diff --git a/automation/vars/bgp_dt01.yaml b/automation/vars/bgp_dt01.yaml index 6a08e1c5f..105d3e603 100644 --- a/automation/vars/bgp_dt01.yaml +++ b/automation/vars/bgp_dt01.yaml @@ -17,13 +17,44 @@ vas: kind: Node resource_name: worker-3 state: patched + - name: Disable rp_filters on OCP nodes + type: cr + definition: + spec: + profile: + - data: | + [main] + summary=Optimize systems running OpenShift (provider specific parent profile) + include=-provider-${f:exec:cat:/var/lib/ocp-tuned/provider},openshift + + [sysctl] + net.ipv4.conf.enp8s0.rp_filter=0 + net.ipv4.conf.enp9s0.rp_filter=0 + name: openshift + recommend: + - match: + - label: node-role.kubernetes.io/master + - label: node-role.kubernetes.io/infra + operand: + tunedConfig: {} + priority: 30 + profile: openshift-control-plane + - operand: + tunedConfig: {} + priority: 40 + profile: openshift-node + api_version: tuned.openshift.io/v1 + kind: Tuned + resource_name: default + namespace: openshift-cluster-node-tuning-operator + state: patched path: examples/dt/bgp/bgp_dt01/control-plane/nncp wait_conditions: - >- oc -n openstack wait nncp -l osp/nncm-config-type=standard --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured - --timeout=60s + --timeout=300s values: - name: network-values src_file: values.yaml diff --git a/examples/dt/bgp/bgp_dt01/control-plane/nncp/kustomization.yaml b/examples/dt/bgp/bgp_dt01/control-plane/nncp/kustomization.yaml index 73b0917c4..335699890 100644 --- a/examples/dt/bgp/bgp_dt01/control-plane/nncp/kustomization.yaml +++ b/examples/dt/bgp/bgp_dt01/control-plane/nncp/kustomization.yaml @@ -18,7 +18,7 @@ transformers: create: true components: - - ../../../../../../lib/nncp + - ../../../../../../lib/nncp-l3 resources: - values.yaml @@ -197,213 +197,6 @@ replacements: - metadata.name - spec.nodeSelector.[kubernetes.io/hostname] - # Static Node IPs: node-3/worker-0 - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_3.internalapi_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-0 - fieldPaths: - - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_3.tenant_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-0 - fieldPaths: - - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_3.ctlplane_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-0 - fieldPaths: - - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_3.storage_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-0 - fieldPaths: - - spec.desiredState.interfaces.[name=storage].ipv4.address.0.ip - - # Static Node IPs: node-4 / worker-1 - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_4.internalapi_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-1 - fieldPaths: - - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_4.tenant_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-1 - fieldPaths: - - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_4.ctlplane_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-1 - fieldPaths: - - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_4.storage_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-1 - fieldPaths: - - spec.desiredState.interfaces.[name=storage].ipv4.address.0.ip - - # Static Node IPs: node-5 / worker-2 - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_5.internalapi_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-2 - fieldPaths: - - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_5.tenant_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-2 - fieldPaths: - - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_5.ctlplane_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-2 - fieldPaths: - - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_5.storage_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-2 - fieldPaths: - - spec.desiredState.interfaces.[name=storage].ipv4.address.0.ip - - # Static Node IPs: node-6 / worker-3 - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_6.internalapi_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-3 - fieldPaths: - - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_6.tenant_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-3 - fieldPaths: - - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_6.ctlplane_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-3 - fieldPaths: - - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.ip - - source: - kind: ConfigMap - name: network-values - fieldPath: data.node_6.storage_ip - targets: - - select: - kind: NodeNetworkConfigurationPolicy - name: worker-3 - fieldPaths: - - spec.desiredState.interfaces.[name=storage].ipv4.address.0.ip - - - # prefix-lengths - - source: - kind: ConfigMap - name: network-values - fieldPath: data.ctlplane.prefix-length - targets: - - select: - kind: NodeNetworkConfigurationPolicy - fieldPaths: - - spec.desiredState.interfaces.[type=linux-bridge].ipv4.address.0.prefix-length - - source: - kind: ConfigMap - name: network-values - fieldPath: data.internalapi.prefix-length - targets: - - select: - kind: NodeNetworkConfigurationPolicy - fieldPaths: - - spec.desiredState.interfaces.[name=internalapi].ipv4.address.0.prefix-length - - source: - kind: ConfigMap - name: network-values - fieldPath: data.tenant.prefix-length - targets: - - select: - kind: NodeNetworkConfigurationPolicy - fieldPaths: - - spec.desiredState.interfaces.[name=tenant].ipv4.address.0.prefix-length - - source: - kind: ConfigMap - name: network-values - fieldPath: data.storage.prefix-length - targets: - - select: - kind: NodeNetworkConfigurationPolicy - fieldPaths: - - spec.desiredState.interfaces.[name=storage].ipv4.address.0.prefix-length - # BGP master-0/node-0 IPs - source: kind: ConfigMap @@ -919,30 +712,81 @@ replacements: kind: NodeNetworkConfigurationPolicy fieldPaths: - spec.desiredState.interfaces.[name=octavia].vlan.id - # Overwrite worker-3 base interface + # Overwrite worker-3 base routes - source: kind: ConfigMap name: network-values - fieldPath: data.node_6.base_if + fieldPath: data.node_6.routes targets: - select: kind: NodeNetworkConfigurationPolicy name: worker-3 fieldPaths: - - spec.desiredState.interfaces.[name=internalapi].vlan.base-iface - - spec.desiredState.interfaces.[name=tenant].vlan.base-iface - - spec.desiredState.interfaces.[name=storage].vlan.base-iface - - spec.desiredState.interfaces.[description=^ctlplane.*].name - - spec.desiredState.interfaces.[description=^linux-bridge.*].bridge.port.0.name - - spec.desiredState.interfaces.[name=octavia].vlan.base-iface - # Overwrite worker-3 base routes + - spec.desiredState.routes + + # NEW L3 ROUTES - source: kind: ConfigMap name: network-values - fieldPath: data.node_6.routes + fieldPath: data.node_0.routes targets: - select: kind: NodeNetworkConfigurationPolicy - name: worker-3 + name: master-0 + fieldPaths: + - spec.desiredState.routes + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.routes + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-1 + fieldPaths: + - spec.desiredState.routes + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.routes + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: master-2 + fieldPaths: + - spec.desiredState.routes + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_3.routes + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: worker-0 + fieldPaths: + - spec.desiredState.routes + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_4.routes + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: worker-1 + fieldPaths: + - spec.desiredState.routes + + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_5.routes + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: worker-2 fieldPaths: - spec.desiredState.routes diff --git a/examples/dt/bgp/bgp_dt01/control-plane/nncp/values.yaml b/examples/dt/bgp/bgp_dt01/control-plane/nncp/values.yaml index f9b225d7d..990813409 100644 --- a/examples/dt/bgp/bgp_dt01/control-plane/nncp/values.yaml +++ b/examples/dt/bgp/bgp_dt01/control-plane/nncp/values.yaml @@ -20,8 +20,16 @@ data: bgp_peers: - 100.64.0.9 - 100.65.0.9 - loopback_ip: 172.30.0.3 + loopback_ip: 99.99.0.3 loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:13 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.0.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.0.1 + next-hop-interface: enp9s0 node_1: name: master-1 internalapi_ip: 172.17.0.6 @@ -34,8 +42,16 @@ data: bgp_peers: - 100.64.1.9 - 100.65.1.9 - loopback_ip: 172.30.1.3 + loopback_ip: 99.99.1.3 loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:23 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.1.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.1.1 + next-hop-interface: enp9s0 node_2: name: master-2 internalapi_ip: 172.17.0.7 @@ -48,8 +64,16 @@ data: bgp_peers: - 100.64.2.9 - 100.65.2.9 - loopback_ip: 172.30.2.3 + loopback_ip: 99.99.2.3 loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:33 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.2.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.2.1 + next-hop-interface: enp9s0 node_3: name: worker-0 internalapi_ip: 172.17.0.8 @@ -62,8 +86,16 @@ data: bgp_peers: - 100.64.0.12 - 100.65.0.12 - loopback_ip: 172.30.0.4 + loopback_ip: 99.99.0.4 loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:14 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.0.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.0.1 + next-hop-interface: enp9s0 node_4: name: worker-1 internalapi_ip: 172.17.0.9 @@ -76,8 +108,16 @@ data: bgp_peers: - 100.64.1.13 - 100.65.1.13 - loopback_ip: 172.30.1.4 + loopback_ip: 99.99.1.4 loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:24 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.1.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.1.1 + next-hop-interface: enp9s0 node_5: name: worker-2 internalapi_ip: 172.17.0.10 @@ -90,8 +130,16 @@ data: bgp_peers: - 100.64.2.13 - 100.65.2.13 - loopback_ip: 172.30.2.4 + loopback_ip: 99.99.2.4 loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:34 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.2.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.2.1 + next-hop-interface: enp9s0 node_6: name: worker-3 internalapi_ip: 172.17.0.11 @@ -102,7 +150,7 @@ data: - 100.64.10.2 bgp_peers: - 100.64.10.1 - loopback_ip: 172.30.10.2 + loopback_ip: 99.99.10.2 loopback_ipv6: f00d:f00d:f00d:f00d:f00d:f00d:f00d:43 base_if: enp7s0 routes: @@ -123,6 +171,37 @@ data: cidr: 192.168.122.0/24 gateway: 192.168.122.1 name: subnet1 + routes: + - destination: 192.168.123.0/24 + nexthop: 192.168.122.1 + - destination: 192.168.124.0/24 + nexthop: 192.168.122.1 + - allocationRanges: + - end: 192.168.123.120 + start: 192.168.123.100 + - end: 192.168.123.170 + start: 192.168.123.150 + cidr: 192.168.123.0/24 + gateway: 192.168.123.1 + name: subnet2 + routes: + - destination: 192.168.122.0/24 + nexthop: 192.168.123.1 + - destination: 192.168.124.0/24 + nexthop: 192.168.123.1ØØ + - allocationRanges: + - end: 192.168.124.120 + start: 192.168.124.100 + - end: 192.168.124.170 + start: 192.168.124.150 + cidr: 192.168.124.0/24 + gateway: 192.168.124.1 + name: subnet3 + routes: + - destination: 192.168.122.0/24 + nexthop: 192.168.124.1 + - destination: 192.168.123.0/24 + nexthop: 192.168.124.1 prefix-length: 24 iface: enp7s0 mtu: 1500 @@ -136,8 +215,12 @@ data: { "cniVersion": "0.3.1", "name": "ctlplane", - "type": "macvlan", - "master": "ospbr", + "type": "bridge", + "bridge": "ctlplane", + "isDefaultGateway": true, + "forceAddress": false, + "ipMasq": true, + "hairpinMode": true, "ipam": { "type": "whereabouts", "range": "192.168.122.0/24", @@ -145,6 +228,74 @@ data: "range_end": "192.168.122.70" } } + + ctlplaner1: + dnsDomain: ctlplaner1.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplaner1 + metallb.universe.tf/allow-shared-ip: ctlplaner1 + metallb.universe.tf/loadBalancerIPs: 192.168.123.80 + iface: eth1 + lb_addresses: + - 192.168.123.80-192.168.123.90 + mtu: 1500 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplaner1", + "type": "macvlan", + "master": "eth1", + "ipam": { + "type": "whereabouts", + "range": "192.168.123.0/24", + "range_start": "192.168.123.30", + "range_end": "192.168.123.70" + } + } + prefix-length: 24 + subnets: + - allocationRanges: + - end: 192.168.123.120 + start: 192.168.123.100 + - end: 192.168.123.170 + start: 192.168.123.150 + cidr: 192.168.123.0/24 + gateway: 192.168.123.1 + name: subnet1 + ctlplaner2: + dnsDomain: ctlplaner2.example.com + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplaner2 + metallb.universe.tf/allow-shared-ip: ctlplaner2 + metallb.universe.tf/loadBalancerIPs: 192.168.124.80 + iface: eth1 + lb_addresses: + - 192.168.124.80-192.168.124.90 + mtu: 1500 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplaner2", + "type": "macvlan", + "master": "eth1", + "ipam": { + "type": "whereabouts", + "range": "192.168.124.0/24", + "range_start": "192.168.124.30", + "range_end": "192.168.124.70" + } + } + prefix-length: 24 + subnets: + - allocationRanges: + - end: 192.168.124.120 + start: 192.168.124.100 + - end: 192.168.124.170 + start: 192.168.124.150 + cidr: 192.168.124.0/24 + gateway: 192.168.124.1 + name: subnet1 + internalapi: dnsDomain: internalapi.example.com subnets: @@ -169,8 +320,12 @@ data: { "cniVersion": "0.3.1", "name": "internalapi", - "type": "macvlan", - "master": "internalapi", + "type": "bridge", + "bridge": "internalapi", + "isDefaultGateway": true, + "forceAddress": false, + "ipMasq": true, + "hairpinMode": true, "ipam": { "type": "whereabouts", "range": "172.17.0.0/24", @@ -198,8 +353,12 @@ data: { "cniVersion": "0.3.1", "name": "storage", - "type": "macvlan", - "master": "storage", + "type": "bridge", + "bridge": "storage", + "isDefaultGateway": true, + "forceAddress": false, + "ipMasq": true, + "hairpinMode": true, "ipam": { "type": "whereabouts", "range": "172.18.0.0/24", @@ -227,8 +386,12 @@ data: { "cniVersion": "0.3.1", "name": "tenant", - "type": "macvlan", - "master": "tenant", + "type": "bridge", + "bridge": "tenant", + "isDefaultGateway": true, + "forceAddress": false, + "ipMasq": true, + "hairpinMode": true, "ipam": { "type": "whereabouts", "range": "172.19.0.0/24", @@ -338,25 +501,25 @@ data: nexthop: 100.65.2.1 bgpmainnet: - name: subnet0 - cidr: 172.30.0.0/28 + cidr: 99.99.0.0/28 allocationRanges: - - end: 172.30.0.14 - start: 172.30.0.2 + - end: 99.99.0.14 + start: 99.99.0.2 - name: subnet1 - cidr: 172.30.1.0/28 + cidr: 99.99.1.0/28 allocationRanges: - - end: 172.30.1.14 - start: 172.30.1.2 + - end: 99.99.1.14 + start: 99.99.1.2 - name: subnet2 - cidr: 172.30.2.0/28 + cidr: 99.99.2.0/28 allocationRanges: - - end: 172.30.2.14 - start: 172.30.2.2 + - end: 99.99.2.14 + start: 99.99.2.2 - name: subnet10 - cidr: 172.30.10.0/28 + cidr: 99.99.10.0/28 allocationRanges: - - end: 172.30.10.14 - start: 172.30.10.2 + - end: 99.99.10.14 + start: 99.99.10.2 bgpmainnetv6: - name: subnet0 cidr: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0010/124 @@ -386,6 +549,14 @@ data: bgpnet1: bgp_peer: 100.65.0.9 bgp_ip: 100.65.0.10 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.0.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.0.1 + next-hop-interface: enp9s0 node1: bgpnet0: bgp_peer: 100.64.1.9 @@ -393,6 +564,14 @@ data: bgpnet1: bgp_peer: 100.65.1.9 bgp_ip: 100.65.1.10 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.1.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.1.1 + next-hop-interface: enp9s0 node2: bgpnet0: bgp_peer: 100.64.2.9 @@ -400,6 +579,14 @@ data: bgpnet1: bgp_peer: 100.65.2.9 bgp_ip: 100.65.2.10 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.2.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.2.1 + next-hop-interface: enp9s0 node3: bgpnet0: bgp_peer: 100.64.0.13 @@ -407,6 +594,14 @@ data: bgpnet1: bgp_peer: 100.65.0.13 bgp_ip: 100.65.0.14 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.0.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.0.1 + next-hop-interface: enp9s0 node4: bgpnet0: bgp_peer: 100.64.1.13 @@ -414,6 +609,14 @@ data: bgpnet1: bgp_peer: 100.65.1.13 bgp_ip: 100.65.1.14 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.1.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.1.1 + next-hop-interface: enp9s0 node5: bgpnet0: bgp_peer: 100.64.2.13 @@ -421,6 +624,14 @@ data: bgpnet1: bgp_peer: 100.65.2.13 bgp_ip: 100.65.2.14 + routes: + config: + - destination: 99.99.0.0/16 + next-hop-address: 100.64.2.1 + next-hop-interface: enp8s0 + - destination: 99.99.0.0/16 + next-hop-address: 100.65.2.1 + next-hop-interface: enp9s0 node6: bgpnet0: bgp_peer: 100.64.10.1 diff --git a/examples/dt/bgp/bgp_dt01/edpm/computes/values.yaml b/examples/dt/bgp/bgp_dt01/edpm/computes/values.yaml index 87517ffb9..78962f7bb 100644 --- a/examples/dt/bgp/bgp_dt01/edpm/computes/values.yaml +++ b/examples/dt/bgp/bgp_dt01/edpm/computes/values.yaml @@ -52,32 +52,18 @@ data: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} use_dhcp: false + - type: interface + name: nic1 + use_dhcp: true + defroute: false + - type: interface + name: nic2 + use_dhcp: false + defroute: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - routes: [] - members: - - type: interface - name: nic2 - mtu: {{ min_viable_mtu }} - # force the MAC address of the bridge to this interface - primary: true - {% for network in nodeset_networks %} - {% if not network.lower().startswith('bgp') %} - - type: vlan - mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} - vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - addresses: - - ip_netmask: >- - {{ - lookup('vars', networks_lower[network] ~ '_ip') - }}/{{ - lookup('vars', networks_lower[network] ~ '_cidr') - }} - routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} - {% endif %} - {% endfor %} - type: interface name: nic3 use_dhcp: false @@ -93,6 +79,9 @@ data: addresses: - ip_netmask: {{ lookup('vars', 'bgpmainnet_ip') }}/32 - ip_netmask: {{ lookup('vars', 'bgpmainnetv6_ip') }}/128 + - ip_netmask: {{ lookup('vars', 'internalapi_ip') }}/32 + - ip_netmask: {{ lookup('vars', 'storage_ip') }}/32 + - ip_netmask: {{ lookup('vars', 'tenant_ip') }}/32 edpm_nodes_validation_validate_controllers_icmp: false edpm_nodes_validation_validate_gateway_icmp: false edpm_sshd_allowed_ranges: @@ -159,16 +148,16 @@ data: - name: Tenant subnetName: subnet1 - name: Bgpnet0 - subnetName: subnet0 + subnetName: subnet1 fixedIP: 100.64.0.2 - name: Bgpnet1 - subnetName: subnet0 + subnetName: subnet1 fixedIP: 100.65.0.2 - name: Bgpmainnet subnetName: subnet1 - fixedIP: 172.30.0.2 + fixedIP: 99.99.0.2 - name: BgpmainnetV6 - subnetName: subnet1 + subnetName: subnet0 fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0012 edpm-compute-1: hostName: edpm-compute-1 @@ -200,7 +189,7 @@ data: fixedIP: 100.65.1.2 - name: Bgpmainnet subnetName: subnet1 - fixedIP: 172.30.1.3 + fixedIP: 99.99.1.2 - name: BgpmainnetV6 subnetName: subnet1 fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0023 @@ -234,7 +223,7 @@ data: fixedIP: 100.65.2.2 - name: Bgpmainnet subnetName: subnet1 - fixedIP: 172.30.2.3 + fixedIP: 99.99.2.2 - name: BgpmainnetV6 subnetName: subnet1 fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0033 diff --git a/examples/dt/bgp/bgp_dt01/edpm/networkers/values.yaml b/examples/dt/bgp/bgp_dt01/edpm/networkers/values.yaml index 0d7eae44c..7466c9f9b 100644 --- a/examples/dt/bgp/bgp_dt01/edpm/networkers/values.yaml +++ b/examples/dt/bgp/bgp_dt01/edpm/networkers/values.yaml @@ -52,32 +52,18 @@ data: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} use_dhcp: false + - type: interface + name: nic1 + use_dhcp: true + defroute: false + - type: interface + name: nic2 + use_dhcp: false + defroute: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} - routes: [] - members: - - type: interface - name: nic2 - mtu: {{ min_viable_mtu }} - # force the MAC address of the bridge to this interface - primary: true - {% for network in nodeset_networks %} - {% if not network.lower().startswith('bgp') %} - - type: vlan - mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} - vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} - addresses: - - ip_netmask: >- - {{ - lookup('vars', networks_lower[network] ~ '_ip') - }}/{{ - lookup('vars', networks_lower[network] ~ '_cidr') - }} - routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} - {% endif %} - {% endfor %} - type: interface name: nic3 use_dhcp: false @@ -93,6 +79,8 @@ data: addresses: - ip_netmask: {{ lookup('vars', 'bgpmainnet_ip') }}/32 - ip_netmask: {{ lookup('vars', 'bgpmainnetv6_ip') }}/128 + - ip_netmask: {{ lookup('vars', 'internalapi_ip') }}/32 + - ip_netmask: {{ lookup('vars', 'tenant_ip') }}/32 edpm_nodes_validation_validate_controllers_icmp: false edpm_nodes_validation_validate_gateway_icmp: false edpm_enable_chassis_gw: true @@ -167,7 +155,7 @@ data: fixedIP: 100.65.0.6 - name: Bgpmainnet subnetName: subnet1 - fixedIP: 172.30.0.3 + fixedIP: 99.99.0.3 - name: BgpmainnetV6 subnetName: subnet1 fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0013 @@ -201,7 +189,7 @@ data: fixedIP: 100.65.1.6 - name: Bgpmainnet subnetName: subnet1 - fixedIP: 172.30.1.3 + fixedIP: 99.99.1.3 - name: BgpmainnetV6 subnetName: subnet1 fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0023 @@ -235,7 +223,7 @@ data: fixedIP: 100.65.2.6 - name: Bgpmainnet subnetName: subnet1 - fixedIP: 172.30.2.3 + fixedIP: 99.99.2.3 - name: BgpmainnetV6 subnetName: subnet1 fixedIP: f00d:f00d:f00d:f00d:f00d:f00d:f00d:0033 diff --git a/lib/nncp-l3/kustomization.yaml b/lib/nncp-l3/kustomization.yaml new file mode 100644 index 000000000..360b385d6 --- /dev/null +++ b/lib/nncp-l3/kustomization.yaml @@ -0,0 +1,81 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +resources: + - ocp_nodes_nncp.yaml + +patches: + - target: + kind: NodeNetworkConfigurationPolicy + labelSelector: "osp/nncm-config-type=standard" + path: ocp_node_template.yaml + +replacements: + # ctlplane type is ethernet (not vlan) + - source: + kind: ConfigMap + name: network-values + fieldPath: data.ctlplane.iface + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.interfaces.[type=ethernet].name + + # Node names + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_0.name + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-0 + fieldPaths: + - metadata.name + - spec.nodeSelector.[kubernetes.io/hostname] + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_1.name + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-1 + fieldPaths: + - metadata.name + - spec.nodeSelector.[kubernetes.io/hostname] + - source: + kind: ConfigMap + name: network-values + fieldPath: data.node_2.name + targets: + - select: + kind: NodeNetworkConfigurationPolicy + name: node-2 + fieldPaths: + - metadata.name + - spec.nodeSelector.[kubernetes.io/hostname] + + # DNS + - source: + kind: ConfigMap + name: network-values + fieldPath: data.dns-resolver.config + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.dns-resolver.config + + # Routes + - source: + kind: ConfigMap + name: network-values + fieldPath: data.routes + targets: + - select: + kind: NodeNetworkConfigurationPolicy + fieldPaths: + - spec.desiredState.routes diff --git a/lib/nncp-l3/ocp_node_template.yaml b/lib/nncp-l3/ocp_node_template.yaml new file mode 100644 index 000000000..c6aa0280d --- /dev/null +++ b/lib/nncp-l3/ocp_node_template.yaml @@ -0,0 +1,49 @@ +--- +apiVersion: nmstate.io/v1 +kind: NodeNetworkConfigurationPolicy +metadata: + name: _ignored_ +spec: + desiredState: + dns-resolver: + config: + search: [] + server: [] + routes: + config: [] + route-rules: + config: [] + interfaces: + - description: internalapi bridge + name: internalapi + state: up + type: linux-bridge + mtu: 1500 + - description: storage bridge + name: storage + state: up + type: linux-bridge + mtu: 1500 + - description: tenant bridge + name: tenant + state: up + type: linux-bridge + mtu: 1500 + - description: ctlplane bridge + name: ospbr + state: up + type: linux-bridge + mtu: 1500 + - description: ctlplane interface + name: _replaced_ + state: up + type: ethernet + mtu: 1500 + ipv4: + enabled: true + dhcp: true + ipv6: + enabled: false + nodeSelector: + kubernetes.io/hostname: _replaced_ + node-role.kubernetes.io/worker: "" diff --git a/lib/nncp-l3/ocp_nodes_nncp.yaml b/lib/nncp-l3/ocp_nodes_nncp.yaml new file mode 100644 index 000000000..1fd174705 --- /dev/null +++ b/lib/nncp-l3/ocp_nodes_nncp.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: nmstate.io/v1 +kind: NodeNetworkConfigurationPolicy +metadata: + name: node-0 + labels: + osp/nncm-config-type: standard +--- +apiVersion: nmstate.io/v1 +kind: NodeNetworkConfigurationPolicy +metadata: + name: node-1 + labels: + osp/nncm-config-type: standard +--- +apiVersion: nmstate.io/v1 +kind: NodeNetworkConfigurationPolicy +metadata: + name: node-2 + labels: + osp/nncm-config-type: standard