network = provisioning inspection_network = provisioning networkAttachments: - ironic provisionNetwork: ironic replicas: 1 storageRequest: 10Gi ironicInspector: customServiceConfig: | [capabilities] boot_mode = true [processing] update_pxe_enabled = false inspectionNetwork: ironic networkAttachments: - ironic override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: ctlplane metallb.universe.tf/allow-shared-ip: ctlplane metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:aaaa::80 spec: type: LoadBalancer preserveJobs: false replicas: 1 ironicNeutronAgent: replicas: 1 preserveJobs: false rpcTransport: oslo secret: osp-secret keystone: apiOverride: route: {} template: customServiceConfig: | [token] expiration = 28800 databaseInstance: openstack override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer preserveJobs: false replicas: 3 secret: osp-secret manila: apiOverride: route: haproxy.router.openshift.io/timeout: 60s enabled: true template: customServiceConfig: | [DEFAULT] debug = true enabled_share_backends = cephfsnfs enabled_share_protocols = nfs [cephfsnfs] driver_handles_share_servers=False share_backend_name=cephfs share_driver=manila.share.drivers.cephfs.driver.CephFSDriver cephfs_auth_id=openstack cephfs_cluster_name=ceph cephfs_nfs_cluster_id=cephfs cephfs_protocol_helper_type=NFS databaseInstance: openstack manilaAPI: networkAttachments: - internalapi override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer replicas: 1 manilaScheduler: replicas: 1 manilaShares: share1: networkAttachments: - storage replicas: 1 preserveJobs: false memcached: templates: memcached: replicas: 3 neutron: apiOverride: route: {} template: customServiceConfig: | [DEFAULT] vlan_transparent = true service_plugins = qos,ovn-router,trunk,segments,log,taas,tapmirror agent_down_time = 600 router_distributed = true router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler debug = true [agent] report_interval = 300 [database] max_retries = -1 db_max_retries = -1 [keystone_authtoken] region_name = regionOne memcache_use_advanced_pool = True auth_type = password [nova] region_name = regionOne endpoint_type = internal [oslo_messaging_notifications] driver = noop [oslo_middleware] enable_proxy_headers_parsing = true [oslo_policy] policy_file = /etc/neutron/policy.yaml [placement] region_name = regionOne [ovs] igmp_snooping_enable = true [ovn] ovn_emit_need_to_frag = false ovs_create_tap = true [ml2] type_drivers = geneve,vlan,flat,local tenant_network_types = vlan,flat [ml2_type_vlan] network_vlan_ranges = datacentre:1000:2000 [service_providers] service_provider = TAAS:TAAS:neutron_taas.services.taas.service_drivers.ovn.taas_ovn.TaasOvnDriver:default databaseInstance: openstack ml2MechanismDrivers: - ovn - baremetal networkAttachments: - internalapi override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer preserveJobs: false replicas: 3 secret: osp-secret notificationsBus: cluster: rabbitmq nova: apiOverride: route: {} template: apiServiceTemplate: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer replicas: 3 apiTimeout: 600 cellTemplates: cell0: cellDatabaseAccount: nova-cell0 cellDatabaseInstance: openstack hasAPIAccess: true messagingBus: cluster: rabbitmq cell1: cellDatabaseAccount: nova-cell1 cellDatabaseInstance: openstack-cell1 hasAPIAccess: true messagingBus: cluster: rabbitmq-cell1 novaComputeTemplates: compute-ironic: computeDriver: ironic.IronicDriver metadataServiceTemplate: override: service: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer replicas: 3 preserveJobs: false schedulerServiceTemplate: replicas: 3 secret: osp-secret octavia: enabled: false template: databaseInstance: openstack octaviaAPI: preserveJobs: false replicas: 1 octaviaHealthManager: {} octaviaHousekeeping: {} octaviaWorker: {} preserveJobs: false secret: osp-secret ovn: template: ovnController: networkAttachment: tenant nicMappings: datacentre: ospbr ironic: ironic ovnDBCluster: ovndbcluster-nb: dbType: NB networkAttachment: internalapi replicas: 3 storageRequest: 10Gi ovndbcluster-sb: dbType: SB networkAttachment: internalapi replicas: 3 storageRequest: 10Gi ovnNorthd: logLevel: info nThreads: 1 replicas: 1 resources: {} tls: {} placement: apiOverride: route: {} template: databaseInstance: openstack override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer preserveJobs: false replicas: 3 secret: osp-secret rabbitmq: templates: rabbitmq: override: service: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::55 spec: type: LoadBalancer replicas: 3 resources: limits: cpu: "2" memory: 4Gi requests: cpu: "1" memory: 4Gi rabbitmq-cell1: override: service: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::56 spec: type: LoadBalancer replicas: 3 resources: limits: cpu: "2" memory: 4Gi requests: cpu: "1" memory: 4Gi secret: osp-secret storageClass: local-storage swift: enabled: false proxyOverride: route: {} template: swiftProxy: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 2620:cf:cf:bbbb::80 spec: type: LoadBalancer replicas: 1 swiftRing: ringReplicas: 1 swiftStorage: replicas: 1 telemetry: enabled: true template: autoscaling: aodh: databaseInstance: openstack memcachedInstance: memcached passwordSelectors: null preserveJobs: false secret: osp-secret enabled: true heatInstance: heat ceilometer: enabled: true secret: osp-secret logging: enabled: false port: 10514 metricStorage: enabled: true monitoringStack: alertingEnabled: true scrapeInterval: 30s storage: persistent: pvcStorageClass: local-storage pvcStorageRequest: 10Gi retention: 24h strategy: persistent tls: caBundleSecretName: "" --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: openstack-edpm namespace: openstack spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: edpm_bootstrap_command: | dnf -y install conntrack-tools edpm_fips_mode: check edpm_iscsid_image: '{{ registry_url }}/openstack-iscsid:{{ image_tag }}' edpm_logrotate_crond_image: '{{ registry_url }}/openstack-cron:{{ image_tag }}' edpm_network_config_hide_sensitive_logs: false edpm_network_config_os_net_config_mappings: edpm-compute-0: nic2: 52:54:03:6f:dc:42 edpm-compute-1: nic2: 52:54:04:a6:70:fb edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} mtu: {{ min_viable_mtu }} use_dhcp: false dns_servers: {{ ctlplane_dns_nameservers | list }} domain: {{ dns_search_domains }} addresses: - ip_netmask: '{{ ctlplane_ip }}/{{ ctlplane_cidr }}' routes: {{ ctlplane_host_routes }} members: - type: interface name: nic2 mtu: {{ min_viable_mtu }} primary: true {% for network in nodeset_networks %} - type: vlan mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} addresses: - ip_netmask: >- {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} {% endfor %} edpm_nodes_validation_validate_controllers_icmp: false edpm_nodes_validation_validate_gateway_icmp: false edpm_ovn_encap_tos: inherit edpm_sshd_allowed_ranges: - 2620:cf:cf:aaaa::/64 edpm_sshd_configure_firewall: true gather_facts: false image_tag: current-podified neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth0 registry_url: quay.io/podified-antelope-centos9 storage_mgmt_cidr: "24" storage_mgmt_host_routes: [] storage_mgmt_mtu: 9000 storage_mgmt_vlan_id: 23 storage_mtu: 9000 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret extraMounts: - extraVolType: Ceph mounts: - mountPath: /etc/ceph name: ceph readOnly: true volumes: - name: ceph secret: secretName: ceph-conf-files managementNetwork: ctlplane networks: - defaultRoute: true name: ctlplane subnetName: subnet1 - name: internalapi subnetName: subnet1 - name: storage subnetName: subnet1 - name: tenant subnetName: subnet1 - name: storagemgmt subnetName: subnet1 nodes: edpm-compute-0: ansible: ansibleHost: 2620:cf:cf:aaaa::100 hostName: compute-0 networks: - defaultRoute: true fixedIP: 2620:cf:cf:aaaa::100 name: ctlplane subnetName: subnet1 - fixedIP: 2620:cf:cf:bbbb::100 name: internalapi subnetName: subnet1 - fixedIP: 2620:cf:cf:cccc::100 name: storage subnetName: subnet1 - fixedIP: 2620:cf:cf:eeee::100 name: tenant subnetName: subnet1 edpm-compute-1: ansible: ansibleHost: 2620:cf:cf:aaaa::101 hostName: compute-1 networks: - defaultRoute: true fixedIP: 2620:cf:cf:aaaa::101 name: ctlplane subnetName: subnet1 - fixedIP: 2620:cf:cf:bbbb::101 name: internalapi subnetName: subnet1 - fixedIP: 2620:cf:cf:cccc::101 name: storage subnetName: subnet1 - fixedIP: 2620:cf:cf:eeee::101 name: tenant subnetName: subnet1 preProvisioned: true services: - bootstrap - configure-network - validate-network - install-os - configure-os - ssh-known-hosts - run-os - reboot-os - install-certs - ceph-client - ovn - neutron-metadata - libvirt - nova-custom-ceph - telemetry --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: nova-custom-ceph namespace: openstack spec: caCerts: combined-ca-bundle containerImageFields: - NovaComputeImage - EdpmIscsidImage dataSources: - configMapRef: name: ceph-nova - secretRef: name: nova-cell1-compute-config - secretRef: name: nova-migration-ssh-key edpmServiceType: nova label: dataplane-deployment-nova-custom-ceph playbook: osp.edpm.nova