From fb713762537c75ba0ef50ec51324037164abe727 Mon Sep 17 00:00:00 2001 From: Jaganathan Palanisamy Date: Thu, 6 Feb 2025 13:23:10 +0530 Subject: [PATCH] NFV EDPM OVS DPDK with Netoworker OVS DPDK This changes are to add the deployment VA for NFV EDPM OVS DPDK with Netoworker OVS DPDK nodes. --- automation/mocks/ovs-dpdk-networker.yaml | 20 ++ automation/vars/ovs-dpdk-networker.yaml | 60 ++++++ examples/va/nfv/ovs-dpdk-networker/.gitignore | 1 + examples/va/nfv/ovs-dpdk-networker/README.md | 32 +++ .../nfv/ovs-dpdk-networker/control-plane.md | 55 +++++ .../va/nfv/ovs-dpdk-networker/dataplane.md | 65 ++++++ .../va/nfv/ovs-dpdk-networker/edpm/.gitignore | 2 + .../edpm/deployment/.gitignore | 1 + .../edpm/deployment/kustomization.yaml | 21 ++ .../edpm/deployment/values.yaml | 10 + .../edpm/nodeset/.gitignore | 1 + .../edpm/nodeset/kustomization.yaml | 12 ++ .../edpm/nodeset/values.yaml | 185 ++++++++++++++++ .../nfv/ovs-dpdk-networker/kustomization.yaml | 13 ++ .../ovs-dpdk-networker/networker/.gitignore | 2 + .../networker/nodeset/.gitignore | 1 + .../networker/nodeset/kustomization.yaml | 12 ++ .../networker/nodeset/values.yaml | 159 ++++++++++++++ .../nncp/kustomization.yaml | 24 +++ .../nfv/ovs-dpdk-networker/nncp/values.yaml | 199 ++++++++++++++++++ .../ovs-dpdk-networker/service-values.yaml | 60 ++++++ .../dataplane-ssh-secret.yaml | 11 + .../networker-nodeset/kustomization.yaml | 92 ++++++++ .../openstackdataplanenodeset.yaml | 15 ++ va/nfv/ovs-dpdk-networker/README.md | 11 + .../edpm/deployment/kustomization.yaml | 21 ++ .../nodeset/baremetalset-password-secret.yaml | 9 + .../edpm/nodeset/kustomization.yaml | 77 +++++++ .../edpm/nodeset/nova_ovs_dpdk.yaml | 32 +++ va/nfv/ovs-dpdk-networker/kustomization.yaml | 116 ++++++++++ va/nfv/ovs-dpdk-networker/namespace.yaml | 12 ++ .../nodeset/baremetalset-password-secret.yaml | 9 + .../networker/nodeset/kustomization.yaml | 51 +++++ zuul.d/projects.yaml | 1 + zuul.d/validations.yaml | 12 ++ 35 files changed, 1404 insertions(+) create mode 100644 automation/mocks/ovs-dpdk-networker.yaml create mode 100644 automation/vars/ovs-dpdk-networker.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/.gitignore create mode 100644 examples/va/nfv/ovs-dpdk-networker/README.md create mode 100644 examples/va/nfv/ovs-dpdk-networker/control-plane.md create mode 100644 examples/va/nfv/ovs-dpdk-networker/dataplane.md create mode 100644 examples/va/nfv/ovs-dpdk-networker/edpm/.gitignore create mode 100644 examples/va/nfv/ovs-dpdk-networker/edpm/deployment/.gitignore create mode 100644 examples/va/nfv/ovs-dpdk-networker/edpm/deployment/kustomization.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/edpm/deployment/values.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/.gitignore create mode 100644 examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/kustomization.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/values.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/kustomization.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/networker/.gitignore create mode 100644 examples/va/nfv/ovs-dpdk-networker/networker/nodeset/.gitignore create mode 100644 examples/va/nfv/ovs-dpdk-networker/networker/nodeset/kustomization.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/networker/nodeset/values.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/nncp/kustomization.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/nncp/values.yaml create mode 100644 examples/va/nfv/ovs-dpdk-networker/service-values.yaml create mode 100644 lib/dataplane/networker-nodeset/dataplane-ssh-secret.yaml create mode 100644 lib/dataplane/networker-nodeset/kustomization.yaml create mode 100644 lib/dataplane/networker-nodeset/openstackdataplanenodeset.yaml create mode 100644 va/nfv/ovs-dpdk-networker/README.md create mode 100644 va/nfv/ovs-dpdk-networker/edpm/deployment/kustomization.yaml create mode 100644 va/nfv/ovs-dpdk-networker/edpm/nodeset/baremetalset-password-secret.yaml create mode 100644 va/nfv/ovs-dpdk-networker/edpm/nodeset/kustomization.yaml create mode 100644 va/nfv/ovs-dpdk-networker/edpm/nodeset/nova_ovs_dpdk.yaml create mode 100644 va/nfv/ovs-dpdk-networker/kustomization.yaml create mode 100644 va/nfv/ovs-dpdk-networker/namespace.yaml create mode 100644 va/nfv/ovs-dpdk-networker/networker/nodeset/baremetalset-password-secret.yaml create mode 100644 va/nfv/ovs-dpdk-networker/networker/nodeset/kustomization.yaml diff --git a/automation/mocks/ovs-dpdk-networker.yaml b/automation/mocks/ovs-dpdk-networker.yaml new file mode 100644 index 000000000..dc4ec38c4 --- /dev/null +++ b/automation/mocks/ovs-dpdk-networker.yaml @@ -0,0 +1,20 @@ +--- +cifmw_baremetal_hosts: + compute-0: + connection: ipmi://10.10.100.100 + boot_mode: UEFI + nics: + - mac: "89:9a:b7:cb:4a:3f" + network: provision + credentials_file: "/home/user/foo.yaml" + root_device_hint_field: "wwnWithExtension" + root_device_hint: "0x6509a4c0ac82ff002dbccf463196ca41" + networker-0: + connection: ipmi://10.10.100.101 + boot_mode: UEFI + nics: + - mac: "53:b0:4d:06:56:ea" + network: provision + credentials_file: "/home/user/foo.yaml" + root_device_hint_field: "wwnWithExtension" + root_device_hint: "0x55cd2e414e372c06" diff --git a/automation/vars/ovs-dpdk-networker.yaml b/automation/vars/ovs-dpdk-networker.yaml new file mode 100644 index 000000000..5dafe48c7 --- /dev/null +++ b/automation/vars/ovs-dpdk-networker.yaml @@ -0,0 +1,60 @@ +--- +vas: + ovs-dpdk-networker: + stages: + - path: examples/va/nfv/ovs-dpdk-networker/nncp + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=60s + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - path: examples/va/nfv/ovs-dpdk-networker + wait_conditions: + - >- + oc -n openstack wait osctlplane controlplane --for condition=Ready + --timeout=600s + values: + - name: network-values + src_file: nncp/values.yaml + - name: service-values + src_file: service-values.yaml + build_output: control-plane.yaml + + - path: examples/va/nfv/ovs-dpdk-networker/networker/nodeset + wait_conditions: + - >- + oc -n openstack wait + osdpns openstack-networker --for condition=SetupReady + --timeout=60m + values: + - name: networker-nodeset-values + src_file: values.yaml + build_output: networker-nodeset.yaml + + - path: examples/va/nfv/ovs-dpdk-networker/edpm/nodeset + wait_conditions: + - >- + oc -n openstack wait + osdpns openstack-edpm --for condition=SetupReady + --timeout=60m + values: + - name: edpm-nodeset-values + src_file: values.yaml + build_output: compute-nodeset.yaml + + - path: examples/va/nfv/ovs-dpdk-networker/edpm/deployment + wait_conditions: + - >- + oc -n openstack wait + osdpns openstack-edpm --for condition=Ready + --timeout=60m + values: + - name: edpm-deployment-values + src_file: values.yaml + build_output: deployment.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/.gitignore b/examples/va/nfv/ovs-dpdk-networker/.gitignore new file mode 100644 index 000000000..3df8f53be --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/.gitignore @@ -0,0 +1 @@ +control-plane.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/README.md b/examples/va/nfv/ovs-dpdk-networker/README.md new file mode 100644 index 000000000..92e0daa14 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/README.md @@ -0,0 +1,32 @@ +# OpenStack OvS DPDK + +**Based on OpenStack K8S operators from the "main" branch of the [OpenStack Operator repo](https://github.com/openstack-k8s-operators/openstack-operator/tree/12c57baeca4ae33dd30a7707d330eb094309b4cd) on Jan 31st, 2024** + +This is a collection of CR templates that represent a validated Red Hat OpenStack Services on OpenShift deployment that has the following characteristics: + +- 3 master/worker combo-node OpenShift cluster +- 3-replica Galera database +- RabbitMQ +- OVN networking +- Network isolation over a single NIC +- 2 compute nodes +- 2 networker nodes +- OvS DPDK using ml2 OVN + +## Considerations + +1. These CRs are validated for the overall functionality of the OSP cloud deployed, but they nonetheless require customization for the particular environment in which they are utilized. In this sense they are _templates_ meant to be consumed and tweaked to fit the specific constraints of the hardware available. + +2. The CRs are applied against an OpenShift cluster in _stages_. That is, there is an ordering in which each grouping of CRs is fed to the cluster. It is _not_ a case of simply taking all CRs from all stages and applying them all at once. + +3. In stages 1 and 2 [kustomize](https://kustomize.io/) is used to generate the CRs dynamically. The `*-values.yaml` file(s) must be updated to fit your environment. kustomize version 5 or newer required. + +4.In stage 3 [kustomize](https://kustomize.io/) is used to generate the dataplane CRs dynamically. The edpm/values.yaml file must be updated to fit your environment. kustomize version 5 or newer required. + +## Stages + +All stages must be executed in the order listed below. Everything is required unless otherwise indicated. + +1. [Install the OpenStack K8S operators and their dependencies](../../../common/) +2. [Configuring networking and deploy the OpenStack control plane](control-plane.md) +3. [Configure and deploy the data plane](dataplane.md) diff --git a/examples/va/nfv/ovs-dpdk-networker/control-plane.md b/examples/va/nfv/ovs-dpdk-networker/control-plane.md new file mode 100644 index 000000000..259e9513f --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/control-plane.md @@ -0,0 +1,55 @@ +# Configuring networking and deploy the OpenStack control plane + +## Assumptions + +- A storage class called `local-storage` should already exist. + +## Initialize + +Switch to the "openstack" namespace +``` +oc project openstack +``` +Change to the nfv/ovs-dpdk directory +``` +cd architecture/examples/va/nfv/ovs-dpdk +``` +Edit the [nncp/values.yaml](nncp/values.yaml) and +[service-values.yaml](service-values.yaml) files to suit +your environment. +``` +vi nncp/values.yaml +vi service-values.yaml +``` + +## Apply node network configuration + +Generate the node network configuration +``` +kustomize build nncp > nncp.yaml +``` + +Apply the NNCP CRs +``` +oc apply -f nncp.yaml +``` +Wait for NNCPs to be available +``` +oc wait nncp -l osp/nncm-config-type=standard --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured --timeout=300s +``` + +## Apply networking and control-plane configuration + +Generate the control-plane and networking CRs. +``` +kustomize build > control-plane.yaml +``` +Apply the CRs +``` +oc apply -f control-plane.yaml +``` + +Wait for control plane to be available +``` +oc wait osctlplane controlplane --for condition=Ready --timeout=600s +``` diff --git a/examples/va/nfv/ovs-dpdk-networker/dataplane.md b/examples/va/nfv/ovs-dpdk-networker/dataplane.md new file mode 100644 index 000000000..2e4bfdcc9 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/dataplane.md @@ -0,0 +1,65 @@ +# Configuring and deploying the dataplane and networker + +## Assumptions + +- The [control plane](control-plane.md) has been created and successfully deployed + +## Initialize + +Switch to the "openstack" namespace +``` +oc project openstack +``` +Change to the nfv/ovs-dpdk-networker/networker directory +``` +cd architecture/examples/va/nfv/ovs-dpdk-networker/networker +``` +Edit the [nodeset/values.yaml](nodeset/values.yaml) file to suit +your environment. +``` +vi nodeset/values.yaml +``` +Generate the networker nodesets CRs. +``` +kustomize build nodeset > networker-nodeset.yaml +``` + +Change to the nfv/ovs-dpdk-networker/edpm directory +``` +cd architecture/examples/va/nfv/ovs-dpdk-networker/edpm +``` +Edit the [nodeset/values.yaml](nodeset/values.yaml) and [deployment/values.yaml](deployment/values.yaml) files to suit +your environment. +``` +vi nodeset/values.yaml +vi deployment/values.yaml +``` +Generate the dataplane nodeset CR. +``` +kustomize build nodeset > dataplane-nodeset.yaml + +``` +Generate the dataplane deployment CR. +``` +kustomize build deployment > dataplane-deployment.yaml +``` + +## Create CRs +Create the nodeset CR +``` +oc apply -f dataplane-nodeset.yaml +``` +Wait for dataplane nodeset setup to finish +``` +oc wait osdpns openstack-edpm --for condition=SetupReady --timeout=600s +``` + +Start the deployment +``` +oc apply -f dataplane-deployment.yaml +``` + +Wait for dataplane deployment to finish +``` +oc wait osdpns openstack-edpm --for condition=Ready --timeout=40m +``` diff --git a/examples/va/nfv/ovs-dpdk-networker/edpm/.gitignore b/examples/va/nfv/ovs-dpdk-networker/edpm/.gitignore new file mode 100644 index 000000000..6b02541a4 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/edpm/.gitignore @@ -0,0 +1,2 @@ +dataplane-nodeset.yaml +dataplane-deployment.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/.gitignore b/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/.gitignore new file mode 100644 index 000000000..3eb16e2d7 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/.gitignore @@ -0,0 +1 @@ +dataplane-deployment.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/kustomization.yaml b/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/kustomization.yaml new file mode 100644 index 000000000..117fa16ef --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/kustomization.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../../va/nfv/ovs-dpdk-networker/edpm/deployment + # - https://github.com/openstack-k8s-operators/architecture/va/nfv/ovs-dpdk-networker/edpm/deployment?ref=main + ## It's possible to replace ../../../../../../va/nfv/ovs-dpdk-networker/edpm/deployment/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml + +patches: + - target: + kind: OpenStackDataPlaneDeployment + name: edpm-deployment + patch: | + - op: add + path: /spec/nodeSets/- + value: openstack-networker diff --git a/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/values.yaml b/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/values.yaml new file mode 100644 index 000000000..7f371b2cc --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/edpm/deployment/values.yaml @@ -0,0 +1,10 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-deployment-values + annotations: + config.kubernetes.io/local-config: "true" +data: {} diff --git a/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/.gitignore b/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/.gitignore new file mode 100644 index 000000000..9be487e78 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/.gitignore @@ -0,0 +1 @@ +dataplane-nodeset.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/kustomization.yaml b/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/kustomization.yaml new file mode 100644 index 000000000..c4ec595b5 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/kustomization.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../../va/nfv/ovs-dpdk-networker/edpm/nodeset + # - https://github.com/openstack-k8s-operators/architecture/va/nfv/ovs-dpdk-networker/edpm/nodeset?ref=main + ## It's possible to replace ../../../../../../va/nfv/ovs-dpdk-networker/edpm/nodeset/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/values.yaml b/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/values.yaml new file mode 100644 index 000000000..6f137cbaf --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/edpm/nodeset/values.yaml @@ -0,0 +1,185 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + root_password: cmVkaGF0Cg== + preProvisioned: false + baremetalSetTemplate: + ctlplaneInterface: eno2 # CHANGEME + cloudUserName: cloud-admin + provisioningInterface: enp1s0 # CHANGEME + bmhLabelSelector: + app: openstack # CHANGEME + passwordSecret: + name: baremetalset-password-secret + namespace: openstack + ssh_keys: + # Authorized keys that will have access to the dataplane computes via SSH + authorized: CHANGEME + # The private key that will have access to the dataplane computes via SSH + private: CHANGEME2 + # The public key that will have access to the dataplane computes via SSH + public: CHANGEME3 + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username \ + # --password + # podman login -u -p registry.redhat.io + timesync_ntp_servers: + - hostname: pool.ntp.org + # CPU pinning settings + # edpm nfv ovs dpdk config + # CHANGEME + edpm_kernel_args: "default_hugepagesz=1GB hugepagesz=1G hugepages=64 iommu=pt intel_iommu=on tsx=off isolcpus=2-11,14-23" + edpm_tuned_profile: "cpu-partitioning-powersave" + edpm_tuned_isolated_cores: "2-11,14-23" + edpm_nova_libvirt_qemu_group: "hugetlbfs" + edpm_ovs_dpdk_pmd_core_list: "1,13,2,14,3,15" + edpm_ovs_dpdk_socket_memory: "4096" + edpm_ovs_dpdk_memory_channels: "4" + edpm_ovs_dpdk_vhost_postcopy_support: "true" + edpm_ovn_bridge_mappings: ['dpdk2:br-link2', 'dpdk1:br-link1'] + # edpm_network_config + # These vars are edpm_network_config role vars + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + # Need to provide nic mapping based on system uuid or system product name + # here used systetm uuid + edpm-compute-0: # CHANGEME + nic1: 6c:fe:54:3f:8a:01 # CHANGEME + nic2: 6c:fe:54:3f:8a:02 # CHANGEME + nic3: 6c:fe:54:3f:8a:03 # CHANGEME + edpm-compute-1: # CHANGEME + nic1: 6c:fe:54:3f:8a:05 # CHANGEME + nic2: 6c:fe:54:3f:8a:05 # CHANGEME + nic3: 6c:fe:54:3f:8a:07 # CHANGEME + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + network_config: + - type: linux_bond + name: bond_api + bonding_options: "mode=active-backup" + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + members: + - type: interface + name: nic1 + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: + - default: true + next_hop: {{ ctlplane_gateway_ip }} + + {% for network in nodeset_networks if network not in ['external', 'tenant'] %} + - type: vlan + mtu: {{ lookup('ars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + {% endfor %} + - type: ovs_user_bridge + name: br-link1 + use_dhcp: false + ovs_extra: "set port br-link1 tag={{ lookup('vars', networks_lower['tenant'] ~ '_vlan_id') }}" + addresses: + - ip_netmask: {{ lookup('vars', networks_lower['tenant'] ~ '_ip') }}/{{ lookup('vars', networks_lower['tenant'] ~ '_cidr') }} + mtu: {{ lookup('vars', networks_lower['tenant'] ~ '_mtu') }} + members: + - type: ovs_dpdk_port + name: dpdk1 + members: + - type: interface + name: nic2 + - type: ovs_user_bridge + name: br-link2 + use_dhcp: false + mtu: 9000 + members: + - type: ovs_dpdk_port + name: dpdk2 + members: + - type: interface + name: nic3 + + # These vars are for the network config templates themselves and are + # considered EDPM network defaults. + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: nic1 + # edpm_nodes_validation + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + dns_search_domains: [] + gather_facts: false + # edpm firewall, change the allowed CIDR if needed + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + nodes: + edpm-compute-0: + hostName: edpm-compute-0 + edpm-compute-1: + hostName: edpm-compute-1 + services: + - bootstrap + - download-cache + - reboot-os + - configure-ovs-dpdk + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - install-certs + - ovn + - neutron-ovn + - neutron-metadata + - libvirt + - nova-custom-ovsdpdk + - telemetry + nova: + compute: + conf: | + # CHANGEME + [DEFAULT] + reserved_host_memory_mb = 4096 + [compute] + cpu_shared_set = 0-3,24-27 + cpu_dedicated_set = 8-23,32-47 + [neutron] + physnets = dpdk1, dpdk2 + [neutron_physnet_dpdk1] + numa_nodes = 0 + [neutron_physnet_dpdk2] + numa_nodes = 0 + [neutron_tunnel] + numa_nodes = 0 + migration: + ssh_keys: + private: CHANGEME4 + public: CHANGEME5 diff --git a/examples/va/nfv/ovs-dpdk-networker/kustomization.yaml b/examples/va/nfv/ovs-dpdk-networker/kustomization.yaml new file mode 100644 index 000000000..3db4d734b --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/kustomization.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../va/nfv/ovs-dpdk/ + # - https://github.com/openstack-k8s-operators/architecture/va/nfv/ovs-dpdk?ref=main + ## It's possible to replace ../../../va/nfv/ovs-dpdk/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - nncp/values.yaml + - service-values.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/networker/.gitignore b/examples/va/nfv/ovs-dpdk-networker/networker/.gitignore new file mode 100644 index 000000000..6b02541a4 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/networker/.gitignore @@ -0,0 +1,2 @@ +dataplane-nodeset.yaml +dataplane-deployment.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/.gitignore b/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/.gitignore new file mode 100644 index 000000000..9be487e78 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/.gitignore @@ -0,0 +1 @@ +dataplane-nodeset.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/kustomization.yaml b/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/kustomization.yaml new file mode 100644 index 000000000..16b50ed77 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/kustomization.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../../va/nfv/ovs-dpdk-networker/networker/nodeset + # - https://github.com/openstack-k8s-operators/architecture/va/nfv/ovs-dpdk-networker/networker/nodeset?ref=main + ## It's possible to replace ../../../../../../va/nfv/ovs-dpdk-networker/networker/nodeset/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/values.yaml b/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/values.yaml new file mode 100644 index 000000000..4fbd6332f --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/networker/nodeset/values.yaml @@ -0,0 +1,159 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: networker-nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + root_password: cmVkaGF0Cg== + preProvisioned: false + baremetalSetTemplate: + ctlplaneInterface: eno2 # CHANGEME + cloudUserName: cloud-admin + provisioningInterface: enp1s0 # CHANGEME + bmhLabelSelector: + app: networker # CHANGEME + passwordSecret: + name: baremetalset-password-secret + namespace: openstack + ssh_keys: + # Authorized keys that will have access to the dataplane computes via SSH + authorized: CHANGEME + # The private key that will have access to the dataplane computes via SSH + private: CHANGEME2 + # The public key that will have access to the dataplane computes via SSH + public: CHANGEME3 + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username \ + # --password + # podman login -u -p registry.redhat.io + timesync_ntp_servers: + - hostname: pool.ntp.org + # CPU pinning settings + # edpm nfv ovs dpdk config + # CHANGEME + edpm_kernel_args: "default_hugepagesz=1GB hugepagesz=1G hugepages=64 iommu=pt intel_iommu=on tsx=off isolcpus=2-11,14-23" + edpm_tuned_profile: "cpu-partitioning-powersave" + edpm_tuned_isolated_cores: "2-11,14-23" + edpm_ovs_dpdk_pmd_core_list: "1,13,2,14,3,15" + edpm_ovs_dpdk_socket_memory: "4096" + edpm_ovs_dpdk_memory_channels: "4" + edpm_ovs_dpdk_vhost_postcopy_support: "true" + edpm_ovn_bridge_mappings: ['dpdk2:br-link2', 'dpdk1:br-link1'] + # edpm_network_config + # These vars are edpm_network_config role vars + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + # Need to provide nic mapping based on system uuid or system product name + # here used systetm uuid + networker-0: # CHANGEME + nic1: 5c:fe:54:3f:8a:01 # CHANGEME + nic2: 5c:fe:54:3f:8a:02 # CHANGEME + nic3: 5c:fe:54:3f:8a:03 # CHANGEME + networker-1: # CHANGEME + nic1: 5c:fe:54:3f:8a:05 # CHANGEME + nic2: 5c:fe:54:3f:8a:05 # CHANGEME + nic3: 5c:fe:54:3f:8a:07 # CHANGEME + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: linux_bond + name: bond_api + bonding_options: "mode=active-backup" + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + members: + - type: interface + name: nic1 + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: + - default: true + next_hop: {{ ctlplane_gateway_ip }} + + {% for network in nodeset_networks if network not in ['external', 'tenant'] %} + - type: vlan + mtu: {{ lookup('ars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + {% endfor %} + - type: ovs_user_bridge + name: br-link1 + use_dhcp: false + ovs_extra: "set port br-link1 tag={{ lookup('vars', networks_lower['tenant'] ~ '_vlan_id') }}" + addresses: + - ip_netmask: {{ lookup('vars', networks_lower['tenant'] ~ '_ip') }}/{{ lookup('vars', networks_lower['tenant'] ~ '_cidr') }} + mtu: {{ lookup('vars', networks_lower['tenant'] ~ '_mtu') }} + members: + - type: ovs_dpdk_port + name: dpdk1 + members: + - type: interface + name: nic2 + - type: ovs_user_bridge + name: br-link2 + use_dhcp: false + mtu: 9000 + members: + - type: ovs_dpdk_port + name: dpdk2 + members: + - type: interface + name: nic3 + + # These vars are for the network config templates themselves and are + # considered EDPM network defaults. + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: nic1 + # edpm_nodes_validation + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + dns_search_domains: [] + gather_facts: false + # edpm firewall, change the allowed CIDR if needed + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + nodes: + networker-0: + hostName: networker-0 + networker-1: + hostName: networker-1 + services: + - bootstrap + - download-cache + - reboot-os + - configure-ovs-dpdk + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - install-certs + - ovn + - neutron-ovn + - neutron-metadata diff --git a/examples/va/nfv/ovs-dpdk-networker/nncp/kustomization.yaml b/examples/va/nfv/ovs-dpdk-networker/nncp/kustomization.yaml new file mode 100644 index 000000000..c92bc55fa --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/nncp/kustomization.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../lib/nncp + +resources: + - values.yaml diff --git a/examples/va/nfv/ovs-dpdk-networker/nncp/values.yaml b/examples/va/nfv/ovs-dpdk-networker/nncp/values.yaml new file mode 100644 index 000000000..35e74d861 --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/nncp/values.yaml @@ -0,0 +1,199 @@ +--- +# local-config: referenced, but not emitted by kustomize +apiVersion: v1 +kind: ConfigMap +metadata: + name: network-values + annotations: + config.kubernetes.io/local-config: "true" +data: + # nodes + node_0: + name: ostest-master-0 + internalapi_ip: 172.17.0.5 + tenant_ip: 172.19.0.5 + ctlplane_ip: 192.168.122.10 + storage_ip: 172.18.0.5 + node_1: + name: ostest-master-1 + internalapi_ip: 172.17.0.6 + tenant_ip: 172.19.0.6 + ctlplane_ip: 192.168.122.11 + storage_ip: 172.18.0.6 + node_2: + name: ostest-master-2 + internalapi_ip: 172.17.0.7 + tenant_ip: 172.19.0.7 + ctlplane_ip: 192.168.122.12 + storage_ip: 172.18.0.7 + + # networks + ctlplane: + dnsDomain: ctlplane.example.com + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.200 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + prefix-length: 24 + iface: enp7s0 + mtu: 1500 + lb_addresses: + - 192.168.122.80-192.168.122.90 + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70" + } + } + internalapi: + dnsDomain: internalapi.example.com + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + mtu: 1500 + prefix-length: 24 + iface: enp7s0.20 + vlan: 20 + base_iface: enp7s0 + lb_addresses: + - 172.17.0.80-172.17.0.90 + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70" + } + } + storage: + dnsDomain: storage.example.com + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + mtu: 1500 + prefix-length: 24 + iface: enp7s0.21 + vlan: 21 + base_iface: enp7s0 + lb_addresses: + - 172.18.0.80-172.18.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70" + } + } + tenant: + dnsDomain: tenant.example.com + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + mtu: 1500 + prefix-length: 24 + iface: enp7s0.22 + vlan: 22 + base_iface: enp7s0 + lb_addresses: + - 172.19.0.80-172.19.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70" + } + } + external: + dnsDomain: external.example.com + subnets: + - allocationRanges: + - end: 10.0.0.250 + start: 10.0.0.100 + cidr: 10.0.0.0/24 + gateway: 10.0.0.1 + name: subnet1 + mtu: 1500 + datacentre: + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } + + dns-resolver: + config: + server: + - 192.168.122.1 + search: [] + options: + - key: server + values: + - 192.168.122.1 + + routes: + config: [] + + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + + lbServiceType: LoadBalancer + storageClass: local-storage + bridgeName: ospbr diff --git a/examples/va/nfv/ovs-dpdk-networker/service-values.yaml b/examples/va/nfv/ovs-dpdk-networker/service-values.yaml new file mode 100644 index 000000000..f63191b2e --- /dev/null +++ b/examples/va/nfv/ovs-dpdk-networker/service-values.yaml @@ -0,0 +1,60 @@ +# local-config: referenced, but not emitted by kustomize +# +# CHANGEME: +# +# - Change network_vlan_ranges based on EDPM OvS DPDK environment. +# - change numa_nodes in the neutron and neutron_tunnel section +# based on DPDK NIC's and NUMA alignment in the OvS DPDK compute node. +# +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-values + annotations: + config.kubernetes.io/local-config: "true" +data: + preserveJobs: false + neutron: + customServiceConfig: | + [DEFAULT] + global_physnet_mtu = 9000 + [ml2] + mechanism_drivers = ovn + [ovn] + vhost_sock_dir = /var/lib/vhost_sockets + [ml2_type_vlan] + network_vlan_ranges = dpdk1:206:209,dpdk2:206:209 # CHANGEME + ovn: + ovnController: + nicMappings: + datacentre: ospbr + + + glance: + customServiceConfig: | + [DEFAULT] + enabled_backends = default_backend:swift + [glance_store] + default_backend = default_backend + [default_backend] + swift_store_create_container_on_put = True + swift_store_auth_version = 3 + swift_store_auth_address = {{ .KeystoneInternalURL }} + swift_store_endpoint_type = internalURL + swift_store_user = service:glance + swift_store_key = {{ .ServicePassword }} + default: + replicas: 1 + swift: + enabled: true + telemetry: + enabled: true + template: + ceilometer: + enabled: true + nova: + schedulerServiceTemplate: + customServiceConfig: | + [filter_scheduler] + enabled_filtes = AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter,NUMATopologyFilter,AggregateInstanceExtraSpecsFilter diff --git a/lib/dataplane/networker-nodeset/dataplane-ssh-secret.yaml b/lib/dataplane/networker-nodeset/dataplane-ssh-secret.yaml new file mode 100644 index 000000000..4e5913196 --- /dev/null +++ b/lib/dataplane/networker-nodeset/dataplane-ssh-secret.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: v1 +data: + authorized_keys: _replaced_ + ssh-privatekey: _replaced_ + ssh-publickey: _replaced_ +kind: Secret +metadata: + name: dataplane-ansible-ssh-private-key-secret + namespace: openstack +type: Opaque diff --git a/lib/dataplane/networker-nodeset/kustomization.yaml b/lib/dataplane/networker-nodeset/kustomization.yaml new file mode 100644 index 000000000..efb1534c7 --- /dev/null +++ b/lib/dataplane/networker-nodeset/kustomization.yaml @@ -0,0 +1,92 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - dataplane-ssh-secret.yaml + - openstackdataplanenodeset.yaml + +# OpenStackDataPlaneNodeSet customizations +replacements: + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.nodeset.ansible + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.ansible + options: + create: true + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.nodeset.networks + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodeTemplate.networks + options: + create: true + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.nodeset.nodes + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.nodes + options: + create: true + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.nodeset.services + targets: + - select: + kind: OpenStackDataPlaneNodeSet + fieldPaths: + - spec.services + options: + create: true + + # Dataplane SSH access secret customizations + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.ssh_keys.authorized + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.authorized_keys + options: + create: true + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.ssh_keys.private + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.ssh-privatekey + options: + create: true + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.ssh_keys.public + targets: + - select: + kind: Secret + name: dataplane-ansible-ssh-private-key-secret + fieldPaths: + - data.ssh-publickey + options: + create: true diff --git a/lib/dataplane/networker-nodeset/openstackdataplanenodeset.yaml b/lib/dataplane/networker-nodeset/openstackdataplanenodeset.yaml new file mode 100644 index 000000000..6c2c539f9 --- /dev/null +++ b/lib/dataplane/networker-nodeset/openstackdataplanenodeset.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: dataplane.openstack.org/v1beta1 +kind: OpenStackDataPlaneNodeSet +metadata: + name: openstack-networker +spec: + env: + - name: ANSIBLE_FORCE_COLOR + value: "True" + preProvisioned: true + networkAttachments: + - ctlplane + nodeTemplate: + ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret + managementNetwork: ctlplane diff --git a/va/nfv/ovs-dpdk-networker/README.md b/va/nfv/ovs-dpdk-networker/README.md new file mode 100644 index 000000000..8b19a8e6a --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/README.md @@ -0,0 +1,11 @@ +# VA: OvS DPDK + +If you are looking for information on how to deploy the OvS DPDK VA, then +please see the +[OvS DPDK README in the examples directory](../../../examples/va/nfv/ovs-dpdk/README.md). + +This directory, `architecture/va/nfv/ovs-dpdk/`, exists so that the +[kustomization.yaml](../../../examples/va/nfv/ovs-dpdk/kustomization.yaml) +in the examples directory for the OvS DPDK VA, reference it by path as a +component. Its contents are likely uninteresting unless you want to +understand how kustomize was implemented in this repository. diff --git a/va/nfv/ovs-dpdk-networker/edpm/deployment/kustomization.yaml b/va/nfv/ovs-dpdk-networker/edpm/deployment/kustomization.yaml new file mode 100644 index 000000000..8f433d6b1 --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/edpm/deployment/kustomization.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../lib/dataplane/deployment diff --git a/va/nfv/ovs-dpdk-networker/edpm/nodeset/baremetalset-password-secret.yaml b/va/nfv/ovs-dpdk-networker/edpm/nodeset/baremetalset-password-secret.yaml new file mode 100644 index 000000000..41daad38d --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/edpm/nodeset/baremetalset-password-secret.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +data: + NodeRootPassword: _replaced_ +kind: Secret +metadata: + name: baremetalset-password-secret + namespace: openstack +type: Opaque diff --git a/va/nfv/ovs-dpdk-networker/edpm/nodeset/kustomization.yaml b/va/nfv/ovs-dpdk-networker/edpm/nodeset/kustomization.yaml new file mode 100644 index 000000000..69bfea36e --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/edpm/nodeset/kustomization.yaml @@ -0,0 +1,77 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../lib/dataplane/nodeset + +resources: + - baremetalset-password-secret.yaml + - nova_ovs_dpdk.yaml + +replacements: + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.root_password + targets: + - select: + kind: Secret + name: baremetalset-password-secret + fieldPaths: + - data.NodeRootPassword + options: + create: true + + # Nova compute CPU pinning customization + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.nova.compute.conf + targets: + - select: + kind: ConfigMap + name: ovs-dpdk-cpu-pinning-nova + fieldPaths: + - data.04-cpu-pinning-nova\.conf + options: + create: true + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.preProvisioned + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: openstack-edpm + fieldPaths: + - spec.preProvisioned + options: + create: true + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.baremetalSetTemplate + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: openstack-edpm + fieldPaths: + - spec.baremetalSetTemplate + options: + create: true diff --git a/va/nfv/ovs-dpdk-networker/edpm/nodeset/nova_ovs_dpdk.yaml b/va/nfv/ovs-dpdk-networker/edpm/nodeset/nova_ovs_dpdk.yaml new file mode 100644 index 000000000..3ec534fa7 --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/edpm/nodeset/nova_ovs_dpdk.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: ovs-dpdk-cpu-pinning-nova +data: + 04-cpu-pinning-nova.conf: _replaced_ +--- +apiVersion: dataplane.openstack.org/v1beta1 +kind: OpenStackDataPlaneService +metadata: + name: nova-custom-ovsdpdk +spec: + label: nova-custom-ovsdpdk + edpmServiceType: nova + dataSources: + - configMapRef: + name: ovs-dpdk-cpu-pinning-nova + - secretRef: + name: nova-cell1-compute-config + - secretRef: + name: nova-migration-ssh-key + playbook: osp.edpm.nova + tlsCerts: + default: + contents: + - dnsnames + - ips + networks: + - ctlplane + issuer: osp-rootca-issuer-internal + caCerts: combined-ca-bundle diff --git a/va/nfv/ovs-dpdk-networker/kustomization.yaml b/va/nfv/ovs-dpdk-networker/kustomization.yaml new file mode 100644 index 000000000..dbaa32a36 --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/kustomization.yaml @@ -0,0 +1,116 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../lib/networking/metallb + - ../../../lib/networking/netconfig + - ../../../lib/networking/nad + - ../../../lib/control-plane + +replacements: + # Neutron control plane OvS DPDK customization + - source: + kind: ConfigMap + name: service-values + fieldPath: data.neutron.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.neutron.template.customServiceConfig + options: + create: true + # OVN control plane OvS DPDK customization + - source: + kind: ConfigMap + name: service-values + fieldPath: data.ovn.ovnController.nicMappings + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.ovn.template.ovnController.nicMappings + options: + create: true + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.customServiceConfig + options: + create: true + - source: + kind: ConfigMap + name: service-values + fieldPath: data.glance.default.replicas + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.glance.template.glanceAPIs.default.replicas + options: + create: true + - source: + kind: ConfigMap + name: service-values + fieldPath: data.swift.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.swift.enabled + options: + create: true + - source: + kind: ConfigMap + name: service-values + fieldPath: data.telemetry.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.telemetry.enabled + options: + create: true + - source: + kind: ConfigMap + name: service-values + fieldPath: data.telemetry.template.ceilometer.enabled + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.telemetry.template.ceilometer.enabled + options: + create: true + - source: + kind: ConfigMap + name: service-values + fieldPath: data.nova.schedulerServiceTemplate.customServiceConfig + targets: + - select: + kind: OpenStackControlPlane + fieldPaths: + - spec.nova.template.schedulerServiceTemplate.customServiceConfig + options: + create: true diff --git a/va/nfv/ovs-dpdk-networker/namespace.yaml b/va/nfv/ovs-dpdk-networker/namespace.yaml new file mode 100644 index 000000000..60a6e8c42 --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/namespace.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: builtin +kind: NamespaceTransformer +metadata: + name: _ignored_ + namespace: openstack +setRoleBindingSubjects: none +unsetOnly: true +fieldSpecs: + - path: metadata/name + kind: Namespace + create: true diff --git a/va/nfv/ovs-dpdk-networker/networker/nodeset/baremetalset-password-secret.yaml b/va/nfv/ovs-dpdk-networker/networker/nodeset/baremetalset-password-secret.yaml new file mode 100644 index 000000000..41daad38d --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/networker/nodeset/baremetalset-password-secret.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +data: + NodeRootPassword: _replaced_ +kind: Secret +metadata: + name: baremetalset-password-secret + namespace: openstack +type: Opaque diff --git a/va/nfv/ovs-dpdk-networker/networker/nodeset/kustomization.yaml b/va/nfv/ovs-dpdk-networker/networker/nodeset/kustomization.yaml new file mode 100644 index 000000000..763d81996 --- /dev/null +++ b/va/nfv/ovs-dpdk-networker/networker/nodeset/kustomization.yaml @@ -0,0 +1,51 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../../lib/dataplane/networker-nodeset + +resources: + - baremetalset-password-secret.yaml + +replacements: + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.root_password + targets: + - select: + kind: Secret + name: baremetalset-password-secret + fieldPaths: + - data.NodeRootPassword + options: + create: true + + - source: + kind: ConfigMap + name: networker-nodeset-values + fieldPath: data.baremetalSetTemplate + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: openstack-networker + fieldPaths: + - spec.baremetalSetTemplate + options: + create: true diff --git a/zuul.d/projects.yaml b/zuul.d/projects.yaml index 7c295b8ed..07417d9f3 100644 --- a/zuul.d/projects.yaml +++ b/zuul.d/projects.yaml @@ -15,6 +15,7 @@ - rhoso-architecture-validate-osasinfra-ipv6 - rhoso-architecture-validate-ovs-dpdk - rhoso-architecture-validate-ovs-dpdk-sriov + - rhoso-architecture-validate-ovs-dpdk-networker - rhoso-architecture-validate-ovs-dpdk-sriov-2nodesets - rhoso-architecture-validate-pidone - rhoso-architecture-validate-sriov diff --git a/zuul.d/validations.yaml b/zuul.d/validations.yaml index e1ef368d0..2044c22e9 100644 --- a/zuul.d/validations.yaml +++ b/zuul.d/validations.yaml @@ -163,6 +163,18 @@ parent: rhoso-architecture-base-job vars: cifmw_architecture_scenario: ovs-dpdk-sriov +- job: + files: + - examples/va/nfv/ovs-dpdk-networker + - examples/va/nfv/ovs-dpdk-networker/edpm/deployment + - examples/va/nfv/ovs-dpdk-networker/edpm/nodeset + - examples/va/nfv/ovs-dpdk-networker/networker/nodeset + - examples/va/ovs-dpdk-networker/nncp + - lib + name: rhoso-architecture-validate-ovs-dpdk-networker + parent: rhoso-architecture-base-job + vars: + cifmw_architecture_scenario: ovs-dpdk-networker - job: files: - examples/dt/nfv/nfv-ovs-dpdk-sriov-2nodesets