apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFBbEozZjF0Q3B5cjNNbG1yZ3RBdnVRUlllK0kzcHVhYW9TUUk5ZDB5U0lJQSs4aDNMWFF3eURhV3RWWVB2d29WOU1sUlZQMjlLTy9ZSU9kYmo2U2pSeEdnSFlCNUtnTnZjalQ1TEZYcHJJOUdjNnZud0FwZnRjZHFJYWI5YmtZYXhzMEJZZnJCSVg0a1pJZFJEM1hZWmJmU3ZyN1lBOUlFVjAvWGJCZ2x2SW4vcGpSQT09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFKU2QzOWJRcWNxOXpKWnE0TFFMN2tFV0h2aU42CmJtbXFFa0NQWGRNa2lDQVB2SWR5MTBNTWcybHJWV0Q3OEtGZlRKVVZUOXZTanYyQ0RuVzQra28wY1JvQjJBZVNvRGIzSTAKK1N4VjZheVBSbk9yNThBS1g3WEhhaUdtL1c1R0dzYk5BV0g2d1NGK0pHU0hVUTkxMkdXMzByNisyQVBTQkZkUDEyd1lKYgp5Si82WTBRQUFBRVFRc0tJQTBMQ2lBTUFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFDVW5kL1cwS25LdmN5V2F1QzBDKzVCRmg3NGplbTVwcWhKQWoxM1RKSWdnRDd5SGN0ZERESU5wYTFWZysvQ2gKWDB5VkZVL2Iwbzc5Z2c1MXVQcEtOSEVhQWRnSGtxQTI5eU5Qa3NWZW1zajBaenErZkFDbCsxeDJvaHB2MXVSaHJHelFGaAorc0VoZmlSa2gxRVBkZGhsdDlLK3Z0Z0QwZ1JYVDlkc0dDVzhpZittTkVBQUFBUWdIc2plT3Npd3MwaVdjVHlsY0kyZDBOCmk5OHFHdkY4VDloa1FXUy92NUdOME9jVXNqNEYzaXYzTXFHM1pOWUJIY0NVelU4RkQ4UVU0TWZvVDVjOEhoc0dXQUFBQUEKOUZSRkJOSUdSbGNHeHZlU0JyWlhrQkFnTT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFBbEozZjF0Q3B5cjNNbG1yZ3RBdnVRUlllK0kzcHVhYW9TUUk5ZDB5U0lJQSs4aDNMWFF3eURhV3RWWVB2d29WOU1sUlZQMjlLTy9ZSU9kYmo2U2pSeEdnSFlCNUtnTnZjalQ1TEZYcHJJOUdjNnZud0FwZnRjZHFJYWI5YmtZYXhzMEJZZnJCSVg0a1pJZFJEM1hZWmJmU3ZyN1lBOUlFVjAvWGJCZ2x2SW4vcGpSQT09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack type: Opaque --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: r2-networker-nodes namespace: openstack spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" - name: ANSIBLE_TIMEOUT value: "60" - name: ANSIBLE_SSH_TIMEOUT value: "60" - name: ANSIBLE_SSH_RETRIES value: "60" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: edpm_bootstrap_command: | dnf -y install conntrack-tools edpm_enable_chassis_gw: true edpm_fips_mode: check edpm_frr_bfd: false edpm_frr_bgp_ipv4_src_network: bgpmainnet edpm_frr_bgp_ipv6_src_network: bgpmainnetv6 edpm_frr_bgp_neighbor_password: f00barZ edpm_network_config_hide_sensitive_logs: false edpm_network_config_nmstate: false edpm_network_config_os_net_config_mappings: edpm-r2-networker-0: nic2: 6d:fe:54:3f:8a:02 edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} use_dhcp: false - type: interface name: nic1 use_dhcp: true defroute: false - type: interface name: nic2 use_dhcp: false defroute: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - type: interface name: nic3 use_dhcp: false addresses: - ip_netmask: {{ bgpnet0_ip }}/30 - type: interface name: nic4 use_dhcp: false addresses: - ip_netmask: {{ bgpnet1_ip }}/30 - type: interface name: lo addresses: - ip_netmask: {{ bgpmainnet_ip }}/32 - ip_netmask: {{ bgpmainnetv6_ip }}/128 edpm_ovn_bgp_agent_expose_tenant_networks: false edpm_ovn_encap_ip: '{{ bgpmainnet_ip }}' edpm_sshd_allowed_ranges: - 192.168.125.0/24 - 192.168.122.0/24 - 192.168.123.0/24 - 192.168.124.0/24 - 192.168.125.0/24 - 192.168.111.0/24 edpm_sshd_configure_firewall: true gather_facts: false neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth1 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret managementNetwork: ctlplane networks: - defaultRoute: true name: CtlPlane subnetName: subnet1 - name: BgpNet0 subnetName: subnet0 - name: BgpNet1 subnetName: subnet0 - name: BgpMainNet subnetName: subnet0 - name: BgpMainNetV6 subnetName: subnet0 - name: BgpNet0 subnetName: subnet1 - name: BgpNet1 subnetName: subnet1 - name: BgpMainNet subnetName: subnet1 - name: BgpMainNetV6 subnetName: subnet1 - name: BgpNet0 subnetName: subnet2 - name: BgpNet1 subnetName: subnet2 - name: BgpMainNet subnetName: subnet2 - name: BgpMainNetV6 subnetName: subnet2 nodes: r2-networker-0: ansible: ansibleHost: 192.168.122.108 ansibleVars: edpm_frr_bgp_peers: - 100.64.2.9 - 100.65.2.9 edpm_ovn_bgp_agent_local_ovn_peer_ips: - 100.64.2.9 - 100.65.2.9 hostName: r2-networker-0 networks: - defaultRoute: true fixedIP: 192.168.122.108 name: ctlplane subnetName: subnet2 - name: internalapi subnetName: subnet1 - name: tenant subnetName: subnet1 - fixedIP: 100.64.2.10 name: BgpNet0 subnetName: subnet2 - fixedIP: 100.65.2.10 name: BgpNet1 subnetName: subnet2 - fixedIP: 99.99.2.9 name: BgpMainNet subnetName: subnet2 - fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0039 name: BgpMainNetV6 subnetName: subnet2 preProvisioned: true services: - bootstrap - download-cache - install-os - configure-os - configure-network - frr - validate-network - ssh-known-hosts - run-os - reboot-os - install-certs - ovn - neutron-metadata - ovn-bgp-agent