apiVersion: v1 data: 25-nova-extra.conf: | [DEFAULT] # Triple the default of the following reimage_timeout_per_gb = 60 [glance] endpoint_override = https://glance-az0-internal.openstack.svc:9292 valid_interfaces = internal [cinder] cross_az_attach = False catalog_info = volumev3:cinderv3:internalURL kind: ConfigMap metadata: name: nova-extra-config-az0 namespace: openstack --- apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFDejdHVjJZWFBSZlI3QmpPa1NzS3lqV1JucEVZcjFCV05TVC9kcStzeWJjb3ZNTlJrSHBEbUhsVmtaQ2VLcXpZV2FGR3lPZVlyRFlwYmNpeGg0Yk1RY0hRR2NVYjFNNHdXeWZFN2FISVRiK2dVY283ZVZVeHl4RVBjS1pSZTZ0bUF4R21xY2NCd3hYWjJuajhZZnNEa1h2M0dDQUFySkFBcjIwNkh1NEdQcTRjdWg4QT09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFzK3hsZG1GejBYMGV3WXpwRXJDc28xa1o2UkdLCjlRVmpVay8zYXZyTW0zS0x6RFVaQjZRNWg1VlpHUW5pcXMyRm1oUnNqbm1LdzJLVzNJc1llR3pFSEIwQm5GRzlUT01Gc24KeE8yaHlFMi9vRkhLTzNsVk1jc1JEM0NtVVh1clpnTVJwcW5IQWNNVjJkcDQvR0g3QTVGNzl4Z2dBS3lRQUs5dE9oN3VCago2dUhMb2ZBQUFBRVFtNzdrTjV1KzVEY0FBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFMUHNaWFpoYzlGOUhzR002Ukt3cktOWkdla1JpdlVGWTFKUDkycjZ6SnR5aTh3MUdRZWtPWWVWV1JrSjRxck4KaFpvVWJJNTVpc05pbHR5TEdIaHN4QndkQVp4UnZVempCYko4VHRvY2hOdjZCUnlqdDVWVEhMRVE5d3BsRjdxMllERWFhcAp4d0hERmRuYWVQeGgrd09SZS9jWUlBQ3NrQUN2YlRvZTdnWStyaHk2SHdBQUFBUWdDZ0oxNGFvcS93aWRYQTU1MXhOV0MvCjExNTQyOTRDSlNraUZQUG00UTdiVElpaVJtcUVoMjMwcTlrRXNmWFN1TjQ1V1NoK2hCM1BIVjREWDcwVlpYSUFyd0FBQUEKOUZSRkJOSUdSbGNHeHZlU0JyWlhrQkFnTT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFDejdHVjJZWFBSZlI3QmpPa1NzS3lqV1JucEVZcjFCV05TVC9kcStzeWJjb3ZNTlJrSHBEbUhsVmtaQ2VLcXpZV2FGR3lPZVlyRFlwYmNpeGg0Yk1RY0hRR2NVYjFNNHdXeWZFN2FISVRiK2dVY283ZVZVeHl4RVBjS1pSZTZ0bUF4R21xY2NCd3hYWjJuajhZZnNEa1h2M0dDQUFySkFBcjIwNkh1NEdQcTRjdWg4QT09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack type: Opaque --- apiVersion: v1 data: ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUJNdnRXWDc5TWxySUkvV0d4Mnk0R1l1OTVLTUJLCnJXbDR1V0htTndCWUZRWlRjaUpoc1JjTm5yWkpVUW1TeFh3aHRtTVlEdDhZUDR1a1FDanVrMWExalgwQUZiQ0kwMnk3eXkKL3hKbTlvaE1zc2ljV2MxdXlVaFYrc3ZId2kwdVFUVzl1NjRMbXBjbkJIclpOZUhmSmFNckw2Z0VHME12VFNFY0VzS2VmYQpyMTMxbXFJQUFBRVFNUE9xRnpEenFoY0FBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFUTDdWbCsvVEpheUNQMWhzZHN1Qm1MdmVTakFTcTFwZUxsaDVqY0FXQlVHVTNJaVliRVhEWjYyU1ZFSmtzVjgKSWJaakdBN2ZHRCtMcEVBbzdwTld0WTE5QUJXd2lOTnN1OHN2OFNadmFJVExMSW5Gbk5ic2xJVmZyTHg4SXRMa0UxdmJ1dQpDNXFYSndSNjJUWGgzeVdqS3krb0JCdERMMDBoSEJMQ25uMnE5ZDlacWlBQUFBUWdGME4zK0tEejEzWXdjWGYvcTdPZS9iCk5HYnF5NU1NTUVCbUNteHlKNThueXExckU0K2IxTVlCUjRLYzVNWnNKcGx6dlpkRVJMZldGV2lVNnlHSGFURnUyZ0FBQUEKNU9iM1poSUcxcFozSmhkR2x2YmdFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFFeSsxWmZ2MHlXc2dqOVliSGJMZ1ppNzNrb3dFcXRhWGk1WWVZM0FGZ1ZCbE55SW1HeEZ3MmV0a2xSQ1pMRmZDRzJZeGdPM3hnL2k2UkFLTzZUVnJXTmZRQVZzSWpUYkx2TEwvRW1iMmlFeXl5Snhaelc3SlNGWDZ5OGZDTFM1Qk5iMjdyZ3VhbHljRWV0azE0ZDhsb3lzdnFBUWJReTlOSVJ3U3dwNTlxdlhmV2FvZz09IE5vdmEgbWlncmF0aW9uCg== kind: Secret metadata: name: nova-migration-ssh-key namespace: openstack type: kubernetes.io/ssh-auth --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: r0-compute-nodes namespace: openstack spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" - name: ANSIBLE_TIMEOUT value: "60" - name: ANSIBLE_SSH_TIMEOUT value: "60" - name: ANSIBLE_SSH_RETRIES value: "60" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: edpm_bootstrap_command: | dnf -y install conntrack-tools edpm_fips_mode: check edpm_frr_bfd: false edpm_frr_bgp_ipv4_src_network: bgpmainnet edpm_frr_bgp_ipv6_src_network: bgpmainnetv6 edpm_frr_bgp_neighbor_password: f00barZ edpm_network_config_hide_sensitive_logs: false edpm_network_config_nmstate: false edpm_network_config_os_net_config_mappings: edpm-r0-compute-0: nic2: 6a:fe:54:3f:8a:02 edpm-r0-compute-1: nic2: 6b:fe:54:3f:8a:02 edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} use_dhcp: false - type: interface name: nic1 use_dhcp: true defroute: false - type: interface name: nic2 use_dhcp: false defroute: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - type: interface name: nic3 use_dhcp: false addresses: - ip_netmask: {{ bgpnet0_ip }}/30 - type: interface name: nic4 use_dhcp: false addresses: - ip_netmask: {{ bgpnet1_ip }}/30 - type: interface name: lo addresses: - ip_netmask: {{ bgpmainnet_ip }}/32 - ip_netmask: {{ bgpmainnetv6_ip }}/128 edpm_ovn_bgp_agent_expose_tenant_networks: false edpm_ovn_encap_ip: '{{ bgpmainnet_ip }}' edpm_sshd_allowed_ranges: - 192.168.125.0/24 - 192.168.122.0/24 - 192.168.123.0/24 - 192.168.124.0/24 - 192.168.125.0/24 - 192.168.111.0/24 edpm_sshd_configure_firewall: true gather_facts: false neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth1 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret managementNetwork: ctlplane networks: - defaultRoute: true name: CtlPlane subnetName: subnet1 - name: BgpNet0 subnetName: subnet0 - name: BgpNet1 subnetName: subnet0 - name: BgpMainNet subnetName: subnet0 - name: BgpMainNetV6 subnetName: subnet0 - name: BgpNet0 subnetName: subnet1 - name: BgpNet1 subnetName: subnet1 - name: BgpMainNet subnetName: subnet1 - name: BgpMainNetV6 subnetName: subnet1 - name: BgpNet0 subnetName: subnet2 - name: BgpNet1 subnetName: subnet2 - name: BgpMainNet subnetName: subnet2 - name: BgpMainNetV6 subnetName: subnet2 nodes: r0-compute-0: ansible: ansibleHost: 192.168.122.100 ansibleVars: edpm_frr_bgp_peers: - 100.64.0.1 - 100.65.0.1 edpm_ovn_bgp_agent_local_ovn_peer_ips: - 100.64.0.1 - 100.65.0.1 hostName: r0-compute-0 networks: - defaultRoute: true fixedIP: 192.168.122.100 name: ctlplane subnetName: subnet0 - name: internalapi subnetName: subnet1 - name: storage subnetName: subnet1 - name: tenant subnetName: subnet1 - fixedIP: 100.64.0.2 name: BgpNet0 subnetName: subnet0 - fixedIP: 100.65.0.2 name: BgpNet1 subnetName: subnet0 - fixedIP: 99.99.0.7 name: BgpMainNet subnetName: subnet0 - fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0017 name: BgpMainNetV6 subnetName: subnet0 r0-compute-1: ansible: ansibleHost: 192.168.122.101 ansibleVars: edpm_frr_bgp_peers: - 100.64.0.5 - 100.65.0.5 edpm_ovn_bgp_agent_local_ovn_peer_ips: - 100.64.0.5 - 100.65.0.5 hostName: r0-compute-1 networks: - defaultRoute: true fixedIP: 192.168.122.101 name: ctlplane subnetName: subnet0 - name: internalapi subnetName: subnet1 - name: storage subnetName: subnet1 - name: tenant subnetName: subnet1 - fixedIP: 100.64.0.6 name: BgpNet0 subnetName: subnet0 - fixedIP: 100.65.0.6 name: BgpNet1 subnetName: subnet0 - fixedIP: 99.99.0.8 name: BgpMainNet subnetName: subnet0 - fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0018 name: BgpMainNetV6 subnetName: subnet0 preProvisioned: true services: - bootstrap - download-cache - install-os - configure-os - configure-network - frr - validate-network - run-os - reboot-os - install-certs - ovn - neutron-metadata - ovn-bgp-agent - libvirt - nova-custom-az0 --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: nova-custom-az0 namespace: openstack spec: addCertMounts: false caCerts: combined-ca-bundle dataSources: - configMapRef: name: nova-extra-config-az0 - secretRef: name: nova-migration-ssh-key - secretRef: name: nova-cell1-compute-config edpmServiceType: nova playbook: osp.edpm.nova tlsCerts: default: contents: - dnsnames - ips edpmRoleServiceName: nova issuer: osp-rootca-issuer-internal networks: - ctlplane