apiVersion: v1 data: 03-ceph-nova.conf: CHANGEME_NOVA_CEPH_CONF kind: ConfigMap metadata: name: ceph-nova namespace: openstack --- apiVersion: v1 data: ceph.client.openstack.keyring: CHANGEME_CEPH_KEYRING ceph.conf: CHANGEME_CEPH_CONF kind: Secret metadata: name: ceph-conf-files namespace: openstack type: Opaque --- apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFDeGdFMDdpT3ZvY3pIeE0wTzBYalRtRmwxMENGNDNHZ0c5bktRYVRPZTRSTTh5ZUZUWmNPMGtYV1ByWWU1d3RUTXpkUDQxN2xWeWdPTWZvdzEzSkthNjFBR3EvYmFLb3MrTkNoUDEwakQ5N1FHY0xhUGtwa0dBOGRCTlFoOVFtSmEvTnpnVm1aMTc5U1AyN3hXdmluYWpIeW9LZXJrL2ZJMUk5UHY1SXByeGhWUDV6Zz09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUFzWUJOTzRqcjZITXg4VE5EdEY0MDVoWmRkQWhlCk54b0J2WnlrR2t6bnVFVFBNbmhVMlhEdEpGMWo2Mkh1Y0xVek0zVCtOZTVWY29Eakg2TU5keVNtdXRRQnF2MjJpcUxQalEKb1Q5ZEl3L2UwQm5DMmo1S1pCZ1BIUVRVSWZVSmlXdnpjNEZabWRlL1VqOXU4VnI0cDJveDhxQ25xNVAzeU5TUFQ3K1NLYQo4WVZUK2M0QUFBRVE4MXR5Si9OYmNpY0FBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFMR0FUVHVJNitoek1mRXpRN1JlTk9ZV1hYUUlYamNhQWIyY3BCcE01N2hFenpKNFZObHc3U1JkWSt0aDduQzEKTXpOMC9qWHVWWEtBNHgrakRYY2twcnJVQWFyOXRvcWl6NDBLRS9YU01QM3RBWnd0bytTbVFZRHgwRTFDSDFDWWxyODNPQgpXWm5YdjFJL2J2RmErS2RxTWZLZ3A2dVQ5OGpVajArL2tpbXZHRlUvbk9BQUFBUWdFbkNaL1d6VExnRm02THZQeHJ5YXdVCklIU2NhY0FBREhaenZOT29LR0ZSVWoxOVhZSCtadHVHSUd4aHBqRUNBUmxPNDZSbUk0NXR1NkdycjZaSDJMK3lUZ0FBQUEKOUZSRkJOSUdSbGNHeHZlU0JyWlhrQkFnTT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFDeGdFMDdpT3ZvY3pIeE0wTzBYalRtRmwxMENGNDNHZ0c5bktRYVRPZTRSTTh5ZUZUWmNPMGtYV1ByWWU1d3RUTXpkUDQxN2xWeWdPTWZvdzEzSkthNjFBR3EvYmFLb3MrTkNoUDEwakQ5N1FHY0xhUGtwa0dBOGRCTlFoOVFtSmEvTnpnVm1aMTc5U1AyN3hXdmluYWpIeW9LZXJrL2ZJMUk5UHY1SXByeGhWUDV6Zz09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack type: Opaque --- apiVersion: v1 data: ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUJDMHBSVFdzU0Nlb2RwRjNacjJoNjJoYmdaTE1XCnRJcW1PVmhrTUhPd0JSTEczM3pFcDM2UnRyek1RWkxKTHZoN2lrdGp2YWwwMkVhUjhDWDUxcVBLczVNQk1FRnI0Sm1NM2oKdkVYVllZbTNlc0dwUGV6ZGE5aWE3bTUvZWIyMStzOHl2YVE3T05VZGFpa1p1MVpHVDdDV0VsNHJlZndVNWtCbnptSGdFMAo0U0llMGgwQUFBRVE0ZytzOE9JUHJQQUFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFRdEtVVTFyRWducUhhUmQyYTlvZXRvVzRHU3pGclNLcGpsWVpEQnpzQVVTeHQ5OHhLZCtrYmE4ekVHU3lTNzQKZTRwTFk3MnBkTmhHa2ZBbCtkYWp5ck9UQVRCQmErQ1pqTjQ3eEYxV0dKdDNyQnFUM3MzV3ZZbXU1dWYzbTl0ZnJQTXIyawpPempWSFdvcEdidFdSayt3bGhKZUszbjhGT1pBWjg1aDRCTk9FaUh0SWRBQUFBUWdEVHNBNUhkWTIwNlI1cnhEenNBODVmCm9PU1kxOW0wR3JjQ2JaR0NSYnliT2NmN2w5OHV3SVNiZVRVZGpNTkpFNHVxbzhKM0x3QU1samFMbWFuL014R3lnUUFBQUEKNU9iM1poSUcxcFozSmhkR2x2YmdFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFFTFNsRk5heElKNmgya1hkbXZhSHJhRnVCa3N4YTBpcVk1V0dRd2M3QUZFc2JmZk1TbmZwRzJ2TXhCa3NrdStIdUtTMk85cVhUWVJwSHdKZm5Xbzhxemt3RXdRV3ZnbVl6ZU84UmRWaGliZDZ3YWs5N04xcjJKcnVibjk1dmJYNnp6SzlwRHM0MVIxcUtSbTdWa1pQc0pZU1hpdDUvQlRtUUdmT1llQVRUaEloN1NIUT09IE5vdmEgbWlncmF0aW9uCg== kind: Secret metadata: name: nova-migration-ssh-key namespace: openstack type: kubernetes.io/ssh-auth --- apiVersion: v1 data: AdminPassword: MTIzNDU2Nzg= AodhDatabasePassword: MTIzNDU2Nzg= AodhPassword: MTIzNDU2Nzg= BarbicanDatabasePassword: MTIzNDU2Nzg= BarbicanPassword: MTIzNDU2Nzg= BarbicanSimpleCryptoKEK: c0VGbWRGakRVcVJNMlZlbVlzbFY1eUdOV2pva2lvSlhzZzhOcmxjM2RyVT0= CeilometerPassword: MTIzNDU2Nzg= CinderDatabasePassword: MTIzNDU2Nzg= CinderPassword: MTIzNDU2Nzg= CloudKittyPassword: MTIzNDU2Nzg= DatabasePassword: MTIzNDU2Nzg= DbRootPassword: MTIzNDU2Nzg= DesignateDatabasePassword: MTIzNDU2Nzg= DesignatePassword: MTIzNDU2Nzg= GlanceDatabasePassword: MTIzNDU2Nzg= GlancePassword: MTIzNDU2Nzg= HeatAuthEncryptionKey: NzY3YzNlZDA1NmNiYWEzYjlkZmVkYjhjNmY4MjViZjA= HeatDatabasePassword: MTIzNDU2Nzg= HeatPassword: MTIzNDU2Nzg= IronicDatabasePassword: MTIzNDU2Nzg= IronicInspectorDatabasePassword: MTIzNDU2Nzg= IronicInspectorPassword: MTIzNDU2Nzg= IronicPassword: MTIzNDU2Nzg= KeystoneDatabasePassword: MTIzNDU2Nzg= ManilaDatabasePassword: MTIzNDU2Nzg= ManilaPassword: MTIzNDU2Nzg= MetadataSecret: MTIzNDU2Nzg0Mg== NeutronDatabasePassword: MTIzNDU2Nzg= NeutronPassword: MTIzNDU2Nzg= NovaAPIDatabasePassword: MTIzNDU2Nzg= NovaCell0DatabasePassword: MTIzNDU2Nzg= NovaCell1DatabasePassword: MTIzNDU2Nzg= NovaPassword: MTIzNDU2Nzg= OctaviaDatabasePassword: MTIzNDU2Nzg= OctaviaHeartbeatKey: MTIzNDU2Nzg= OctaviaPassword: MTIzNDU2Nzg= PlacementDatabasePassword: MTIzNDU2Nzg= PlacementPassword: MTIzNDU2Nzg= SwiftPassword: MTIzNDU2Nzg= WatcherPassword: MTIzNDU2Nzg= kind: Secret metadata: name: osp-secret namespace: openstack type: Opaque --- apiVersion: core.openstack.org/v1beta1 kind: OpenStackControlPlane metadata: name: controlplane namespace: openstack spec: barbican: apiOverride: route: {} template: barbicanAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer replicas: 3 barbicanKeystoneListener: replicas: 1 barbicanWorker: replicas: 3 databaseInstance: openstack messagingBus: cluster: rabbitmq user: barbican vhost: barbican preserveJobs: false secret: osp-secret cinder: apiOverride: route: {} template: apiTimeout: 600 cinderAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer replicas: 3 cinderBackup: customServiceConfig: | [DEFAULT] backup_driver = cinder.backup.drivers.ceph.CephBackupDriver backup_ceph_pool = backups backup_ceph_user = openstack networkAttachments: - storage replicas: 3 cinderScheduler: replicas: 1 cinderVolumes: ceph: customServiceConfig: | [DEFAULT] enabled_backends = ceph [ceph] volume_backend_name = ceph volume_driver = cinder.volume.drivers.rbd.RBDDriver rbd_ceph_conf = /etc/ceph/ceph.conf rbd_user = openstack rbd_pool = volumes rbd_flatten_volume_from_snapshot = False rbd_secret_uuid = _replaced_ customServiceConfig: | # Debug logs by default, jobs can override as needed. [DEFAULT] debug = true databaseInstance: openstack messagingBus: cluster: rabbitmq user: cinder vhost: cinder preserveJobs: false secret: osp-secret uniquePodNames: true designate: enabled: true template: customServiceConfig: | [DEFAULT] debug = true designateAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 replicas: 3 designateBackendbind9: networkAttachments: - designate override: services: - metadata: annotations: metallb.universe.tf/LoadBalancerIPs: 172.34.0.80 metallb.universe.tf/address-pool: designateext metallb.universe.tf/allow-shared-ip: designateext spec: type: LoadBalancer - metadata: annotations: metallb.universe.tf/LoadBalancerIPs: 172.34.0.81 metallb.universe.tf/address-pool: designateext metallb.universe.tf/allow-shared-ip: designateext spec: type: LoadBalancer - metadata: annotations: metallb.universe.tf/LoadBalancerIPs: 172.34.0.82 metallb.universe.tf/address-pool: designateext metallb.universe.tf/allow-shared-ip: designateext spec: type: LoadBalancer replicas: 3 storageClass: local-storage storageRequest: 10Gi designateCentral: replicas: 1 designateMdns: networkAttachments: - designate replicas: 3 designateProducer: networkAttachments: - designate replicas: 2 designateUnbound: networkAttachments: - designate replicas: 1 designateWorker: networkAttachments: - designate replicas: 3 messagingBus: cluster: rabbitmq user: designate vhost: designate nsRecords: - hostname: ns1.example.org. priority: 1 - hostname: ns2.example.org. priority: 2 preserveJobs: false dns: template: options: - key: server values: - 192.168.122.1 override: service: metadata: annotations: metallb.universe.tf/address-pool: ctlplane metallb.universe.tf/allow-shared-ip: ctlplane metallb.universe.tf/loadBalancerIPs: 192.168.122.80 spec: type: LoadBalancer replicas: 2 extraMounts: - extraVol: - extraVolType: Ceph mounts: - mountPath: /etc/ceph name: ceph readOnly: true propagation: - CinderVolume - CinderBackup - GlanceAPI - ManilaShare volumes: - name: ceph projected: sources: - secret: name: ceph-conf-files name: v1 region: r1 galera: enabled: true templates: openstack: replicas: 3 secret: osp-secret storageRequest: 5Gi openstack-cell1: replicas: 3 secret: osp-secret storageRequest: 5Gi glance: apiOverrides: default: route: {} template: customServiceConfig: | [DEFAULT] debug=True enabled_backends = default_backend:s3 [glance_store] default_backend = default_backend [default_backend] s3_store_create_bucket_on_put = True s3_store_bucket_url_format = "path" s3_store_large_object_size = 0 databaseInstance: openstack glanceAPIs: default: apiTimeout: 600 customServiceConfigSecrets: - s3glance networkAttachments: - storage override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer replicas: 3 preserveJobs: false storage: storageClass: local-storage storageRequest: 10Gi uniquePodNames: true heat: apiOverride: route: {} cnfAPIOverride: route: {} enabled: false template: databaseInstance: openstack heatAPI: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer replicas: 1 heatEngine: replicas: 1 preserveJobs: false secret: osp-secret horizon: apiOverride: route: {} enabled: true template: preserveJobs: false replicas: 1 secret: osp-secret ironic: enabled: false template: databaseInstance: openstack ironicAPI: replicas: 1 ironicConductors: - replicas: 1 storageRequest: 10Gi ironicInspector: preserveJobs: false replicas: 1 ironicNeutronAgent: replicas: 1 preserveJobs: false secret: osp-secret keystone: apiOverride: route: {} template: databaseInstance: openstack override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer preserveJobs: false replicas: 3 secret: osp-secret manila: apiOverride: route: haproxy.router.openshift.io/timeout: 60s enabled: true template: customServiceConfig: | [DEFAULT] debug = true enabled_share_backends = cephfsnfs enabled_share_protocols = nfs [cephfsnfs] driver_handles_share_servers=False share_backend_name=cephfs share_driver=manila.share.drivers.cephfs.driver.CephFSDriver cephfs_auth_id=openstack cephfs_cluster_name=ceph cephfs_nfs_cluster_id=cephfs cephfs_protocol_helper_type=NFS databaseInstance: openstack manilaAPI: networkAttachments: - internalapi override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer replicas: 1 manilaScheduler: replicas: 1 manilaShares: share1: networkAttachments: - storage replicas: 1 messagingBus: cluster: rabbitmq user: manila vhost: manila preserveJobs: false memcached: templates: memcached: replicas: 3 messagingBus: cluster: rabbitmq neutron: apiOverride: route: {} template: customServiceConfig: | [DEFAULT] vlan_transparent = true service_plugins = qos,ovn-router,trunk,segments,log,taas,tapmirror agent_down_time = 600 router_distributed = true router_scheduler_driver = neutron.scheduler.l3_agent_scheduler.ChanceScheduler debug = true dns_domain = example.org. external_dns_driver = designate [agent] report_interval = 300 [database] max_retries = -1 db_max_retries = -1 [keystone_authtoken] region_name = regionOne memcache_use_advanced_pool = True auth_type = password [nova] region_name = regionOne endpoint_type = internal [oslo_messaging_notifications] driver = noop [oslo_middleware] enable_proxy_headers_parsing = true [oslo_policy] policy_file = /etc/neutron/policy.yaml [placement] region_name = regionOne [ovs] igmp_snooping_enable = true [ovn] ovn_emit_need_to_frag = true ovs_create_tap = true [ml2] type_drivers = geneve,vlan,flat,local tenant_network_types = vlan,flat extension_drivers=qos,port_security,dns_domain_keywords [ml2_type_vlan] network_vlan_ranges = datacentre:1000:2000 [service_providers] service_provider = TAAS:TAAS:neutron_taas.services.taas.service_drivers.ovn.taas_ovn.TaasOvnDriver:default [designate] url = https://designate-internal.openstack.svc:9001/v2 auth_type = password auth_url = {{ .KeystoneInternalURL }} username = {{ .ServiceUser }} password = {{ .ServicePassword }} project_name = service project_domain_name = Default user_domain_name = Default allow_reverse_dns_lookup = True ipv4_ptr_zone_prefix_size = 24 ipv6_ptr_zone_prefix_size = 116 ptr_zone_email = admin@example.org databaseInstance: openstack messagingBus: cluster: rabbitmq user: neutron vhost: neutron networkAttachments: - internalapi override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer preserveJobs: false replicas: 3 secret: osp-secret notificationsBus: cluster: rabbitmq nova: apiOverride: route: {} template: apiServiceTemplate: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer replicas: 3 apiTimeout: 600 cellTemplates: cell0: cellDatabaseAccount: nova-cell0 cellDatabaseInstance: openstack conductorServiceTemplate: replicas: 1 hasAPIAccess: true messagingBus: cluster: rabbitmq cell1: cellDatabaseAccount: nova-cell1 cellDatabaseInstance: openstack-cell1 conductorServiceTemplate: replicas: 1 hasAPIAccess: true messagingBus: cluster: rabbitmq user: nova-cell1 vhost: nova-cell1 noVNCProxyServiceTemplate: enabled: true networkAttachments: - ctlplane messagingBus: cluster: rabbitmq user: nova vhost: nova metadataServiceTemplate: override: service: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer replicas: 3 preserveJobs: false schedulerServiceTemplate: replicas: 3 secret: osp-secret octavia: enabled: false template: databaseInstance: openstack octaviaAPI: preserveJobs: false replicas: 1 octaviaHealthManager: {} octaviaHousekeeping: {} octaviaWorker: {} preserveJobs: false secret: osp-secret ovn: template: ovnController: networkAttachment: tenant nicMappings: datacentre: ospbr ovnDBCluster: ovndbcluster-nb: dbType: NB networkAttachment: internalapi replicas: 3 storageRequest: 10Gi ovndbcluster-sb: dbType: SB networkAttachment: internalapi replicas: 3 storageRequest: 10Gi ovnNorthd: logLevel: info nThreads: 1 replicas: 1 resources: {} tls: {} placement: apiOverride: route: {} template: databaseInstance: openstack override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer preserveJobs: false replicas: 3 secret: osp-secret rabbitmq: templates: rabbitmq: override: service: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.85 spec: type: LoadBalancer replicas: 3 resources: limits: cpu: "2" memory: 4Gi requests: cpu: "1" memory: 4Gi redis: enabled: true templates: designate-redis: replicas: 1 secret: osp-secret storageClass: local-storage swift: enabled: false proxyOverride: route: {} template: swiftProxy: override: service: internal: metadata: annotations: metallb.universe.tf/address-pool: internalapi metallb.universe.tf/allow-shared-ip: internalapi metallb.universe.tf/loadBalancerIPs: 172.17.0.80 spec: type: LoadBalancer replicas: 1 swiftRing: ringReplicas: 1 swiftStorage: replicas: 1 telemetry: enabled: false template: autoscaling: aodh: databaseInstance: openstack memcachedInstance: memcached passwordSelectors: null preserveJobs: false secret: osp-secret enabled: false heatInstance: heat ceilometer: enabled: false secret: osp-secret logging: enabled: false port: 10514 metricStorage: enabled: false monitoringStack: alertingEnabled: true scrapeInterval: 30s storage: persistent: pvcStorageClass: local-storage pvcStorageRequest: 10Gi retention: 24h strategy: persistent tls: caBundleSecretName: "" --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: openstack-edpm namespace: openstack spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: edpm_fips_mode: check edpm_iscsid_image: '{{ registry_url }}/openstack-iscsid:{{ image_tag }}' edpm_logrotate_crond_image: '{{ registry_url }}/openstack-cron:{{ image_tag }}' edpm_network_config_hide_sensitive_logs: false edpm_network_config_os_net_config_mappings: edpm-compute-0: nic2: "52:54:00:17:05:43" edpm-compute-1: nic2: "52:54:00:17:05:44" edpm-compute-2: nic2: "52:54:00:17:05:46" edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {% set _ = mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) %} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} mtu: {{ min_viable_mtu }} use_dhcp: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} routes: {{ ctlplane_host_routes }} members: - type: interface name: nic2 mtu: {{ min_viable_mtu }} primary: true {% for network in nodeset_networks %} - type: vlan mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} addresses: - ip_netmask: >- {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} {% endfor %} edpm_nodes_validation_validate_controllers_icmp: false edpm_nodes_validation_validate_gateway_icmp: false edpm_ovn_encap_tos: inherit edpm_sshd_allowed_ranges: - 192.168.122.0/24 edpm_sshd_configure_firewall: true gather_facts: false image_tag: current-podified neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth0 registry_url: quay.io/podified-antelope-centos9 storage_mgmt_cidr: "24" storage_mgmt_host_routes: [] storage_mgmt_mtu: 9000 storage_mgmt_vlan_id: 23 storage_mtu: 9000 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret extraMounts: - extraVolType: Ceph mounts: - mountPath: /etc/ceph name: ceph readOnly: true volumes: - name: ceph secret: secretName: ceph-conf-files managementNetwork: ctlplane networks: - defaultRoute: true name: ctlplane subnetName: subnet1 - name: internalapi subnetName: subnet1 - name: storage subnetName: subnet1 - name: tenant subnetName: subnet1 - name: storagemgmt subnetName: subnet1 nodes: edpm-compute-0: ansible: ansibleHost: 192.168.122.100 hostName: compute-0 networks: - defaultRoute: true fixedIP: 192.168.122.100 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.0.100 name: internalapi subnetName: subnet1 - fixedIP: 172.18.0.100 name: storage subnetName: subnet1 - fixedIP: 172.19.0.100 name: tenant subnetName: subnet1 edpm-compute-1: ansible: ansibleHost: 192.168.122.101 hostName: compute-1 networks: - defaultRoute: true fixedIP: 192.168.122.101 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.0.101 name: internalapi subnetName: subnet1 - fixedIP: 172.18.0.101 name: storage subnetName: subnet1 - fixedIP: 172.19.0.101 name: tenant subnetName: subnet1 edpm-compute-2: ansible: ansibleHost: 192.168.122.102 hostName: compute-2 networks: - defaultRoute: true fixedIP: 192.168.122.102 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.0.102 name: internalapi subnetName: subnet1 - fixedIP: 172.18.0.102 name: storage subnetName: subnet1 - fixedIP: 172.19.0.102 name: tenant subnetName: subnet1 preProvisioned: true services: - bootstrap - configure-network - validate-network - install-os - configure-os - ssh-known-hosts - run-os - reboot-os - install-certs - ceph-client - ovn - neutron-metadata - libvirt - nova-custom-ceph --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: nova-custom-ceph namespace: openstack spec: caCerts: combined-ca-bundle containerImageFields: - NovaComputeImage - EdpmIscsidImage dataSources: - configMapRef: name: ceph-nova - secretRef: name: nova-cell1-compute-config - secretRef: name: nova-migration-ssh-key edpmServiceType: nova label: dataplane-deployment-nova-custom-ceph playbook: osp.edpm.nova