apiVersion: v1 data: 03-ceph-nova.conf: CHANGEME_NOVA_CEPH_CONF kind: ConfigMap metadata: name: ceph-nova namespace: openstack --- apiVersion: v1 data: ceph.client.openstack.keyring: CHANGEME_CEPH_KEYRING ceph.conf: CHANGEME_CEPH_CONF kind: Secret metadata: name: ceph-conf-files namespace: openstack type: Opaque --- apiVersion: v1 data: authorized_keys: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFIMTFYSjZZbDVGdWViNjNlZmxkNmNaZ2ozYXN3MjVSMlNyQVFaWlJnTWtJdFFOM1V3UnUwTm1Wc0dMdHRFT0JFcjdoTmEwVkRYeUVqUzFsRVBQOHExdXZnRUNseldhaGxwcWdkNnpPYmN5ZWVvNWJ2R25TWG9yRU01UUZIQUsvLzFBRjdLVVVrajhEODZ0SzR4RGhHNlhWS1ZQWi9IT082ZlV3dUhORi9TY0l5YmlVdz09IEVEUE0gZGVwbG95IGtleQo= ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUI5ZFZ5ZW1KZVJibm0rdDNuNVhlbkdZSTkyck1OCnVVZGtxd0VHV1VZREpDTFVEZDFNRWJ0RFpsYkJpN2JSRGdSSys0VFd0RlExOGhJMHRaUkR6L0t0YnI0QkFwYzFtb1phYW8KSGVzem0zTW5ucU9XN3hwMGw2S3hET1VCUndDdi85UUJleWxGSkkvQS9PclN1TVE0UnVsMVNsVDJmeHpqdW4xTUxoelJmMApuQ01tNGxNQUFBRVFYaFFWZlY0VUZYMEFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFmWFZjbnBpWGtXNTV2cmQ1K1YzcHhtQ1BkcXpEYmxIWktzQkJsbEdBeVFpMUEzZFRCRzdRMlpXd1l1MjBRNEUKU3Z1RTFyUlVOZklTTkxXVVE4L3lyVzYrQVFLWE5acUdXbXFCM3JNNXR6SjU2amx1OGFkSmVpc1F6bEFVY0FyLy9VQVhzcApSU1NQd1B6cTByakVPRWJwZFVwVTluOGM0N3A5VEM0YzBYOUp3akp1SlRBQUFBUWdIVmpQSkVIc21oODFZNEFHTFNnNXdKCnYrL1laYS9POE9tM3dCWG5IZlJBUHRhYTI3U2plVm5XSUwwMlRHVUhlVGJWOUJWV1hBblI5cUtzYVpPei9kNTQvQUFBQUEKOUZSRkJOSUdSbGNHeHZlU0JyWlhrQkFnTT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFIMTFYSjZZbDVGdWViNjNlZmxkNmNaZ2ozYXN3MjVSMlNyQVFaWlJnTWtJdFFOM1V3UnUwTm1Wc0dMdHRFT0JFcjdoTmEwVkRYeUVqUzFsRVBQOHExdXZnRUNseldhaGxwcWdkNnpPYmN5ZWVvNWJ2R25TWG9yRU01UUZIQUsvLzFBRjdLVVVrajhEODZ0SzR4RGhHNlhWS1ZQWi9IT082ZlV3dUhORi9TY0l5YmlVdz09IEVEUE0gZGVwbG95IGtleQo= kind: Secret metadata: name: dataplane-ansible-ssh-private-key-secret namespace: openstack type: Opaque --- apiVersion: v1 data: LibvirtPassword: MTIzNDU2Nzg= kind: Secret metadata: name: libvirt-secret namespace: openstack type: Opaque --- apiVersion: v1 data: ssh-privatekey: LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFyQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd05USXhBQUFBQ0c1cGMzUndOVEl4QUFBQWhRUUJOSlVVY0F5SnZzZHByVkFMYTBxSFVrcmtWbWdYCi9NRVVmaTNvTmlseUx0RVFsSnRnNEVGSDhVbW9YdTZlenBNZm9Hd0J3T1hsRmFqdlhGdnlRVldSY01vQkxoaWplNUthU1MKME1VZFpKRmZGaGE3ZUJOb0F4TE8wK0lzV2wrM21pM2tDY2JuWm5YZWtLWGhhRVg3ZHV2SEMxSzZsa29yamE0QloxaHhXQwpSdDB2Sm5ZQUFBRVExdWN5Sk5ibk1pUUFBQUFUWldOa2MyRXRjMmhoTWkxdWFYTjBjRFV5TVFBQUFBaHVhWE4wY0RVeU1RCkFBQUlVRUFUU1ZGSEFNaWI3SGFhMVFDMnRLaDFKSzVGWm9GL3pCRkg0dDZEWXBjaTdSRUpTYllPQkJSL0ZKcUY3dW5zNlQKSDZCc0FjRGw1UldvNzF4YjhrRlZrWERLQVM0WW8zdVNta2t0REZIV1NSWHhZV3UzZ1RhQU1TenRQaUxGcGZ0NW90NUFuRwo1MloxM3BDbDRXaEYrM2JyeHd0U3VwWktLNDJ1QVdkWWNWZ2tiZEx5WjJBQUFBUWdFeCtVRDBKdjllZEVVbnY0UHBwdzZDCkFqbXBjSElDZ0Vnd2k3Ym5Ib2d6Qm9GT1BCcFBQdEZFR2hkVFMzM013Z3hiMi9aK0xVSjlMMXE1VTdINDBoaHViZ0FBQUEKNU9iM1poSUcxcFozSmhkR2x2YmdFQ0F3UT0KLS0tLS1FTkQgT1BFTlNTSCBQUklWQVRFIEtFWS0tLS0tCg== ssh-publickey: ZWNkc2Etc2hhMi1uaXN0cDUyMSBBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEExTWpFQUFBQUlibWx6ZEhBMU1qRUFBQUNGQkFFMGxSUndESW0reDJtdFVBdHJTb2RTU3VSV2FCZjh3UlIrTGVnMktYSXUwUkNVbTJEZ1FVZnhTYWhlN3A3T2t4K2diQUhBNWVVVnFPOWNXL0pCVlpGd3lnRXVHS043a3BwSkxReFIxa2tWOFdGcnQ0RTJnREVzN1Q0aXhhWDdlYUxlUUp4dWRtZGQ2UXBlRm9SZnQyNjhjTFVycVdTaXVOcmdGbldIRllKRzNTOG1kZz09IE5vdmEgbWlncmF0aW9uCg== kind: Secret metadata: name: nova-migration-ssh-key namespace: openstack type: kubernetes.io/ssh-auth --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: name: gpu-computes-edpm namespace: openstack spec: env: - name: ANSIBLE_FORCE_COLOR value: "True" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: zuul ansibleVars: dns_search_domains: [] edpm_bootstrap_command: | echo CHANGEME edpm_bootstrap_release_version_package: [] edpm_ceph_hci_pre_enabled_services: - ceph_mon - ceph_mgr - ceph_osd - ceph_rgw - ceph_nfs - ceph_rgw_frontend - ceph_nfs_frontend edpm_enable_chassis_gw: false edpm_fips_mode: check edpm_kernel_args: default_hugepagesz=1GB hugepagesz=1G hugepages=16 intel_iommu=on iommu=pt vfio-pci.ids=10de:20f1 rd.driver.pre=vfio-pci edpm_network_config_hide_sensitive_logs: false edpm_network_config_nmstate: false edpm_network_config_os_net_config_mappings: edpm-compute-0: nic1: aa:bb:cc:dd:ee:ff nic2: CHANGEME edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} mtu: {{ min_viable_mtu }} use_dhcp: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} routes: {{ ctlplane_host_routes }} members: - type: linux_bond name: bond0 mtu: {{ min_viable_mtu }} bonding_options: "mode=802.3ad lacp_rate=fast" members: - type: interface name: nic1 mtu: {{ min_viable_mtu }} primary: true - type: interface name: nic2 mtu: {{ min_viable_mtu }} {% for network in nodeset_networks %} - type: vlan mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} addresses: - ip_netmask: {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} {% endfor %} edpm_network_config_update: false edpm_nodes_validation_validate_controllers_icmp: false edpm_nodes_validation_validate_gateway_icmp: false edpm_ovn_availability_zones: [] edpm_ovn_bridge_mappings: - datacentre:br-ex edpm_reboot_strategy: force edpm_sshd_allowed_ranges: - 192.168.122.0/24 edpm_sshd_configure_firewall: true edpm_tuned_isolated_cores: 4-23,28-47 edpm_tuned_profile: cpu-partitioning-powersave gather_facts: false neutron_physical_bridge_name: br-ex neutron_public_interface_name: eth0 rhc_release: 9.4 rhc_repositories: - name: '*' state: disabled - name: CHANGEME storage_mgmt_cidr: CHANGEME_STGMGMT_PREFIX_LEN storage_mgmt_host_routes: [] storage_mgmt_mtu: 9000 storage_mgmt_vlan_id: CHANGEME_STGMGMT_VLAN storage_mtu: 9000 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret extraMounts: - extraVolType: Ceph mounts: - mountPath: /etc/ceph name: ceph readOnly: true volumes: - name: ceph secret: secretName: ceph-conf-files managementNetwork: ctlplane networks: - defaultRoute: true name: ctlplane subnetName: subnet2 - name: internalapi subnetName: subnet2 - name: storage subnetName: subnet2 - name: tenant subnetName: subnet2 nodes: edpm-compute-0: ansible: ansibleHost: 192.168.122.100 bmhLabelSelector: nodeName: edpm-compute-0 hostName: compute-0 networkData: name: edpm-compute-0-network-data namespace: openstack networks: - defaultRoute: true fixedIP: 192.168.122.100 name: ctlplane subnetName: subnet1 - fixedIP: 172.17.0.100 name: internalapi subnetName: subnet1 - fixedIP: 172.18.0.100 name: storage subnetName: subnet1 - fixedIP: 172.20.0.100 name: storagemgmt subnetName: subnet1 - fixedIP: 172.19.0.100 name: tenant subnetName: subnet1 - fixedIP: 10.0.0.100 name: external subnetName: subnet1 preProvisioned: true services: - bootstrap - configure-network - validate-network - install-os - ceph-hci-pre - configure-os - ssh-known-hosts - run-os - reboot-os - install-certs - ceph-client - ovn - neutron-metadata - libvirt - nova-custom-gpu-ceph - telemetry --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: neutron-metadata namespace: openstack spec: addCertMounts: false caCerts: combined-ca-bundle containerImageFields: - EdpmNeutronMetadataAgentImage dataSources: - secretRef: name: neutron-ovn-metadata-agent-neutron-config - secretRef: name: nova-cell1-metadata-neutron-config edpmServiceType: neutron-metadata playbook: osp.edpm.neutron_metadata tlsCerts: default: contents: - dnsnames - ips issuer: osp-rootca-issuer-ovn keyUsages: - digital signature - key encipherment - client auth networks: - ctlplane --- apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneService metadata: name: nova-custom-gpu-ceph namespace: openstack spec: caCerts: combined-ca-bundle dataSources: - configMapRef: name: ceph-nova - configMapRef: name: cpu-pinning-nova - configMapRef: name: gpu-nova - secretRef: name: nova-cell1-compute-config - secretRef: name: nova-migration-ssh-key edpmServiceType: nova label: dataplane-deployment-nova-custom-gpu-ceph playbook: osp.edpm.nova tlsCerts: default: contents: - dnsnames - ips edpmRoleServiceName: nova issuer: osp-rootca-issuer-internal networks: - ctlplane