apiVersion: v1 data: 25-nova-extra.conf: | [DEFAULT] # Triple the default of the following reimage_timeout_per_gb = 60 [glance] endpoint_override = https://glance-az2-internal.openstack.svc:9292 valid_interfaces = internal [cinder] cross_az_attach = False catalog_info = volumev3:cinderv3:internalURL kind: ConfigMap metadata: name: nova-extra-config-az2 namespace: openstack --- apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFBbEozZjF0Q3B5cjNNbG1yZ3RBdnVRUlllK0kzcHVhYW9TUUk5ZDB5U0lJQSs4aDNMWFF3eURhV3RWWVB2d29WOU1sUlZQMjlLTy9ZSU9kYmo2U2pSeEdnSFlCNUtnTnZjalQ1TEZYcHJJOUdjNnZud0FwZnRjZHFJYWI5YmtZYXhzMEJZZnJCSVg0a1pJZFJEM1hZWmJmU3ZyN1lBOUlFVjAvWGJCZ2x2SW4vcGpSQT09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFKU2QzOWJRcWNxOXpKWnE0TFFMN2tFV0h2aU42CmJtbXFFa0NQWGRNa2lDQVB2SWR5MTBNTWcybHJWV0Q3OEtGZlRKVVZUOXZTanYyQ0RuVzQra28wY1JvQjJBZVNvRGIzSTAKK1N4VjZheVBSbk9yNThBS1g3WEhhaUdtL1c1R0dzYk5BV0g2d1NGK0pHU0hVUTkxMkdXMzByNisyQVBTQkZkUDEyd1lKYgp5Si82WTBRQUFBRVFRc0tJQTBMQ2lBTUFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFDVW5kL1cwS25LdmN5V2F1QzBDKzVCRmg3NGplbTVwcWhKQWoxM1RKSWdnRDd5SGN0ZERESU5wYTFWZysvQ2gKWDB5VkZVL2Iwbzc5Z2c1MXVQcEtOSEVhQWRnSGtxQTI5eU5Qa3NWZW1zajBaenErZkFDbCsxeDJvaHB2MXVSaHJHelFGaAorc0VoZmlSa2gxRVBkZGhsdDlLK3Z0Z0QwZ1JYVDlkc0dDVzhpZittTkVBQUFBUWdIc2plT3Npd3MwaVdjVHlsY0kyZDBOCmk5OHFHdkY4VDloa1FXUy92NUdOME9jVXNqNEYzaXYzTXFHM1pOWUJIY0NVelU4RkQ4UVU0TWZvVDVjOEhoc0dXQUFBQUEKOUZSRkJOSUdSbGNHeHZlU0JyWlhrQkFnTT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFBbEozZjF0Q3B5cjNNbG1yZ3RBdnVRUlllK0kzcHVhYW9TUUk5ZDB5U0lJQSs4aDNMWFF3eURhV3RWWVB2d29WOU1sUlZQMjlLTy9ZSU9kYmo2U2pSeEdnSFlCNUtnTnZjalQ1TEZYcHJJOUdjNnZud0FwZnRjZHFJYWI5YmtZYXhzMEJZZnJCSVg0a1pJZFJEM1hZWmJmU3ZyN1lBOUlFVjAvWGJCZ2x2SW4vcGpSQT09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack type: Opaque --- apiVersion: v1 data: ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFHVHZKTnBxVUIvc296eXhVVnRYOHBKTjhUNDRICndqb0t4MUJRZFBOS3lJR1dyYmdKYUl5cjBZRGc3V0ZXR3dCdWNneldaK3JCWEo0VFVtYURvQWplNWFrQjB4OFoyaHhycVMKT215YlNEUVJvdzVEWW5ZNzZrNjFRZzNtN0w3SWhkN1lXOFdpQWdRQ3J4b0pLdWFOUVhzcmp0bDhwSENyaG9XTC9WZDhYbQo0UFluYmQ0QUFBRVFzemJ1eHJNMjdzWUFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFCazd5VGFhbEFmN0tNOHNWRmJWL0tTVGZFK09COEk2Q3NkUVVIVHpTc2lCbHEyNENXaU1xOUdBNE8xaFZoc0EKYm5JTTFtZnF3VnllRTFKbWc2QUkzdVdwQWRNZkdkb2NhNmtqcHNtMGcwRWFNT1EySjJPK3BPdFVJTjV1eSt5SVhlMkZ2RgpvZ0lFQXE4YUNTcm1qVUY3SzQ3WmZLUndxNGFGaS8xWGZGNXVEMkoyM2VBQUFBUWdHSXFvb2pTNHUzNnExME11TEF0NDhECmtkQlBKZWl2VzczVkVEUXZHd0NpbmFlb0loVDJQZTlmMDdnZDRlbUIrNHNqeHEwbGdFMmZlQ2pnejAzUE8rdzFBZ0FBQUEKNU9iM1poSUcxcFozSmhkR2x2YmdFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFBWk84azJtcFFIK3lqUExGUlcxZnlrazN4UGpnZkNPZ3JIVUZCMDgwcklnWmF0dUFsb2pLdlJnT0R0WVZZYkFHNXlETlpuNnNGY25oTlNab09nQ043bHFRSFRIeG5hSEd1cEk2Ykp0SU5CR2pEa05pZGp2cVRyVkNEZWJzdnNpRjN0aGJ4YUlDQkFLdkdna3E1bzFCZXl1TzJYeWtjS3VHaFl2OVYzeGViZzlpZHQzZz09IE5vdmEgbWlncmF0aW9uCg== kind: Secret metadata: name: nova-migration-ssh-key namespace: openstack type: kubernetes.io/ssh-auth --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: r2-compute-nodes namespace: openstack spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" - name: ANSIBLE_TIMEOUT value: "60" - name: ANSIBLE_SSH_TIMEOUT value: "60" - name: ANSIBLE_SSH_RETRIES value: "60" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: edpm_bootstrap_command: | dnf -y install conntrack-tools edpm_fips_mode: check edpm_frr_bfd: false edpm_frr_bgp_ipv4_src_network: bgpmainnet edpm_frr_bgp_ipv6_src_network: bgpmainnetv6 edpm_frr_bgp_neighbor_password: f00barZ edpm_network_config_hide_sensitive_logs: false edpm_network_config_nmstate: false edpm_network_config_os_net_config_mappings: edpm-r2-compute-0: nic2: 6a:fe:54:3f:8a:02 edpm-r2-compute-1: nic2: 6a:fe:54:3f:8a:02 edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} use_dhcp: false - type: interface name: nic1 use_dhcp: true defroute: false - type: interface name: nic2 use_dhcp: false defroute: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - type: interface name: nic3 use_dhcp: false addresses: - ip_netmask: {{ bgpnet0_ip }}/30 - type: interface name: nic4 use_dhcp: false addresses: - ip_netmask: {{ bgpnet1_ip }}/30 - type: interface name: lo addresses: - ip_netmask: {{ bgpmainnet_ip }}/32 - ip_netmask: {{ bgpmainnetv6_ip }}/128 edpm_ovn_bgp_agent_expose_tenant_networks: false edpm_ovn_encap_ip: '{{ bgpmainnet_ip }}' edpm_sshd_allowed_ranges: - 192.168.125.0/24 - 192.168.122.0/24 - 192.168.123.0/24 - 192.168.124.0/24 - 192.168.125.0/24 - 192.168.111.0/24 edpm_sshd_configure_firewall: true gather_facts: false neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth1 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret managementNetwork: ctlplane networks: - defaultRoute: true name: CtlPlane subnetName: subnet1 - name: BgpNet0 subnetName: subnet0 - name: BgpNet1 subnetName: subnet0 - name: BgpMainNet subnetName: subnet0 - name: BgpMainNetV6 subnetName: subnet0 - name: BgpNet0 subnetName: subnet1 - name: BgpNet1 subnetName: subnet1 - name: BgpMainNet subnetName: subnet1 - name: BgpMainNetV6 subnetName: subnet1 - name: BgpNet0 subnetName: subnet2 - name: BgpNet1 subnetName: subnet2 - name: BgpMainNet subnetName: subnet2 - name: BgpMainNetV6 subnetName: subnet2 nodes: r2-compute-0: ansible: ansibleHost: 192.168.124.103 ansibleVars: edpm_frr_bgp_peers: - 100.64.2.1 - 100.65.2.1 edpm_ovn_bgp_agent_local_ovn_peer_ips: - 100.64.2.1 - 100.65.2.1 hostName: r2-compute-0 networks: - defaultRoute: true fixedIP: 192.168.124.103 name: ctlplane subnetName: subnet2 - name: internalapi subnetName: subnet1 - name: storage subnetName: subnet1 - name: tenant subnetName: subnet1 - fixedIP: 100.64.2.2 name: BgpNet0 subnetName: subnet2 - fixedIP: 100.65.2.2 name: BgpNet1 subnetName: subnet2 - fixedIP: 99.99.2.7 name: BgpMainNet subnetName: subnet2 - fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0037 name: BgpMainNetV6 subnetName: subnet2 r2-compute-1: ansible: ansibleHost: 192.168.124.104 ansibleVars: edpm_frr_bgp_peers: - 100.64.2.5 - 100.65.2.5 edpm_ovn_bgp_agent_local_ovn_peer_ips: - 100.64.2.5 - 100.65.2.5 hostName: r2-compute-1 networks: - defaultRoute: true fixedIP: 192.168.124.104 name: ctlplane subnetName: subnet2 - name: internalapi subnetName: subnet1 - name: storage subnetName: subnet1 - name: tenant subnetName: subnet1 - fixedIP: 100.64.2.6 name: BgpNet0 subnetName: subnet2 - fixedIP: 100.65.2.6 name: BgpNet1 subnetName: subnet2 - fixedIP: 99.99.2.8 name: BgpMainNet subnetName: subnet2 - fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0038 name: BgpMainNetV6 subnetName: subnet2 preProvisioned: true services: - bootstrap - download-cache - install-os - configure-os - configure-network - frr - validate-network - run-os - reboot-os - install-certs - ovn - neutron-metadata - ovn-bgp-agent - libvirt - nova-custom-az2 --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: nova-custom-az2 namespace: openstack spec: addCertMounts: false caCerts: combined-ca-bundle dataSources: - configMapRef: name: nova-extra-config-az2 - secretRef: name: nova-migration-ssh-key - secretRef: name: nova-cell1-compute-config edpmServiceType: nova playbook: osp.edpm.nova tlsCerts: default: contents: - dnsnames - ips edpmRoleServiceName: nova issuer: osp-rootca-issuer-internal networks: - ctlplane