openstack-k8s-operators
diff --git a/‎automation/mocks/bgp-l3-xl.yaml‎
Lines changed: 1440 additions & 0 deletions b/‎automation/mocks/bgp-l3-xl.yaml‎
Lines changed: 1440 additions & 0 deletions
diff --git a/‎automation/vars/bgp-l3-xl.yaml‎
Lines changed: 197 additions & 0 deletions b/‎automation/vars/bgp-l3-xl.yaml‎
Lines changed: 197 additions & 0 deletions
diff --git a/‎dt/bgp/kustomization.yaml‎
Lines changed: 0 additions & 12 deletions b/‎dt/bgp/kustomization.yaml‎
Lines changed: 0 additions & 12 deletions
diff --git a/‎examples/dt/bgp-l3-xl/README.md‎
Lines changed: 117 additions & 0 deletions b/‎examples/dt/bgp-l3-xl/README.md‎
Lines changed: 117 additions & 0 deletions
diff --git a/‎examples/dt/bgp-l3-xl/bgp-configuration.md‎
Lines changed: 16 additions & 0 deletions b/‎examples/dt/bgp-l3-xl/bgp-configuration.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎examples/dt/bgp-l3-xl/configure-taints.md‎
Lines changed: 21 additions & 0 deletions b/‎examples/dt/bgp-l3-xl/configure-taints.md‎
Lines changed: 21 additions & 0 deletions
@@ -0,0 +1,197 @@
+---
+vas:
+  bgp-l3-xl:
+    stages:
+      - pre_stage_run:
+          - name: Apply taint on worker-9
+            type: cr
+            definition:
+              spec:
+                taints:
+                  - effect: NoSchedule
+                    key: testOperator
+                    value: 'true'
+                  - effect: NoExecute
+                    key: testOperator
+                    value: 'true'
+            kind: Node
+            resource_name: worker-9
+            state: patched
+          - name: Disable rp_filters on OCP nodes
+            type: cr
+            definition:
+              spec:
+                profile:
+                  - data: |
+                      [main]
+                      summary=Optimize systems running OpenShift (provider specific parent profile)
+                      include=-provider-${f:exec:cat:/var/lib/ocp-tuned/provider},openshift
+
+                      [sysctl]
+                      net.ipv4.conf.enp7s0.rp_filter=0
+                      net.ipv4.conf.enp8s0.rp_filter=0
+                    name: openshift-no-reapply-sysctl
+                recommend:
+                  - match:
+                      # applied to all nodes except worker-9, because worker-9 has no enp8s0
+                      - label: kubernetes.io/hostname
+                        value: worker-0
+                      - label: kubernetes.io/hostname
+                        value: worker-1
+                      - label: kubernetes.io/hostname
+                        value: worker-2
+                      - label: kubernetes.io/hostname
+                        value: worker-3
+                      - label: kubernetes.io/hostname
+                        value: worker-4
+                      - label: kubernetes.io/hostname
+                        value: worker-5
+                      - label: kubernetes.io/hostname
+                        value: worker-6
+                      - label: kubernetes.io/hostname
+                        value: worker-7
+                      - label: kubernetes.io/hostname
+                        value: worker-8
+                      - label: node-role.kubernetes.io/master
+                    operand:
+                      tunedConfig:
+                        reapply_sysctl: false
+                    priority: 15
+                    profile: openshift-no-reapply-sysctl
+            api_version: tuned.openshift.io/v1
+            kind: Tuned
+            resource_name: openshift-no-reapply-sysctl
+            namespace: openshift-cluster-node-tuning-operator
+            state: present
+        path: examples/dt/bgp-l3-xl/control-plane/nncp
+        wait_conditions:
+          - >-
+            oc -n openstack wait nncp
+            -l osp/nncm-config-type=standard
+            --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured
+            --timeout=300s
+        values:
+          - name: network-values
+            src_file: values.yaml
+        build_output: nncp.yaml
+
+      - path: examples/dt/bgp-l3-xl/control-plane
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackcontrolplane
+            controlplane
+            --for condition=Ready
+            --timeout=30m
+        values:
+          - name: network-values
+            src_file: nncp/values.yaml
+          - name: service-values
+            src_file: service-values.yaml
+        build_output: control-plane.yaml
+        post_stage_run:
+          - name: Create BGPConfiguration after controlplane is deployed
+            type: cr
+            definition:
+              spec: {}
+            api_version: network.openstack.org/v1beta1
+            kind: BGPConfiguration
+            resource_name: bgpconfiguration
+            namespace: openstack
+            state: present
+
+      -  # stage_2
+        path: examples/dt/bgp-l3-xl/edpm/computes/r0
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackdataplanenodeset
+            r0-compute-nodes
+            --for condition=SetupReady
+            --timeout=600s
+        values:
+          - name: edpm-r0-compute-nodeset-values
+            src_file: values.yaml
+        build_output: edpm-r0-compute-nodeset.yaml
+
+      -  # stage_3
+        path: examples/dt/bgp-l3-xl/edpm/computes/r1
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackdataplanenodeset
+            r1-compute-nodes
+            --for condition=SetupReady
+            --timeout=600s
+        values:
+          - name: edpm-r1-compute-nodeset-values
+            src_file: values.yaml
+        build_output: edpm-r1-compute-nodeset.yaml
+
+      -  # stage_4
+        path: examples/dt/bgp-l3-xl/edpm/computes/r2
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackdataplanenodeset
+            r2-compute-nodes
+            --for condition=SetupReady
+            --timeout=600s
+        values:
+          - name: edpm-r2-compute-nodeset-values
+            src_file: values.yaml
+        build_output: edpm-r2-compute-nodeset.yaml
+
+      -  # stage_5
+        path: examples/dt/bgp-l3-xl/edpm/networkers/r0
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackdataplanenodeset
+            r0-networker-nodes
+            --for condition=SetupReady
+            --timeout=600s
+        values:
+          - name: edpm-r0-networker-nodeset-values
+            src_file: values.yaml
+        build_output: edpm-r0-networker-nodeset.yaml
+
+      -  # stage_6
+        path: examples/dt/bgp-l3-xl/edpm/networkers/r1
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackdataplanenodeset
+            r1-networker-nodes
+            --for condition=SetupReady
+            --timeout=600s
+        values:
+          - name: edpm-r1-networker-nodeset-values
+            src_file: values.yaml
+        build_output: edpm-r1-networker-nodeset.yaml
+
+      -  # stage_7
+        path: examples/dt/bgp-l3-xl/edpm/networkers/r2
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackdataplanenodeset
+            r2-networker-nodes
+            --for condition=SetupReady
+            --timeout=600s
+        values:
+          - name: edpm-r2-networker-nodeset-values
+            src_file: values.yaml
+        build_output: edpm-r2-networker-nodeset.yaml
+
+      -  # stage_8
+        path: examples/dt/bgp-l3-xl/edpm/deployment
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackdataplanedeployment
+            edpm-deployment
+            --for condition=Ready
+            --timeout=120m
+        values:
+          - name: edpm-deployment-values
+            src_file: values.yaml
+        build_output: edpm-deployment.yaml
+        post_stage_run:
+          - name: Wait until computes are ready
+            type: playbook
+            source: "../../playbooks/bgp-l3-computes-ready.yml"
+            extra_vars:
+              num_computes: 6
@@ -305,18 +305,6 @@ replacements:
         options:
           create: true
 
-  - source:
-      kind: ConfigMap
-      name: service-values
-      fieldPath: data.ovn.ovnController.nicMappings
-    targets:
-      - select:
-          kind: OpenStackControlPlane
-        fieldPaths:
-          - spec.ovn.template.ovnController.nicMappings
-        options:
-          create: true
-
   - source:
       kind: ConfigMap
       name: network-values
 
@@ -0,0 +1,117 @@
+# RHOSO Deployed Topology - BGP-L3-XL DT - Kernel routing and OVN NB DB driver
+
+This document describes a scaled out BGP Deployed Topology (DT), used to test the
+BGP Dynamic Routing functionality on Red Hat OpenStack Services on OpenShift
+(RHOSO).
+
+The CRs included within this DT should be applied on an environment where EDPM
+and OCP nodes are connected through a spine/leaf network. The BGP protocol
+should be enabled on those spine and leaf routers.
+
+## Purpose
+
+This BGP DT (l3-xl) tests default BGP configuration:
+* Kernel routing (instead of OVN routing)
+* OVN NB DB driver (instead of OVN SB DB driver)
+
+The OCP cluster consists on the following nodes:
+* 3 OCP master nodes
+* 9 OCP worker nodes
+* 1 OCP worker node with special configuration (OCP tester node)
+
+This DT creates an OCP cluster that includes both master and worker nodes,
+instead of the usual master/worker combo nodes. The reason for this is to run
+disruptive tests only on the OCP workers, which host the Openstack Control
+Plane services, avoiding potential issues when OCP master nodes are disrupted
+that would not be relevant when testing RHOSO high availability scenarios.
+
+The extra OCP worker (OCP tester) is needed to run tests from it because:
+* disruptive tests can be run from this worker on the other workers without
+  affecting the test exection
+* this worker is connected to the spine/leaf routers with a special routing
+  configuration, so that it can reach the Openstack provider network
+The OCP tester is configured so that only test pods (created by the
+Openstack test-operator) run on it.
+
+This DT configures both compute and networker EDPM nodes. So far, networker
+nodes are needed when BGP is used on RHOSO, in order to expose routes to SNAT
+traffic (OVN Gateway IPs). In other words, when RHOSO is used with BGP, the OCP
+workers cannot be configured as OVN Gateways.
+
+The OCP and EDPM nodes deployed with this DT are distributed into three
+different racks. Each rack is connected to two leaves.
+Hence, the distribution of the nodes in the racks is the following one:
+* rack0: r0-compute-0, r0-compute-1, r0-networker-0, ocp-master-0, ocp-worker-0, leaf-0, leaf-1
+* rack1: r1-compute-0, r1-compute-1, r1-networker-0, ocp-master-1, ocp-worker-1, leaf-2, leaf-3
+* rack2: r2-compute-0, r2-compute-1, r2-networker-0, ocp-master-2, ocp-worker-2, leaf-4, leaf-5
+
+The OCP tester (ocp-worker-3) is not included into any rack. It is not
+connected to any leaves, but to a router connected to the spines, due to the
+reasons described before (it needs special connectivity to reach the provider
+network).
+
+## Node topology
+| Node role               | bm/vm | amount |
+| ----------------------- | ----- | ------ |
+| Openshift master nodes  | vm    | 3      |
+| Openshift worker nodes  | vm    | 10     |
+| Openstack Computes      | vm    | 6      |
+| Openstack Networker     | vm    | 3      |
+| Leaf routers            | vm    | 6      |
+| Spine routers           | vm    | 2      |
+| External routers        | vm    | 1      |
+| Ansible Controller      | vm    | 1      |
+
+### Networks
+
+| Name                     | Type     | CIDR             |
+| ------------------------ | -------- | ---------------- |
+| Controlplane rack0       | untagged | 192.168.122.0/24 |
+| Controlplane rack1       | untagged | 192.168.123.0/24 |
+| Controlplane rack2       | untagged | 192.168.124.0/24 |
+| Provider network         | untagged | 192.168.133.0/24 |
+| RH OSP                   | untagged | 192.168.111.0/24 |
+| edpm/ocp to left leaves  | untagged | 100.64.x.y/30    |
+| edpm/ocp to right leaves | untagged | 100.65.x.y/30    |
+
+## Services, enabled features and configurations
+
+| Service          | configuration    | Lock-in coverage?  |
+| ---------------- | ---------------- | ------------------ |
+| Glance           | Swift            | Must have          |
+| Swift            | (default)        | Must have          |
+| Octavia          | (default)        | Must have          |
+| Heat             | (default)        | Must have          |
+| frr              | dataplane        | Must have          |
+| ovn-bgp-agent    | dataplane        | Must have          |
+
+## Considerations/Constraints
+
+1. Virtual networks should be created to connect the nodes to the routers.
+2. All the VMs that are neither Openstack nor Openshift nodes, i.e. those that
+   act as routers, need to be properly configured in order to support the BGP
+   protocol.
+3. The spine/leaf topology separates the nodes into different L2
+   network segments, called racks. Each rack includes two leaves, some OCP
+   nodes and some EDPM nodes.
+4. The Openstack services running on the EDPM nodes are installed using the BGP
+   network, i.e. the Openstack services running on OCP nodes connect to the
+   Openstack services running on EDPM nodes using BGP. There is no direct L2
+   network connectivity between them. OCP version 4.18 or higher is required
+   because the Openstack Operators use the frr-k8s feature for this and frr-k8s
+   is not available in OCP 4.16.
+5. Once Openstack is installed on them, both dataplane and controlplane
+   connections are achieved using the BGP protocol.
+6. Tests are executed from the OCP worker to verify external connectivity.
+
+## Stages
+
+All stages must be executed in the order listed below. Everything is required unless otherwise indicated.
+
+1. [Configure taints on the OCP worker](configure-taints.md)
+2. [Disable RP filters on OCP nodes](disable-rp-filters.md)
+3. [Install the OpenStack K8S operators and their dependencies](../../common/)
+4. [Apply metallb customization required to run a speaker pod on the OCP tester node](metallb/)
+5. [Configuring networking and deploy the OpenStack control plane](control-plane.md)
+6. [Create BGPConfiguration after controplane is deployed](bgp-configuration.md)
+7. [Configure and deploy the dataplane - networker and compute nodes](data-plane.md)
@@ -0,0 +1,16 @@
+# Create BGPConfiguration after controplane is deployed
+
+An empty BGPConfiguration Openshift resource needs to be created.
+The infra-operator will detect this resource is created and will automatically
+apply the required Openshift BGP configuration.
+OCP 4.18 release is necessary for this.
+
+The following CR needs to be applied:
+```
+apiVersion: network.openstack.org/v1beta1
+kind: BGPConfiguration
+metadata:
+  name: bgpconfiguration
+  namespace: openstack
+spec: {}
+```
@@ -0,0 +1,21 @@
+# Apply taints on OCP tester node
+
+This OCP worker node should not run any Openstack service apart from those
+created by the test-operator.
+It should also run a metallb's speaker pod, in order to obtain the proper
+network configuration.
+Due to this, taints should be configured on this worker.
+
+Execute the following command:
+```
+oc patch node/worker-9 --type merge --patch '
+  spec:
+    taints:
+      - effect: NoSchedule
+        key: testOperator
+        value: "true"
+      - effect: NoExecute
+        key: testOperator
+        value: "true"
+'
+```