From 51f4dd14afed7b0960f2b0a460fe59bb5120c2de Mon Sep 17 00:00:00 2001 From: Sylvain Bauza Date: Wed, 2 Oct 2024 15:41:01 +0200 Subject: [PATCH] [Draft] Add nvidia-mdev VA --- automation/vars/nvidia-mdev.yaml | 55 ++++ examples/va/nvidia-mdev/.gitignore | 1 + examples/va/nvidia-mdev/edpm/.gitignore | 2 + .../va/nvidia-mdev/edpm/deployment/.gitignore | 1 + .../edpm/deployment/kustomization.yaml | 12 + .../nvidia-mdev/edpm/deployment/values.yaml | 10 + .../va/nvidia-mdev/edpm/nodeset/.gitignore | 1 + .../edpm/nodeset/kustomization.yaml | 12 + .../va/nvidia-mdev/edpm/nodeset/values.yaml | 160 ++++++++++++ examples/va/nvidia-mdev/kustomization.yaml | 13 + examples/va/nvidia-mdev/nncp/.gitignore | 1 + .../va/nvidia-mdev/nncp/kustomization.yaml | 24 ++ examples/va/nvidia-mdev/nncp/values.yaml | 242 ++++++++++++++++++ examples/va/nvidia-mdev/service-values.yaml | 9 + .../edpm/deployment/kustomization.yaml | 21 ++ .../nodeset/baremetalset-password-secret.yaml | 9 + .../edpm/nodeset/kustomization.yaml | 90 +++++++ va/nvidia-mdev/edpm/nodeset/nova_sriov.yaml | 41 +++ va/nvidia-mdev/kustomization.yaml | 24 ++ va/nvidia-mdev/namespace.yaml | 12 + 20 files changed, 740 insertions(+) create mode 100644 automation/vars/nvidia-mdev.yaml create mode 100644 examples/va/nvidia-mdev/.gitignore create mode 100644 examples/va/nvidia-mdev/edpm/.gitignore create mode 100644 examples/va/nvidia-mdev/edpm/deployment/.gitignore create mode 100644 examples/va/nvidia-mdev/edpm/deployment/kustomization.yaml create mode 100644 examples/va/nvidia-mdev/edpm/deployment/values.yaml create mode 100644 examples/va/nvidia-mdev/edpm/nodeset/.gitignore create mode 100644 examples/va/nvidia-mdev/edpm/nodeset/kustomization.yaml create mode 100644 examples/va/nvidia-mdev/edpm/nodeset/values.yaml create mode 100644 examples/va/nvidia-mdev/kustomization.yaml create mode 100644 examples/va/nvidia-mdev/nncp/.gitignore create mode 100644 examples/va/nvidia-mdev/nncp/kustomization.yaml create mode 100644 examples/va/nvidia-mdev/nncp/values.yaml create mode 100644 examples/va/nvidia-mdev/service-values.yaml create mode 100644 va/nvidia-mdev/edpm/deployment/kustomization.yaml create mode 100644 va/nvidia-mdev/edpm/nodeset/baremetalset-password-secret.yaml create mode 100644 va/nvidia-mdev/edpm/nodeset/kustomization.yaml create mode 100644 va/nvidia-mdev/edpm/nodeset/nova_sriov.yaml create mode 100644 va/nvidia-mdev/kustomization.yaml create mode 100644 va/nvidia-mdev/namespace.yaml diff --git a/automation/vars/nvidia-mdev.yaml b/automation/vars/nvidia-mdev.yaml new file mode 100644 index 000000000..79e8a9da3 --- /dev/null +++ b/automation/vars/nvidia-mdev.yaml @@ -0,0 +1,55 @@ +--- +vas: + nvidia-mdev: + stages: + - path: examples/va/nvidia-mdev/nncp + wait_conditions: + - >- + oc -n openstack wait nncp + -l osp/nncm-config-type=standard + --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured + --timeout=60s + values: + - name: network-values + src_file: values.yaml + build_output: nncp.yaml + + - path: examples/va/nvidia-mdev + wait_conditions: + - >- + oc -n openstack wait osctlplane controlplane --for condition=Ready + --timeout=600s + values: + - name: network-values + src_file: nncp/values.yaml + - name: service-values + src_file: service-values.yaml + build_output: control-plane.yaml + + - path: examples/va/nvidia-mdev/edpm/nodeset + wait_conditions: + - >- + oc -n openstack wait + osdpns openstack-edpm --for condition=SetupReady + --timeout=60m + values: + - name: edpm-nodeset-values + src_file: values.yaml + build_output: nodeset.yaml + post_stage_run: + - name: Install nvidia driver + type: playbook + # TODO: I haven't passed the secret URL but I don't know how to do it. + source: "../../playbooks/nvidia-mdev.yml" + inventory: "${HOME}/ci-framework-data/artifacts/zuul_inventory.yml" + + - path: examples/va/nvidia-mdev/edpm/deployment + wait_conditions: + - >- + oc -n openstack wait + osdpns openstack-edpm --for condition=Ready + --timeout=60m + values: + - name: edpm-deployment-values + src_file: values.yaml + build_output: deployment.yaml diff --git a/examples/va/nvidia-mdev/.gitignore b/examples/va/nvidia-mdev/.gitignore new file mode 100644 index 000000000..3df8f53be --- /dev/null +++ b/examples/va/nvidia-mdev/.gitignore @@ -0,0 +1 @@ +control-plane.yaml diff --git a/examples/va/nvidia-mdev/edpm/.gitignore b/examples/va/nvidia-mdev/edpm/.gitignore new file mode 100644 index 000000000..835442d0a --- /dev/null +++ b/examples/va/nvidia-mdev/edpm/.gitignore @@ -0,0 +1,2 @@ +dataplane-deployment.yaml +dataplane-nodeset.yaml \ No newline at end of file diff --git a/examples/va/nvidia-mdev/edpm/deployment/.gitignore b/examples/va/nvidia-mdev/edpm/deployment/.gitignore new file mode 100644 index 000000000..56387c5df --- /dev/null +++ b/examples/va/nvidia-mdev/edpm/deployment/.gitignore @@ -0,0 +1 @@ +dataplane-deployment.yaml \ No newline at end of file diff --git a/examples/va/nvidia-mdev/edpm/deployment/kustomization.yaml b/examples/va/nvidia-mdev/edpm/deployment/kustomization.yaml new file mode 100644 index 000000000..897ab91ec --- /dev/null +++ b/examples/va/nvidia-mdev/edpm/deployment/kustomization.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../va/nvidia-mdev/edpm/deployment + # - https://github.com/openstack-k8s-operators/architecture/va/nvidia-mdev/edpm/deployment?ref=main + ## It's possible to replace ../../../../../va/nvidia-mdev/edpm/deployment/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml diff --git a/examples/va/nvidia-mdev/edpm/deployment/values.yaml b/examples/va/nvidia-mdev/edpm/deployment/values.yaml new file mode 100644 index 000000000..7f371b2cc --- /dev/null +++ b/examples/va/nvidia-mdev/edpm/deployment/values.yaml @@ -0,0 +1,10 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-deployment-values + annotations: + config.kubernetes.io/local-config: "true" +data: {} diff --git a/examples/va/nvidia-mdev/edpm/nodeset/.gitignore b/examples/va/nvidia-mdev/edpm/nodeset/.gitignore new file mode 100644 index 000000000..721008e8b --- /dev/null +++ b/examples/va/nvidia-mdev/edpm/nodeset/.gitignore @@ -0,0 +1 @@ +dataplane-nodeset.yaml \ No newline at end of file diff --git a/examples/va/nvidia-mdev/edpm/nodeset/kustomization.yaml b/examples/va/nvidia-mdev/edpm/nodeset/kustomization.yaml new file mode 100644 index 000000000..31278ef62 --- /dev/null +++ b/examples/va/nvidia-mdev/edpm/nodeset/kustomization.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../../../va/nvidia-mdev/edpm/nodeset + # - https://github.com/openstack-k8s-operators/architecture/va/nvidia-mdev/edpm/nodeset?ref=main + ## It's possible to replace ../../../../../va/nvidia-mdev/edpm/nodeset/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - values.yaml diff --git a/examples/va/nvidia-mdev/edpm/nodeset/values.yaml b/examples/va/nvidia-mdev/edpm/nodeset/values.yaml new file mode 100644 index 000000000..d7a2f949a --- /dev/null +++ b/examples/va/nvidia-mdev/edpm/nodeset/values.yaml @@ -0,0 +1,160 @@ +# yamllint disable rule:line-length +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: edpm-nodeset-values + annotations: + config.kubernetes.io/local-config: "true" +data: + root_password: cmVkaGF0Cg== + preProvisioned: false + baremetalSetTemplate: + ctlplaneInterface: eno2 # CHANGEME + cloudUserName: cloud-admin + provisioningInterface: enp1s0 # CHANGEME + bmhLabelSelector: + app: openstack # CHANGEME + passwordSecret: + name: baremetalset-password-secret + namespace: openstack + ssh_keys: + # Authorized keys that will have access to the dataplane computes via SSH + authorized: CHANGEME + # The private key that will have access to the dataplane computes via SSH + private: CHANGEME2 + # The public key that will have access to the dataplane computes via SSH + public: CHANGEME3 + nodeset: + ansible: + ansibleUser: cloud-admin + ansiblePort: 22 + ansibleVars: + # CHANGEME -- see https://access.redhat.com/solutions/253273 + # edpm_bootstrap_command: | + # subscription-manager register --username --password + # podman login -u -p registry.redhat.io + timesync_ntp_servers: + - hostname: pool.ntp.org + # CPU pinning settings + edpm_kernel_args: "default_hugepagesz=1GB hugepagesz=1G hugepages=16 intel_iommu=on iommu=pt isolcpus=4-23,28-47" + edpm_tuned_profile: "cpu-partitioning-powersave" + edpm_tuned_isolated_cores: "4-23,28-47" + # edpm_network_config + # These vars are edpm_network_config role vars + edpm_network_config_hide_sensitive_logs: false + edpm_network_config_os_net_config_mappings: + edpm-compute-0: + nic2: 6c:fe:54:3f:8a:02 # CHANGEME + nic3: 6c:fe:54:3f:8a:03 # CHANGEME + edpm-compute-1: + nic2: 6b:fe:54:3f:8a:02 # CHANGEME + nic3: 6b:fe:54:3f:8a:03 # CHANGEME + edpm_network_config_template: | + --- + {% set mtu_list = [ctlplane_mtu] %} + {% for network in nodeset_networks %} + {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} + {%- endfor %} + {% set min_viable_mtu = mtu_list | max %} + network_config: + - type: ovs_bridge + name: {{ neutron_physical_bridge_name }} + mtu: {{ min_viable_mtu }} + use_dhcp: false + dns_servers: {{ ctlplane_dns_nameservers }} + domain: {{ dns_search_domains }} + addresses: + - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} + routes: {{ ctlplane_host_routes }} + members: + - type: interface + name: nic2 + mtu: {{ min_viable_mtu }} + # force the MAC address of the bridge to this interface + primary: true + {% for network in nodeset_networks %} + - type: vlan + mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} + vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} + addresses: + - ip_netmask: + {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} + routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} + {% endfor %} + - type: sriov_pf + name: nic3 + numvfs: 10 + use_dhcp: false + promisc: true + + # These vars are for the network config templates themselves and are + # considered EDPM network defaults. + neutron_physical_bridge_name: br-ex + neutron_public_interface_name: eth0 + # edpm_nodes_validation + edpm_nodes_validation_validate_controllers_icmp: false + edpm_nodes_validation_validate_gateway_icmp: false + dns_search_domains: [] + gather_facts: false + # edpm firewall, change the allowed CIDR if needed + edpm_sshd_configure_firewall: true + edpm_sshd_allowed_ranges: + - 192.168.122.0/24 + # SRIOV settings + edpm_neutron_sriov_agent_SRIOV_NIC_physical_device_mappings: 'sriov-phy4:eno4' + networks: + - defaultRoute: true + name: ctlplane + subnetName: subnet1 + - name: internalapi + subnetName: subnet1 + - name: storage + subnetName: subnet1 + - name: tenant + subnetName: subnet1 + nodes: + edpm-compute-0: + hostName: edpm-compute-0 + edpm-compute-1: + hostName: edpm-compute-1 + services: + - bootstrap + - download-cache + - configure-network + - validate-network + - install-os + - configure-os + - ssh-known-hosts + - run-os + - reboot-os + - install-certs + - libvirt + - ovn + - neutron-ovn + - nova-custom-sriov + - neutron-sriov + - neutron-metadata + nova: + compute: + conf: | + # CHANGEME + [DEFAULT] + reserved_host_memory_mb = 4096 + reserved_huge_pages = node:0,size:4,count:524160 + reserved_huge_pages = node:1,size:4,count:524160 + [compute] + cpu_shared_set = 0-3,24-27 + cpu_dedicated_set = 8-23,32-47 + [devices] + mdev_enabled_types = nvidia-268 + migration: + ssh_keys: + private: CHANGEME4 + public: CHANGEME5 + pci: + conf: | + # CHANGEME + [pci] + device_spec = {"vendor_id":"8086", "product_id":"1572", "address": "0000:19:00.3", "physical_network":"sriov-phy4", "trusted":"true"} diff --git a/examples/va/nvidia-mdev/kustomization.yaml b/examples/va/nvidia-mdev/kustomization.yaml new file mode 100644 index 000000000..7fb587ab3 --- /dev/null +++ b/examples/va/nvidia-mdev/kustomization.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +components: + - ../../../va/nvidia-mdev/ + # - https://github.com/openstack-k8s-operators/architecture/va/nvidia-mdev?ref=main + ## It's possible to replace ../../../va/nvidia-mdev/ with a git checkout URL as per: + ## https://github.com/kubernetes-sigs/kustomize/blob/master/examples/remoteBuild.md + +resources: + - nncp/values.yaml + - service-values.yaml diff --git a/examples/va/nvidia-mdev/nncp/.gitignore b/examples/va/nvidia-mdev/nncp/.gitignore new file mode 100644 index 000000000..51ed8a956 --- /dev/null +++ b/examples/va/nvidia-mdev/nncp/.gitignore @@ -0,0 +1 @@ +nncp.yaml diff --git a/examples/va/nvidia-mdev/nncp/kustomization.yaml b/examples/va/nvidia-mdev/nncp/kustomization.yaml new file mode 100644 index 000000000..e24e8ec62 --- /dev/null +++ b/examples/va/nvidia-mdev/nncp/kustomization.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../va/nvidia-mdev/nncp + +resources: + - values.yaml diff --git a/examples/va/nvidia-mdev/nncp/values.yaml b/examples/va/nvidia-mdev/nncp/values.yaml new file mode 100644 index 000000000..b81469b39 --- /dev/null +++ b/examples/va/nvidia-mdev/nncp/values.yaml @@ -0,0 +1,242 @@ +# local-config: referenced, but not emitted by kustomize +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: network-values + annotations: + config.kubernetes.io/local-config: "true" +data: + # nodes + node_0: + name: ostest-master-0 + internalapi_ip: 172.17.0.5 + tenant_ip: 172.19.0.5 + ctlplane_ip: 192.168.122.10 + storage_ip: 172.18.0.5 + swift_ip: 172.22.0.5 + node_1: + name: ostest-master-1 + internalapi_ip: 172.17.0.6 + tenant_ip: 172.19.0.6 + ctlplane_ip: 192.168.122.11 + storage_ip: 172.18.0.6 + swift_ip: 172.22.0.6 + node_2: + name: ostest-master-2 + internalapi_ip: 172.17.0.7 + tenant_ip: 172.19.0.7 + ctlplane_ip: 192.168.122.12 + storage_ip: 172.18.0.7 + swift_ip: 172.22.0.7 + + # networks + ctlplane: + dnsDomain: ctlplane.example.com + subnets: + - allocationRanges: + - end: 192.168.122.120 + start: 192.168.122.100 + - end: 192.168.122.200 + start: 192.168.122.150 + cidr: 192.168.122.0/24 + gateway: 192.168.122.1 + name: subnet1 + prefix-length: 24 + iface: enp6s0 + mtu: 9000 + lb_addresses: + - 192.168.122.80-192.168.122.90 + endpoint_annotations: + metallb.universe.tf/address-pool: ctlplane + metallb.universe.tf/allow-shared-ip: ctlplane + metallb.universe.tf/loadBalancerIPs: 192.168.122.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "ctlplane", + "type": "macvlan", + "master": "ospbr", + "ipam": { + "type": "whereabouts", + "range": "192.168.122.0/24", + "range_start": "192.168.122.30", + "range_end": "192.168.122.70" + } + } + internalapi: + dnsDomain: internalapi.example.com + subnets: + - allocationRanges: + - end: 172.17.0.250 + start: 172.17.0.100 + cidr: 172.17.0.0/24 + name: subnet1 + vlan: 20 + mtu: 1500 + prefix-length: 24 + iface: internalapi + vlan: 20 + base_iface: enp6s0 + lb_addresses: + - 172.17.0.80-172.17.0.90 + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.80 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "internalapi", + "type": "macvlan", + "master": "internalapi", + "ipam": { + "type": "whereabouts", + "range": "172.17.0.0/24", + "range_start": "172.17.0.30", + "range_end": "172.17.0.70" + } + } + storage: + dnsDomain: storage.example.com + subnets: + - allocationRanges: + - end: 172.18.0.250 + start: 172.18.0.100 + cidr: 172.18.0.0/24 + name: subnet1 + vlan: 21 + mtu: 9000 + prefix-length: 24 + iface: storage + vlan: 21 + base_iface: enp6s0 + lb_addresses: + - 172.18.0.80-172.18.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "storage", + "type": "macvlan", + "master": "storage", + "ipam": { + "type": "whereabouts", + "range": "172.18.0.0/24", + "range_start": "172.18.0.30", + "range_end": "172.18.0.70" + } + } + storagemgmt: # used on RHEL, not used on OpenShift + dnsDomain: storagemgmt.example.com + subnets: + - allocationRanges: + - end: 172.20.0.250 + start: 172.20.0.100 + cidr: 172.20.0.0/24 + name: subnet1 + vlan: 23 + mtu: 9000 + tenant: + dnsDomain: tenant.example.com + subnets: + - allocationRanges: + - end: 172.19.0.250 + start: 172.19.0.100 + cidr: 172.19.0.0/24 + name: subnet1 + vlan: 22 + mtu: 1500 + prefix-length: 24 + iface: tenant + vlan: 22 + base_iface: enp6s0 + lb_addresses: + - 172.19.0.80-172.19.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "tenant", + "type": "macvlan", + "master": "tenant", + "ipam": { + "type": "whereabouts", + "range": "172.19.0.0/24", + "range_start": "172.19.0.30", + "range_end": "172.19.0.70" + } + } + external: + dnsDomain: external.example.com + subnets: + - allocationRanges: + - end: 10.0.0.250 + start: 10.0.0.100 + cidr: 10.0.0.0/24 + gateway: 10.0.0.1 + name: subnet1 + mtu: 1500 + swift: + dnsDomain: swift.example.com + subnets: + - allocationRanges: + - end: 172.22.0.250 + start: 172.22.0.100 + cidr: 172.22.0.0/24 + gateway: 172.22.0.1 + name: subnet1 + vlan: 25 + mtu: 1500 + prefix-length: 24 + iface: swift + vlan: 25 + base_iface: enp6s0 + lb_addresses: + - 172.22.0.80-172.22.0.90 + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "swift", + "type": "macvlan", + "master": "swift", + "ipam": { + "type": "whereabouts", + "range": "172.22.0.0/24", + "range_start": "172.22.0.100", + "range_end": "172.22.0.250" + } + } + datacentre: + net-attach-def: | + { + "cniVersion": "0.3.1", + "name": "datacentre", + "type": "bridge", + "bridge": "ospbr", + "ipam": {} + } + + dns-resolver: + config: + server: + - 192.168.122.1 + search: [] + options: + - key: server + values: + - 192.168.122.1 + + routes: + config: [] + + rabbitmq: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.85 + rabbitmq-cell1: + endpoint_annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.86 + + lbServiceType: LoadBalancer + storageClass: local-storage + bridgeName: ospbr diff --git a/examples/va/nvidia-mdev/service-values.yaml b/examples/va/nvidia-mdev/service-values.yaml new file mode 100644 index 000000000..7d79a5db9 --- /dev/null +++ b/examples/va/nvidia-mdev/service-values.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-values + annotations: + config.kubernetes.io/local-config: "true" +data: + preserveJobs: false diff --git a/va/nvidia-mdev/edpm/deployment/kustomization.yaml b/va/nvidia-mdev/edpm/deployment/kustomization.yaml new file mode 100644 index 000000000..227bcc100 --- /dev/null +++ b/va/nvidia-mdev/edpm/deployment/kustomization.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../lib/dataplane/deployment diff --git a/va/nvidia-mdev/edpm/nodeset/baremetalset-password-secret.yaml b/va/nvidia-mdev/edpm/nodeset/baremetalset-password-secret.yaml new file mode 100644 index 000000000..41daad38d --- /dev/null +++ b/va/nvidia-mdev/edpm/nodeset/baremetalset-password-secret.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +data: + NodeRootPassword: _replaced_ +kind: Secret +metadata: + name: baremetalset-password-secret + namespace: openstack +type: Opaque diff --git a/va/nvidia-mdev/edpm/nodeset/kustomization.yaml b/va/nvidia-mdev/edpm/nodeset/kustomization.yaml new file mode 100644 index 000000000..0c4325864 --- /dev/null +++ b/va/nvidia-mdev/edpm/nodeset/kustomization.yaml @@ -0,0 +1,90 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../../../lib/dataplane/nodeset + +resources: + - baremetalset-password-secret.yaml + - nova_sriov.yaml + +replacements: + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.root_password + targets: + - select: + kind: Secret + name: baremetalset-password-secret + fieldPaths: + - data.NodeRootPassword + options: + create: true + + # Nova compute CPU pinning customization + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.nova.compute.conf + targets: + - select: + kind: ConfigMap + name: cpu-pinning-nova + fieldPaths: + - data.25-cpu-pinning-nova\.conf + options: + create: true + # Nova compute PCI passthrough customization + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.nova.pci.conf + targets: + - select: + kind: ConfigMap + name: sriov-nova + fieldPaths: + - data.03-sriov-nova\.conf + options: + create: true + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.preProvisioned + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: openstack-edpm + fieldPaths: + - spec.preProvisioned + options: + create: true + - source: + kind: ConfigMap + name: edpm-nodeset-values + fieldPath: data.baremetalSetTemplate + targets: + - select: + kind: OpenStackDataPlaneNodeSet + name: openstack-edpm + fieldPaths: + - spec.baremetalSetTemplate + options: + create: true diff --git a/va/nvidia-mdev/edpm/nodeset/nova_sriov.yaml b/va/nvidia-mdev/edpm/nodeset/nova_sriov.yaml new file mode 100644 index 000000000..95caff77f --- /dev/null +++ b/va/nvidia-mdev/edpm/nodeset/nova_sriov.yaml @@ -0,0 +1,41 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: cpu-pinning-nova +data: + 25-cpu-pinning-nova.conf: _replaced_ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: sriov-nova +data: + 03-sriov-nova.conf: _replaced_ +--- +apiVersion: dataplane.openstack.org/v1beta1 +kind: OpenStackDataPlaneService +metadata: + name: nova-custom-sriov +spec: + label: dataplane-deployment-nova-custom-sriov + edpmServiceType: nova + dataSources: + - configMapRef: + name: cpu-pinning-nova + - configMapRef: + name: sriov-nova + - secretRef: + name: nova-cell1-compute-config + - secretRef: + name: nova-migration-ssh-key + playbook: osp.edpm.nova + tlsCerts: + default: + contents: + - dnsnames + - ips + networks: + - ctlplane + issuer: osp-rootca-issuer-internal + caCerts: combined-ca-bundle diff --git a/va/nvidia-mdev/kustomization.yaml b/va/nvidia-mdev/kustomization.yaml new file mode 100644 index 000000000..dce4e6479 --- /dev/null +++ b/va/nvidia-mdev/kustomization.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +transformers: + # Set namespace to OpenStack on all namespaced objects without a namespace + - |- + apiVersion: builtin + kind: NamespaceTransformer + metadata: + name: _ignored_ + namespace: openstack + setRoleBindingSubjects: none + unsetOnly: true + fieldSpecs: + - path: metadata/name + kind: Namespace + create: true + +components: + - ../../lib/networking/metallb + - ../../lib/networking/netconfig + - ../../lib/networking/nad + - ../../lib/control-plane diff --git a/va/nvidia-mdev/namespace.yaml b/va/nvidia-mdev/namespace.yaml new file mode 100644 index 000000000..60a6e8c42 --- /dev/null +++ b/va/nvidia-mdev/namespace.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: builtin +kind: NamespaceTransformer +metadata: + name: _ignored_ + namespace: openstack +setRoleBindingSubjects: none +unsetOnly: true +fieldSpecs: + - path: metadata/name + kind: Namespace + create: true