From cbbb63ef186140f159f7941a1bf3b8255508eeeb Mon Sep 17 00:00:00 2001
From: Jake Hutchinson <jake@stackhpc.com>
Date: Mon, 27 Jan 2025 13:37:17 +0000
Subject: [PATCH 1/3] Unpin Kayobe/Kolla-Ansible versions
---
etc/kayobe/kolla.yml | 6 ++----
requirements.txt | 2 +-
2 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/etc/kayobe/kolla.yml b/etc/kayobe/kolla.yml
index e434e5ba9..7bf8fa16a 100644
--- a/etc/kayobe/kolla.yml
+++ b/etc/kayobe/kolla.yml
@@ -33,14 +33,12 @@ kolla_source_version: "{{ stackhpc_kolla_source_version }}"
# URL of Kolla Ansible source code repository if type is 'source'. Default is
# https://opendev.org/openstack/kolla-ansible.
-kolla_ansible_source_url: "https://gitlab.developers.cam.ac.uk/rcs/platforms/cloud-services/kolla-ansible"
-#kolla_ansible_source_url: "{{ stackhpc_kolla_ansible_source_url }}"
+kolla_ansible_source_url: "{{ stackhpc_kolla_ansible_source_url }}"
# Version (branch, tag, etc.) of Kolla Ansible source code repository if type
# is 'source'. Default is {{ openstack_branch }}.
#kolla_ansible_source_version: scientific-openstack/victoria-em.5
-kolla_ansible_source_version: "2023.1-eom-branch"
-#kolla_ansible_source_version: "{{ stackhpc_kolla_ansible_source_version }}"
+kolla_ansible_source_version: "{{ stackhpc_kolla_ansible_source_version }}"
# Path to virtualenv in which to install kolla-ansible. Default is
# $KOLLA_VENV_PATH or $PWD/venvs/kolla-ansible if $KOLLA_VENV_PATH is not set.
diff --git a/requirements.txt b/requirements.txt
index 609be2a81..774fe90a8 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,3 +1,3 @@
-git+https://gitlab.developers.cam.ac.uk/rcs/platforms/cloud-services/kayobe.git@2023.1-eom-branch#egg-kayobe # Apache-2.0
+git+https://github.com/stackhpc/kayobe.git@stackhpc/2023.1 # Apache-2.0
ansible-modules-hashivault>=5.2.1
jmespath
--
GitLab
From e98de15d118c0d7513227e1cd0bce4a4aadd613b Mon Sep 17 00:00:00 2001
From: Kayobe Automation <kayobe-automation@example.org>
Date: Mon, 10 Mar 2025 14:26:09 +0000
Subject: [PATCH 2/3] Add vars for new group compute-rcp-pvc-ood-20250228,
login/OoD worker nodes for Dawn/Waldur
---
etc/kayobe/ansible/compute-lvm.yml | 10 +-
.../ansible/hypervisor-broadcom-sriov.yml | 2 +-
.../production/inventory/overcloud | 12 ++
.../compute-rcp-pvc-ood-20250228/nova_cell | 11 ++
.../nova_cell.new | 20 +++
.../compute-rcp-pvc-ood-20250228/sriov | 6 +
.../compute-rcp-pvc-ood-20250228/tuning | 4 +
.../production/network-allocation.yml | 40 +++++-
etc/kayobe/inventory/custom | 1 +
.../compute-rcp-pvc-ood-20250228/compute.yml | 121 ++++++++++++++++++
.../compute-rcp-pvc-ood-20250228/firewall | 112 ++++++++++++++++
.../compute-rcp-pvc-ood-20250228/firewallgen | 53 ++++++++
.../compute-rcp-pvc-ood-20250228/lvm | 2 +
.../network-interfaces | 22 ++++
.../network-interfaces.old | 23 ++++
.../compute-rcp-pvc-ood-20250228/sriov | 7 +
.../compute-rcp-pvc-ood-20250228/tuning | 4 +
etc/kayobe/kolla.yml | 1 +
.../kolla/config/nova/nova-compute.conf | 3 +
19 files changed, 450 insertions(+), 4 deletions(-)
create mode 100644 etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/nova_cell
create mode 100644 etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/nova_cell.new
create mode 100644 etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/sriov
create mode 100644 etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/tuning
create mode 100644 etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/compute.yml
create mode 100644 etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/firewall
create mode 100644 etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/firewallgen
create mode 100644 etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/lvm
create mode 100644 etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/network-interfaces
create mode 100644 etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/network-interfaces.old
create mode 100644 etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/sriov
create mode 100644 etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/tuning
diff --git a/etc/kayobe/ansible/compute-lvm.yml b/etc/kayobe/ansible/compute-lvm.yml
index 670d50058..3c3cdb8ed 100644
--- a/etc/kayobe/ansible/compute-lvm.yml
+++ b/etc/kayobe/ansible/compute-lvm.yml
@@ -7,9 +7,15 @@
vars:
ansible_python_interpreter: "/bin/python3"
ansible_user: "cloud-user"
- # AR06 R660s
- root_disk: "pci-0000:02:00.0-scsi-0:2:0:0"
+ # DR16 R660s
+ root_disk: "pci-0000:3f:00.0-scsi-0:3:111:0"
root_partition_number: "3"
+ # CR13 R860s
+ #root_disk: "pci-0000:01:00.0-nvme-1"
+ #root_partition_number: "3"
+ # AR06 R660s
+ #root_disk: "pci-0000:02:00.0-scsi-0:2:0:0"
+ #root_partition_number: "3"
# CCLake
#root_disk: "pci-0000:00:11.5-ata-1.0"
#root_partition_number: "3"
diff --git a/etc/kayobe/ansible/hypervisor-broadcom-sriov.yml b/etc/kayobe/ansible/hypervisor-broadcom-sriov.yml
index e19a235a1..a0390e82f 100644
--- a/etc/kayobe/ansible/hypervisor-broadcom-sriov.yml
+++ b/etc/kayobe/ansible/hypervisor-broadcom-sriov.yml
@@ -8,7 +8,7 @@
- name: "{{ primary_eth_interface }}"
numvfs: 8
sriov_mft_url: https://www.mellanox.com/downloads/MFT/mft-4.15.1-9-x86_64-rpm.tgz
- sriov_numvfs: 8
+ sriov_numvfs: 16
remove_old_config: True
force_network_restart: True
tasks:
diff --git a/etc/kayobe/environments/production/inventory/overcloud b/etc/kayobe/environments/production/inventory/overcloud
index 34218d665..382c56d77 100644
--- a/etc/kayobe/environments/production/inventory/overcloud
+++ b/etc/kayobe/environments/production/inventory/overcloud
@@ -244,6 +244,7 @@ compute-rcp-internal-cclake-20240314
compute-ska-src-r660-himem-20240610
compute-ska-src-c6620-20240814
#compute-rcp-pvc-gpu-20240723
+compute-rcp-pvc-ood-20250228
#[compute-ar17-c6320]
#svn1-ar17-u20
@@ -293,6 +294,7 @@ compute-ska-src-r660-himem-20240610
compute-ska-src-c6620-20240814
compute-iris-c6620-srapids-20241128
compute-iris-r860-himem-20250130
+compute-rcp-pvc-ood-20250228
[compute-20200110]
cl-ar06-u28 ipmi_address=10.45.160.15 bmc_type=idrac
@@ -757,6 +759,16 @@ nova-svn1-fr14-u40 ansible_host=10.41.168.127
#[compute-rcp-pvc-gpu-20240723]
#nova-sv-ar19-u35 ansible_host=10.41.85.67
+[compute-rcp-pvc-ood-20250228]
+nova-sv-dr16-u6 ansible_host=10.41.87.1
+nova-sv-dr16-u7 ansible_host=10.41.87.2
+nova-sv-dr16-u8 ansible_host=10.41.87.3
+nova-sv-dr16-u9 ansible_host=10.41.87.4
+nova-sv-dr16-u10 ansible_host=10.41.87.5
+nova-sv-dr16-u11 ansible_host=10.41.87.6
+nova-sv-dr16-u12 ansible_host=10.41.87.7
+nova-sv-dr16-u13 ansible_host=10.41.87.8
+
# Switch groups
[switches:children]
ctl-switches
diff --git a/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/nova_cell b/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/nova_cell
new file mode 100644
index 000000000..acebde908
--- /dev/null
+++ b/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/nova_cell
@@ -0,0 +1,11 @@
+---
+
+nova_cell_compute_provider_config:
+ meta:
+ schema_version: '1.0'
+ providers:
+ - identification:
+ name: "{{ inventory_hostname }}"
+ traits:
+ additional:
+ - 'CUSTOM_OOD_V2_HYPERVISOR'
diff --git a/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/nova_cell.new b/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/nova_cell.new
new file mode 100644
index 000000000..f6bf1e6e4
--- /dev/null
+++ b/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/nova_cell.new
@@ -0,0 +1,20 @@
+---
+
+nova_cell_compute_provider_config:
+ meta:
+ schema_version: '1.0'
+ providers:
+ - identification:
+ name: "{{ inventory_hostname }}"
+ inventories:
+ additional:
+ - CUSTOM_PVC_1T_GPU:
+ total: 4
+ reserved: 0
+ min_unit: 1
+ max_unit: 4
+ step_size: 1
+ allocation_ratio: 1.0
+ traits:
+ additional:
+ - 'CUSTOM_PVC_1T_GPU'
diff --git a/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/sriov b/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/sriov
new file mode 100644
index 000000000..befb47a9e
--- /dev/null
+++ b/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/sriov
@@ -0,0 +1,6 @@
+---
+
+_enable_neutron_sriov: yes
+
+sriov_physnet_mappings:
+ eno12399np0: physnet1
diff --git a/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/tuning b/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/tuning
new file mode 100644
index 000000000..8c14bedd5
--- /dev/null
+++ b/etc/kayobe/environments/production/kolla/inventory/group_vars/compute-rcp-pvc-ood-20250228/tuning
@@ -0,0 +1,4 @@
+---
+
+enable_nested_virt: "false"
+nova_cpu_dedicated_set: "4-63"
diff --git a/etc/kayobe/environments/production/network-allocation.yml b/etc/kayobe/environments/production/network-allocation.yml
index 05bd51211..05eed8535 100644
--- a/etc/kayobe/environments/production/network-allocation.yml
+++ b/etc/kayobe/environments/production/network-allocation.yml
@@ -40,8 +40,8 @@ admin_oc_net_ips:
nova-sv-br08-u5: 10.41.243.132
nova-sv-br08-u7: 10.41.243.133
nova-sv-br08-u9: 10.41.243.134
+ nova-sv-cr13-u21: 10.41.169.5
nova-sv-cr13-u23: 10.41.169.4
- nova-sv-cr13-u21: 10.41.169.5
nova-sv-cr13-u28: 10.41.169.3
nova-sv-cr13-u29: 10.41.169.2
nova-sv-cr13-u30: 10.41.169.1
@@ -53,6 +53,14 @@ admin_oc_net_ips:
nova-sv-dr05-u27: 10.41.79.9
nova-sv-dr05-u29: 10.41.79.10
nova-sv-dr05-u8: 10.41.79.3
+ nova-sv-dr16-u10: 10.41.87.5
+ nova-sv-dr16-u11: 10.41.87.6
+ nova-sv-dr16-u12: 10.41.87.7
+ nova-sv-dr16-u13: 10.41.87.8
+ nova-sv-dr16-u6: 10.41.87.1
+ nova-sv-dr16-u7: 10.41.87.2
+ nova-sv-dr16-u8: 10.41.87.3
+ nova-sv-dr16-u9: 10.41.87.4
nova-sv-er19-u35: 10.41.18.5
nova-sv-er19-u37: 10.41.18.6
nova-svn1-ar02-u10: 10.41.161.17
@@ -381,6 +389,8 @@ internal_net_ips:
nova-sv-br08-u5: 10.5.2.26
nova-sv-br08-u7: 10.5.2.27
nova-sv-br08-u9: 10.5.2.28
+ nova-sv-cr13-u21: 10.5.2.75
+ nova-sv-cr13-u23: 10.5.2.74
nova-sv-cr13-u28: 10.5.2.42
nova-sv-cr13-u29: 10.5.2.41
nova-sv-cr13-u30: 10.5.2.40
@@ -392,6 +402,14 @@ internal_net_ips:
nova-sv-dr05-u27: 10.5.1.110
nova-sv-dr05-u29: 10.5.1.8
nova-sv-dr05-u8: 10.5.1.116
+ nova-sv-dr16-u10: 10.5.2.80
+ nova-sv-dr16-u11: 10.5.2.81
+ nova-sv-dr16-u12: 10.5.2.82
+ nova-sv-dr16-u13: 10.5.2.83
+ nova-sv-dr16-u6: 10.5.2.76
+ nova-sv-dr16-u7: 10.5.2.77
+ nova-sv-dr16-u8: 10.5.2.78
+ nova-sv-dr16-u9: 10.5.2.79
nova-sv-er19-u35: 10.5.1.82
nova-sv-er19-u37: 10.5.1.83
nova-svn1-ar02-u10: 10.5.2.8
@@ -790,6 +808,8 @@ storage_net_ips:
nova-sv-br08-u5: 10.4.204.64
nova-sv-br08-u7: 10.4.204.65
nova-sv-br08-u9: 10.4.204.66
+ nova-sv-cr13-u21: 10.4.204.127
+ nova-sv-cr13-u23: 10.4.204.126
nova-sv-cr13-u28: 10.4.204.80
nova-sv-cr13-u29: 10.4.204.79
nova-sv-cr13-u30: 10.4.204.78
@@ -801,6 +821,14 @@ storage_net_ips:
nova-sv-dr05-u27: 10.4.204.39
nova-sv-dr05-u29: 10.4.204.30
nova-sv-dr05-u8: 10.4.204.45
+ nova-sv-dr16-u10: 10.4.204.132
+ nova-sv-dr16-u11: 10.4.204.133
+ nova-sv-dr16-u12: 10.4.204.134
+ nova-sv-dr16-u13: 10.4.204.135
+ nova-sv-dr16-u6: 10.4.204.128
+ nova-sv-dr16-u7: 10.4.204.129
+ nova-sv-dr16-u8: 10.4.204.130
+ nova-sv-dr16-u9: 10.4.204.131
nova-sv-er19-u35: 10.4.201.80
nova-sv-er19-u37: 10.4.201.81
nova-svn1-ar02-u10: 10.4.204.7
@@ -1119,6 +1147,8 @@ tunnel_net_ips:
nova-sv-br08-u5: 10.17.2.24
nova-sv-br08-u7: 10.17.2.25
nova-sv-br08-u9: 10.17.2.26
+ nova-sv-cr13-u21: 10.17.2.73
+ nova-sv-cr13-u23: 10.17.2.72
nova-sv-cr13-u28: 10.17.2.40
nova-sv-cr13-u29: 10.17.2.39
nova-sv-cr13-u30: 10.17.2.38
@@ -1130,6 +1160,14 @@ tunnel_net_ips:
nova-sv-dr05-u27: 10.17.1.107
nova-sv-dr05-u29: 10.17.1.6
nova-sv-dr05-u8: 10.17.1.113
+ nova-sv-dr16-u10: 10.17.2.78
+ nova-sv-dr16-u11: 10.17.2.79
+ nova-sv-dr16-u12: 10.17.2.80
+ nova-sv-dr16-u13: 10.17.2.81
+ nova-sv-dr16-u6: 10.17.2.74
+ nova-sv-dr16-u7: 10.17.2.75
+ nova-sv-dr16-u8: 10.17.2.76
+ nova-sv-dr16-u9: 10.17.2.77
nova-sv-er19-u35: 10.17.1.80
nova-sv-er19-u37: 10.17.1.81
nova-svn1-ar02-u10: 10.17.2.7
diff --git a/etc/kayobe/inventory/custom b/etc/kayobe/inventory/custom
index f3126334c..60755a4cf 100644
--- a/etc/kayobe/inventory/custom
+++ b/etc/kayobe/inventory/custom
@@ -37,6 +37,7 @@
[compute-rcp-l40-20231102]
[compute-rcp-internal-cclake-20240314]
[compute-rcp-pvc-gpu-20240723]
+[compute-rcp-pvc-ood-20250228]
[a100_gpu_xe8545_ska]
[a100_gpu_xe8545_srcp]
[a100_gpu_xe8545_iris]
diff --git a/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/compute.yml b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/compute.yml
new file mode 100644
index 000000000..4ddeb1032
--- /dev/null
+++ b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/compute.yml
@@ -0,0 +1,121 @@
+---
+###############################################################################
+# Compute node configuration.
+
+# User with which to access the computes via SSH during bootstrap, in order
+# to setup the Kayobe user account.
+compute_bootstrap_user: cloud-user
+
+###############################################################################
+# Network interface attachments.
+
+# List of networks to which compute nodes are attached.
+compute_network_interfaces: >
+ {{ [admin_oc_net_name,
+ internal_net_name,
+ storage_net_name,
+ tunnel_net_name] | unique | list }}
+
+# List of default networks to which compute nodes are attached.
+#compute_default_network_interfaces:
+
+# List of extra networks to which compute nodes are attached.
+#compute_extra_network_interfaces:
+
+###############################################################################
+# Compute node BIOS configuration.
+
+# Dict of compute BIOS options. Format is same as that used by stackhpc.drac
+# role.
+#compute_bios_config:
+
+# Dict of default compute BIOS options. Format is same as that used by
+# stackhpc.drac role.
+#compute_bios_config_default:
+
+# Dict of additional compute BIOS options. Format is same as that used by
+# stackhpc.drac role.
+#compute_bios_config_extra:
+
+###############################################################################
+# Compute node RAID configuration.
+
+# List of compute RAID volumes. Format is same as that used by stackhpc.drac
+# role.
+#compute_raid_config:
+
+# List of default compute RAID volumes. Format is same as that used by
+# stackhpc.drac role.
+#compute_raid_config_default:
+
+# List of additional compute RAID volumes. Format is same as that used by
+# stackhpc.drac role.
+#compute_raid_config_extra:
+
+###############################################################################
+# Compute node software RAID configuration.
+
+# List of software RAID arrays. See mrlesmithjr.mdadm role for format.
+#compute_mdadm_arrays:
+
+###############################################################################
+# Compute node LVM configuration.
+
+# List of compute volume groups. See mrlesmithjr.manage-lvm role for
+# format.
+#compute_lvm_groups:
+
+# Default list of compute volume groups. See mrlesmithjr.manage-lvm role for
+# format.
+#compute_lvm_groups_default:
+
+# Additional list of compute volume groups. See mrlesmithjr.manage-lvm role
+# for format.
+#compute_lvm_groups_extra:
+
+# Compute LVM volume group for data. See mrlesmithjr.manage-lvm role for
+# format.
+#compute_lvm_group_data:
+
+# List of disks for use by compute LVM data volume group. Default to an
+# invalid value to require configuration.
+#compute_lvm_group_data_disks:
+
+# List of LVM logical volumes for the data volume group.
+#compute_lvm_group_data_lvs:
+
+# Docker volumes LVM backing volume.
+#compute_lvm_group_data_lv_docker_volumes:
+
+# Size of docker volumes LVM backing volume.
+#compute_lvm_group_data_lv_docker_volumes_size:
+
+# Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking.
+#compute_lvm_group_data_lv_docker_volumes_fs:
+
+###############################################################################
+# Compute node Ceph configuration.
+
+# List of Ceph disks.
+# The format is a list of dict like :
+# - { osd: "/dev/sdb", journal: "/dev/sdc" }
+# - { osd: "/dev/sdd" }
+# Journal variable is not mandatory.
+#compute_ceph_disks:
+
+###############################################################################
+# Compute node sysctl configuration.
+
+# Dict of sysctl parameters to set.
+#compute_sysctl_parameters:
+
+###############################################################################
+# Compute node user configuration.
+
+# List of users to create. This should be in a format accepted by the
+# singleplatform-eng.users role.
+#compute_users:
+
+###############################################################################
+# Dummy variable to allow Ansible to accept this file.
+workaround_ansible_issue_8743: yes
diff --git a/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/firewall b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/firewall
new file mode 100644
index 000000000..56136fa71
--- /dev/null
+++ b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/firewall
@@ -0,0 +1,112 @@
+---
+
+firewallgen_enable_firewall: True
+
+firewallgen_ipv4_input_allow_rules:
+ - interface: "lo"
+ port: 25
+ proto: tcp
+ destination: "127.0.0.1"
+ comment: "hint: used by 'master'"
+ - interface: "lo"
+ port: 6633
+ proto: tcp
+ destination: "127.0.0.1"
+ comment: "hint: used by 'neutron-openvsw' in docker container 'neutron_openvswitch_agent'"
+ - interface: "lo"
+ port: 6640
+ proto: tcp
+ destination: "127.0.0.1"
+ comment: "hint: used by 'ovsdb-server' in docker container 'openvswitch_db'"
+ - interface: "{{ admin_oc_net_interface }}"
+ port: 22
+ proto: tcp
+ comment: "hint: used by 'sshd'"
+ - interface: "{{ admin_oc_net_interface }}"
+ port: 161
+ proto: udp
+ comment: "hint: used by 'snmpd'"
+ - interface: "{{ admin_oc_net_interface }}"
+ port: 5665
+ proto: tcp
+ comment: "hint: used by 'icinga2'"
+ - interface: "{{ internal_net_interface }}"
+ port: 8022
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "hint: used by 'sshd' in docker container 'nova_ssh'"
+ - interface: "{{ internal_net_interface }}"
+ port: 9100
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "hint: used by 'node_exporter' in docker container 'prometheus_node_exporter'"
+ - interface: "{{ internal_net_interface }}"
+ port: 9177
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "hint: used by 'libvirt_exporte' in docker container 'prometheus_libvirt_exporter'"
+ - interface: "{{ internal_net_interface }}"
+ port: 16509
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "hint: used by 'libvirtd' in docker container 'nova_libvirt'"
+ - interface: "{{ internal_net_name | net_interface }}"
+ port: 9197
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "hint: used by 'mtail' in docker container 'prometheus_mtail'"
+ - interface: "{{ internal_net_name | net_interface }}"
+ port: 10000:20000
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "Nova serial console proxy"
+ - interface: "{{ internal_net_name | net_interface }}"
+ port: 18080
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "hint: used by 'cadvisor' in docker container 'prometheus_cadvisor'"
+ - interface: "{{ internal_net_name | net_interface }}"
+ port: 49152:49215
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "Nova live migration"
+ - interface: "{{ internal_net_name | net_interface }}"
+ port: 5900:6000
+ proto: tcp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "libvirt serial consoles"
+ - interface: "docker0"
+ port: 123
+ proto: udp
+ destination: "172.17.0.1"
+ comment: "hint: used by 'ntpd'"
+ - interface: "lo"
+ port: 123
+ proto: udp
+ destination: "127.0.0.1"
+ comment: "hint: used by 'ntpd'"
+ - interface: "lo"
+ port: 323
+ proto: udp
+ destination: "127.0.0.1"
+ comment: "hint: used by 'chronyd' in docker container 'chrony'"
+ - interface: "lo"
+ port: 5140
+ proto: udp
+ destination: "127.0.0.1"
+ comment: "hint: used by 'fluentd' in docker container 'fluentd'"
+ - interface: "{{ internal_net_interface }}"
+ port: 123
+ proto: udp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "hint: used by 'ntpd'"
+ - interface: "{{ internal_net_interface }}"
+ port: 5140
+ proto: udp
+ destination: "{{ internal_net_name | net_ip }}"
+ comment: "hint: used by 'fluentd' in docker container 'fluentd'"
+ - interface: "{{ tunnel_net_name | net_interface }}"
+ port: 4789
+ proto: udp
+ destination: "{{ tunnel_net_name | net_ip }}"
+ comment: "required for VXLANs to work"
diff --git a/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/firewallgen b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/firewallgen
new file mode 100644
index 000000000..7a74be75f
--- /dev/null
+++ b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/firewallgen
@@ -0,0 +1,53 @@
+---
+
+firewallgen_libvirt_serial_console_range_start: 5900
+firewallgen_libvirt_serial_console_range_end: 6000
+
+firewallgen_libvirt_serial_console_proxy_range_start: 10000
+firewallgen_libvirt_serial_console_proxy_range_end: 20000
+
+firewallgen_nova_migrate_range_start: 49152
+firewallgen_nova_migrate_range_end: 49215
+
+firewallgen_ipv4_input_allow_rewrite_rules_compute:
+ # systemd socket activation for portmapper service
+ - '. | map(select(.port != 111))'
+ # drop 4789 and add explictly it the custom_rules_extra
+ - '. | map(select(.port != 4789))'
+ # libvirt serial console range is added explictly (see below)
+ - >-
+ . | map(select(.port < {{ firewallgen_libvirt_serial_console_range_start }} or
+ .port > {{ firewallgen_libvirt_serial_console_range_end }} ))
+
+firewallgen_ipv4_input_allow_rewrite_rules: >
+ {{ firewallgen_ipv4_input_allow_rewrite_rules_compute +
+ firewallgen_ipv4_input_allow_rewrite_rules_all }}
+
+firewallgen_ipv4_input_allow_custom_rules_extra:
+ # Libvirt serial consoles, based on:
+ # https://blog.scottlowe.org/2013/09/10/adjusting-vnc-console-access-via-libvirt-xml/
+ # https://libvirt.org/git/?p=libvirt.git;a=blob;f=src/qemu/qemu.conf#l387
+ - interface: "{{ firewallgen_interface_tmpl % 'internal_net_name' }}"
+ port: "{{ firewallgen_libvirt_serial_console_range_start }}:{{ firewallgen_libvirt_serial_console_range_end }}"
+ proto: tcp
+ destination: "{% raw %}{{ internal_net_name | net_ip }}{% endraw %}"
+ comment: libvirt serial consoles
+
+ # QEMU-KVM domains bind serial console proxy to this port range, logging console to file
+ - interface: "{{ firewallgen_interface_tmpl % 'internal_net_name' }}"
+ port: "{{ firewallgen_libvirt_serial_console_proxy_range_start }}:{{ firewallgen_libvirt_serial_console_proxy_range_end }}"
+ proto: tcp
+ destination: "{% raw %}{{ internal_net_name | net_ip }}{% endraw %}"
+ comment: Nova serial console proxy
+
+ - interface: "{{ firewallgen_interface_tmpl % 'tunnel_net_name' }}"
+ destination: "{% raw %}{{ tunnel_net_name | net_ip }}{% endraw %}"
+ port: 4789
+ proto: udp
+ comment: required for VXLANs to work
+
+ - interface: "{{ firewallgen_interface_tmpl % 'internal_net_name' }}"
+ port: "{{ firewallgen_nova_migrate_range_start }}:{{ firewallgen_nova_migrate_range_end }}"
+ proto: tcp
+ destination: "{% raw %}{{ internal_net_name | net_ip }}{% endraw %}"
+ comment: Nova live migration
diff --git a/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/lvm b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/lvm
new file mode 100644
index 000000000..a6322a1ca
--- /dev/null
+++ b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/lvm
@@ -0,0 +1,2 @@
+---
+compute_group_lv_var_size: "3480g"
diff --git a/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/network-interfaces b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/network-interfaces
new file mode 100644
index 000000000..f20586556
--- /dev/null
+++ b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/network-interfaces
@@ -0,0 +1,22 @@
+---
+###############################################################################
+# Network interface definitions for the compute group.
+
+external_net_name_custom: admin_oc_net
+
+admin_oc_net_interface: bridge
+admin_oc_net_bridge_ports:
+ - eno12399np0
+admin_oc_net_bootproto: dhcp
+admin_oc_net_defroute: false
+admin_oc_net_routes:
+ - cidr: 0.0.0.0/0
+ gateway: 10.41.255.1
+
+internal_net_interface: "{{ admin_oc_net_interface }}.{{ internal_net_vlan }}"
+tunnel_net_interface: "{{ admin_oc_net_interface }}.{{ tunnel_net_vlan }}"
+storage_net_interface: "{{ admin_oc_net_interface }}.{{ storage_net_vlan }}"
+
+###############################################################################
+# Dummy variable to allow Ansible to accept this file.
+workaround_ansible_issue_8743: yes
diff --git a/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/network-interfaces.old b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/network-interfaces.old
new file mode 100644
index 000000000..675aa6105
--- /dev/null
+++ b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/network-interfaces.old
@@ -0,0 +1,23 @@
+---
+###############################################################################
+# Network interface definitions for the compute group.
+
+external_net_name_custom: br_net
+
+# Bridge interface
+br_net_interface: bridge
+br_net_bridge_ports:
+ - eno12399np0
+
+# Admin network IP information.
+admin_oc_net_interface: "{{ br_net_interface }}"
+admin_oc_net_gateway: "10.{{ admin_oc_net_vlan }}.255.1"
+
+# Overcloud networks on bond bridge
+internal_net_interface: "{{ br_net_interface }}.{{ internal_net_vlan }}"
+tunnel_net_interface: "{{ br_net_interface }}.{{ tunnel_net_vlan }}"
+storage_net_interface: "{{ br_net_interface }}.{{ storage_net_vlan }}"
+
+###############################################################################
+# Dummy variable to allow Ansible to accept this file.
+workaround_ansible_issue_8743: yes
diff --git a/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/sriov b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/sriov
new file mode 100644
index 000000000..c88f62a13
--- /dev/null
+++ b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/sriov
@@ -0,0 +1,7 @@
+---
+
+do_sriov: True
+sriov_udev_rule_path: "/etc/udev/rules.d/{{ primary_eth_interface }}.rules"
+
+old_eth_interface: "p4p2"
+primary_eth_interface: "eno12399np0"
diff --git a/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/tuning b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/tuning
new file mode 100644
index 000000000..9017da041
--- /dev/null
+++ b/etc/kayobe/inventory/group_vars/compute-rcp-pvc-ood-20250228/tuning
@@ -0,0 +1,4 @@
+---
+
+enable_nested_virt: false
+hugepages_1G_number: 992
diff --git a/etc/kayobe/kolla.yml b/etc/kayobe/kolla.yml
index 4d2fbd839..63e05ddd7 100644
--- a/etc/kayobe/kolla.yml
+++ b/etc/kayobe/kolla.yml
@@ -628,6 +628,7 @@ kolla_overcloud_inventory_top_level_group_map:
- compute-rcp-l40-20231102
- compute-rcp-internal-cclake-20240314
- compute-rcp-pvc-gpu-20240723
+ - compute-rcp-pvc-ood-20250228
- a100_gpu_xe8545_ska
- a100_gpu_xe8545_srcp
- a100_gpu_xe8545_iris
diff --git a/etc/kayobe/kolla/config/nova/nova-compute.conf b/etc/kayobe/kolla/config/nova/nova-compute.conf
index 4351cf1d5..16177c690 100644
--- a/etc/kayobe/kolla/config/nova/nova-compute.conf
+++ b/etc/kayobe/kolla/config/nova/nova-compute.conf
@@ -82,6 +82,9 @@ passthrough_whitelist = [{% for dev, physnet in sriov_physnet_mappings.items() %
{% elif inventory_hostname in groups['compute-iris-r860-himem-20250130'] and sriov_physnet_mappings is defined %}
passthrough_whitelist = [{% for dev, physnet in sriov_physnet_mappings.items() %}{{ (loop.index0 > 0)|ternary(',','') }}{ "devname": "{{ dev }}", "physical_network": "{{ physnet }}" }{% endfor %}]
+{% elif inventory_hostname in groups['compute-rcp-pvc-ood-20250228'] and sriov_physnet_mappings is defined %}
+passthrough_whitelist = [{% for dev, physnet in sriov_physnet_mappings.items() %}{{ (loop.index0 > 0)|ternary(',','') }}{ "devname": "{{ dev }}", "physical_network": "{{ physnet }}" }{% endfor %}]
+
{% elif inventory_hostname in groups['compute-lrs-srcp-cclake-20230707'] and sriov_physnet_mappings is defined %}
passthrough_whitelist = [{% for dev, physnet in sriov_physnet_mappings.items() %}{{ (loop.index0 > 0)|ternary(',','') }}{ "devname": "{{ dev }}", "physical_network": "{{ physnet }}" }{% endfor %}]
--
GitLab
From e4c2f53194ce2241be44e188de5b93d6760860db Mon Sep 17 00:00:00 2001
From: Kayobe Automation <kayobe-automation@example.org>
Date: Mon, 10 Mar 2025 14:31:59 +0000
Subject: [PATCH 3/3] Add config for ethsw-ar03-u37, tune Neutron RPC workers
and timeouts
---
.environment | 2 +-
.gitlab/config.d/50-environment.yml | 4 ++--
.../environments/production/inventory/overcloud | 1 +
.../production/kolla/config/neutron/ml2_conf.ini | 12 ++++++++++++
etc/kayobe/kolla/config/neutron/neutron-server.conf | 5 +++++
5 files changed, 21 insertions(+), 3 deletions(-)
create mode 100644 etc/kayobe/kolla/config/neutron/neutron-server.conf
diff --git a/.environment b/.environment
index c44e75e79..dcd5906e3 100644
--- a/.environment
+++ b/.environment
@@ -1 +1 @@
-production
+staging
diff --git a/.gitlab/config.d/50-environment.yml b/.gitlab/config.d/50-environment.yml
index c3daed618..724577156 100644
--- a/.gitlab/config.d/50-environment.yml
+++ b/.gitlab/config.d/50-environment.yml
@@ -1,6 +1,6 @@
variables:
- GITLAB_ENVIRONMENT: production
- KAYOBE_ENVIRONMENT: production
+ GITLAB_ENVIRONMENT: staging
+ KAYOBE_ENVIRONMENT: staging
.tags:
tags:
diff --git a/etc/kayobe/environments/production/inventory/overcloud b/etc/kayobe/environments/production/inventory/overcloud
index 382c56d77..273880774 100644
--- a/etc/kayobe/environments/production/inventory/overcloud
+++ b/etc/kayobe/environments/production/inventory/overcloud
@@ -805,6 +805,7 @@ ethsw-ar06-u23
ethsw-cr01-u40
ethsw-ar02-u15
ethsw-ar02-u20
+ethsw-ar03-u37
ethsw-ar04-u15
ethsw-ar04-u20
ethsw-ar05-u15
diff --git a/etc/kayobe/environments/production/kolla/config/neutron/ml2_conf.ini b/etc/kayobe/environments/production/kolla/config/neutron/ml2_conf.ini
index ac17eeab5..d66c9b9d8 100644
--- a/etc/kayobe/environments/production/kolla/config/neutron/ml2_conf.ini
+++ b/etc/kayobe/environments/production/kolla/config/neutron/ml2_conf.ini
@@ -22,6 +22,18 @@ acquire_timeout = 300
#ngs_max_connections = 1
#ngs_batch_requests = False
+[genericswitch:ethsw-ar03-u37]
+device_type = netmiko_dell_force10
+ip = 10.45.253.40
+username = arcus-ngs
+password = {{ secrets_arcus_ngs_switch_ssh_password }
+ngs_physical_networks = physnet1
+ngs_port_default_vlan = 610
+ngs_disable_inactive_ports = False
+ngs_max_connections = 1
+ngs_batch_requests = False
+ngs_manage_vlans = False
+
[genericswitch:ethsw-br15-u38]
device_type = netmiko_dell_force10
ip = 10.45.253.178
diff --git a/etc/kayobe/kolla/config/neutron/neutron-server.conf b/etc/kayobe/kolla/config/neutron/neutron-server.conf
new file mode 100644
index 000000000..51b74ec15
--- /dev/null
+++ b/etc/kayobe/kolla/config/neutron/neutron-server.conf
@@ -0,0 +1,5 @@
+[DEFAULT]
+api_workers = 5
+rpc_workers = 5
+rpc_response_timeout = 120
+rpc_state_report_workers = 5
--
GitLab