apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFCQzNNSHJobjBROU9RRVI3NWZHem1JOXRlL3h4Y1hLQ2YrQWxFZkFhWklRazJ3SDN6S0d4Tlo3a0dOdkJDVE5NOUpqRy9VQXRHcVNFa0x1Q3BHK0k5WFlnQ2psSUoxbmowYmlvTExXT3NyNWhlUlpoWnY3ZFllN0c5bEUySENZUzUvTjVPYW95MFg0NVBDcjUxK3BlK2x6VzlnK0lUMTZULzlCbWFiV3BPSlRPZ2tBQT09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFRdHpCNjRaOUVQVGtCRWUrWHhzNWlQYlh2OGNYCkZ5Z24vZ0pSSHdHbVNFSk5zQjk4eWhzVFdlNUJqYndRa3pUUFNZeHYxQUxScWtoSkM3Z3FSdmlQVjJJQW81U0NkWjQ5RzQKcUN5MWpySytZWGtXWVdiKzNXSHV4dlpSTmh3bUV1ZnplVG1xTXRGK09Ud3ErZGZxWHZwYzF2WVBpRTllay8vUVptbTFxVAppVXpvSkFBQUFBRVFjaHFVVEhJYWxFd0FBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFFTGN3ZXVHZlJEMDVBUkh2bDhiT1lqMjE3L0hGeGNvSi80Q1VSOEJwa2hDVGJBZmZNb2JFMW51UVkyOEVKTTAKejBtTWI5UUMwYXBJU1F1NEtrYjRqMWRpQUtPVWduV2VQUnVLZ3N0WTZ5dm1GNUZtRm0vdDFoN3NiMlVUWWNKaExuODNrNQpxakxSZmprOEt2blg2bDc2WE5iMkQ0aFBYcFAvMEdacHRhazRsTTZDUUFBQUFBUVFscTVLVlR6aWQ4WEZnUGVBSkZvak9oCkJNNU9LSnkxaCthbmxPTEFSODBqb2ZyWVU0QnlieXh4WnZQZHVLUTM3MWFSNXhHd3FicGdTdkZOVHVCdVdZU2tBQUFBRDAKVkVVRTBnWkdWd2JHOTVJR3RsZVFFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFCQzNNSHJobjBROU9RRVI3NWZHem1JOXRlL3h4Y1hLQ2YrQWxFZkFhWklRazJ3SDN6S0d4Tlo3a0dOdkJDVE5NOUpqRy9VQXRHcVNFa0x1Q3BHK0k5WFlnQ2psSUoxbmowYmlvTExXT3NyNWhlUlpoWnY3ZFllN0c5bEUySENZUzUvTjVPYW95MFg0NVBDcjUxK3BlK2x6VzlnK0lUMTZULzlCbWFiV3BPSlRPZ2tBQT09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack2 type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack2 type: Opaque --- apiVersion: v1 data: ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUEzVVYrRlp1UHUwdmYyR1lNMGVXME51SGRiNC9JCjFlaVFiY3VzSFo0TCtLd29YbXU1T1Z6TkxtU1U2T3R1aXZUR0oyTSsxRVVxTmJ2dVlIRUdSQXJseHlFQnFRS2ZGdTJTZUYKNzZpSk56UXVvS0xkY1cyTmU4ZVlPWUgwaHNVWVAzL2RLaHg5Mm9YNlAwdzZRT3BkVHBCd1dOYUJiRU9abU1ZNWg3RUV1NApPZFYvWW5VQUFBRVE3RGpkTHV3NDNTNEFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFOMUZmaFdiajd0TDM5aG1ETkhsdERiaDNXK1B5Tlhva0czTHJCMmVDL2lzS0Y1cnVUbGN6UzVrbE9qcmJvcjAKeGlkalB0UkZLalc3N21CeEJrUUs1Y2NoQWFrQ254YnRrbmhlK29pVGMwTHFDaTNYRnRqWHZIbURtQjlJYkZHRDkvM1NvYwpmZHFGK2o5TU9rRHFYVTZRY0ZqV2dXeERtWmpHT1lleEJMdURuVmYySjFBQUFBUWdGTWhmUWRnWGtRWXFuc0cvZVVSckVrCnB5ZDNGb3llcFdTdkZTdnQ1RFdFcG1ITDYyMUZ0bkZEc0E0NzdzTkxiaFd0Um5JUC8vMW12dU14cnNLQnJPUzVKUUFBQUEKNU9iM1poSUcxcFozSmhkR2x2YmdFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFEZFJYNFZtNCs3UzkvWVpnelI1YlEyNGQxdmo4alY2SkJ0eTZ3ZG5ndjRyQ2hlYTdrNVhNMHVaSlRvNjI2SzlNWW5ZejdVUlNvMXUrNWdjUVpFQ3VYSElRR3BBcDhXN1pKNFh2cUlrM05DNmdvdDF4YlkxN3g1ZzVnZlNHeFJnL2Y5MHFISDNhaGZvL1REcEE2bDFPa0hCWTFvRnNRNW1ZeGptSHNRUzdnNTFYOWlkUT09IE5vdmEgbWlncmF0aW9uCg== kind: Secret metadata: name: nova-migration-ssh-key namespace: openstack2 type: kubernetes.io/ssh-auth --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: openstack-edpm namespace: openstack2 spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: edpm_fips_mode: check edpm_network_config_hide_sensitive_logs: false edpm_network_config_os_net_config_mappings: edpm-compute2-0: nic2: 52:54:00:56:6a:54 edpm-compute2-1: nic2: 52:54:00:09:bd:ca edpm-compute2-2: nic2: 52:54:00:5b:5f:2d edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: interface name: nic1 use_dhcp: true mtu: {{ min_viable_mtu }} - type: ovs_bridge name: {{ neutron_physical_bridge_name }} mtu: {{ min_viable_mtu }} use_dhcp: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} routes: {{ ctlplane_host_routes }} members: - type: interface name: nic2 mtu: {{ min_viable_mtu }} # force the MAC address of the bridge to this interface primary: true {% for network in nodeset_networks %} - type: vlan mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} addresses: - ip_netmask: {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} {% endfor %} edpm_nodes_validation_validate_controllers_icmp: false edpm_nodes_validation_validate_gateway_icmp: false edpm_sshd_allowed_ranges: - 192.168.122.0/24 edpm_sshd_configure_firewall: true gather_facts: false neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth0 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret managementNetwork: ctlplane networks: - defaultRoute: true name: ctlplane subnetName: subnet1 - name: internalapi subnetName: subnet1 - name: storage subnetName: subnet1 - name: tenant subnetName: subnet1 nodes: edpm-compute2-0: ansible: ansibleHost: 192.168.133.100 hostName: compute2-0 networks: - fixedIP: 192.168.111.30 name: ocpbm subnetName: subnet1 - defaultRoute: true fixedIP: 192.168.133.100 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.10.100 name: internalapi subnetName: subnet1 - fixedIP: 172.18.10.100 name: storage subnetName: subnet1 - fixedIP: 172.19.10.100 name: tenant subnetName: subnet1 edpm-compute2-1: ansible: ansibleHost: 192.168.133.101 hostName: compute2-1 networks: - fixedIP: 192.168.111.31 name: ocpbm subnetName: subnet1 - defaultRoute: true fixedIP: 192.168.133.101 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.10.101 name: internalapi subnetName: subnet1 - fixedIP: 172.18.10.101 name: storage subnetName: subnet1 - fixedIP: 172.19.10.101 name: tenant subnetName: subnet1 edpm-compute2-2: ansible: ansibleHost: 192.168.133.102 hostName: compute2-2 networks: - fixedIP: 192.168.111.32 name: ocpbm subnetName: subnet1 - defaultRoute: true fixedIP: 192.168.133.102 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.10.102 name: internalapi subnetName: subnet1 - fixedIP: 172.18.10.102 name: storage subnetName: subnet1 - fixedIP: 172.19.10.102 name: tenant subnetName: subnet1 preProvisioned: true services: - bootstrap - configure-network - validate-network - install-os - configure-os - ssh-known-hosts - run-os - reboot-os - install-certs - ovn - neutron-metadata - libvirt - nova