# Whether to use no_log on tasks which may output potentially # sensitive data. use_no_log: false # Network configuration for IPv4/IPv6 support ipv6_enabled: false internalapi_prefix: "172.17.0" internalapi_prefix_ipv6: "2620:cf:cf:bbbb" # Whether the adopted node will host compute services compute_adoption: true # rhoso namespace rhoso_namespace: "openstack" # Whether source env is OSPD Director Operator # i.e. https://github.com/openstack-k8s-operators/osp-director-operator ospdo_src: false # The names of cells on the target cloud renamed_cells: "{{ [default_cell_name] + cells | difference(['default']) }}" ## Env headers (should be the same as provided in the docs, as the best effort) # Header to apply in 'shell' module invocations. If overriding, at # least 'set -e' should be kept to ensure that scripts that fail # somewhere in the middle will also fail the whole Ansible run as # expected. shell_header: | set -euxo pipefail # Snippet to get the desired 'oc' command onto $PATH. oc_header: | eval $(crc oc-env) # Header for a Compute cells names evaluation for the source and destination cloud # and renaming of the default cell from tripleo # NOTE: 'super' is not a cell, but a reference for the top-scope "upcall" API on main controllers cells_env: | CELLS="{{ cells | join(' ') }}" DEFAULT_CELL_NAME={{ default_cell_name }} RENAMED_CELLS="{{ renamed_cells | join(' ') }}" # Header for osdp nodesets names evaluation nodesets_env: | {{ edpm_computes_shell_vars_src }} set +u NODESETS="" for CELL in $(echo $RENAMED_CELLS); do ref="COMPUTES_$(echo ${CELL}|tr '[:lower:]' '[:upper:]')" eval names=\${!${ref}[@]} [ -z "$names" ] && continue NODESETS="'openstack-${CELL}', $NODESETS" done set -u NODESETS="[${NODESETS%,*}{% if edpm_nodes_networker is defined %}, 'openstack-networker'{% endif %}]" NODESETS="[${NODESETS%,*}{% if edpm_nodes_dcn1 is defined %}, 'dcn1'{% endif %}]" NODESETS="[${NODESETS%,*}{% if edpm_nodes_dcn2 is defined %}, 'dcn2'{% endif %}]" nodesets_env_oc: | {{ shell_header }} {{ oc_header }} {{ cells_env }} set +u NODESETS="" for CELL in $(echo $RENAMED_CELLS); do oc get Openstackdataplanenodeset openstack-${CELL} || continue NODESETS="'openstack-${CELL}', $NODESETS" done set -u NODESETS="[${NODESETS%,*}]" # Header for custom nova osdp services names evaluation nova_services_env: | {{ shell_header }} {{ cells_env }} set +u NOVASERVICES="" for CELL in $(echo $RENAMED_CELLS); do NOVASERVICES="'nova-${CELL}', $NOVASERVICES" done set -u NOVASERVICES="[${NOVASERVICES%,*}]" # Headers for DB client CLI image mariadb_image_env: | STORAGE_CLASS={{ storage_class_name }} MARIADB_IMAGE=quay.io/podified-antelope-centos9/openstack-mariadb:current-podified # Header for the source databases initial clusters members health check mariadb_members_env: |- {{ shell_header }} {{ cells_env }} {% for cell in cells %} declare -A SOURCE_GALERA_MEMBERS_{{ cell.upper() }} SOURCE_GALERA_MEMBERS_{{ cell.upper() }}=( {% if source_galera_members is string %} {{ source_galera_members }} {% else %} {% for n in source_galera_members[cell] | default([]) %} [{{ n.name|quote }}]={{ n.ip|quote }} {% endfor %} {% endif %} ) {% endfor %} # Headers for the destination databases access passwords mariadb_passwords_env: |- {{ shell_header }} {{ cells_env }} declare -A PODIFIED_DB_ROOT_PASSWORD for CELL in $(echo "super $RENAMED_CELLS"); do PODIFIED_DB_ROOT_PASSWORD[$CELL]=$(oc get -o json secret/osp-secret | jq -r .data.DbRootPassword | base64 -d) done # Header for the source database access # TODO: Env vars for OSPDo case are also configured in env_vars_src_ospdo.yaml. Move them here, eventually? # OSPDo RUN_OVERRIDES definition exists only in docs (missing in code?). # NOTE: in a split-stack source cloud, each stack passwords should come from a stack-specific passwords file, # but different passwords are not supported in a multi-cell deployment mariadb_client_network_annotation: >- {{ '--annotations=k8s.v1.cni.cncf.io/networks=internalapi' if not (bgp | bool) else '--annotations=k8s.v1.cni.cncf.io/networks=[{\"name\":\"internalapi\",\"namespace\":\"openstack\",\"default-route\":[\"' + internalapi_prefix | default('172.17.0') + '.1\"]}]' }} mariadb_copy_shell_vars_src: |- {{ shell_header }} PASSWORD_FILE="{{ tripleo_passwords['default'] | replace("~", "$HOME") }}" {{ mariadb_image_env }} {{ cells_env }} declare -A TRIPLEO_PASSWORDS for CELL in $(echo $CELLS); do TRIPLEO_PASSWORDS[$CELL]="$PASSWORD_FILE" done RUN_OVERRIDES=' ' MARIADB_CLIENT_ANNOTATIONS={{ deploy_ctlplane_ospdo | default(false) | bool | ternary('-n $NAMESPACE', mariadb_client_network_annotation) }} MARIADB_RUN_OVERRIDES={{ deploy_ctlplane_ospdo | default(false) | bool | ternary("--overrides=${RUN_OVERRIDES} $MARIADB_CLIENT_ANNOTATIONS {{ mysql_client_override }}", "$MARIADB_CLIENT_ANNOTATIONS") }} OSPDO_MARIADB_CLIENT_ANNOTATIONS='[{"name": "internalapi-static","ips": \ ["{% if ipv6_enabled | default(false) %}{{ internalapi_prefix_ipv6 | default('2620:cf:cf:bbbb') }}::99/64\ {% else %}{{ internalapi_prefix | default('172.17.0') }}.99/24{% endif %}"]}]' {{ pull_openstack_configuration_ssh_shell_vars }} declare -A SOURCE_DB_ROOT_PASSWORD for CELL in $(echo $CELLS); do SOURCE_DB_ROOT_PASSWORD[$CELL]=$(cat ${TRIPLEO_PASSWORDS[$CELL]} | grep ' MysqlRootPassword:' | awk -F ': ' '{ print $2; }') done declare -A SOURCE_MARIADB_IP {% for cell in cells %} SOURCE_MARIADB_IP[{{ cell }}]={% if source_mariadb_ip is string %}{% set ip = source_mariadb_ip %}{% else %}{% set ip = source_mariadb_ip[cell] %}{% endif %}{{ ip }} {% endfor %} # Header for the destination database access # The CHARACTER_SET and collation should match the source DB # if the do not then it will break foreign key relationships # for any tables that are created in the future as part of db sync mariadb_copy_shell_vars_dst: | {{ shell_header }} {{ oc_header }} {{ mariadb_image_env }} {{ cells_env }} CHARACTER_SET=utf8 COLLATION=utf8_general_ci {{ mariadb_passwords_env }} declare -A PODIFIED_MARIADB_IP for CELL in $(echo "super $RENAMED_CELLS"); do if [ "$CELL" = "super" ]; then PODIFIED_MARIADB_IP[$CELL]=$(oc get svc --selector "mariadb/name=openstack" -ojsonpath='{.items[0].spec.clusterIP}') else PODIFIED_MARIADB_IP[$CELL]=$(oc get svc --selector "mariadb/name=openstack-$CELL" -ojsonpath='{.items[0].spec.clusterIP}') fi done # Header for the destination cloud EDPM Nova cell computes FDQN and IP pairs, per a cell # NOTE(bogdando): Assume inernalapi network comes with an index 1. Ignore FQDN on a network to simply bind IPs by a hostname. # NOTE(bogdando): Assume cell1 must always have at least an only compute node. That is for backwards compatibility with scenarios not aware of multiple cells. edpm_computes_shell_vars_src: |- {{ shell_header }} {{ cells_env }} {% if 'cell1' not in edpm_nodes %} {% set edpm_nodes_real = {'cell1': edpm_nodes} %} {% else %} {% set edpm_nodes_real = edpm_nodes %} {% endif %} {% for cell in renamed_cells %} declare -A COMPUTES_{{ cell.upper() }} COMPUTES_{{ cell.upper() }}=( {%- for v in edpm_nodes_real[cell] | default([]) %} ["{{ edpm_nodes_real[cell][v].hostName }}"]={{ edpm_nodes_real[cell][v].ansible.ansibleHost }} {% endfor -%} ) declare -A COMPUTES_API_{{ cell.upper() }} COMPUTES_API_{{ cell.upper() }}=( {%- for v in edpm_nodes_real[cell] | default([]) %} ["{{ edpm_nodes_real[cell][v].hostName }}"]={{ edpm_nodes_real[cell][v].networks[1].fixedIP|default("") }} {% endfor -%} ) {% endfor %} pull_openstack_configuration_ssh_shell_vars: | CONTROLLER1_SSH="{{ controller1_ssh }}" CONTROLLER2_SSH="{{ controller2_ssh }}" CONTROLLER3_SSH="{{ controller3_ssh }}" # Whether to adopt Octavia enable_octavia: true octavia_adoption: true # Whether to create Octavia workload before adoption - defined in common_defaults because it is used in two roles: # dataplane_adoption and development_environment prelaunch_octavia_workload: false mariadbcheck: true # Whether bgp is configured bgp: false # Public subnet configuration public_subnet_cidr: 192.168.122.0/24 public_subnet_gateway: "{{ public_subnet_cidr | ansible.utils.ipaddr('1') | ansible.utils.ipaddr('address') }}" public_subnet_fip_1: "{{ public_subnet_cidr | ansible.utils.ipaddr('20') | ansible.utils.ipaddr('address') }}" public_subnet_fip_2: "{{ public_subnet_cidr | ansible.utils.ipaddr('21') | ansible.utils.ipaddr('address') }}" public_subnet_pool_start: "{{ public_subnet_cidr | ansible.utils.ipaddr('171') | ansible.utils.ipaddr('address') }}" public_subnet_pool_end: "{{ public_subnet_cidr | ansible.utils.ipaddr('250') | ansible.utils.ipaddr('address') }}"