├── .github ├── create_bundle.sh ├── create_opm_index.sh ├── dependabot.yml └── workflows │ ├── build-osp-director-operator.yaml │ ├── golangci-lint.yaml │ └── release-osp-director-operator.yaml ├── .gitignore ├── .golangci.yaml ├── .pull_request_pipeline ├── Dockerfile ├── Dockerfile.agent ├── LICENSE ├── Makefile ├── OWNERS ├── PROJECT ├── README.md ├── api ├── shared │ ├── annotations.go │ ├── backup.go │ ├── common_funcs.go │ ├── common_types.go │ ├── condition_types.go │ ├── conditions.go │ ├── labels.go │ ├── net.go │ ├── osp.go │ └── zz_generated.deepcopy.go ├── v1beta1 │ ├── common_backup.go │ ├── common_macaddress.go │ ├── common_openstackbaremetalset.go │ ├── common_openstackcontrolplane.go │ ├── common_openstacknet.go │ ├── common_openstacknet_test.go │ ├── common_provisionserver.go │ ├── common_types.go │ ├── common_webhook.go │ ├── groupversion_info.go │ ├── openstackbackup_types.go │ ├── openstackbackuprequest_types.go │ ├── openstackbackuprequest_webhook.go │ ├── openstackbaremetalset_types.go │ ├── openstackbaremetalset_webhook.go │ ├── openstackclient_types.go │ ├── openstackclient_webhook.go │ ├── openstackconfiggenerator_types.go │ ├── openstackconfiggenerator_webhook.go │ ├── openstackconfigversion_types.go │ ├── openstackcontrolplane_types.go │ ├── openstackdeploy_types.go │ ├── openstackdeploy_webhook.go │ ├── openstackephemeralheat_types.go │ ├── openstackephemeralheat_webhook.go │ ├── openstackipset_types.go │ ├── openstackipset_webhook.go │ ├── openstackmacaddress_types.go │ ├── openstacknet_types.go │ ├── openstacknet_webhook.go │ ├── openstacknetattachment_types.go │ ├── openstacknetattachment_webhook.go │ ├── openstacknetconfig_types.go │ ├── openstacknetconfig_webhook.go │ ├── openstackprovisionserver_types.go │ ├── openstackprovisionserver_webhook.go │ ├── openstackvmset_types.go │ ├── webhook_suite_test.go │ └── zz_generated.deepcopy.go └── v1beta2 │ ├── common_openstackcontrolplane.go │ ├── common_types.go │ ├── common_webhook.go │ ├── groupversion_info.go │ ├── openstackbackup_types.go │ ├── openstackbackup_webhook.go │ ├── openstackcontrolplane_types.go │ ├── openstackcontrolplane_webhook.go │ ├── openstackvmset_types.go │ ├── openstackvmset_webhook.go │ ├── webhook_suite_test.go │ └── zz_generated.deepcopy.go ├── bundle.Dockerfile ├── config ├── certmanager │ ├── certificate.yaml │ ├── kustomization.yaml │ └── kustomizeconfig.yaml ├── crd │ ├── bases │ │ ├── osp-director.openstack.org_openstackbackuprequests.yaml │ │ ├── osp-director.openstack.org_openstackbackups.yaml │ │ ├── osp-director.openstack.org_openstackbaremetalsets.yaml │ │ ├── osp-director.openstack.org_openstackclients.yaml │ │ ├── osp-director.openstack.org_openstackconfiggenerators.yaml │ │ ├── osp-director.openstack.org_openstackconfigversions.yaml │ │ ├── osp-director.openstack.org_openstackcontrolplanes.yaml │ │ ├── osp-director.openstack.org_openstackdeploys.yaml │ │ ├── osp-director.openstack.org_openstackephemeralheats.yaml │ │ ├── osp-director.openstack.org_openstackipsets.yaml │ │ ├── osp-director.openstack.org_openstackmacaddresses.yaml │ │ ├── osp-director.openstack.org_openstacknetattachments.yaml │ │ ├── osp-director.openstack.org_openstacknetconfigs.yaml │ │ ├── osp-director.openstack.org_openstacknets.yaml │ │ ├── osp-director.openstack.org_openstackprovisionservers.yaml │ │ └── osp-director.openstack.org_openstackvmsets.yaml │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── patches │ │ ├── cainjection_in_openstackbackuprequests.yaml │ │ ├── cainjection_in_openstackbackups.yaml │ │ ├── cainjection_in_openstackbaremetalsets.yaml │ │ ├── cainjection_in_openstackclients.yaml │ │ ├── cainjection_in_openstackconfiggenerators.yaml │ │ ├── cainjection_in_openstackconfigversions.yaml │ │ ├── cainjection_in_openstackcontrolplanes.yaml │ │ ├── cainjection_in_openstackdeploys.yaml │ │ ├── cainjection_in_openstackephemeralheats.yaml │ │ ├── cainjection_in_openstackipsets.yaml │ │ ├── cainjection_in_openstackmacaddresses.yaml │ │ ├── cainjection_in_openstacknetattachments.yaml │ │ ├── cainjection_in_openstacknetconfigs.yaml │ │ ├── cainjection_in_openstacknets.yaml │ │ ├── cainjection_in_openstackprovisionservers.yaml │ │ ├── cainjection_in_openstackvmsets.yaml │ │ ├── webhook_in_openstackbackuprequests.yaml │ │ ├── webhook_in_openstackbackups.yaml │ │ ├── webhook_in_openstackbaremetalsets.yaml │ │ ├── webhook_in_openstackclients.yaml │ │ ├── webhook_in_openstackconfiggenerators.yaml │ │ ├── webhook_in_openstackconfigversions.yaml │ │ ├── webhook_in_openstackcontrolplanes.yaml │ │ ├── webhook_in_openstackdeploys.yaml │ │ ├── webhook_in_openstackephemeralheats.yaml │ │ ├── webhook_in_openstackipsets.yaml │ │ ├── webhook_in_openstackmacaddresses.yaml │ │ ├── webhook_in_openstacknetattachments.yaml │ │ ├── webhook_in_openstacknetconfigs.yaml │ │ ├── webhook_in_openstacknets.yaml │ │ ├── webhook_in_openstackprovisionservers.yaml │ │ └── webhook_in_openstackvmsets.yaml ├── default │ ├── kustomization.yaml │ ├── manager_auth_proxy_patch.yaml │ ├── manager_config_patch.yaml │ ├── manager_default_images_16.2.yaml │ ├── manager_default_images_17.0.yaml │ ├── manager_default_images_17.1.yaml │ ├── manager_webhook_patch.yaml │ └── webhookcainjection_patch.yaml ├── manager │ ├── controller_manager_config.yaml │ ├── kustomization.yaml │ └── manager.yaml ├── manifests │ ├── bases │ │ └── osp-director-operator.clusterserviceversion.yaml │ └── kustomization.yaml ├── prometheus │ ├── kustomization.yaml │ └── monitor.yaml ├── rbac │ ├── auth_proxy_client_clusterrole.yaml │ ├── auth_proxy_role.yaml │ ├── auth_proxy_role_binding.yaml │ ├── auth_proxy_service.yaml │ ├── baremetalset_editor_role.yaml │ ├── baremetalset_viewer_role.yaml │ ├── cluster_role_binding.yaml │ ├── controlplane_editor_role.yaml │ ├── controlplane_viewer_role.yaml │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── openstackbackup_editor_role.yaml │ ├── openstackbackup_viewer_role.yaml │ ├── openstackbackuprequest_editor_role.yaml │ ├── openstackbackuprequest_viewer_role.yaml │ ├── openstackclient_editor_role.yaml │ ├── openstackclient_viewer_role.yaml │ ├── openstackconfiggenerator_editor_role.yaml │ ├── openstackconfiggenerator_viewer_role.yaml │ ├── openstackconfigversion_editor_role.yaml │ ├── openstackconfigversion_viewer_role.yaml │ ├── openstackcontrolplane_editor_role.yaml │ ├── openstackcontrolplane_viewer_role.yaml │ ├── openstackdeploy_editor_role.yaml │ ├── openstackdeploy_viewer_role.yaml │ ├── openstackephemeralheat_editor_role.yaml │ ├── openstackephemeralheat_viewer_role.yaml │ ├── openstackipset_editor_role.yaml │ ├── openstackipset_viewer_role.yaml │ ├── openstackmacaddress_editor_role.yaml │ ├── openstackmacaddress_viewer_role.yaml │ ├── openstacknet_editor_role.yaml │ ├── openstacknet_viewer_role.yaml │ ├── openstacknetattachment_editor_role.yaml │ ├── openstacknetattachment_viewer_role.yaml │ ├── openstacknetconfig_editor_role.yaml │ ├── openstacknetconfig_viewer_role.yaml │ ├── openstackprovisionserver_editor_role.yaml │ ├── openstackprovisionserver_viewer_role.yaml │ ├── openstackvmset_editor_role.yaml │ ├── openstackvmset_viewer_role.yaml │ ├── role.yaml │ ├── role_binding.yaml │ └── service_account.yaml ├── samples │ ├── kustomization.yaml │ ├── osp-director_v1beta1_openstackbackup.yaml │ ├── osp-director_v1beta1_openstackbackuprequest.yaml │ ├── osp-director_v1beta1_openstackbaremetalset.yaml │ ├── osp-director_v1beta1_openstackclient.yaml │ ├── osp-director_v1beta1_openstackconfiggenerator.yaml │ ├── osp-director_v1beta1_openstackconfigversion.yaml │ ├── osp-director_v1beta1_openstackcontrolplane.yaml │ ├── osp-director_v1beta1_openstackcontrolplane_single_net.yaml │ ├── osp-director_v1beta1_openstackcontrolplane_with_additional_custom_role.yaml │ ├── osp-director_v1beta1_openstackdeploy.yaml │ ├── osp-director_v1beta1_openstackephemeralheat.yaml │ ├── osp-director_v1beta1_openstackipset.yaml │ ├── osp-director_v1beta1_openstackmacaddress.yaml │ ├── osp-director_v1beta1_openstacknet.yaml │ ├── osp-director_v1beta1_openstacknet_ctlplane.yaml │ ├── osp-director_v1beta1_openstacknet_external.yaml │ ├── osp-director_v1beta1_openstacknet_internalapi.yaml │ ├── osp-director_v1beta1_openstacknet_internalapi_routes.yaml │ ├── osp-director_v1beta1_openstacknet_sriov.yaml │ ├── osp-director_v1beta1_openstacknet_storage.yaml │ ├── osp-director_v1beta1_openstacknet_storagemgmt.yaml │ ├── osp-director_v1beta1_openstacknet_tenant.yaml │ ├── osp-director_v1beta1_openstacknetattachment.yaml │ ├── osp-director_v1beta1_openstacknetconfig.yaml │ ├── osp-director_v1beta1_openstacknetconfig_multi_subnet.yaml │ ├── osp-director_v1beta1_openstacknetconfig_single_net.yaml │ ├── osp-director_v1beta1_openstacknetconfig_single_net_ipv6.yaml │ ├── osp-director_v1beta1_openstackprovisionserver.yaml │ ├── osp-director_v1beta1_openstackvmset.yaml │ ├── osp-director_v1beta2_openstackbackup.yaml │ ├── osp-director_v1beta2_openstackcontrolplane.yaml │ ├── osp-director_v1beta2_openstackcontrolplane_single_net.yaml │ ├── osp-director_v1beta2_openstackvmset.yaml │ └── patches │ │ ├── openstackcontrolplane_base_image_volume_name_patch.yaml │ │ └── openstackcontrolplane_controller_count_patch.yaml ├── scorecard │ ├── bases │ │ └── config.yaml │ ├── kustomization.yaml │ └── patches │ │ ├── basic.config.yaml │ │ └── olm.config.yaml └── webhook │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ ├── manifests.yaml │ └── service.yaml ├── containers ├── agent │ ├── build.sh │ ├── deploy.go │ ├── main.go │ ├── provision_ip_discovery.go │ └── version.go └── image_downloader │ ├── Dockerfile │ └── entrypoint.sh ├── controllers ├── openstackbackup_controller.go ├── openstackbackuprequest_controller.go ├── openstackbaremetalset_controller.go ├── openstackclient_controller.go ├── openstackconfiggenerator_controller.go ├── openstackconfigversion_controller.go ├── openstackcontrolplane_controller.go ├── openstackdeploy_controller.go ├── openstackephemeralheat_controller.go ├── openstackipset_controller.go ├── openstackmacaddress_controller.go ├── openstacknet_controller.go ├── openstacknetattachment_controller.go ├── openstacknetconfig_controller.go ├── openstackprovisionserver_controller.go ├── openstackvmset_controller.go └── suite_test.go ├── docs ├── README-architecture.md ├── README-baremetal-provisioning.md ├── README-osp-update.md ├── RELEASE-techpreview.md ├── arch.png └── crds.png ├── go.mod ├── go.sum ├── hack └── boilerplate.go.txt ├── kuttl-test.yaml ├── main.go ├── pkg ├── baremetalset │ └── const.go ├── bindata_util │ ├── apply.go │ ├── merge.go │ └── render.go ├── common │ ├── affinity.go │ ├── configmap.go │ ├── const.go │ ├── env.go │ ├── fencing.go │ ├── fencing_test.go │ ├── funcs.go │ ├── hash.go │ ├── hostname.go │ ├── ipam.go │ ├── job_util.go │ ├── labels.go │ ├── log.go │ ├── map.go │ ├── network.go │ ├── passwords.go │ ├── pod.go │ ├── pvc.go │ ├── reconciler.go │ ├── replicaset.go │ ├── secret.go │ ├── service.go │ ├── ssh.go │ ├── string.go │ ├── template_util.go │ ├── virtualmachine.go │ └── volume.go ├── controlplane │ ├── configmap.go │ ├── const.go │ └── funcs.go ├── nmstate │ └── funcs.go ├── openstackbackup │ └── funcs.go ├── openstackclient │ ├── const.go │ └── volumes.go ├── openstackconfiggenerator │ ├── configmap.go │ ├── const.go │ ├── export.go │ ├── job.go │ └── volumes.go ├── openstackconfigversion │ └── git_util.go ├── openstackdeploy │ ├── configmap.go │ ├── const.go │ └── job.go ├── openstackephemeralheat │ ├── const.go │ ├── heat.go │ ├── mariadb.go │ ├── rabbitmq.go │ └── secret.go ├── openstackipset │ └── funcs.go ├── openstackmacaddress │ ├── const.go │ └── funcs.go ├── openstacknet │ ├── const.go │ ├── funcs.go │ └── sriov.go ├── openstacknetattachment │ ├── const.go │ ├── funcs.go │ └── sriov.go ├── openstacknetconfig │ ├── const.go │ └── funcs.go ├── provisionserver │ ├── const.go │ ├── initcontainer.go │ ├── version.go │ └── volumes.go └── vmset │ ├── const.go │ └── virtualmachine.go ├── scripts ├── baremetalset_cleanup_stale_entries.sh ├── build_and_push_images.sh ├── clean-olm.sh ├── customize_staged_images.sh ├── deploy-with-olm.sh └── stage_downstream_rebase.sh ├── templates ├── baremetalset │ └── cloudinit │ │ ├── networkdata │ │ └── userdata ├── openstackclient │ └── bin │ │ ├── ansible-inventory │ │ ├── init.sh │ │ ├── kolla_config.json │ │ ├── kolla_config_init.json │ │ ├── tripleo-deploy-term.sh │ │ ├── tripleo-deploy.sh │ │ └── tripleo-export-ceph ├── openstackconfiggenerator │ ├── bin │ │ ├── create-playbooks.sh │ │ ├── process-heat-environment.py │ │ └── process-roles.py │ └── config │ │ ├── 16.2 │ │ ├── network_data.yaml │ │ ├── nic │ │ │ └── net-config-multi-nic.role.j2.yaml │ │ └── rendered-tripleo-config.yaml │ │ ├── 17.0 │ │ ├── network_data.yaml │ │ ├── nic │ │ │ └── multiple_nics_dvr.j2 │ │ └── rendered-tripleo-config.yaml │ │ ├── 17.1 │ │ └── common │ │ └── fencing.yaml ├── openstackcontrolplane │ └── config │ │ └── tripleo-overcloud-passwords.yaml ├── openstackephemeralheat │ └── bin │ │ ├── galera.cnf │ │ ├── heat.conf │ │ ├── heat_config.json │ │ ├── heat_empty.conf │ │ ├── heat_engine_config.json │ │ ├── heat_paste.ini │ │ ├── heat_token.json │ │ ├── mariadb_config.json │ │ ├── mariadb_init.sh │ │ ├── mariadb_init_config.json │ │ ├── rabbitmq-env.conf │ │ ├── rabbitmq.config │ │ └── rabbitmq_config.json ├── openstackprovisionserver │ └── config │ │ ├── httpd.conf │ │ └── mime.types └── vmset │ ├── cloudinit │ ├── networkdata │ └── userdata │ └── fencing-kubeconfig │ └── fencing-kubeconfig └── tests └── kuttl ├── common ├── manifests │ ├── git-secret.yaml │ ├── osp-controlplane-ssh-keys.yaml │ └── userpassword.yaml ├── scripts │ ├── add_bmh.sh │ ├── delete_bmh.sh │ └── prep.sh └── tests │ ├── 00-prep.yaml │ ├── create_openstackcontrolplane-assert.yaml │ ├── create_openstackcontrolplane.yaml │ ├── create_openstackcontrolplane_single_net-assert.yaml │ ├── create_openstackcontrolplane_single_net.yaml │ ├── create_openstackcontrolplane_single_net_ipv6-assert.yaml │ ├── create_openstacknetconfig-assert.yaml │ ├── create_openstacknetconfig.yaml │ ├── create_openstacknetconfig_single_net-assert.yaml │ ├── create_openstacknetconfig_single_net.yaml │ ├── create_openstacknetconfig_single_net_ipv6-assert.yaml │ ├── create_openstacknetconfig_single_net_ipv6.yaml │ ├── scale_down_openstackcontrolplane_single_controller-assert.yaml │ ├── scale_down_openstackcontrolplane_single_controller-errors.yaml │ ├── scale_down_openstackcontrolplane_single_controller.yaml │ ├── scale_up_openstackcontrolplane_3_controllers-assert.yaml │ ├── scale_up_openstackcontrolplane_3_controllers.yaml │ ├── scale_up_openstackcontrolplane_single_controller.yaml │ ├── scale_up_openstackcontrolplane_single_controller_single_net-assert.yaml │ └── scale_up_openstackcontrolplane_single_controller_single_net_ipv6-assert.yaml └── tests ├── openstackbackuprequest_save_restore ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig.yaml ├── 02-assert.yaml ├── 02-create_remaining_resources.yaml ├── 03-assert.yaml ├── 03-create_backup_request.yaml ├── 03-errors.yaml ├── 04-assert.yaml ├── 04-errors.yaml ├── 05-assert.yaml ├── 05-create_restore_backup_request.yaml ├── 05-errors.yaml ├── 06-assert.yaml ├── 07-assert.yaml ├── 07-restart_metal3.yaml └── README.md ├── openstackbaremetalset_scale ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig.yaml ├── 02-assert.yaml ├── 02-create_openstackcontrolplane.yaml ├── 03-assert.yaml ├── 03-create_openstackbaremetalset.yaml ├── 04-assert.yaml ├── 04-scale_up_openstackbaremetalset.yaml ├── 05-check_openstackbaremetalset_connectivity.yaml ├── 06-assert.yaml ├── 06-scale_down_openstackbaremetalset.yaml ├── 07-assert.yaml ├── 07-errors.yaml ├── 08-assert.yaml ├── 08-scale_up_openstackbaremetalset.yaml ├── 09-assert.yaml ├── 09-delete_one_bmh.yaml ├── 10-assert.yaml ├── 10-errors.yaml ├── 10-scale_down_openstackbaremetalset.yaml ├── 11-assert.yaml ├── 11-errors.yaml ├── 11-scale_up_openstackbaremetalset.yaml ├── 12-add-one-bmh.yaml ├── 12-assert.yaml ├── 13-assert.yaml ├── 13-delete_openstackbaremetalset.yaml ├── 13-errors.yaml └── README.md ├── openstackcontrolplane_cpu_ram_scale ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig_single_net.yaml ├── 02-assert.yaml ├── 02-create_openstackcontrolplane_single_net.yaml ├── 03-assert.yaml ├── 03-scale_up_openstackcontrolplane.yaml ├── 04-assert.yaml ├── 05-assert.yaml ├── 05-increase_cpu_and_ram.yaml └── README.md ├── openstackcontrolplane_scale ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig.yaml ├── 02-assert.yaml ├── 02-create_openstackcontrolplane.yaml ├── 03-assert.yaml ├── 03-scale_up_openstackcontrolplane.yaml ├── 04-check_openstackcontrolplane_connectivity.yaml ├── 05-assert.yaml ├── 05-errors.yaml ├── 05-scale_down_openstackcontrolplane.yaml ├── 06-assert.yaml ├── 06-scale_up_openstackcontrolplane.yaml ├── 07-assert.yaml ├── 07-delete_openstackcontrolplane.yaml ├── 07-errors.yaml └── README.md ├── openstacknetconfig_cleanup_nncp ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig.yaml ├── 02-assert.yaml ├── 02-delete_openstacknet.yaml ├── 02-errors.yaml └── README.md ├── openstacknetconfig_error_validation ├── 00-prep.yaml ├── 01-create_osnet_webhook_validation.yaml ├── 01-errors.yaml ├── osp-director_v1beta1_openstacknetconfig_ipv4_and_ipv6_subnet.yaml ├── osp-director_v1beta1_openstacknetconfig_ipv4_mix_ipv6_details.yaml ├── osp-director_v1beta1_openstacknetconfig_ipv4_outside_range.yaml ├── osp-director_v1beta1_openstacknetconfig_ipv6_in_ipv4.yaml └── osp-director_v1beta1_openstacknetconfig_no_ctlplane_net.yaml ├── openstacknetconfig_immutable_bridge_name ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig.yaml ├── 02-assert.yaml ├── 02-change_openstacknet_bridge_name.yaml └── README.md ├── openstacknetconfig_ip_reservation_ipv4 ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig_single_net.yaml ├── 02-assert.yaml ├── 02-create_openstackcontrolplane_single_net.yaml ├── 03-assert.yaml ├── 03-scale_up_openstackcontrolplane.yaml ├── 04-add_static_reservation.yaml ├── 04-assert.yaml ├── 05-assert.yaml ├── 05-webhook_validations.yaml ├── 06-add_second_reservation.yaml ├── 06-assert.yaml ├── 07-assert.yaml ├── 07-scale_up_openstackcontrolplane.yaml ├── 08-assert.yaml ├── 08-errors.yaml ├── 08-scale_down_openstackcontrolplane.yaml ├── 09-assert.yaml ├── 09-switch_preserveReservations_off.yaml ├── 10-add_network.yaml ├── 10-assert.yaml ├── 11-add_network_to_vmrole.yaml ├── 11-assert.yaml ├── 12-assert.yaml ├── 12-delete_openstackcontrolplane.yaml ├── 12-errors.yaml └── README.md ├── openstacknetconfig_ip_reservation_ipv6 ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig_single_net.yaml ├── 02-assert.yaml ├── 02-create_openstackcontrolplane_single_net.yaml ├── 03-assert.yaml ├── 03-scale_up_openstackcontrolplane.yaml ├── 04-add_static_reservation.yaml ├── 04-assert.yaml ├── 05-assert.yaml ├── 05-webhook_validations.yaml ├── 06-add_second_reservation.yaml ├── 06-assert.yaml ├── 07-assert.yaml ├── 07-scale_up_openstackcontrolplane.yaml ├── 08-assert.yaml ├── 08-errors.yaml ├── 08-scale_down_openstackcontrolplane.yaml ├── 09-assert.yaml ├── 09-switch_preserveReservations_off.yaml ├── 10-add_network.yaml ├── 10-assert.yaml ├── 11-add_network_to_vmrole.yaml ├── 11-assert.yaml ├── 12-assert.yaml ├── 12-delete_openstackcontrolplane.yaml ├── 12-errors.yaml └── README.md ├── openstackprovisionserver_unique_port ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig.yaml ├── 02-assert.yaml ├── 02-create_openstackprovisionserver.yaml ├── 03-assert.yaml ├── 03-create_openstackprovisionserver.yaml ├── 04-create_openstackprovisionserver.yaml ├── 04-errors.yaml ├── 05-assert.yaml ├── 05-create_openstackcontrolplane.yaml ├── 06-assert.yaml ├── 06-create_openstackbaremetalset.yaml ├── 07-assert.yaml ├── 07-create_openstackbaremetalset.yaml └── README.md ├── ovnBridgeMacMappings ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig_single_net.yaml ├── 02-add_static_reservation.yaml ├── 02-assert.yaml ├── 03-assert.yaml ├── 03-webhook_validations.yaml ├── 04-add_second_reservation.yaml ├── 04-assert.yaml ├── 05-assert.yaml ├── 05-create_openstackcontrolplane_single_net.yaml ├── 06-assert.yaml ├── 06-scale_up_openstackcontrolplane.yaml ├── 07-assert.yaml ├── 07-errors.yaml ├── 07-scale_down_openstackcontrolplane.yaml ├── 08-assert.yaml ├── 08-switch_preserveReservations_off.yaml ├── 09-add_physnet.yaml ├── 09-assert.yaml └── README.md └── unique_role_name ├── 00-prep.yaml ├── 01-assert.yaml ├── 01-create_openstacknetconfig.yaml ├── 02-assert.yaml ├── 02-create_openstackcontrolplane.yaml ├── 03-assert.yaml ├── 03-create-openstackvmset.yaml ├── 04-create-openstackvmset.yaml ├── 04-errors.yaml ├── 05-create_openstackbaremetalset.yaml ├── 05-errors.yaml ├── 06-assert.yaml ├── 06-create_openstackbaremetalset.yaml ├── 07-assert.yaml ├── 07-change_openstackvmset_role_name.yaml └── README.md /.github/create_opm_index.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | echo "Creating OSP director operator index image" 5 | echo "${REGISTRY}" 6 | echo "${GITHUB_SHA_TAG}" 7 | echo "${INDEX_IMAGE}" 8 | echo "${INDEX_IMAGE_TAG}" 9 | echo "${BUNDLE_IMAGE}" 10 | 11 | echo "opm index add --bundles ${REGISTRY}/${BUNDLE_IMAGE}:${GITHUB_SHA_TAG} --tag ${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA_TAG} -u podman --pull-tool podman" 12 | opm index add --bundles "${REGISTRY}/${BUNDLE_IMAGE}:${GITHUB_SHA_TAG}" --tag "${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA_TAG}" -u podman --pull-tool podman 13 | 14 | echo "podman tag ${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA_TAG} ${REGISTRY}/${INDEX_IMAGE}:${INDEX_IMAGE_TAG}" 15 | podman tag "${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA_TAG}" "${REGISTRY}/${INDEX_IMAGE}:${INDEX_IMAGE_TAG}" 16 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | /bin/ 8 | testbin 9 | manager 10 | 11 | # Test binary, build with `go test -c` 12 | *.test 13 | testbin 14 | 15 | # Common CI tools repository 16 | CI_TOOLS_REPO 17 | 18 | # Output of the go coverage tool, specifically when used with LiteIDE 19 | *.out 20 | 21 | # Kuttl artifacts 22 | kubeconfig 23 | kuttl-test.json 24 | 25 | # Kubernetes Generated files - skip generated files, except for vendored files 26 | !vendor/**/zz_generated.* 27 | /bundle/ 28 | config/manager/kustomization.yaml 29 | config/default/manager_default_images.yaml 30 | 31 | # editor and IDE paraphernalia 32 | .idea 33 | *.swp 34 | *.swo 35 | *~ 36 | -------------------------------------------------------------------------------- /.golangci.yaml: -------------------------------------------------------------------------------- 1 | linters: 2 | # Enable specific linter 3 | # https://golangci-lint.run/usage/linters/#enabled-by-default 4 | enable: 5 | - errorlint 6 | - revive 7 | - gofmt 8 | - govet 9 | linters-settings: 10 | revive: 11 | rules: 12 | # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#unused-parameter 13 | - name: unused-parameter 14 | severity: warning 15 | disabled: true 16 | run: 17 | timeout: 5m 18 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - abays 3 | - dprince 4 | - olliewalsh 5 | - stuggi 6 | 7 | reviewers: 8 | - abays 9 | - dprince 10 | - olliewalsh 11 | - stuggi 12 | 13 | -------------------------------------------------------------------------------- /api/shared/annotations.go: -------------------------------------------------------------------------------- 1 | package shared 2 | 3 | const ( 4 | // HostRemovalAnnotation - Annotation key placed on VM or BMH resources to target them for scale-down 5 | HostRemovalAnnotation = "osp-director.openstack.org/delete-host" 6 | ) 7 | -------------------------------------------------------------------------------- /api/shared/common_funcs.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package shared 18 | 19 | // MergeStringMaps - merge two or more string->map maps 20 | func MergeStringMaps(baseMap map[string]string, extraMaps ...map[string]string) map[string]string { 21 | InitMap(&baseMap) 22 | 23 | for _, extraMap := range extraMaps { 24 | for key, value := range extraMap { 25 | baseMap[key] = value 26 | } 27 | } 28 | 29 | return baseMap 30 | } 31 | 32 | // InitMap - Inititialise a map to an empty map if it is nil. 33 | func InitMap(m *map[string]string) { 34 | if *m == nil { 35 | *m = make(map[string]string) 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /api/shared/net.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package shared 18 | 19 | import "net" 20 | 21 | // IsIPv4 checks if an IP is v4. 22 | func IsIPv4(ip net.IP) bool { 23 | return ip.To4() != nil 24 | } 25 | 26 | // IsIPv6 checks if an IP is v6. 27 | func IsIPv6(ip net.IP) bool { 28 | if IsIPv4(ip) { 29 | return false 30 | } 31 | 32 | return ip.To16() != nil 33 | } 34 | -------------------------------------------------------------------------------- /api/v1beta1/common_macaddress.go: -------------------------------------------------------------------------------- 1 | package v1beta1 2 | 3 | // Because webhooks *MUST* exist within the api/ package, we need to place common 4 | // functions here that might be used across different Kinds' webhooks 5 | 6 | // getAllMACReservations - get all MAC reservations in format MAC -> hostname 7 | func getAllMACReservations(macNodeStatus map[string]OpenStackMACNodeReservation) map[string]string { 8 | ret := make(map[string]string) 9 | for hostname, status := range macNodeStatus { 10 | for _, mac := range status.Reservations { 11 | ret[mac] = hostname 12 | } 13 | } 14 | return ret 15 | } 16 | 17 | // IsUniqMAC - check if the MAC address is uniq or already present in the reservations 18 | func IsUniqMAC(macNodeStatus map[string]OpenStackMACNodeReservation, mac string) bool { 19 | reservations := getAllMACReservations(macNodeStatus) 20 | if _, ok := reservations[mac]; !ok { 21 | return true 22 | } 23 | return false 24 | } 25 | -------------------------------------------------------------------------------- /bundle.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | 3 | # Core bundle labels. 4 | LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 5 | LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ 6 | LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ 7 | LABEL operators.operatorframework.io.bundle.package.v1=osp-director-operator 8 | LABEL operators.operatorframework.io.bundle.channels.v1=alpha 9 | LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.19.0+git 10 | LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 11 | LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3 12 | 13 | # Labels for testing. 14 | LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 15 | LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ 16 | 17 | # Copy files to locations specified by labels. 18 | COPY bundle/manifests /manifests/ 19 | COPY bundle/metadata /metadata/ 20 | COPY bundle/tests/scorecard /tests/scorecard/ 21 | -------------------------------------------------------------------------------- /config/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # The following manifests contain a self-signed issuer CR and a certificate CR. 2 | # More document can be found at https://docs.cert-manager.io 3 | # WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for 4 | # breaking changes 5 | apiVersion: cert-manager.io/v1alpha2 6 | kind: Issuer 7 | metadata: 8 | name: selfsigned-issuer 9 | namespace: system 10 | spec: 11 | selfSigned: {} 12 | --- 13 | apiVersion: cert-manager.io/v1alpha2 14 | kind: Certificate 15 | metadata: 16 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 17 | namespace: system 18 | spec: 19 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 20 | dnsNames: 21 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 22 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 23 | issuerRef: 24 | kind: Issuer 25 | name: selfsigned-issuer 26 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize 27 | -------------------------------------------------------------------------------- /config/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | group: apiextensions.k8s.io 8 | path: spec/conversion/webhookClientConfig/service/name 9 | 10 | namespace: 11 | - kind: CustomResourceDefinition 12 | group: apiextensions.k8s.io 13 | path: spec/conversion/webhookClientConfig/service/namespace 14 | create: false 15 | 16 | varReference: 17 | - path: metadata/annotations 18 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackbackuprequests.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstackbackuprequests.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackbackups.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstackbackups.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackbaremetalsets.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: openstackbaremetalsets.osp-director.openstack.org 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackclients.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: openstackclients.osp-director.openstack.org 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackconfiggenerators.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstackconfiggenerators.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackconfigversions.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstackconfigversions.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackcontrolplanes.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: openstackcontrolplanes.osp-director.openstack.org 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackdeploys.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstackdeploys.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackephemeralheats.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstackephemeralheats.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackipsets.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstackipsets.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackmacaddresses.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstackmacaddresses.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstacknetattachments.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstacknetattachments.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstacknetconfigs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | annotations: 6 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 7 | name: openstacknetconfigs.osp-director.openstack.org 8 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstacknets.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: openstacknets.osp-director.openstack.org 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackprovisionservers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: openstackprovisionservers.osp-director.openstack.org 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_openstackvmsets.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: openstackvmsets.osp-director.openstack.org 9 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackbackuprequests.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstackbackuprequests.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackbackups.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstackbackups.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackbaremetalsets.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: openstackbaremetalsets.osp-director.openstack.org 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackclients.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: openstackclients.osp-director.openstack.org 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackconfiggenerators.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstackconfiggenerators.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackconfigversions.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstackconfigversions.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackcontrolplanes.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: openstackcontrolplanes.osp-director.openstack.org 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackdeploys.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstackdeploys.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | conversionReviewVersions: 16 | - v1 17 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackephemeralheats.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstackephemeralheats.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackipsets.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstackipsets.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | conversionReviewVersions: 16 | - v1 17 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackmacaddresses.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstackmacaddresses.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstacknetattachments.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstacknetattachments.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | conversionReviewVersions: 16 | - v1 17 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstacknetconfigs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables a conversion webhook for the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | name: openstacknetconfigs.osp-director.openstack.org 6 | spec: 7 | conversion: 8 | strategy: Webhook 9 | webhook: 10 | clientConfig: 11 | service: 12 | namespace: system 13 | name: webhook-service 14 | path: /convert 15 | conversionReviewVersions: 16 | - v1 17 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstacknets.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: openstacknets.osp-director.openstack.org 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | conversionReviewVersions: 19 | - v1beta1 20 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackprovisionservers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: openstackprovisionservers.osp-director.openstack.org 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_openstackvmsets.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: openstackvmsets.osp-director.openstack.org 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch inject a sidecar container which is a HTTP proxy for the 2 | # controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: controller-manager 7 | namespace: system 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: kube-rbac-proxy 13 | image: quay.io/openstack-k8s-operators/kube-rbac-proxy:v0.16.0 14 | args: 15 | - "--secure-listen-address=0.0.0.0:8443" 16 | - "--upstream=http://127.0.0.1:8080/" 17 | - "--logtostderr=true" 18 | - "--v=0" 19 | ports: 20 | - containerPort: 8443 21 | protocol: TCP 22 | name: https 23 | - name: manager 24 | args: 25 | - "--health-probe-bind-address=:8081" 26 | - "--metrics-bind-address=127.0.0.1:8080" 27 | - "--leader-elect" 28 | -------------------------------------------------------------------------------- /config/default/manager_config_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | args: 12 | - "--config=controller_manager_config.yaml" 13 | volumeMounts: 14 | - name: manager-config 15 | mountPath: /controller_manager_config.yaml 16 | subPath: controller_manager_config.yaml 17 | volumes: 18 | - name: manager-config 19 | configMap: 20 | name: manager-config 21 | -------------------------------------------------------------------------------- /config/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 4343 13 | name: webhook-server 14 | protocol: TCP 15 | -------------------------------------------------------------------------------- /config/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: ValidatingWebhookConfiguration 5 | metadata: 6 | name: validating-webhook-configuration 7 | annotations: 8 | service.beta.openshift.io/inject-cabundle: "true" 9 | -------------------------------------------------------------------------------- /config/manager/controller_manager_config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 2 | kind: ControllerManagerConfig 3 | health: 4 | healthProbeBindAddress: :8081 5 | metrics: 6 | bindAddress: 127.0.0.1:8080 7 | webhook: 8 | port: 9443 9 | leaderElection: 10 | leaderElect: true 11 | resourceName: 576d6738.openstack.org 12 | -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | 4 | generatorOptions: 5 | disableNameSuffixHash: true 6 | 7 | configMapGenerator: 8 | - name: manager-config 9 | files: 10 | - controller_manager_config.yaml 11 | -------------------------------------------------------------------------------- /config/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: system 7 | --- 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | metadata: 11 | name: controller-manager 12 | namespace: system 13 | labels: 14 | control-plane: controller-manager 15 | spec: 16 | selector: 17 | matchLabels: 18 | control-plane: controller-manager 19 | replicas: 1 20 | template: 21 | metadata: 22 | annotations: 23 | kubectl.kubernetes.io/default-container: manager 24 | labels: 25 | control-plane: controller-manager 26 | spec: 27 | containers: 28 | - command: 29 | - /manager 30 | args: 31 | - --enable-leader-election 32 | image: controller:latest 33 | name: manager 34 | resources: 35 | limits: 36 | cpu: 500m 37 | memory: 2Gi 38 | requests: 39 | cpu: 100m 40 | memory: 512Mi 41 | terminationGracePeriodSeconds: 10 42 | -------------------------------------------------------------------------------- /config/manifests/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../default 3 | - ../samples 4 | - ../scorecard 5 | #patchesJson6902: 6 | #- target: 7 | # group: apps 8 | # version: v1 9 | # kind: Deployment 10 | # name: controller-manager 11 | # namespace: system 12 | # patch: |- 13 | # # Remove the manager container's "cert" volumeMount, since OLM will create and mount a set of certs. 14 | # # Update the indices in this path if adding or removing containers/volumeMounts in the manager's Deployment. 15 | # - op: remove 16 | # path: /spec/template/spec/containers/1/volumeMounts/0 17 | # # Remove the "cert" volume, since OLM will create and mount a set of certs. 18 | # # Update the indices in this path if adding or removing volumes in the manager's Deployment. 19 | # - op: remove 20 | # path: /spec/template/spec/volumes/0 21 | -------------------------------------------------------------------------------- /config/prometheus/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - monitor.yaml 3 | -------------------------------------------------------------------------------- /config/prometheus/monitor.yaml: -------------------------------------------------------------------------------- 1 | 2 | # Prometheus Monitor Service (Metrics) 3 | apiVersion: monitoring.coreos.com/v1 4 | kind: ServiceMonitor 5 | metadata: 6 | labels: 7 | control-plane: controller-manager 8 | name: controller-manager-metrics-monitor 9 | namespace: system 10 | spec: 11 | endpoints: 12 | - path: /metrics 13 | port: https 14 | scheme: https 15 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token 16 | tlsConfig: 17 | insecureSkipVerify: true 18 | selector: 19 | matchLabels: 20 | control-plane: controller-manager 21 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_client_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: metrics-reader 5 | rules: 6 | - nonResourceURLs: ["/metrics"] 7 | verbs: ["get"] 8 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: proxy-role 5 | rules: 6 | - apiGroups: ["authentication.k8s.io"] 7 | resources: 8 | - tokenreviews 9 | verbs: ["create"] 10 | - apiGroups: ["authorization.k8s.io"] 11 | resources: 12 | - subjectaccessreviews 13 | verbs: ["create"] 14 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: proxy-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: proxy-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: controller-manager-metrics-service 7 | namespace: system 8 | spec: 9 | ports: 10 | - name: https 11 | port: 8443 12 | protocol: TCP 13 | targetPort: https 14 | selector: 15 | control-plane: controller-manager 16 | -------------------------------------------------------------------------------- /config/rbac/baremetalset_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackbaremetalsets. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackbaremetalset-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackbaremetalsets 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackbaremetalsets/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/baremetalset_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackbaremetalsets. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackbaremetalset-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackbaremetalsets 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackbaremetalsets/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/cluster_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-clusterrolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | -------------------------------------------------------------------------------- /config/rbac/controlplane_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackcontrolplanes. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackcontrolplane-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackcontrolplanes 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackcontrolplanes/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/controlplane_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackcontrolplanes. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackcontrolplane-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackcontrolplanes 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackcontrolplanes/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - role.yaml 3 | - role_binding.yaml 4 | - cluster_role_binding.yaml 5 | - leader_election_role.yaml 6 | - leader_election_role_binding.yaml 7 | # Comment the following 4 lines if you want to disable 8 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 9 | # which protects your /metrics endpoint. 10 | - auth_proxy_service.yaml 11 | - auth_proxy_role.yaml 12 | - auth_proxy_role_binding.yaml 13 | - auth_proxy_client_clusterrole.yaml 14 | - service_account.yaml 15 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-election-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - coordination.k8s.io 21 | resources: 22 | - leases 23 | verbs: 24 | - get 25 | - list 26 | - watch 27 | - create 28 | - update 29 | - patch 30 | - delete 31 | - apiGroups: 32 | - "" 33 | resources: 34 | - events 35 | verbs: 36 | - create 37 | - patch 38 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/openstackbackup_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackbackups. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackbackup-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackbackups 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackbackups/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackbackup_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackbackups. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackbackup-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackbackups 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackbackups/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackbackuprequest_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackbackuprequests. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackbackuprequest-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackbackuprequests 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackbackuprequests/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackbackuprequest_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackbackuprequests. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackbackuprequest-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackbackuprequests 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackbackuprequests/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackclient_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackclients. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackclient-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackclients 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackclients/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackclient_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackclients. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackclient-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackclients 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackclients/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackconfiggenerator_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackconfiggenerators. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackconfiggenerator-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackconfiggenerators 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackconfiggenerators/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackconfiggenerator_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackconfiggenerators. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackconfiggenerator-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackconfiggenerators 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackconfiggenerators/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackconfigversion_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackconfigversions. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackconfigversion-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackconfigversions 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackconfigversions/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackconfigversion_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackconfigversions. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackconfigversion-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackconfigversions 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackconfigversions/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackcontrolplane_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackcontrolplanes. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackcontrolplane-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackcontrolplanes 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackcontrolplanes/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackcontrolplane_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackcontrolplanes. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackcontrolplane-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackcontrolplanes 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackcontrolplanes/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackdeploy_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackdeploys. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackdeploy-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackdeploys 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackdeploys/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackdeploy_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackdeploys. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackdeploy-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackdeploys 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackdeploys/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackephemeralheat_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackephemeralheats. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackephemeralheat-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackephemeralheats 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackephemeralheats/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackephemeralheat_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackephemeralheats. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackephemeralheat-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackephemeralheats 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackephemeralheats/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackipset_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackipsets. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackipset-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackipsets 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackipsets/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackipset_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackipsets. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackipset-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackipsets 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackipsets/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackmacaddress_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackmacaddresses. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackmacaddress-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackmacaddresses 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackmacaddresses/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackmacaddress_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackmacaddresses. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackmacaddress-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackmacaddresses 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackmacaddresses/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstacknet_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstacknets. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstacknet-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstacknets 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstacknets/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstacknet_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstacknets. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstacknet-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstacknets 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstacknets/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstacknetattachment_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstacknetattachments. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstacknetattachment-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstacknetattachments 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstacknetattachments/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstacknetattachment_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstacknetattachments. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstacknetattachment-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstacknetattachments 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstacknetattachments/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstacknetconfig_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstacknetconfigs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstacknetconfig-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstacknetconfigs 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstacknetconfigs/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstacknetconfig_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstacknetconfigs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstacknetconfig-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstacknetconfigs 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstacknetconfigs/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackprovisionserver_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstackprovisionservers. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackprovisionserver-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackprovisionservers 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackprovisionservers/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackprovisionserver_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view provisionservers. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackprovisionserver-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackprovisionservers 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackprovisionservers/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/openstackvmset_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit openstacktvmsets. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackvmset-editor-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackvmsets 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - osp-director.openstack.org 21 | resources: 22 | - openstackvmsets/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/openstackvmset_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view openstackvmsets. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: openstackvmset-viewer-role 6 | rules: 7 | - apiGroups: 8 | - osp-director.openstack.org 9 | resources: 10 | - openstackvmsets 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - osp-director.openstack.org 17 | resources: 18 | - openstackvmsets/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: openstack 13 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackbackup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackBackup 3 | metadata: 4 | name: openstackbackup-sample 5 | spec: 6 | crs: {} 7 | configMaps: {} 8 | secrets: {} 9 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackbackuprequest.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackBackupRequest 3 | metadata: 4 | name: openstackbackuprequest 5 | spec: 6 | mode: save 7 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackclient.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackClient 3 | metadata: 4 | name: openstackclient 5 | namespace: openstack 6 | spec: 7 | deploymentSSHSecret: osp-controlplane-ssh-keys 8 | networks: 9 | - ctlplane 10 | storageClass: host-nfs-storageclass 11 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackconfiggenerator.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackConfigGenerator 3 | metadata: 4 | name: default 5 | spec: 6 | enableFencing: false 7 | gitSecret: git-secret 8 | heatEnvConfigMap: heat-env-config 9 | tarballConfigMap: tripleo-tarball-config 10 | #interactive: false 11 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackconfigversion.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackConfigVersion 3 | metadata: 4 | name: openstackconfigversion-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackControlPlane 3 | metadata: 4 | name: overcloud 5 | namespace: openstack 6 | spec: 7 | domainName: ostest.test.metalkube.org 8 | openStackClientImageURL: registry.redhat.io/rhosp-rhel8/openstack-tripleoclient:16.2 9 | openStackClientNetworks: 10 | - ctlplane 11 | - external 12 | - internal_api 13 | openStackClientStorageClass: host-nfs-storageclass 14 | openStackRelease: "16.2" 15 | passwordSecret: userpassword 16 | virtualMachineRoles: 17 | controller: 18 | baseImageVolumeName: controller-base-img 19 | cores: 6 20 | ctlplaneInterface: enp2s0 21 | diskSize: 50 22 | isTripleoRole: true 23 | memory: 20 24 | networks: 25 | - ctlplane 26 | - external 27 | - internal_api 28 | - storage 29 | - storage_mgmt 30 | - tenant 31 | roleCount: 0 32 | roleName: Controller 33 | storageClass: host-nfs-storageclass 34 | storageAccessMode: ReadWriteMany 35 | storageVolumeMode: Filesystem 36 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackcontrolplane_single_net.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackControlPlane 3 | metadata: 4 | name: overcloud 5 | namespace: openstack 6 | spec: 7 | domainName: ostest.test.metalkube.org 8 | openStackClientImageURL: registry.redhat.io/rhosp-rhel8/openstack-tripleoclient:16.2 9 | openStackClientNetworks: 10 | - ctlplane 11 | openStackClientStorageClass: host-nfs-storageclass 12 | openStackRelease: "16.2" 13 | passwordSecret: userpassword 14 | virtualMachineRoles: 15 | controller: 16 | baseImageVolumeName: controller-base-img 17 | cores: 6 18 | ctlplaneInterface: enp2s0 19 | diskSize: 50 20 | isTripleoRole: true 21 | memory: 20 22 | networks: 23 | - ctlplane 24 | roleCount: 0 25 | roleName: Controller 26 | storageClass: host-nfs-storageclass 27 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackcontrolplane_with_additional_custom_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackControlPlane 3 | metadata: 4 | name: overcloud 5 | namespace: openstack 6 | spec: 7 | openStackClientImageURL: registry.redhat.io/rhosp-rhel8/openstack-tripleoclient:16.2 8 | openStackClientNetworks: 9 | - ctlplane 10 | - external 11 | openStackClientStorageClass: host-nfs-storageclass 12 | openStackRelease: wallaby 13 | virtualMachineRoles: 14 | controller: 15 | roleName: Controller 16 | roleCount: 0 17 | cores: 2 18 | memory: 20 19 | diskSize: 50 20 | storageClass: host-nfs-storageclass 21 | baseImageVolumeName: controller-base-img 22 | ctlplaneInterface: enp2s0 #defaults to enp2s0 23 | networks: 24 | - ctlplane 25 | - external 26 | - internal_api 27 | - tenant 28 | - storage 29 | - storage_mgmt 30 | somecustomrole: 31 | roleName: SomeCustomRole 32 | isTripleoRole: false 33 | roleCount: 0 34 | cores: 2 35 | memory: 20 36 | diskSize: 50 37 | storageClass: host-nfs-storageclass 38 | baseImageVolumeName: openstack-base-img 39 | ctlplaneInterface: enp2s0 #defaults to enp2s0 40 | networks: 41 | - ctlplane 42 | - external 43 | - internal_api 44 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackdeploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackDeploy 3 | metadata: 4 | name: openstackdeploy-sample 5 | spec: 6 | configVersion: bar 7 | configGenerator: foo 8 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackephemeralheat.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackEphemeralHeat 3 | metadata: 4 | name: ephemeralheat 5 | spec: 6 | configHash: unique-string-here 7 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackipset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackIPSet 3 | metadata: 4 | name: openstackipset-sample 5 | spec: 6 | addToPredictableIPs: true 7 | deletedHosts: [] 8 | hostCount: 1 9 | networks: 10 | - internal_api 11 | roleName: Redis 12 | serviceVIP: true 13 | vip: false 14 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackmacaddress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackMACAddress 3 | metadata: 4 | name: openstackmacaddress-sample 5 | spec: 6 | physNetworks: 7 | - macPrefix: fa:16:3a 8 | name: datacentre 9 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: ctlplane 5 | spec: 6 | allocationEnd: 192.168.25.250 7 | allocationStart: 192.168.25.100 8 | attachConfiguration: br-osp 9 | cidr: 192.168.25.0/24 10 | gateway: 192.168.25.1 # optional 11 | mtu: 1500 12 | name: Control 13 | nameLower: ctlplane 14 | routes: [] # optional 15 | vip: true 16 | vlan: 0 17 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet_ctlplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: ctlplane 5 | spec: 6 | allocationEnd: 192.168.25.250 7 | allocationStart: 192.168.25.100 8 | attachConfiguration: br-osp 9 | cidr: 192.168.25.0/24 10 | gateway: 192.168.25.1 11 | mtu: 1500 12 | name: Control 13 | nameLower: ctlplane 14 | vip: true 15 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet_external.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: external 5 | spec: 6 | allocationEnd: 10.0.0.250 7 | allocationStart: 10.0.0.10 8 | attachConfiguration: br-ex 9 | cidr: 10.0.0.0/24 10 | gateway: 10.0.0.1 11 | mtu: 1500 12 | name: External 13 | nameLower: external 14 | vip: true 15 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet_internalapi.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: internalapi 5 | spec: 6 | allocationEnd: 172.17.0.250 7 | allocationStart: 172.17.0.10 8 | attachConfiguration: br-osp 9 | cidr: 172.17.0.0/24 10 | mtu: 1350 11 | name: InternalApi 12 | nameLower: internal_api 13 | vip: true 14 | vlan: 20 15 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet_internalapi_routes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: internalapi 5 | spec: 6 | allocationEnd: 172.17.0.250 7 | allocationStart: 172.17.0.10 8 | attachConfiguration: br-osp 9 | cidr: 172.17.0.0/24 10 | gateway: 172.17.0.1 11 | mtu: 1350 12 | name: InternalApi 13 | nameLower: internal_api 14 | routes: 15 | - destination: 172.17.1.0/24 16 | nexthop: 172.17.0.1 17 | - destination: 172.17.2.0/24 18 | nexthop: 172.17.0.1 19 | vip: true 20 | vlan: 20 21 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet_sriov.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: ctlplane 5 | spec: 6 | allocationEnd: 192.168.25.250 7 | allocationStart: 192.168.25.100 8 | cidr: 192.168.25.0/24 9 | gateway: 192.168.25.1 # optional 10 | attachConfiguration: 11 | nodeSriovConfigurationPolicy: 12 | desiredState: 13 | deviceType: vfio-pci 14 | mtu: 9000 15 | numVfs: 4 16 | port: enp6s0 17 | spoofCheck: "off" 18 | trust: "on" 19 | nodeSelector: 20 | node-role.kubernetes.io/worker-sriov: "" 21 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet_storage.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: storage 5 | spec: 6 | allocationEnd: 172.18.0.250 7 | allocationStart: 172.18.0.10 8 | attachConfiguration: br-osp 9 | cidr: 172.18.0.0/24 10 | mtu: 1350 11 | name: Storage 12 | nameLower: storage 13 | vip: true 14 | vlan: 30 15 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet_storagemgmt.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: storagemgmt 5 | spec: 6 | allocationEnd: 172.19.0.250 7 | allocationStart: 172.19.0.10 8 | attachConfiguration: br-osp 9 | cidr: 172.19.0.0/24 10 | mtu: 1350 11 | name: StorageMgmt 12 | nameLower: storage_mgmt 13 | vip: true 14 | vlan: 40 15 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknet_tenant.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNet 3 | metadata: 4 | name: tenant 5 | spec: 6 | allocationEnd: 172.20.0.250 7 | allocationStart: 172.20.0.10 8 | attachConfiguration: br-osp 9 | cidr: 172.20.0.0/24 10 | mtu: 1350 11 | name: Tenant 12 | nameLower: tenant 13 | vip: false 14 | vlan: 50 15 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknetattachment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNetAttachment 3 | metadata: 4 | name: openstacknetattachment-sample 5 | spec: 6 | attachConfiguration: 7 | nodeNetworkConfigurationPolicy: 8 | desiredState: 9 | interfaces: 10 | - bridge: 11 | options: 12 | stp: 13 | enabled: false 14 | port: 15 | - name: enp7s0 16 | description: Linux bridge with enp7s0 as a port 17 | mtu: 1500 18 | name: br-osp 19 | state: up 20 | type: linux-bridge 21 | nodeSelector: 22 | node-role.kubernetes.io/worker: "" 23 | nodeSriovConfigurationPolicy: 24 | desiredState: 25 | deviceType: vfio-pci 26 | mtu: 9000 27 | numVfs: 0 28 | port: "" 29 | spoofCheck: "on" 30 | trust: "off" 31 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstacknetconfig_single_net.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNetConfig 3 | metadata: 4 | name: openstacknetconfig 5 | spec: 6 | attachConfigurations: 7 | br-osp: 8 | nodeNetworkConfigurationPolicy: 9 | nodeSelector: 10 | node-role.kubernetes.io/worker: "" 11 | desiredState: 12 | interfaces: 13 | - bridge: 14 | options: 15 | stp: 16 | enabled: false 17 | port: 18 | - name: enp7s0 19 | description: Linux bridge with enp7s0 as a port 20 | name: br-osp 21 | state: up 22 | type: linux-bridge 23 | mtu: 1500 24 | domainName: osptest.test.metalkube.org 25 | dnsServers: ['172.22.0.1'] 26 | networks: 27 | - name: Control 28 | nameLower: ctlplane 29 | subnets: 30 | - name: ctlplane 31 | ipv4: 32 | allocationEnd: 172.22.0.250 33 | allocationStart: 172.22.0.100 34 | cidr: 172.22.0.0/24 35 | gateway: 172.22.0.1 36 | attachConfiguration: br-osp 37 | reservations: 38 | controlplane: 39 | ipReservations: 40 | ctlplane: 172.22.0.110 41 | openstackclient-0: 42 | ipReservations: 43 | ctlplane: 172.22.0.251 44 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackprovisionserver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackProvisionServer 3 | metadata: 4 | name: openstack 5 | namespace: openstack 6 | spec: 7 | port: 6190 8 | baseImageUrl: http://192.168.111.1/images/rhel-guest-image-9.2-20230414.17.x86_64.qcow2 9 | interface: br-ctlplane 10 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta1_openstackvmset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackVMSet 3 | metadata: 4 | name: customvmset 5 | namespace: openstack 6 | spec: 7 | vmCount: 1 8 | cores: 2 9 | memory: 20 10 | diskSize: 50 11 | baseImageVolumeName: controller-base-img 12 | storageClass: host-nfs-storageclass 13 | storageAccessMode: ReadWriteMany 14 | storageVolumeMode: Filesystem 15 | #imageImportStorageClass: local #optional 16 | deploymentSSHSecret: osp-controlplane-ssh-keys 17 | isTripleoRole: true 18 | ctlplaneInterface: enp2s0 #defaults to enp2s0 19 | networks: 20 | - ctlplane 21 | roleName: SomeCustomRole 22 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta2_openstackbackup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta2 2 | kind: OpenStackBackup 3 | metadata: 4 | name: openstackbackup-sample 5 | spec: 6 | crs: {} 7 | configMaps: {} 8 | secrets: {} 9 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta2_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta2 2 | kind: OpenStackControlPlane 3 | metadata: 4 | name: overcloud 5 | namespace: openstack 6 | spec: 7 | openStackClientImageURL: registry.redhat.io/rhosp-rhel8/openstack-tripleoclient:16.2 8 | openStackClientNetworks: 9 | - ctlplane 10 | - external 11 | - internal_api 12 | openStackClientStorageClass: host-nfs-storageclass 13 | openStackRelease: "16.2" 14 | passwordSecret: userpassword 15 | virtualMachineRoles: 16 | controller: 17 | cores: 6 18 | ctlplaneInterface: enp2s0 19 | rootDisk: 20 | diskSize: 50 21 | baseImageVolumeName: controller-base-img 22 | storageClass: host-nfs-storageclass 23 | storageAccessMode: ReadWriteMany 24 | storageVolumeMode: Filesystem 25 | additionalDisks: 26 | - name: datadisk1 27 | diskSize: 1 28 | storageClass: host-nfs-storageclass 29 | storageAccessMode: ReadWriteMany 30 | storageVolumeMode: Filesystem 31 | isTripleoRole: true 32 | memory: 20 33 | networks: 34 | - ctlplane 35 | - external 36 | - internal_api 37 | - storage 38 | - storage_mgmt 39 | - tenant 40 | roleCount: 0 41 | roleName: Controller 42 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta2_openstackcontrolplane_single_net.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta2 2 | kind: OpenStackControlPlane 3 | metadata: 4 | name: overcloud 5 | namespace: openstack 6 | spec: 7 | domainName: ostest.test.metalkube.org 8 | openStackClientImageURL: registry.redhat.io/rhosp-rhel8/openstack-tripleoclient:16.2 9 | openStackClientNetworks: 10 | - ctlplane 11 | openStackClientStorageClass: host-nfs-storageclass 12 | openStackRelease: "16.2" 13 | passwordSecret: userpassword 14 | virtualMachineRoles: 15 | controller: 16 | cores: 6 17 | ctlplaneInterface: enp2s0 18 | isTripleoRole: true 19 | memory: 20 20 | networks: 21 | - ctlplane 22 | roleCount: 0 23 | roleName: Controller 24 | rootDisk: 25 | diskSize: 50 26 | baseImageVolumeName: controller-base-img 27 | storageClass: host-nfs-storageclass 28 | storageAccessMode: ReadWriteMany 29 | storageVolumeMode: Filesystem 30 | -------------------------------------------------------------------------------- /config/samples/osp-director_v1beta2_openstackvmset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta2 2 | kind: OpenStackVMSet 3 | metadata: 4 | name: customvmset 5 | namespace: openstack 6 | spec: 7 | vmCount: 1 8 | cores: 2 9 | memory: 20 10 | rootDisk: 11 | diskSize: 50 12 | baseImageVolumeName: controller-base-img 13 | storageClass: host-nfs-storageclass 14 | storageAccessMode: ReadWriteMany 15 | storageVolumeMode: Filesystem 16 | additionalDisks: 17 | - name: datadisk1 18 | diskSize: 1 19 | storageClass: host-nfs-storageclass 20 | storageAccessMode: ReadWriteMany 21 | storageVolumeMode: Filesystem 22 | - name: datadisk2 23 | diskSize: 1 24 | storageClass: host-nfs-storageclass 25 | storageAccessMode: ReadWriteMany 26 | storageVolumeMode: Filesystem 27 | deploymentSSHSecret: osp-controlplane-ssh-keys 28 | isTripleoRole: true 29 | ctlplaneInterface: enp2s0 #defaults to enp2s0 30 | networks: 31 | - ctlplane 32 | roleName: SomeCustomRole 33 | -------------------------------------------------------------------------------- /config/samples/patches/openstackcontrolplane_base_image_volume_name_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: "/spec/virtualMachineRoles/controller/baseImageVolumeName" 3 | value: "" -------------------------------------------------------------------------------- /config/samples/patches/openstackcontrolplane_controller_count_patch.yaml: -------------------------------------------------------------------------------- 1 | - op: replace 2 | path: "/spec/virtualMachineRoles/controller/roleCount" 3 | value: 1 -------------------------------------------------------------------------------- /config/scorecard/bases/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: scorecard.operatorframework.io/v1alpha3 2 | kind: Configuration 3 | metadata: 4 | name: config 5 | stages: 6 | - parallel: true 7 | tests: [] 8 | -------------------------------------------------------------------------------- /config/scorecard/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bases/config.yaml 3 | patchesJson6902: 4 | - path: patches/basic.config.yaml 5 | target: 6 | group: scorecard.operatorframework.io 7 | version: v1alpha3 8 | kind: Configuration 9 | name: config 10 | - path: patches/olm.config.yaml 11 | target: 12 | group: scorecard.operatorframework.io 13 | version: v1alpha3 14 | kind: Configuration 15 | name: config 16 | # +kubebuilder:scaffold:patchesJson6902 17 | -------------------------------------------------------------------------------- /config/scorecard/patches/basic.config.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /stages/0/tests/- 3 | value: 4 | entrypoint: 5 | - scorecard-test 6 | - basic-check-spec 7 | image: quay.io/operator-framework/scorecard-test:v1.1.0 8 | labels: 9 | suite: basic 10 | test: basic-check-spec-test 11 | -------------------------------------------------------------------------------- /config/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | #- service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # the following config is for teaching kustomize where to look at when substituting vars. 2 | # It requires kustomize v2.1.0 or newer to work properly. 3 | nameReference: 4 | - kind: Service 5 | version: v1 6 | fieldSpecs: 7 | - kind: MutatingWebhookConfiguration 8 | group: admissionregistration.k8s.io 9 | path: webhooks/clientConfig/service/name 10 | - kind: ValidatingWebhookConfiguration 11 | group: admissionregistration.k8s.io 12 | path: webhooks/clientConfig/service/name 13 | 14 | namespace: 15 | - kind: MutatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/namespace 18 | create: true 19 | - kind: ValidatingWebhookConfiguration 20 | group: admissionregistration.k8s.io 21 | path: webhooks/clientConfig/service/namespace 22 | create: true 23 | 24 | varReference: 25 | - path: metadata/annotations 26 | -------------------------------------------------------------------------------- /config/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | annotations: 8 | service.beta.openshift.io/serving-cert-secret-name: webhook-server-cert 9 | spec: 10 | ports: 11 | - port: 4343 12 | targetPort: 4343 13 | protocol: TCP 14 | selector: 15 | control-plane: controller-manager 16 | -------------------------------------------------------------------------------- /containers/agent/build.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -eux 4 | 5 | REPO=github.com/openstack-k8s-operators/osp-director-operator 6 | WHAT=agent 7 | GOFLAGS=${GOFLAGS:-} 8 | GLDFLAGS=${GLDFLAGS:-} 9 | 10 | GOOS=$(go env GOOS) 11 | GOARCH=$(go env GOARCH) 12 | 13 | # Go to the root of the repo 14 | cdup="$(git rev-parse --show-cdup)" && test -n "$cdup" && cd "$cdup" 15 | 16 | if [ -z ${VERSION_OVERRIDE+a} ]; then 17 | echo "Using version from git..." 18 | VERSION_OVERRIDE=$(git describe --abbrev=8 --dirty --always) 19 | fi 20 | 21 | GLDFLAGS+="-X ${REPO}/pkg/version.Raw=${VERSION_OVERRIDE}" 22 | 23 | if [ -z ${BIN_PATH+a} ]; then 24 | export BIN_PATH=build/_output/${GOOS}/${GOARCH} 25 | fi 26 | 27 | mkdir -p ${BIN_PATH} 28 | 29 | CGO_ENABLED=1 30 | 31 | echo "Building ${REPO}/cmd/${WHAT}" 32 | go build -o ${BIN_PATH}/${WHAT} ./containers/agent 33 | -------------------------------------------------------------------------------- /containers/agent/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "flag" 5 | 6 | "github.com/golang/glog" 7 | "github.com/spf13/cobra" 8 | ) 9 | 10 | const ( 11 | componentName = "osp-director-agent" 12 | ) 13 | 14 | var ( 15 | rootCmd = &cobra.Command{ 16 | Use: componentName, 17 | Short: "Run OSP-Director-Operator Agent", 18 | Long: "Runs the OSP-Director-Operator Agent", 19 | } 20 | ) 21 | 22 | func init() { 23 | rootCmd.PersistentFlags().AddGoFlagSet(flag.CommandLine) 24 | } 25 | 26 | func main() { 27 | if err := rootCmd.Execute(); err != nil { 28 | glog.Exitf("Error executing mcd: %v", err) 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /containers/agent/version.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "flag" 5 | "fmt" 6 | 7 | "github.com/spf13/cobra" 8 | ) 9 | 10 | var ( 11 | versionCmd = &cobra.Command{ 12 | Use: "version", 13 | Short: "Print the version number of OSP-Director-Operator Agent", 14 | Long: `All software has versions. This is that of the OSP-Director-Operator Agent.`, 15 | Run: runVersionCmd, 16 | } 17 | ) 18 | 19 | func init() { 20 | rootCmd.AddCommand(versionCmd) 21 | } 22 | 23 | func runVersionCmd(cmd *cobra.Command, args []string) { 24 | err := flag.Set("logtostderr", "true") 25 | if err != nil { 26 | panic(err.Error()) 27 | } 28 | flag.Parse() 29 | 30 | program := "OSPDirectorOperatorAgent" 31 | version := "v1.4.0" 32 | 33 | fmt.Println(program, version) 34 | } 35 | -------------------------------------------------------------------------------- /containers/image_downloader/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BASE_IMAGE=centos:stream9 2 | 3 | FROM $BASE_IMAGE 4 | 5 | ARG PKG_CMD=dnf 6 | ARG REMOTE_SOURCE= 7 | # Buildah expects the entrypoint.sh to be relative to pwd, podman expects 8 | # the file to be relative to the Dockerfile location 9 | ARG ENTRYPOINT_PATH=entrypoint.sh 10 | 11 | RUN ${PKG_CMD} install -y qemu-img && \ 12 | ${PKG_CMD} clean all 13 | 14 | ARG IMAGE_COMPONENT="osp-director-downloader-container" 15 | ARG IMAGE_NAME="osp-director-downloader" 16 | ARG IMAGE_VERSION="1.4.0" 17 | ARG IMAGE_SUMMARY="OSP Director Image Downloader" 18 | ARG IMAGE_DESC="This image includes the osp-director-downloader" 19 | ARG IMAGE_TAGS="openstack director" 20 | 21 | ### DO NOT EDIT LINES BELOW 22 | # Auto generated using CI tools from 23 | # https://github.com/openstack-k8s-operators/openstack-k8s-operators-ci 24 | 25 | # Labels required by upstream and osbs build system 26 | LABEL com.redhat.component="${IMAGE_COMPONENT}" \ 27 | name="${IMAGE_NAME}" \ 28 | version="${IMAGE_VERSION}" \ 29 | summary="${IMAGE_SUMMARY}" \ 30 | io.k8s.name="${IMAGE_NAME}" \ 31 | io.k8s.description="${IMAGE_DESC}" \ 32 | io.openshift.tags="${IMAGE_TAGS}" 33 | ### DO NOT EDIT LINES ABOVE 34 | 35 | WORKDIR / 36 | 37 | COPY $REMOTE_SOURCE/$ENTRYPOINT_PATH /entrypoint.sh 38 | 39 | ENTRYPOINT ["/entrypoint.sh"] 40 | -------------------------------------------------------------------------------- /docs/arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openstack-k8s-operators/osp-director-operator/087c0173c61f439196ecd36da89d626b1ef145be/docs/arch.png -------------------------------------------------------------------------------- /docs/crds.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openstack-k8s-operators/osp-director-operator/087c0173c61f439196ecd36da89d626b1ef145be/docs/crds.png -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ -------------------------------------------------------------------------------- /pkg/baremetalset/const.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package baremetalset 18 | 19 | const ( 20 | // AppLabel - 21 | AppLabel = "osp-baremetalset" 22 | 23 | // CloudInitUserDataSecretName - Naming template used for generating BaremetalHost cloudinit userdata secrets 24 | CloudInitUserDataSecretName = "%s-cloudinit-userdata-%s" 25 | // CloudInitNetworkDataSecretName - Naming template used for generating BaremetalHost cloudinit networkdata secrets 26 | CloudInitNetworkDataSecretName = "%s-cloudinit-networkdata-%s" 27 | 28 | // FinalizerName - 29 | FinalizerName = "baremetalsets.osp-director.openstack.org" 30 | ) 31 | -------------------------------------------------------------------------------- /pkg/common/hash.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package common 18 | 19 | import ( 20 | "crypto/sha256" 21 | "encoding/json" 22 | "fmt" 23 | 24 | "k8s.io/apimachinery/pkg/util/rand" 25 | ) 26 | 27 | // ObjectHash creates a deep object hash and return it as a safe encoded string 28 | func ObjectHash(i interface{}) (string, error) { 29 | // Convert the hashSource to a byte slice so that it can be hashed 30 | hashBytes, err := json.Marshal(i) 31 | if err != nil { 32 | return "", fmt.Errorf("unable to convert to JSON: %w", err) 33 | } 34 | hash := sha256.Sum256(hashBytes) 35 | return rand.SafeEncodeString(fmt.Sprint(hash)), nil 36 | } 37 | -------------------------------------------------------------------------------- /pkg/common/labels.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package common 18 | 19 | import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 20 | 21 | // GetLabels - get labelselector for CR 22 | func GetLabels(obj metav1.Object, controller string, custom map[string]string) map[string]string { 23 | // Labels for all objects 24 | labelSelector := map[string]string{ 25 | OwnerUIDLabelSelector: string(obj.GetUID()), 26 | OwnerNameSpaceLabelSelector: obj.GetNamespace(), 27 | OwnerNameLabelSelector: obj.GetName(), 28 | OwnerControllerNameLabelSelector: controller, 29 | } 30 | for k, v := range custom { 31 | labelSelector[k] = v 32 | } 33 | 34 | return labelSelector 35 | } 36 | -------------------------------------------------------------------------------- /pkg/common/string.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package common 18 | 19 | // StringInSlice - is string in slice 20 | func StringInSlice(a string, list []string) bool { 21 | for _, b := range list { 22 | if b == a { 23 | return true 24 | } 25 | } 26 | return false 27 | } 28 | -------------------------------------------------------------------------------- /pkg/controlplane/const.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package controlplane 18 | 19 | const ( 20 | // AppLabel - 21 | AppLabel = "osp-controlplane" 22 | 23 | // FinalizerName - 24 | FinalizerName = "controlplane.osp-director.openstack.org" 25 | 26 | // Count - controlplane count is atm fixed to 1 27 | Count = 1 28 | 29 | // Role - controlplane has not tripleo role, set it as const 30 | Role = "ControlPlane" 31 | 32 | // TripleoPasswordSecret - name of the generated tripleo password secret 33 | TripleoPasswordSecret = "tripleo-passwords" 34 | ) 35 | -------------------------------------------------------------------------------- /pkg/controlplane/funcs.go: -------------------------------------------------------------------------------- 1 | package controlplane 2 | 3 | // GetFencingRoles - roles that normally require fencing 4 | func GetFencingRoles() []string { 5 | // Can't create an array constant, so this is what we'll do instead 6 | return []string{ 7 | "CellController", 8 | "ControllerAllNovaStandalone", 9 | "ControllerNoCeph", 10 | "ControllerNovaStandalone", 11 | "ControllerOpenstack", 12 | "ControllerSriov", 13 | "ControllerStorageDashboard", 14 | "ControllerStorageNfs", 15 | "Controller", 16 | "Database", 17 | "Messaging", 18 | "Telemetry", 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /pkg/openstackdeploy/const.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2021 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package openstackdeploy 18 | 19 | const ( 20 | // ServiceAccount - 21 | ServiceAccount = "osp-director-operator-openstackdeploy" 22 | 23 | // ConfigMapBasename The basename prefix for exports data ConfigMaps 24 | ConfigMapBasename = "tripleo-exports-" 25 | ) 26 | -------------------------------------------------------------------------------- /pkg/openstackephemeralheat/const.go: -------------------------------------------------------------------------------- 1 | package openstackephemeralheat 2 | 3 | const ( 4 | // AppLabel - 5 | AppLabel = "openstackephemeralheat" 6 | // ServiceAccount - 7 | ServiceAccount = "osp-director-operator-openstackconfiggenerator" 8 | // HeatUID - 9 | HeatUID = 42418 10 | // MySQLUID - 11 | MySQLUID = 42434 12 | // RabbitMQUID - 13 | RabbitMQUID = 42439 14 | // FinalizerName - 15 | FinalizerName = "openstackephemeralheat.osp-director.openstack.org" 16 | ) 17 | -------------------------------------------------------------------------------- /pkg/openstackephemeralheat/secret.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2021 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package openstackephemeralheat 18 | 19 | import ( 20 | corev1 "k8s.io/api/core/v1" 21 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 | ) 23 | 24 | // PasswordSecret - func 25 | func PasswordSecret(name string, namespace string, labels map[string]string, password string) *corev1.Secret { 26 | secret := &corev1.Secret{ 27 | ObjectMeta: metav1.ObjectMeta{ 28 | Name: name, 29 | Namespace: namespace, 30 | Labels: labels, 31 | }, 32 | Type: "Opaque", 33 | StringData: map[string]string{ 34 | "password": password, 35 | }, 36 | } 37 | return secret 38 | } 39 | -------------------------------------------------------------------------------- /pkg/openstackmacaddress/const.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package openstackmacaddress 18 | 19 | const ( 20 | // AppLabel - 21 | AppLabel = "osp-openstackmacaddress" 22 | 23 | // FinalizerName - 24 | FinalizerName = "openstackmacaddress.osp-director.openstack.org" 25 | ) 26 | -------------------------------------------------------------------------------- /pkg/openstackmacaddress/funcs.go: -------------------------------------------------------------------------------- 1 | package openstackmacaddress 2 | 3 | import ( 4 | "crypto/rand" 5 | "fmt" 6 | "net" 7 | ) 8 | 9 | // CreateMACWithPrefix - create random mac address using 3 byte prefix 10 | func CreateMACWithPrefix(prefix string) (string, error) { 11 | buf := make([]byte, 3) 12 | _, err := rand.Read(buf) 13 | if err != nil { 14 | fmt.Println("error:", err) 15 | return "", err 16 | } 17 | mac := fmt.Sprintf("%s:%02x:%02x:%02x", prefix, buf[0], buf[1], buf[2]) 18 | 19 | if _, err := net.ParseMAC(mac); err != nil { 20 | return "", fmt.Errorf("%s is an invalid MAC address", mac) 21 | } 22 | 23 | return mac, nil 24 | } 25 | -------------------------------------------------------------------------------- /pkg/openstacknet/const.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package openstacknet 18 | 19 | const ( 20 | // AppLabel - 21 | AppLabel = "osp-openstacknet" 22 | 23 | // FinalizerName - 24 | FinalizerName = "openstacknet.osp-director.openstack.org" 25 | ) 26 | -------------------------------------------------------------------------------- /pkg/openstacknetconfig/const.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package openstacknetconfig 18 | 19 | const ( 20 | // AppLabel - 21 | AppLabel = "osp-openstacknetconfig" 22 | 23 | // FinalizerName - 24 | FinalizerName = "openstacknetconfig.osp-director.openstack.org" 25 | ) 26 | -------------------------------------------------------------------------------- /pkg/provisionserver/initcontainer.go: -------------------------------------------------------------------------------- 1 | package provisionserver 2 | 3 | import ( 4 | "fmt" 5 | 6 | corev1 "k8s.io/api/core/v1" 7 | ) 8 | 9 | // InitContainer information 10 | type InitContainer struct { 11 | Args []string 12 | Commands []string 13 | ContainerImage string 14 | Env []corev1.EnvVar 15 | Privileged bool 16 | VolumeMounts []corev1.VolumeMount 17 | } 18 | 19 | // GetInitContainers - init containers for ProvisionServers 20 | func GetInitContainers(inits []InitContainer) []corev1.Container { 21 | initContainers := []corev1.Container{} 22 | 23 | for index, init := range inits { 24 | container := corev1.Container{ 25 | Name: fmt.Sprintf("init-%d", index), 26 | Image: init.ContainerImage, 27 | ImagePullPolicy: corev1.PullAlways, 28 | VolumeMounts: init.VolumeMounts, 29 | Env: init.Env, 30 | } 31 | 32 | if len(init.Args) != 0 { 33 | container.Args = init.Args 34 | } 35 | 36 | if len(init.Commands) != 0 { 37 | container.Command = init.Commands 38 | } 39 | 40 | initContainers = append(initContainers, container) 41 | } 42 | 43 | return initContainers 44 | } 45 | -------------------------------------------------------------------------------- /pkg/provisionserver/version.go: -------------------------------------------------------------------------------- 1 | package provisionserver 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/blang/semver" 7 | ) 8 | 9 | var ( 10 | // Raw is the string representation of the version. This will be replaced 11 | // with the calculated version at build time. 12 | Raw = "v0.0.1" 13 | 14 | // Version is semver representation of the version. 15 | Version = semver.MustParse("0.0.1") 16 | 17 | // String is the human-friendly representation of the version. 18 | String = fmt.Sprintf("ProvisionServerIpDiscoveryAgent %s", Raw) 19 | ) 20 | -------------------------------------------------------------------------------- /pkg/vmset/const.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 Red Hat 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package vmset 18 | 19 | const ( 20 | // AppLabel - 21 | AppLabel = "osp-vmset" 22 | 23 | // FinalizerName - 24 | FinalizerName = "openstackvmsets.osp-director.openstack.org/virtualmachine" 25 | 26 | // KubevirtFencingServiceAccount - 27 | KubevirtFencingServiceAccount = "osp-director-operator-kubevirtagent" 28 | 29 | // KubevirtFencingServiceAccountSecret - 30 | KubevirtFencingServiceAccountSecret = "osp-director-operator-fencing-sa" 31 | 32 | // KubevirtFencingKubeconfigSecret - 33 | KubevirtFencingKubeconfigSecret = "osp-director-operator-fencing-kubeconfig" 34 | ) 35 | -------------------------------------------------------------------------------- /scripts/clean-olm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -x 3 | 4 | TARGET_NAMESPACE=${TARGET_NAMESPACE:-"default"} 5 | CSV_VERSION=${CSV_VERSION:-"0.0.1"} 6 | 7 | oc delete -n ${TARGET_NAMESPACE} csv osp-director-operator.v${CSV_VERSION} 8 | oc delete -n ${TARGET_NAMESPACE} subscription osp-director-operator-subscription 9 | oc delete -n ${TARGET_NAMESPACE} catalogsource osp-director-operator-index 10 | oc delete -n ${TARGET_NAMESPACE} operatorgroup osp-director-operator-group -------------------------------------------------------------------------------- /templates/baremetalset/cloudinit/networkdata: -------------------------------------------------------------------------------- 1 | links: 2 | - name: {{ .CtlplaneInterface }} 3 | id: {{ .CtlplaneInterface }} 4 | type: vif 5 | networks: 6 | - netmask: {{ .CtlplaneNetmask }} 7 | link: {{ .CtlplaneInterface }} 8 | id: {{ .CtlplaneInterface }} 9 | ip_address: {{ .CtlplaneIp }} 10 | type: ipv4 11 | gateway: {{ .CtlplaneGateway }} 12 | {{- if not (eq (len .CtlplaneRoutes) 0) }} 13 | routes: 14 | {{- range $value := .CtlplaneRoutes }} 15 | - network: {{ $value.network }} 16 | netmask: {{ $value.netmask }} 17 | gateway: {{ $value.gateway }} 18 | {{- end }} 19 | {{- end }} 20 | {{- if not (eq (len .CtlplaneDns) 0) }} 21 | services: 22 | - type: dns-nameserver 23 | address: 24 | {{- range $value := .CtlplaneDns }} 25 | - {{ $value }} 26 | {{- end }} 27 | {{- if not (eq (len .CtlplaneDnsSearch) 0) }} 28 | search: 29 | {{- range $value := .CtlplaneDnsSearch }} 30 | - {{ $value }} 31 | {{- end }} 32 | {{- end }} 33 | {{- end }} 34 | -------------------------------------------------------------------------------- /templates/baremetalset/cloudinit/userdata: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | # overwrite the fqdn set by metal3 wit the one generated by the baremetalset 3 | fqdn: {{ .Hostname }}{{ if .DomainName }}.{{ .DomainName }}{{ end }} 4 | users: 5 | - name: cloud-admin 6 | ssh_authorized_keys: 7 | {{ range $ssh_key := .AuthorizedKeys }} 8 | {{ if not (eq $ssh_key "") }} 9 | - {{ $ssh_key }} 10 | {{ end }} 11 | {{ end }} 12 | sudo: ['ALL=(ALL) NOPASSWD:ALL'] 13 | shell: /bin/bash 14 | {{- if .NodeRootPassword }} 15 | chpasswd: 16 | list: | 17 | root:{{ .NodeRootPassword }} 18 | expire: False 19 | {{- end }} 20 | bootcmd: 21 | # fix BLS entries 22 | - set -x; if [ -e /boot/loader/entries/ffffffffffffffffffffffffffffffff-* ]; then MACHINEID=$(cat /etc/machine-id) && rename "ffffffffffffffffffffffffffffffff" "$MACHINEID" /boot/loader/entries/ffffffffffffffffffffffffffffffff-* ; fi 23 | -------------------------------------------------------------------------------- /templates/openstackclient/bin/kolla_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "command": "/bin/sleep infinity", 3 | 4 | "config_files": [ 5 | { 6 | "source": "/var/lib/kolla/src/*", 7 | "dest": "/", 8 | "merge": true, 9 | "preserve_properties": true, 10 | "optional": true 11 | } 12 | ] 13 | } 14 | -------------------------------------------------------------------------------- /templates/openstackclient/bin/kolla_config_init.json: -------------------------------------------------------------------------------- 1 | { 2 | "command": "/usr/local/bin/init.sh", 3 | "config_files": [ 4 | { 5 | "source": "/var/lib/kolla/src/*", 6 | "dest": "/", 7 | "merge": true, 8 | "preserve_properties": true, 9 | "optional": true 10 | } 11 | ] 12 | } 13 | -------------------------------------------------------------------------------- /templates/openstackclient/bin/tripleo-deploy-term.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | umask 022 3 | 4 | CONFIG_VERSION=${CONFIG_VERSION:?"Please set CONFIG_VERSION."} 5 | RUNDIR="/var/run/tripleo-deploy/$CONFIG_VERSION" 6 | PGIDFILE=$RUNDIR/pgid 7 | 8 | if [[ ! -e $PGIDFILE ]]; then 9 | exit 0 10 | fi 11 | 12 | PGID=$(cat $PGIDFILE) 13 | 14 | if kill -0 -$PGID; then 15 | echo "Terminating tripleo-deploy($PGID)" 16 | kill -- -$PGID 17 | i=0 18 | until [[ "$i" -gt 50 ]]; do 19 | kill -0 -$PGID && exit 0 20 | sleep 1 21 | done 22 | kill -9 -$PGID 23 | fi -------------------------------------------------------------------------------- /templates/openstackconfiggenerator/config/17.1: -------------------------------------------------------------------------------- 1 | 17.0 -------------------------------------------------------------------------------- /templates/openstackconfiggenerator/config/common/fencing.yaml: -------------------------------------------------------------------------------- 1 | parameter_defaults: 2 | EnableFencing: {{ .EnableFencing }} 3 | {{- if .EnableFencing }} 4 | FencingConfig: 5 | devices: 6 | level1: 7 | {{- range $index, $fencingConfig := .FencingConfigs }} 8 | - agent: fence_kubevirt 9 | host_mac: {{ $fencingConfig.HostMac }} 10 | params: 11 | plug: {{ $fencingConfig.VMName }} 12 | apiversion: kubevirt.io/v1alpha3 13 | namespace: {{ $fencingConfig.Namespace }} 14 | ssl_insecure: true 15 | power_timeout: 30 16 | kubeconfig: /root/kubeconfig/kubeconfig 17 | {{- end }} 18 | parameter_merge_strategies: 19 | FencingConfig: deep_merge 20 | {{- end }} 21 | -------------------------------------------------------------------------------- /templates/openstackcontrolplane/config/tripleo-overcloud-passwords.yaml: -------------------------------------------------------------------------------- 1 | parameter_defaults: 2 | {{- range $key, $value:= .TripleoPasswords }} 3 | {{$key}}: {{$value}} 4 | {{- end }} 5 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/galera.cnf: -------------------------------------------------------------------------------- 1 | [client] 2 | port = 3306 3 | socket = /var/lib/mysql/mysql.sock 4 | 5 | [isamchk] 6 | key_buffer_size = 16M 7 | 8 | [mysqld] 9 | basedir = /usr 10 | bind-address = 0.0.0.0 11 | datadir = /var/lib/mysql 12 | expire_logs_days = 10 13 | innodb_file_per_table = ON 14 | key_buffer_size = 16M 15 | max_allowed_packet = 16M 16 | max_binlog_size = 100M 17 | max_connections = 4096 18 | open_files_limit = 65536 19 | pid-file = /var/lib/mysql/mariadb.pid 20 | port = 3306 21 | query_cache_limit = 1M 22 | query_cache_size = 16M 23 | skip-external-locking 24 | socket = /var/lib/mysql/mysql.sock 25 | ssl = false 26 | thread_cache_size = 8 27 | thread_stack = 256K 28 | tmpdir = /tmp 29 | user = mysql 30 | 31 | [mysqld_safe] 32 | nice = 0 33 | pid-file = /var/lib/mysql/mariadb.pid 34 | socket = /var/lib/mysql/mysql.sock 35 | 36 | [mysqldump] 37 | max_allowed_packet = 16M 38 | quick 39 | quote-names 40 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/heat.conf: -------------------------------------------------------------------------------- 1 | [DEFAULT] 2 | debug=True 3 | verbose=True 4 | transport_url=rabbit://guest:guest@{{.RabbitMQHost}}.cluster.local:5672/?ssl=0 5 | api_workers=3 6 | rpc_workers=3 7 | keystone_backend=heat.engine.clients.os.keystone.fake_keystoneclient.FakeKeystoneClient 8 | deferred_auth_method=password 9 | max_nested_stack_depth=10 10 | max_json_body_size=8388608 11 | default_deployment_signal_transport=HEAT_SIGNAL 12 | max_resources_per_stack=-1 13 | convergence_engine=True 14 | num_engine_workers=4 15 | rpc_response_timeout=600 16 | use_syslog=false 17 | use_stderr=true 18 | [database] 19 | connection=mysql+pymysql://heat:{{.MariaDBPassword}}@{{.MariaDBHost}}.cluster.local/heat 20 | max_retries=-1 21 | db_max_retries=-1 22 | [paste_deploy] 23 | flavor=noauth 24 | api_paste_config=paste.ini 25 | [yaql] 26 | memory_quota=900000 27 | limit_iterators=9000 28 | [noauth] 29 | token_response=/etc/heat/token.json 30 | [oslo_messaging_rabbit] 31 | heartbeat_timeout_threshold=60 32 | [oslo_middleware] 33 | enable_proxy_headers_parsing=True 34 | [oslo_messaging_notifications] 35 | driver=noop -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/heat_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "command": "/usr/bin/heat-api --config-dir /etc/heat/heat.conf.d", 3 | "config_files": [ 4 | { 5 | "source": "/var/lib/config-data/heat_empty.conf", 6 | "dest": "/etc/heat/heat.conf", 7 | "owner": "heat", 8 | "perm": "0600" 9 | }, 10 | { 11 | "source": "/var/lib/config-data/heat.conf", 12 | "dest": "/etc/heat/heat.conf.d/01_heat.conf", 13 | "owner": "heat", 14 | "perm": "0600" 15 | }, 16 | { 17 | "source": "/var/lib/config-data/custom.conf", 18 | "dest": "/etc/heat/heat.conf.d/99_custom.conf", 19 | "owner": "heat", 20 | "perm": "0600" 21 | }, 22 | { 23 | "source": "/var/lib/config-data/paste.ini", 24 | "dest": "/etc/heat/paste.ini", 25 | "owner": "heat", 26 | "perm": "0600" 27 | }, 28 | { 29 | "source": "/var/lib/config-data/token.json", 30 | "dest": "/etc/heat/token.json", 31 | "owner": "heat", 32 | "perm": "0600" 33 | } 34 | ] 35 | } 36 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/heat_empty.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openstack-k8s-operators/osp-director-operator/087c0173c61f439196ecd36da89d626b1ef145be/templates/openstackephemeralheat/bin/heat_empty.conf -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/heat_engine_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "command": "/usr/bin/heat-engine --config-dir /etc/heat/heat.conf.d", 3 | "config_files": [ 4 | { 5 | "source": "/var/lib/config-data/heat_empty.conf", 6 | "dest": "/etc/heat/heat.conf", 7 | "owner": "heat", 8 | "perm": "0600" 9 | }, 10 | { 11 | "source": "/var/lib/config-data/heat.conf", 12 | "dest": "/etc/heat/heat.conf.d/01_heat.conf", 13 | "owner": "heat", 14 | "perm": "0600" 15 | }, 16 | { 17 | "source": "/var/lib/config-data/custom.conf", 18 | "dest": "/etc/heat/heat.conf.d/99_custom.conf", 19 | "owner": "heat", 20 | "perm": "0600" 21 | } 22 | ] 23 | } 24 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/heat_paste.ini: -------------------------------------------------------------------------------- 1 | [pipeline:heat-api-noauth] 2 | pipeline = faultwrap noauth context versionnegotiation apiv1app 3 | [app:apiv1app] 4 | paste.app_factory = heat.common.wsgi:app_factory 5 | heat.app_factory = heat.api.openstack.v1:API 6 | [filter:noauth] 7 | paste.filter_factory = heat.common.noauth:filter_factory 8 | [filter:context] 9 | paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory 10 | [filter:versionnegotiation] 11 | paste.filter_factory = heat.common.wsgi:filter_factory 12 | heat.filter_factory = heat.api.openstack:version_negotiation_filter 13 | [filter:faultwrap] 14 | paste.filter_factory = heat.common.wsgi:filter_factory 15 | heat.filter_factory = heat.api.openstack:faultwrap_filter 16 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/mariadb_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "command": "/usr/libexec/mysqld --user=mysql", 3 | "config_files": [ 4 | { 5 | "source": "/var/lib/config-data/galera.cnf", 6 | "dest": "/etc/my.cnf.d/galera.cnf", 7 | "owner": "root", 8 | "perm": "0644" 9 | } 10 | ] 11 | } 12 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/mariadb_init.sh: -------------------------------------------------------------------------------- 1 | if [ -e /var/lib/mysql/mysql ]; then exit 0; fi 2 | #echo -e "\n[mysqld]\nwsrep_provider=none" >> /etc/my.cnf 3 | #kolla_set_configs 4 | #sudo -u mysql -E kolla_extend_start 5 | mkdir -p /var/lib/mysql 6 | mysql_install_db 7 | mysqld_safe --skip-networking --wsrep-on=OFF & 8 | timeout {{.DBMaxTimeout}} /bin/bash -c "until mysqladmin -uroot -p'$DB_ROOT_PASSWORD' ping 2>/dev/null; do sleep 1; done" 9 | mysql -uroot -p"$DB_ROOT_PASSWORD" -e "CREATE USER 'mysql'@'localhost';" 10 | mysql -uroot -p"$DB_ROOT_PASSWORD" -e "REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'mysql'@'localhost';" 11 | timeout {{.DBMaxTimeout}} mysqladmin -uroot -p"$DB_ROOT_PASSWORD" shutdown 12 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/mariadb_init_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "command": "/usr/local/bin/mariadb_init.sh", 3 | "config_files": [ 4 | { 5 | "source": "/var/lib/config-data/galera.cnf", 6 | "dest": "/etc/my.cnf.d/galera.cnf", 7 | "owner": "root", 8 | "perm": "0644" 9 | }, 10 | { 11 | "source": "/var/lib/config-data/mariadb_init.sh", 12 | "dest": "/usr/local/bin/mariadb_init.sh", 13 | "owner": "root", 14 | "perm": "0755" 15 | } 16 | ], 17 | "permissions": [ 18 | { 19 | "path": "/var/lib/mysql", 20 | "owner": "mysql:mysql", 21 | "recurse": "true" 22 | } 23 | ] 24 | } 25 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/rabbitmq-env.conf: -------------------------------------------------------------------------------- 1 | LANG=en_US.UTF-8 2 | LC_ALL=en_US.UTF-8 3 | NODE_IP_ADDRESS= 4 | NODE_PORT= 5 | RABBITMQ_NODENAME=rabbit@localhost 6 | RABBITMQ_SERVER_ERL_ARGS='+K true +P 1048576 -kernel inet_default_connect_options [{nodelay,true}]' 7 | RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS='+sbwt none' 8 | #export ERL_INETRC=/etc/rabbitmq/inetrc 9 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/rabbitmq.config: -------------------------------------------------------------------------------- 1 | [ 2 | {rabbit, [ 3 | {tcp_listen_options, [ 4 | {keepalive, true}, 5 | {backlog, 128}, 6 | {nodelay, true}, 7 | {linger, {true, 0}}, 8 | {exit_on_close, false} 9 | ]}, 10 | {tcp_listeners, [{"0.0.0.0", 5672}]}, 11 | {log, [ 12 | {console, [{enabled, true}, 13 | {level, info} 14 | ]} 15 | ]}, 16 | {collect_statistics_interval, 30000}, 17 | {cluster_partition_handling, ignore}, 18 | {queue_master_locator, <<"min-masters">>}, 19 | {loopback_users, []}, 20 | {default_user, <<"guest">>}, 21 | {default_pass, <<"guest">>} 22 | ]}, 23 | {kernel, [ 24 | {inet_dist_listen_max, 25672}, 25 | {inet_dist_listen_min, 25672}, 26 | {net_ticktime, 15} 27 | ]} 28 | , 29 | {rabbitmq_management, [ 30 | {rates_mode, none} 31 | , {listener, [ 32 | {ip, "127.0.0.1"}, 33 | {port, 15672} 34 | ]} 35 | ]} 36 | ]. 37 | -------------------------------------------------------------------------------- /templates/openstackephemeralheat/bin/rabbitmq_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "command": "/usr/lib/rabbitmq/bin/rabbitmq-server", 3 | "config_files": [ 4 | { 5 | "source": "/var/lib/config-data/rabbitmq.config", 6 | "dest": "/etc/rabbitmq/rabbitmq.config", 7 | "owner": "rabbitmq", 8 | "perm": "0600" 9 | }, 10 | { 11 | "source": "/var/lib/config-data/rabbitmq-env.conf", 12 | "dest": "/etc/rabbitmq/rabbitmq-env.conf", 13 | "owner": "rabbitmq", 14 | "perm": "0600" 15 | } 16 | ], 17 | "permissions": [ 18 | { 19 | "path": "/var/lib/rabbitmq", 20 | "owner": "rabbitmq:rabbitmq", 21 | "recurse": "true" 22 | } 23 | ] 24 | } 25 | -------------------------------------------------------------------------------- /templates/vmset/cloudinit/networkdata: -------------------------------------------------------------------------------- 1 | version: 2 2 | ethernets: 3 | {{ .CtlplaneInterface }}: 4 | addresses: [ "{{ .ControllerIP }}" ] 5 | {{- if not (eq (len .CtlplaneDns) 0) }} 6 | nameservers: 7 | {{- if not (eq (len .CtlplaneDnsSearch) 0) }} 8 | search: 9 | {{- range $value := .CtlplaneDnsSearch }} 10 | - {{ $value }} 11 | {{- end }} 12 | {{- end }} 13 | addresses: 14 | {{- range $value := .CtlplaneDns }} 15 | - {{ $value }} 16 | {{- end }} 17 | {{- end }} 18 | {{- if not (eq (len .CtlplaneRoutes) 0) }} 19 | routes: 20 | {{- range $value := .CtlplaneRoutes }} 21 | - to: {{ $value.to }} 22 | via: {{ $value.via }} 23 | {{- end }} 24 | {{- end }} 25 | {{- if .Gateway }} 26 | {{ .Gateway }} 27 | {{- end }} 28 | -------------------------------------------------------------------------------- /templates/vmset/fencing-kubeconfig/fencing-kubeconfig: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | clusters: 3 | - cluster: 4 | insecure-skip-tls-verify: true 5 | server: {{ .Server }} 6 | name: openstack 7 | contexts: 8 | - context: 9 | cluster: openstack 10 | namespace: {{ .Namespace }} 11 | user: kubevirtagent 12 | name: openstack 13 | current-context: openstack 14 | kind: Config 15 | preferences: {} 16 | users: 17 | - name: kubevirtagent 18 | user: 19 | token: {{ .Token }} 20 | -------------------------------------------------------------------------------- /tests/kuttl/common/manifests/git-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | # TODO: Placeholder only 5 | git_ssh_identity: Z2l0QDEwLjM3LjE0Ni4yMjI6L2hvbWUvZ2l0L3BsYXlib29rcy5naXQ= 6 | git_url: Z2l0QDEwLjM3LjE0Ni4yMjI6L2hvbWUvZ2l0L3BsYXlib29rcy5naXQ= 7 | kind: Secret 8 | metadata: 9 | name: git-secret 10 | namespace: openstack 11 | type: Opaque 12 | -------------------------------------------------------------------------------- /tests/kuttl/common/manifests/osp-controlplane-ssh-keys.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | # TODO: This is just a placeholder -- will not work unless you manually overwrite it here 5 | authorized_keys: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FDdlREQUJzQ0phYlFHUTJWWTQ1NGN6QWszWEJ0blMyZEN4QzJ6aXVEY2ZWajFWWXk4YzNDeURMSkk3MzFvWEdWdm9qZ2toTE9jMDQxSlhkYU93QVdtcFQremVoeTd2OVhNZWUyTkJBcVZ1enFPZWU5NDNXNTRxU1NDQWpmckRVbkhGanJjL2J4a3pjVy93Vlk2L1V6cEdpRkVwMFMzdGJhaFRHRS9pTEdib2F2a3ZVN1lCQ0FkWHc1dWlMMG8yY3JTWUdlRHVjZWJPZ1VkbEJ2V2hReHNycWFOV1hxRTRzODBqN0FHd1VIQWZCelFWK293aXJ6LzlsQW5ud0dkSEFFNExTeDVGUC9EQXRvVnFwY3BlcmFhY2lUY0x4R3ozUVB0STBmSEVvZWxsRG9YSVV6NDhFYk1rQm9xMlV6cTc1VGRFamJ6NnZEeFpDQ2w2OE9hK2V6aGdXV0FNcUlYLzZUdmhaUEV2YW50VmxSY3I2WGRoR3ltc090V2hiWFhoUTRGcUJveThSUXRraElvTkErUDY4RGVTeWx6VG0xUEpFNmROcGMxNTdtN1JiOE9KS042ems5V202NUlJa2Z0NHphS2dqZ2JtTUtkbHpDdlVuVTUrbzRnRktKUzVqZzlJZG9YMHowc2ZZdW1MNzI0VCtwMzA3bysyQkRWQW5YZy90emM9IHJvb3RAb3NwLWNvbnZlcmdlLTAyLmxhYi5lbmcuYnJxLnJlZGhhdC5jb20K 6 | kind: Secret 7 | metadata: 8 | name: osp-controlplane-ssh-keys 9 | namespace: openstack 10 | -------------------------------------------------------------------------------- /tests/kuttl/common/manifests/userpassword.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | data: 4 | NodeRootPassword: MTIzNDU2Nzg= 5 | kind: Secret 6 | metadata: 7 | name: userpassword 8 | namespace: openstack 9 | -------------------------------------------------------------------------------- /tests/kuttl/common/scripts/add_bmh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 4 | # Adds (or really, re-adds) a new BMH if YAML representing one is 5 | # present in a designated location on the filesystem 6 | # 7 | 8 | if [ -f /tmp/kuttl_bmh1.json ]; then 9 | oc apply -n openshift-machine-api -f /tmp/kuttl_bmh1_secret.json 10 | oc apply -n openshift-machine-api -f /tmp/kuttl_bmh1.json 11 | rm -rf /tmp/kuttl_bmh1_secret.json 12 | rm -rf /tmp/kuttl_bmh1.json 13 | fi 14 | -------------------------------------------------------------------------------- /tests/kuttl/common/scripts/delete_bmh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 4 | # Dumps a BMH and its credentials secret to designated locations and then deletes the BMH 5 | # 6 | 7 | bmhname=$(oc get bmh -n openshift-machine-api -l osp-director.openstack.org/name=compute -l osp-director.openstack.org/namespace=openstack -o name | head -1) 8 | bmhsecretname=$(oc get -n openshift-machine-api ${bmhname} -o json | jq -r '.spec.bmc.credentialsName') 9 | oc get -n openshift-machine-api ${bmhname} -o json |\ 10 | jq 'del(.metadata.labels,.metadata.annotations,.metadata.generation,.metadata.resourceVersion,.metadata.uid,.spec.consumerRef,.spec.userData,.spec.networkData,.spec.image)' |\ 11 | jq '.metadata.annotations={"inspect.metal3.io": "disabled"}' |\ 12 | jq '.spec.online=false' > /tmp/kuttl_bmh1.json 13 | oc get -n openshift-machine-api secret ${bmhsecretname} -o json |\ 14 | jq 'del(.metadata.labels,.metadata.annotations,.metadata.generation,.metadata.resourceVersion,.metadata.uid,.metadata.ownerReferences)' > /tmp/kuttl_bmh1_secret.json 15 | oc delete -n openshift-machine-api ${bmhname} 16 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/00-prep.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Attempt to "clear the field" if necessary 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: ../../common/scripts/prep.sh 9 | timeout: 600 10 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/create_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | # Create the required userpassword Secret 5 | - command: oc apply -f ../../common/manifests/userpassword.yaml 6 | namespaced: true 7 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta2_openstackcontrolplane.yaml 8 | namespaced: true 9 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/create_openstackcontrolplane_single_net.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | # Create the required userpassword Secret 5 | - command: oc apply -f ../../common/manifests/userpassword.yaml 6 | namespaced: true 7 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta2_openstackcontrolplane_single_net.yaml 8 | namespaced: true 9 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/create_openstacknetconfig.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # First, create all OpenStackNets 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta1_openstacknetconfig.yaml 9 | namespaced: true 10 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/create_openstacknetconfig_single_net.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # First, create all OpenStackNetConfig with single net 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta1_openstacknetconfig_single_net.yaml 9 | namespaced: true 10 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/create_openstacknetconfig_single_net_ipv6.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # First, create all OpenStackNetConfig with single ipv6 net 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta1_openstacknetconfig_single_net_ipv6.yaml 9 | namespaced: true 10 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/scale_down_openstackcontrolplane_single_controller-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - VirtualMachines (2 should be removed) 5 | # 6 | 7 | apiVersion: kubevirt.io/v1alpha3 8 | kind: VirtualMachine 9 | metadata: 10 | name: controller-0 11 | namespace: openstack 12 | --- 13 | apiVersion: kubevirt.io/v1alpha3 14 | kind: VirtualMachine 15 | metadata: 16 | name: controller-1 17 | namespace: openstack -------------------------------------------------------------------------------- /tests/kuttl/common/tests/scale_down_openstackcontrolplane_single_controller.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Annotate 2 OpenStackVMSet VMs for deletion and scale OpenStackControlPlane down to 1 controller 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc annotate vm controller-0 osp-director.openstack.org/delete-host=true 10 | namespaced: true 11 | - command: | 12 | oc annotate vm controller-1 osp-director.openstack.org/delete-host=true 13 | namespaced: true 14 | - command: | 15 | oc patch openstackcontrolplane overcloud --type='json' -p='[{"op": "replace", "path": "/spec/virtualMachineRoles/controller/roleCount", "value":1}]' 16 | namespaced: true 17 | - command: | 18 | sleep 40 19 | - script: | 20 | # Remove bindings of PV's in Released state 21 | for i in $(oc get pv | egrep "Failed|Released" | awk {'print $1'}); do 22 | oc patch pv $i --type='json' -p='[{"op": "remove", "path": "/spec/claimRef"}]' 23 | done 24 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/scale_up_openstackcontrolplane_3_controllers.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Scale OpenStackControlPlane to 3 controllers 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch openstackcontrolplane overcloud --type='json' -p='[{"op": "replace", "path": "/spec/virtualMachineRoles/controller/roleCount", "value":3}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/common/tests/scale_up_openstackcontrolplane_single_controller.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Scale OpenStackControlPlane to 1 controller 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch openstackcontrolplane overcloud --type='json' -p='[{"op": "replace", "path": "/spec/virtualMachineRoles/controller/roleCount", "value":1}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/01-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackNetConfig 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestAssert 9 | timeout: 420 10 | --- 11 | apiVersion: osp-director.openstack.org/v1beta1 12 | kind: OpenStackNetConfig 13 | metadata: 14 | name: openstacknetconfig 15 | namespace: openstack 16 | status: 17 | provisioningStatus: 18 | attachDesiredCount: 3 19 | attachReadyCount: 3 20 | netDesiredCount: 6 21 | netReadyCount: 6 22 | physNetDesiredCount: 2 23 | physNetReadyCount: 2 24 | reason: OpenStackNetConfig openstacknetconfig all resources configured 25 | state: Configured 26 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/01-create_openstacknetconfig.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # First, create all OpenStackNets 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta1_openstacknetconfig.yaml 9 | namespaced: true 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/02-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackControlPlane 5 | # - 1 OpenStackBaremetalSet 6 | # - 1 OpenStackVMSet 7 | # 8 | 9 | apiVersion: kuttl.dev/v1beta1 10 | kind: TestAssert 11 | timeout: 420 12 | --- 13 | apiVersion: osp-director.openstack.org/v1beta2 14 | kind: OpenStackControlPlane 15 | metadata: 16 | name: overcloud 17 | namespace: openstack 18 | status: 19 | provisioningStatus: 20 | clientReady: true 21 | desiredCount: 1 22 | readyCount: 1 23 | reason: All requested OSVMSets have been provisioned 24 | state: Provisioned 25 | --- 26 | apiVersion: osp-director.openstack.org/v1beta1 27 | kind: OpenStackBaremetalSet 28 | metadata: 29 | name: compute 30 | namespace: openstack 31 | status: 32 | provisioningStatus: 33 | reason: No BaremetalHost have been requested 34 | state: Empty 35 | --- 36 | apiVersion: osp-director.openstack.org/v1beta2 37 | kind: OpenStackVMSet 38 | metadata: 39 | name: controller 40 | namespace: openstack 41 | status: 42 | provisioningStatus: 43 | reason: No VirtualMachines have been requested 44 | state: Empty 45 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/03-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBackupRequest (should be quiescing) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackBackupRequest 9 | metadata: 10 | name: openstackbackuprequest 11 | namespace: openstack 12 | status: 13 | conditions: 14 | - message: OpenStackBackupRequest is waiting for other controllers to quiesce 15 | reason: OpenStackBackupRequest is waiting for other controllers to quiesce 16 | status: "False" 17 | type: Quiescing 18 | - message: OpenStackBackup openstackbackuprequest has been saved 19 | reason: OpenStackBackup openstackbackuprequest has been saved 20 | status: "True" 21 | type: Saved 22 | currentState: Saved 23 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/03-create_backup_request.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # First create everything mentioned in 00-prep 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta1_openstackbackuprequest.yaml 9 | namespaced: true 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/03-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBackupRequest (should not have errored) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackBackupRequest 9 | metadata: 10 | name: openstackbackuprequest 11 | namespace: openstack 12 | status: 13 | conditions: 14 | - status: "True" 15 | type: Error 16 | currentState: Error 17 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/04-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBackupRequest (should not have errored) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackBackupRequest 9 | metadata: 10 | name: openstackbackuprequest 11 | namespace: openstack 12 | status: 13 | conditions: 14 | - status: "True" 15 | type: Error 16 | currentState: Error -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/05-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBackupRequest (should be cleaning) 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestAssert 9 | timeout: 420 10 | --- 11 | apiVersion: osp-director.openstack.org/v1beta1 12 | kind: OpenStackBackupRequest 13 | metadata: 14 | name: openstackbackuprequest 15 | namespace: openstack 16 | status: 17 | conditions: 18 | - status: "True" 19 | type: Cleaning 20 | currentState: Cleaning 21 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/05-create_restore_backup_request.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Create an OpenStackBackupRequest requesting a clean restore of the previously-saved OpenStackBackup 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | oc delete -n openstack osbackuprequest --all; 10 | sleep 5; 11 | sed -e '$a\ \ restoreSource: '$(oc get osbackup -n openstack -o name | cut -d '/' -f 2) ../../../../config/samples/osp-director_v1beta1_openstackbackuprequest.yaml | sed 's/save/cleanRestore/' | oc apply -n openstack -f - || true 12 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/05-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBackupRequest (should not have errored) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackBackupRequest 9 | metadata: 10 | name: openstackbackuprequest 11 | namespace: openstack 12 | status: 13 | conditions: 14 | - status: "True" 15 | type: Restore Error 16 | currentState: Restore Error 17 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/06-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBackupRequest (should be reconciling) 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestAssert 9 | timeout: 300 10 | --- 11 | apiVersion: osp-director.openstack.org/v1beta1 12 | kind: OpenStackBackupRequest 13 | metadata: 14 | name: openstackbackuprequest 15 | namespace: openstack 16 | status: 17 | conditions: 18 | - status: "False" 19 | type: Cleaning 20 | - status: "False" 21 | type: Loading 22 | - status: "True" 23 | type: Reconciling 24 | currentState: Reconciling 25 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/07-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBackupRequest (should be restored) 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestAssert 9 | timeout: 420 10 | --- 11 | apiVersion: osp-director.openstack.org/v1beta1 12 | kind: OpenStackBackupRequest 13 | metadata: 14 | name: openstackbackuprequest 15 | namespace: openstack 16 | status: 17 | conditions: 18 | - status: "False" 19 | type: Cleaning 20 | - status: "False" 21 | type: Loading 22 | - status: "False" 23 | type: Reconciling 24 | - status: "True" 25 | type: Restored 26 | currentState: Restored 27 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/07-restart_metal3.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Restart Metal3 since the NNCPs responsible for configuring the br-ctlplane 3 | # provisioning interface bridge were deleted and recreated. In such a scenario, 4 | # restarting Metal3 allows DHCP to work properly again. 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestStep 9 | commands: 10 | - command: oc scale deployment metal3 -n openshift-machine-api --replicas=0 11 | namespaced: true 12 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbackuprequest_save_restore/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | - Creates: 5 | * OpenStackNetConfig 6 | * OpenStackControlPlane 7 | * OpenStackBaremetalSet 8 | * OpenStackBackupRequest (in "save" mode) 9 | - Checks that the OpenStackBackupRequest starts in quiescing state 10 | - Once quiesced, checks that the OpenStackBackupRequest ends in the saved state 11 | - Checks for the existence of a corresponding OpenStackBackup with the proper resources within its spec 12 | - Creates an OpenStackBackupRequest (in "cleanRestore" mode) targeting the created OpenStackBackup for restoration 13 | - Checks that the "cleanRestore" cleans all OSP-D operator resources 14 | - Checks that the new OpenStackBackupRequest enters the "Loading" state 15 | - Checks that the new OpenStackBackupRequest reaches the "Restored" state 16 | 17 | NOTE: This test assumes you have two (and only two!) extra OCP workers allocated to your cluster as 18 | BaremetalHosts, that are not in-use as actual cluster nodes 19 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/00-prep.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Attempt to "clear the field" if necessary 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | # Add any missing BMH that might have been deleted by another failed run of this test 10 | ../../common/scripts/add_bmh.sh 11 | - script: ../../common/scripts/prep.sh 12 | timeout: 600 13 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/01-create_openstacknetconfig.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/02-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/02-create_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/04-scale_up_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # - Scale OpenStackBaremetalSet to 2 BaremetalHosts 3 | # - Also try to then immediately scale to 3, which should fail due to webhook validation (because we only 4 | # have 2 BMHs available in a standard osp-director-dev-tools cluster) and thus do nothing 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestStep 9 | commands: 10 | - command: | 11 | oc patch openstackbaremetalset compute --type='json' -p='[{"op": "replace", "path": "/spec/count", "value":2}]' 12 | namespaced: true 13 | - script: | 14 | RES=$(oc patch -n openstack openstackbaremetalset compute --type='json' -p='[{"op": "replace", "path": "/spec/count", "value":3}]' 2>&1) 15 | if grep -qi "unable to find 3 requested BaremetalHost count" <<< "$RES"; then 16 | exit 0 17 | else 18 | exit 1 19 | fi 20 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/05-check_openstackbaremetalset_connectivity.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Make sure the OpenStackClient can SSH to the 2 OpenStackBaremetalSets 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | sleep 10 10 | RETRIES="${RETRIES:-20}" 11 | for i in $(seq 1 $RETRIES); do 12 | oc rsh -n openstack openstackclient ansible -m ping -i /home/cloud-admin/ctlplane-ansible-inventory Compute 13 | if [ "$?" -eq "0" ]; then 14 | exit 0 15 | fi 16 | sleep 10 17 | done 18 | exit 1 19 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/06-scale_down_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # - Scale OpenStackBaremetalSet to 1 BaremetalHost 3 | # - Also try to then immediately scale down 0, which should fail due to webhook validation (because we only 4 | # have 1 BMH annotated for deletion) and thus do nothing 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestStep 9 | commands: 10 | - command: oc annotate bmh -l osp-director.openstack.org/osphostname=compute-0 osp-director.openstack.org/delete-host=true -n openshift-machine-api 11 | namespaced: true 12 | - command: | 13 | oc patch openstackbaremetalset compute --type='json' -p='[{"op": "replace", "path": "/spec/count", "value":1}]' 14 | namespaced: true 15 | - script: | 16 | RES=$(oc patch -n openstack openstackbaremetalset compute --type='json' -p='[{"op": "replace", "path": "/spec/count", "value":0}]' 2>&1) 17 | if grep -q "Unable to find sufficient amount of BaremetalHost replicas annotated for scale-down" <<< "$RES"; then 18 | exit 0 19 | else 20 | exit 1 21 | fi 22 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/07-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 BaremetalHost (should be removed, for compute-0) 5 | # 6 | 7 | apiVersion: metal3.io/v1alpha1 8 | kind: BareMetalHost 9 | metadata: 10 | labels: 11 | osp-director.openstack.org/controller: osp-baremetalset 12 | osp-director.openstack.org/name: compute 13 | osp-director.openstack.org/namespace: openstack 14 | osp-director.openstack.org/osphostname: compute-0 15 | namespace: openshift-machine-api 16 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/08-assert.yaml: -------------------------------------------------------------------------------- 1 | 04-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/08-scale_up_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | 04-scale_up_openstackbaremetalset.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/09-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBaremetalSet (should be in "BaremetalHostNotFound" error state) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackBaremetalSet 9 | metadata: 10 | finalizers: 11 | - baremetalset.osp-director.openstack.org 12 | labels: 13 | ooo-subnetname/ctlplane: "true" 14 | ooo-subnetname/internal_api: "true" 15 | ooo-subnetname/tenant: "true" 16 | osnetconfig-ref: openstacknetconfig 17 | name: compute 18 | namespace: openstack 19 | spec: 20 | baseImageUrl: http://192.168.111.1/images/rhel-guest-image-9.2-20230414.17.x86_64.qcow2 21 | count: 2 22 | ctlplaneInterface: enp1s0 23 | roleName: Compute 24 | status: 25 | baremetalHosts: 26 | compute-0: 27 | annotatedForDeletion: false 28 | hostname: compute-0 29 | compute-1: 30 | annotatedForDeletion: false 31 | hostname: compute-1 32 | provisioningStatus: 33 | readyCount: 1 34 | state: Error 35 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/09-delete_one_bmh.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # - Improperly delete a single BMH 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | ../../common/scripts/delete_bmh.sh 10 | timeout: 420 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/10-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBaremetalSet (count should still be 2) 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestAssert 9 | --- 10 | apiVersion: osp-director.openstack.org/v1beta1 11 | kind: OpenStackBaremetalSet 12 | metadata: 13 | finalizers: 14 | - baremetalset.osp-director.openstack.org 15 | name: compute 16 | namespace: openstack 17 | spec: 18 | baseImageUrl: http://192.168.111.1/images/rhel-guest-image-9.2-20230414.17.x86_64.qcow2 19 | count: 2 20 | ctlplaneInterface: enp1s0 21 | deploymentSSHSecret: osp-controlplane-ssh-keys 22 | networks: 23 | - ctlplane 24 | - internal_api 25 | - tenant 26 | passwordSecret: userpassword 27 | roleName: Compute 28 | status: 29 | baremetalHosts: 30 | compute-0: 31 | hostname: compute-0 32 | compute-1: 33 | hostname: compute-1 34 | provisioningStatus: 35 | readyCount: 1 36 | state: Error 37 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/10-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBaremetalSet (count should still be 2) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackBaremetalSet 9 | metadata: 10 | finalizers: 11 | - baremetalset.osp-director.openstack.org 12 | name: compute 13 | namespace: openstack 14 | spec: 15 | count: 1 16 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/10-scale_down_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # - Scale OpenStackBaremetalSet to 1 BaremetalHost (should fail because a BMH is missing that is 3 | # listed as a hostRef in the OpenStackBaremetalSet's "status.baremetalHosts", which will cause 4 | # validating webhook to block "spec.count" changes) 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestStep 9 | commands: 10 | - command: oc annotate bmh -l osp-director.openstack.org/name=compute -l osp-director.openstack.org/namespace=openstack osp-director.openstack.org/delete-host=true -n openshift-machine-api 11 | namespaced: true 12 | - script: | 13 | RES=$(oc patch -n openstack openstackbaremetalset compute --type='json' -p='[{"op": "replace", "path": "/spec/count", "value":1}]' 2>&1) 14 | if grep -q "Please check BaremetalHost resources and re-add" <<< "$RES"; then 15 | exit 0 16 | else 17 | exit 1 18 | fi 19 | 20 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/11-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBaremetalSet (count should still be 2) 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestAssert 9 | --- 10 | apiVersion: osp-director.openstack.org/v1beta1 11 | kind: OpenStackBaremetalSet 12 | metadata: 13 | finalizers: 14 | - baremetalset.osp-director.openstack.org 15 | name: compute 16 | namespace: openstack 17 | spec: 18 | baseImageUrl: http://192.168.111.1/images/rhel-guest-image-9.2-20230414.17.x86_64.qcow2 19 | count: 2 20 | ctlplaneInterface: enp1s0 21 | deploymentSSHSecret: osp-controlplane-ssh-keys 22 | networks: 23 | - ctlplane 24 | - internal_api 25 | - tenant 26 | passwordSecret: userpassword 27 | roleName: Compute 28 | status: 29 | baremetalHosts: 30 | compute-0: 31 | hostname: compute-0 32 | compute-1: 33 | hostname: compute-1 34 | provisioningStatus: 35 | readyCount: 1 36 | state: Error 37 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/11-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBaremetalSet (count should still be 2) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackBaremetalSet 9 | metadata: 10 | finalizers: 11 | - baremetalset.osp-director.openstack.org 12 | name: compute 13 | namespace: openstack 14 | spec: 15 | count: 3 16 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/11-scale_up_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # - Scale OpenStackBaremetalSet to 3 BaremetalHosts (should fail because a BMH is missing that is 3 | # listed as a hostRef in the OpenStackBaremetalSet's "status.baremetalHosts", which will cause 4 | # validating webhook to block "spec.count" changes) 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestStep 9 | commands: 10 | - command: oc annotate bmh -l osp-director.openstack.org/name=compute -l osp-director.openstack.org/namespace=openstack osp-director.openstack.org/delete-host- -n openshift-machine-api 11 | namespaced: true 12 | - script: | 13 | RES=$(oc patch -n openstack openstackbaremetalset compute --type='json' -p='[{"op": "replace", "path": "/spec/count", "value":3}]' 2>&1) 14 | if grep -q "Please check BaremetalHost resources and re-add" <<< "$RES"; then 15 | exit 0 16 | else 17 | exit 1 18 | fi -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/12-add-one-bmh.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # - Recreate the BMH deleted in a previous step 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | timeout: 420 8 | commands: 9 | - script: | 10 | ../../common/scripts/add_bmh.sh 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/13-delete_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | delete: 4 | - apiVersion: osp-director.openstack.org/v1beta1 5 | kind: OpenStackBaremetalSet 6 | name: compute 7 | namespace: openstack 8 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackbaremetalset_scale/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | 5 | - Create 2 OpenStackNets 6 | - Create 1 initially-empty OpenStackBaremetalServer and 1 Secret (for user password) 7 | - Scale-up the OpenStackBaremetalSet to 2 BaremetalHosts 8 | - Scale-down the OpenStackBaremetalSet to 1 BaremetalHost 9 | - Scale-up the OpenstackBaremetalSet to 2 BaremetalHosts, again 10 | - Delete the OpenStackBaremetalSet 11 | 12 | NOTE: This test assumes you have two (and only two!) extra OCP workers allocated to your cluster as 13 | BaremetalHosts, that are not in-use as actual cluster nodes 14 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig_single_net-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/01-create_openstacknetconfig_single_net.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig_single_net.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/02-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane_single_net-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/02-create_openstackcontrolplane_single_net.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane_single_net.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/03-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_single_controller_single_net-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/03-scale_up_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_single_controller.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/04-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - verify the VM has 6 cores 5 | # - verify the VM has 20 GB RAM 6 | # 7 | 8 | apiVersion: kuttl.dev/v1beta1 9 | kind: TestAssert 10 | timeout: 180 11 | commands: 12 | - script: | 13 | #!/usr/bin/env bash 14 | sleep 10 15 | CONTROLLER=$(oc get -n openstack osnet ctlplane -o json | jq .status.reservations | jq -r "to_entries | map(select(.key == \"controller-0\")) | unique[] | .value.ip") 16 | CPUS=$(oc rsh -n openstack openstackclient ssh $CONTROLLER "grep processor /proc/cpuinfo | wc -l") 17 | RAM=$(oc rsh -n openstack openstackclient ssh $CONTROLLER grep MemTotal /proc/meminfo | awk '{ print $2 }') 18 | if [[ ( "${CPUS}" != 6 ) || ( "${RAM}" < 20000000 ) || ( "${RAM}" > 21000000 ) ]]; then 19 | exit 1 20 | fi 21 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/05-increase_cpu_and_ram.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Increase vmset resources and reset vm 3 | # - cores 8 4 | # - ram 21GB 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestStep 9 | commands: 10 | - command: | 11 | oc patch -n openstack osctlplane overcloud --type='json' -p='[{"op": "add", "path": "/spec/virtualMachineRoles/controller/cores", "value": 8 }]' 12 | namespaced: true 13 | - command: | 14 | oc patch -n openstack osctlplane overcloud --type='json' -p='[{"op": "add", "path": "/spec/virtualMachineRoles/controller/memory", "value": 22 }]' 15 | namespaced: true 16 | - script: | 17 | #!/usr/bin/env bash 18 | CONTROLLER=$(oc get -n openstack osnet ctlplane -o json | jq .status.reservations | jq -r "to_entries | map(select(.key == \"controller-0\")) | unique[] | .value.ip") 19 | oc rsh -n openstack openstackclient ssh $CONTROLLER sudo poweroff || true 20 | - command: | 21 | sleep 20 22 | - command: | 23 | virtctl -n openstack start controller-0 24 | namespaced: true 25 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_cpu_ram_scale/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | - create osnetcfg 5 | - create osctlplane 6 | - update cpu on osctlplane controller role 7 | - update ram on osctlplane controller role 8 | - verify vmset and virtualmachine object that ram/cpu changed as expected 9 | - power off/on the virtal machine to get the new settings reflected 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/01-create_openstacknetconfig.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/02-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/02-create_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/03-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_3_controllers-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/03-scale_up_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_3_controllers.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/04-check_openstackcontrolplane_connectivity.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Make sure the OpenStackClient can SSH to the 3 OpenStackVMSets 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | sleep 10 10 | RETRIES="${RETRIES:-20}" 11 | for i in $(seq 1 $RETRIES); do 12 | oc rsh -n openstack openstackclient ansible -m ping -i /home/cloud-admin/ctlplane-ansible-inventory Controller 13 | if [ "$?" -eq "0" ]; then 14 | exit 0 15 | fi 16 | sleep 10 17 | done 18 | exit 1 19 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/05-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_down_openstackcontrolplane_single_controller-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/05-errors.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_down_openstackcontrolplane_single_controller-errors.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/05-scale_down_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_down_openstackcontrolplane_single_controller.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/06-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_3_controllers-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/06-scale_up_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_3_controllers.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/07-delete_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | delete: 4 | - apiVersion: osp-director.openstack.org/v1beta2 5 | kind: OpenStackControlPlane 6 | name: overcloud 7 | namespace: openstack 8 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/07-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackControlPlane (should be removed) 5 | # - 1 OpenStackVMSet (should be removed) 6 | # - 3 VirtualMachines (3 should be removed) 7 | # - 1 OpenStackClient (should be removed) 8 | # 9 | 10 | apiVersion: osp-director.openstack.org/v1beta2 11 | kind: OpenStackControlPlane 12 | metadata: 13 | name: overcloud 14 | namespace: openstack 15 | --- 16 | apiVersion: osp-director.openstack.org/v1beta2 17 | kind: OpenStackVMSet 18 | metadata: 19 | name: controller 20 | namespace: openstack 21 | --- 22 | apiVersion: kubevirt.io/v1alpha3 23 | kind: VirtualMachine 24 | metadata: 25 | name: controller-0 26 | namespace: openstack 27 | --- 28 | apiVersion: kubevirt.io/v1alpha3 29 | kind: VirtualMachine 30 | metadata: 31 | name: controller-1 32 | namespace: openstack 33 | --- 34 | apiVersion: kubevirt.io/v1alpha3 35 | kind: VirtualMachine 36 | metadata: 37 | name: controller-2 38 | namespace: openstack 39 | --- 40 | apiVersion: osp-director.openstack.org/v1beta1 41 | kind: OpenStackClient 42 | metadata: 43 | name: openstackclient 44 | namespace: openstack 45 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackcontrolplane_scale/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | 5 | - Create 6 OpenStackNets and an initially-empty OpenStackControlPlane that only spawns an OpenStackClient 6 | - Verify that predictable IPs have been assigned to the OpenStackClient (in the OpenStackNet and the 7 | associated OpenStackNetConfig), and that the OpenStackNets' underlying NodeNetworkConfigurationPolicies have 8 | configured successfully 9 | - Scale the OpenStackControlPlane up to 3 controllers 10 | - Check for IP reservations in the OpenStackNet, associated OpenStackNetConfig and OpenStackVMSet for the 3 11 | VirtualMachines that should be created 12 | - Check that the OpenStackClient can SSH to all 3 controllers 13 | - Scale the OpenStackControlPlane down to 1 controller 14 | - Check that the IP reservations are removed from the OpenStackVMSet and OpenStackNetConfig, but remain in the 15 | OpenStackNet 16 | - Scale the OpenStackControlPlane back to 3 controllers 17 | - Check that the IP reservations in the OpenStackNetConfig and OpenStackVMSet reuse the original IPs from 18 | the original scale-up 19 | - Delete the OpenStackControlPlane 20 | - Check that all sub-resources (OpenStackVMSets, VirtualMachines, OpenStackClient, etc) are removed 21 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_cleanup_nncp/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_cleanup_nncp/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_cleanup_nncp/01-create_openstacknetconfig.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_cleanup_nncp/02-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - bridge interfaces got remove from worker nodes 5 | # 6 | 7 | apiVersion: kuttl.dev/v1beta1 8 | kind: TestAssert 9 | commands: 10 | - script: | 11 | sleep 10 12 | RETRIES="${RETRIES:-20}" 13 | for i in $(seq 1 $RETRIES); do 14 | SUCCESS="0" 15 | for k in 20 21 22; do 16 | NOBRIDGES=$(ssh core@192.168.111.$k "ip a" | egrep "br-ex:|br-osp:" | wc -l) 17 | done 18 | if [ "$NOBRIDGES" -eq "0" ]; then 19 | break 20 | fi 21 | sleep $i 22 | if [ "$i" -eq "${RETRIES}" ]; then 23 | exit 1 24 | fi 25 | done 26 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_cleanup_nncp/02-delete_openstacknet.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Delete the OpenStackNetConfig 3 | # 4 | # NOTE: (mschuppert) TODO delete single network when implemented in osnetconfig 5 | 6 | apiVersion: kuttl.dev/v1beta1 7 | kind: TestStep 8 | commands: 9 | - command: oc delete -f ../../../../config/samples/osp-director_v1beta1_openstacknetconfig.yaml 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_cleanup_nncp/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | 5 | - Create 2 OpenStackNets and verify the associated NNCP is created 6 | - Delete 1 OpenStackNet and verify the associated NNCP still exists 7 | - Delete the other OpenStackNet and verify the associated NNCP is deleted as well 8 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_error_validation/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_error_validation/01-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - No noctlplane OpenStackNetConfig got created 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackNetConfig 9 | metadata: 10 | name: noctlplane 11 | --- 12 | apiVersion: osp-director.openstack.org/v1beta1 13 | kind: OpenStackNetConfig 14 | metadata: 15 | name: ipv4andipv6 16 | --- 17 | apiVersion: osp-director.openstack.org/v1beta1 18 | kind: OpenStackNetConfig 19 | metadata: 20 | name: ipv4mixipv6 21 | --- 22 | apiVersion: osp-director.openstack.org/v1beta1 23 | kind: OpenStackNetConfig 24 | metadata: 25 | name: ipv6inipv4 26 | --- 27 | apiVersion: osp-director.openstack.org/v1beta1 28 | kind: OpenStackNetConfig 29 | metadata: 30 | name: allocoutsidecidr 31 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_error_validation/osp-director_v1beta1_openstacknetconfig_ipv4_mix_ipv6_details.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNetConfig 3 | metadata: 4 | name: ipv4mixipv6 5 | spec: 6 | attachConfigurations: 7 | br-osp: 8 | nodeNetworkConfigurationPolicy: 9 | nodeSelector: 10 | node-role.kubernetes.io/worker: "" 11 | desiredState: 12 | interfaces: 13 | - bridge: 14 | options: 15 | stp: 16 | enabled: false 17 | port: 18 | - name: enp7s0 19 | description: Linux bridge with enp7s0 as a port 20 | name: br-osp 21 | state: up 22 | type: linux-bridge 23 | mtu: 1500 24 | domainName: osptest.test.metalkube.org 25 | dnsServers: ['172.22.0.1'] 26 | networks: 27 | - name: Control 28 | nameLower: ctlplane 29 | subnets: 30 | - name: ctlplane 31 | ipv4: 32 | allocationEnd: 2001:db8:fd00:2000:ffff:ffff:ffff:fffe 33 | allocationStart: 172.22.0.100 34 | cidr: 172.22.0.0/24 35 | gateway: 172.22.0.1 36 | attachConfiguration: br-osp 37 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_error_validation/osp-director_v1beta1_openstacknetconfig_ipv4_outside_range.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNetConfig 3 | metadata: 4 | name: allocoutsidecidr 5 | spec: 6 | attachConfigurations: 7 | br-osp: 8 | nodeNetworkConfigurationPolicy: 9 | nodeSelector: 10 | node-role.kubernetes.io/worker: "" 11 | desiredState: 12 | interfaces: 13 | - bridge: 14 | options: 15 | stp: 16 | enabled: false 17 | port: 18 | - name: enp7s0 19 | description: Linux bridge with enp7s0 as a port 20 | name: br-osp 21 | state: up 22 | type: linux-bridge 23 | mtu: 1500 24 | domainName: osptest.test.metalkube.org 25 | dnsServers: ['172.22.0.1'] 26 | networks: 27 | - name: Control 28 | nameLower: ctlplane 29 | subnets: 30 | - name: ctlplane 31 | ipv4: 32 | allocationEnd: 172.22.99.250 33 | allocationStart: 172.22.0.100 34 | cidr: 172.22.0.0/24 35 | gateway: 172.22.0.1 36 | attachConfiguration: br-osp 37 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_error_validation/osp-director_v1beta1_openstacknetconfig_ipv6_in_ipv4.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNetConfig 3 | metadata: 4 | name: ipv6inipv4 5 | spec: 6 | attachConfigurations: 7 | br-osp: 8 | nodeNetworkConfigurationPolicy: 9 | nodeSelector: 10 | node-role.kubernetes.io/worker: "" 11 | desiredState: 12 | interfaces: 13 | - bridge: 14 | options: 15 | stp: 16 | enabled: false 17 | port: 18 | - name: enp7s0 19 | description: Linux bridge with enp7s0 as a port 20 | name: br-osp 21 | state: up 22 | type: linux-bridge 23 | mtu: 1500 24 | domainName: osptest.test.metalkube.org 25 | dnsServers: ['172.22.0.1'] 26 | networks: 27 | - name: Control 28 | nameLower: ctlplane 29 | subnets: 30 | - name: ctlplane 31 | ipv4: 32 | cidr: 2001:db8:fd00:2000::/64 33 | gateway: 2001:db8:fd00:2000::1 34 | allocationEnd: 2001:db8:fd00:2000:ffff:ffff:ffff:fffe 35 | allocationStart: 2001:db8:fd00:2000::100 36 | attachConfiguration: br-osp 37 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_error_validation/osp-director_v1beta1_openstacknetconfig_no_ctlplane_net.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: osp-director.openstack.org/v1beta1 2 | kind: OpenStackNetConfig 3 | metadata: 4 | name: noctlplane 5 | spec: 6 | attachConfigurations: 7 | br-osp: 8 | nodeNetworkConfigurationPolicy: 9 | nodeSelector: 10 | node-role.kubernetes.io/worker: "" 11 | desiredState: 12 | interfaces: 13 | - bridge: 14 | options: 15 | stp: 16 | enabled: false 17 | port: 18 | - name: enp7s0 19 | description: Linux bridge with enp7s0 as a port 20 | name: br-osp 21 | state: up 22 | type: linux-bridge 23 | mtu: 1500 24 | domainName: osptest.test.metalkube.org 25 | dnsServers: ['172.22.0.1'] 26 | networks: 27 | - name: NoCtlplane 28 | nameLower: noctlplane 29 | subnets: 30 | - name: noctlplane 31 | ipv4: 32 | allocationEnd: 172.22.0.250 33 | allocationStart: 172.22.0.100 34 | cidr: 172.22.0.0/24 35 | gateway: 172.22.0.1 36 | attachConfiguration: br-osp 37 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_immutable_bridge_name/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_immutable_bridge_name/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_immutable_bridge_name/01-create_openstacknetconfig.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_immutable_bridge_name/02-change_openstacknet_bridge_name.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Try to change the bridge name of a OpenStackNetConfig attachment 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | oc patch osnetconfig -n openstack openstacknetconfig --type='json' -p='[{"op": "replace", "path": "/spec/attachConfigurations/br-osp/nodeNetworkConfigurationPolicy/desiredState", "value": {"interfaces":[{"name":"blah"}]}}]' 10 | # ignore failure as the webhook will prevent the patch 11 | ignoreFailure: true 12 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_immutable_bridge_name/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | 5 | - Create 1 OpenStackNet 6 | - Try to change the bridge name of the OpenStackNet after it is created 7 | - Verify that the bridge name did not in fact change 8 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig_single_net-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/01-create_openstacknetconfig_single_net.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig_single_net.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/02-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane_single_net-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/02-create_openstackcontrolplane_single_net.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane_single_net.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/03-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_single_controller_single_net-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/03-scale_up_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_single_controller.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/04-add_static_reservation.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add static MAC reservation for controller-1 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-1", "value": {"ipReservations":{}, "macReservations": {}}}]' 10 | namespaced: true 11 | - command: | 12 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-1/ipReservations", "value": {"ctlplane": "172.22.0.121" }}]' 13 | namespaced: true 14 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/06-add_second_reservation.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add static IP reservation for controller-2 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | # add new empty reservation for controller-2 10 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-2", "value": {"ipReservations":{}, "macReservations": {}}}]' 11 | namespaced: true 12 | - command: | 13 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "replace", "path": "/spec/reservations/controller-2/ipReservations/ctlplane", "value": "172.22.0.122"}]' 14 | namespaced: true 15 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/07-scale_up_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_3_controllers.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/08-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - VirtualMachines (2 should be removed) 5 | # 6 | 7 | apiVersion: kubevirt.io/v1alpha3 8 | kind: VirtualMachine 9 | metadata: 10 | name: controller-0 11 | namespace: openstack 12 | --- 13 | apiVersion: kubevirt.io/v1alpha3 14 | kind: VirtualMachine 15 | metadata: 16 | name: controller-1 17 | namespace: openstack 18 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/08-scale_down_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_down_openstackcontrolplane_single_controller.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/09-switch_preserveReservations_off.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Disable preserveReservations 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/preserveReservations", "value": false}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/10-add_network.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add new network definition to spec.networks 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/networks/-", "value": {"name": "InternalApi", "nameLower": "internal_api","subnets": [{"name": "internal_api", "vlan": 20, "attachConfiguration": "br-osp", "ipv4": {"allocationEnd": "172.17.0.250", "allocationStart": "172.17.0.10", "cidr": "172.17.0.0/24"}}]}}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/11-add_network_to_vmrole.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add new network definition to spec.networks 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osctlplane overcloud --type='json' -p='[{"op": "add", "path": "/spec/virtualMachineRoles/controller/networks/-", "value": "internal_api"}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/12-delete_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | delete: 4 | - apiVersion: osp-director.openstack.org/v1beta2 5 | kind: OpenStackControlPlane 6 | name: overcloud 7 | namespace: openstack 8 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/12-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - ControlPlane (should be removed) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta2 8 | kind: OpenStackControlPlane 9 | metadata: 10 | name: overcloud 11 | namespace: openstack 12 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv4/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | - create osnetcfg with no static reservation 5 | - add static reservation for controller-0 6 | - scale up to 1 controller ctlplane 7 | - Run webhook fail tests 8 | - add static reservation with wrong IP format 9 | - add static reservation with dupe IP 10 | - add good additional reservation 11 | - scale ctlplane nodes 12 | - scale down node to verify reservation persist 13 | - set persist to false to verify reservations for deleted nodes are gone 14 | - add a new network 15 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig_single_net_ipv6-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/01-create_openstacknetconfig_single_net.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig_single_net_ipv6.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/02-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane_single_net_ipv6-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/02-create_openstackcontrolplane_single_net.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane_single_net.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/03-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_single_controller_single_net_ipv6-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/03-scale_up_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_single_controller.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/04-add_static_reservation.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add static MAC reservation for controller-1 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-1", "value": {"ipReservations":{}, "macReservations": {}}}]' 10 | namespaced: true 11 | - command: | 12 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-1/ipReservations", "value": {"ctlplane": "2001:db8:fd00:2000::41" }}]' 13 | namespaced: true 14 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/06-add_second_reservation.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add static IP reservation for controller-2 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | # add new empty reservation for controller-2 10 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-2", "value": {"ipReservations":{}, "macReservations": {}}}]' 11 | namespaced: true 12 | - command: | 13 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "replace", "path": "/spec/reservations/controller-2/ipReservations/ctlplane", "value": "2001:db8:fd00:2000::42"}]' 14 | namespaced: true 15 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/07-scale_up_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_3_controllers.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/08-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - VirtualMachines (2 should be removed) 5 | # 6 | 7 | apiVersion: kubevirt.io/v1alpha3 8 | kind: VirtualMachine 9 | metadata: 10 | name: controller-0 11 | namespace: openstack 12 | --- 13 | apiVersion: kubevirt.io/v1alpha3 14 | kind: VirtualMachine 15 | metadata: 16 | name: controller-1 17 | namespace: openstack 18 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/08-scale_down_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_down_openstackcontrolplane_single_controller.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/09-switch_preserveReservations_off.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Disable preserveReservations 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/preserveReservations", "value": false}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/10-add_network.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add new network definition to spec.networks 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/networks/-", "value": {"name": "InternalApi", "nameLower": "internal_api","subnets": [{"name": "internal_api", "vlan": 20, "attachConfiguration": "br-osp", "ipv6": {"allocationEnd": "fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe", "allocationStart": "fd00:fd00:fd00:2000::10", "cidr": "fd00:fd00:fd00:2000::/64"}}]}}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/11-add_network_to_vmrole.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add new network definition to spec.networks 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osctlplane overcloud --type='json' -p='[{"op": "add", "path": "/spec/virtualMachineRoles/controller/networks/-", "value": "internal_api"}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/12-delete_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | delete: 4 | - apiVersion: osp-director.openstack.org/v1beta2 5 | kind: OpenStackControlPlane 6 | name: overcloud 7 | namespace: openstack 8 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/12-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - ControlPlane (should be removed) 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta2 8 | kind: OpenStackControlPlane 9 | metadata: 10 | name: overcloud 11 | namespace: openstack 12 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstacknetconfig_ip_reservation_ipv6/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | - create osnetcfg with no static reservation 5 | - add static reservation for controller-0 6 | - scale up to 1 controller ctlplane 7 | - Run webhook fail tests 8 | - add static reservation with wrong IP format 9 | - add static reservation with dupe IP 10 | - add good additional reservation 11 | - scale ctlplane nodes 12 | - scale down node to verify reservation persist 13 | - set persist to false to verify reservations for deleted nodes are gone 14 | - add a new network 15 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/01-create_openstacknetconfig.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/02-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackProvisionServer 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackProvisionServer 9 | metadata: 10 | name: openstack 11 | namespace: openstack 12 | spec: 13 | baseImageUrl: http://192.168.111.1/images/rhel-guest-image-9.2-20230414.17.x86_64.qcow2 14 | interface: br-ctlplane 15 | port: 6190 16 | status: 17 | conditions: 18 | - message: Provisioning of OpenStackProvisionServer in progress 19 | reason: OpenStackProvisionServerCondReasonProvisioning 20 | status: "False" 21 | type: Provisioning 22 | - message: OpenStackProvisionServer has been provisioned 23 | reason: OpenStackProvisionServerCondReasonProvisioned 24 | status: "True" 25 | type: Provisioned 26 | provisioningStatus: 27 | reason: OpenStackProvisionServer has been provisioned 28 | state: Provisioned 29 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/02-create_openstackprovisionserver.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Create an OpenStackProvisionServer with a user-defined httpd port 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta1_openstackprovisionserver.yaml 9 | namespaced: true 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/03-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackProvisionServer with a second user-defined httpd port 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackProvisionServer 9 | metadata: 10 | name: goodprov 11 | namespace: openstack 12 | spec: 13 | baseImageUrl: http://192.168.111.1/images/rhel-guest-image-9.2-20230414.17.x86_64.qcow2 14 | port: 6191 15 | status: 16 | conditions: 17 | - message: Provisioning of OpenStackProvisionServer in progress 18 | reason: OpenStackProvisionServerCondReasonProvisioning 19 | status: "False" 20 | type: Provisioning 21 | - message: OpenStackProvisionServer has been provisioned 22 | reason: OpenStackProvisionServerCondReasonProvisioned 23 | status: "True" 24 | type: Provisioned 25 | provisioningStatus: 26 | reason: OpenStackProvisionServer has been provisioned 27 | state: Provisioned 28 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/03-create_openstackprovisionserver.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Create an OpenStackProvisionServer with another (valid) user-defined httpd port 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | sed 's/name: openstack/name: goodprov/g' ../../../../config/samples/osp-director_v1beta1_openstackprovisionserver.yaml | sed 's/port: 6190/port: 6191/g' | oc apply -f - 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/04-create_openstackprovisionserver.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Try to create an OpenStackProvisionServer with another (invalid) user-defined httpd port 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | sed 's/name: openstack/name: badprov/g' ../../../../config/samples/osp-director_v1beta1_openstackprovisionserver.yaml | oc apply -f - || true 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/04-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - No OpenStackProvisionServer called "badprov" was created 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackProvisionServer 9 | metadata: 10 | name: badprov 11 | namespace: openstack 12 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/05-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/05-create_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/06-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackProvisionServer (we don't actually care about the OpenStackBaremetalSet resource) with an auto-assigned httpd port 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackProvisionServer 9 | metadata: 10 | name: compute-provisionserver 11 | namespace: openstack 12 | spec: 13 | baseImageUrl: http://192.168.111.1/images/rhel-guest-image-9.2-20230414.17.x86_64.qcow2 14 | port: 6190 15 | status: 16 | conditions: 17 | - message: Provisioning of OpenStackProvisionServer in progress 18 | reason: OpenStackProvisionServerCondReasonProvisioning 19 | status: "False" 20 | type: Provisioning 21 | - message: OpenStackProvisionServer has been provisioned 22 | reason: OpenStackProvisionServerCondReasonProvisioned 23 | status: "True" 24 | type: Provisioned 25 | provisioningStatus: 26 | reason: OpenStackProvisionServer has been provisioned 27 | state: Provisioned 28 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/06-create_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | # Create the required userpassword Secret 5 | - command: oc apply -f ../../common/manifests/userpassword.yaml 6 | namespaced: true 7 | # Create fake SSH Secret 8 | - command: oc apply -f ../../common/manifests/osp-controlplane-ssh-keys.yaml 9 | namespaced: true 10 | # Create the OpenStackBaremetalSet from sample YAML 11 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta1_openstackbaremetalset.yaml 12 | namespaced: true 13 | # Remove the OpenStackBaremetalSet tenant network from sample YAML 14 | - command: | 15 | oc patch openstackbaremetalset compute --type='json' -p='[{"op": "replace", "path": "/spec/networks", "value": ["ctlplane"]}]' 16 | namespaced: true 17 | # Remove sample YAML's bmhLabelSelector from spec 18 | - command: | 19 | oc patch openstackbaremetalset compute --type='json' -p='[{"op": "remove", "path": "/spec/bmhLabelSelector"}]' 20 | namespaced: true 21 | # Remove sample YAML's hardwareReqs from spec 22 | - command: | 23 | oc patch openstackbaremetalset compute --type='json' -p='[{"op": "remove", "path": "/spec/hardwareReqs"}]' 24 | namespaced: true 25 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/07-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackProvisionServer (we don't actually care about the OpenStackBaremetalSet resource) with an auto-assigned httpd port 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackProvisionServer 9 | metadata: 10 | name: compute2-provisionserver 11 | namespace: openstack 12 | spec: 13 | baseImageUrl: http://192.168.111.1/images/rhel-guest-image-9.2-20230414.17.x86_64.qcow2 14 | port: 6191 15 | status: 16 | conditions: 17 | - message: Provisioning of OpenStackProvisionServer in progress 18 | reason: OpenStackProvisionServerCondReasonProvisioning 19 | status: "False" 20 | type: Provisioning 21 | - message: OpenStackProvisionServer has been provisioned 22 | reason: OpenStackProvisionServerCondReasonProvisioned 23 | status: "True" 24 | type: Provisioned 25 | provisioningStatus: 26 | reason: OpenStackProvisionServer has been provisioned 27 | state: Provisioned 28 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/07-create_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | # Create the OpenStackBaremetalSet from sample YAML 5 | - script: | 6 | sed 's/name: compute/name: compute2/g' ../../../../config/samples/osp-director_v1beta1_openstackbaremetalset.yaml | sed 's/roleName: Compute/roleName: Compute2/g' | oc apply -f - 7 | # Remove the OpenStackBaremetalSet tenant network from sample YAML 8 | - command: | 9 | oc patch openstackbaremetalset compute2 --type='json' -p='[{"op": "replace", "path": "/spec/networks", "value": ["ctlplane"]}]' 10 | namespaced: true 11 | # Remove sample YAML's bmhLabelSelector from spec 12 | - command: | 13 | oc patch openstackbaremetalset compute2 --type='json' -p='[{"op": "remove", "path": "/spec/bmhLabelSelector"}]' 14 | namespaced: true 15 | # Remove sample YAML's hardwareReqs from spec 16 | - command: | 17 | oc patch openstackbaremetalset compute2 --type='json' -p='[{"op": "remove", "path": "/spec/hardwareReqs"}]' 18 | namespaced: true 19 | -------------------------------------------------------------------------------- /tests/kuttl/tests/openstackprovisionserver_unique_port/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | 5 | - Create 1 OpenStackProvisionServer 6 | - Create another OpenStackProvisionServer with a different port 7 | - Create a third OpenStackProvisionServer with a duplicate port, which should fail 8 | - Create 1 OpenStackNet 9 | - Create 1 OpenStackBaremetalSet with a count of 1, and make sure it succeeds and has a unique port 10 | - Create another OpenStackBaremetalSet with a count 1, and make sure it succeeds and has a unique port 11 | 12 | NOTE: This test assumes you have two (and only two!) extra OCP workers allocated to your cluster as 13 | BaremetalHosts, that are not in-use as actual cluster nodes 14 | -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig_single_net-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/01-create_openstacknetconfig_single_net.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig_single_net.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/02-add_static_reservation.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add static MAC reservation for controller-0 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-0", "value": {"ipReservations":{}, "macReservations": {}}}]' 10 | namespaced: true 11 | - command: | 12 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-0/macReservations", "value": {"datacentre": "fa:16:3a:aa:aa:aa" }}]' 13 | namespaced: true 14 | -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/04-add_second_reservation.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add static MAC reservation for controller-1 and controller-2 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "replace", "path": "/spec/reservations/controller-1/macReservations/datacentre", "value": "fa:16:3a:aa:aa:bb"}]' 10 | namespaced: true 11 | - command: | 12 | # add new empty reservation for controller-2 13 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/reservations/controller-2", "value": {"ipReservations":{}, "macReservations": {}}}]' 14 | namespaced: true 15 | - command: | 16 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "replace", "path": "/spec/reservations/controller-2/macReservations/datacentre", "value": "fa:16:3a:aa:aa:cc"}]' 17 | namespaced: true 18 | -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/05-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane_single_net-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/05-create_openstackcontrolplane_single_net.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane_single_net.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/06-scale_up_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_up_openstackcontrolplane_3_controllers.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/07-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - VirtualMachines (1 should be removed) 5 | # 6 | 7 | apiVersion: kubevirt.io/v1alpha3 8 | kind: VirtualMachine 9 | metadata: 10 | name: controller-1 11 | namespace: openstack 12 | -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/07-scale_down_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/scale_down_openstackcontrolplane_single_controller.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/08-switch_preserveReservations_off.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Disable preserveReservations 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/preserveReservations", "value": false}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/09-add_physnet.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Add new second physnet definition to ovnBridgeMacMappings/physNetworks 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: | 9 | oc patch -n openstack osnetcfg openstacknetconfig --type='json' -p='[{"op": "add", "path": "/spec/ovnBridgeMacMappings/physNetworks/-", "value": {"macPrefix": "fa:16:3b", "name": "datacentre2"}}]' 10 | namespaced: true 11 | -------------------------------------------------------------------------------- /tests/kuttl/tests/ovnBridgeMacMappings/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | - create osnetcfg with no static reservation 5 | - add static reservation for controller-0 6 | - Run webhook fail tests 7 | - add static reservation with wrong MAC format 8 | - add static reservation with dupe MAC 9 | - change MAC of current reservation 10 | - add good additional reservation 11 | - scale ctlplane nodes 12 | - scale down node to verify reservation persist 13 | - set persist to false to verify reservations for deleted nodes are gone 14 | - add new second physnet 15 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/00-prep.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/00-prep.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/01-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/01-create_openstacknetconfig.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstacknetconfig.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/02-assert.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane-assert.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/02-create_openstackcontrolplane.yaml: -------------------------------------------------------------------------------- 1 | ../../common/tests/create_openstackcontrolplane.yaml -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/03-create-openstackvmset.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # - Create 1 OpenStackVMSet 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta2_openstackvmset.yaml 9 | namespaced: true 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/04-create-openstackvmset.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # - Try to create 1 additional OpenStackVMSet with a different resource name, but same role name 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | oc apply -f ../../../../config/samples/osp-director_v1beta2_openstackvmset.yaml --dry-run=client -o yaml | sed 's/customvmset/badvmset/g' | oc apply -f - || true 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/04-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check that the "badvmset" OpenstackVMSet was not created 3 | # 4 | 5 | apiVersion: osp-director.openstack.org/v1beta2 6 | kind: OpenStackVMSet 7 | metadata: 8 | name: badvmset 9 | namespace: openstack 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/05-create_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | # Create the required userpassword Secret 5 | - command: oc apply -f ../../common/manifests/userpassword.yaml 6 | namespaced: true 7 | # Create the OpenStackBaremetalSet from sample YAML 8 | - script: | 9 | oc apply -f ../../../../config/samples/osp-director_v1beta1_openstackbaremetalset.yaml --dry-run=client -o yaml | sed 's/roleName: Compute/roleName: SomeCustomRole/g' | oc apply -f - || true 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/05-errors.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check that the "compute" OpenstackBMSet was not created 3 | # 4 | 5 | apiVersion: osp-director.openstack.org/v1beta1 6 | kind: OpenStackBaremetalSet 7 | metadata: 8 | name: compute 9 | namespace: openstack 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/06-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackBMSet 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta1 8 | kind: OpenStackBaremetalSet 9 | metadata: 10 | name: compute 11 | namespace: openstack 12 | spec: 13 | roleName: Compute 14 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/06-create_openstackbaremetalset.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kuttl.dev/v1beta1 2 | kind: TestStep 3 | commands: 4 | # Create the OpenStackBaremetalSet from sample YAML 5 | - command: oc apply -f ../../../../config/samples/osp-director_v1beta1_openstackbaremetalset.yaml 6 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/07-assert.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Check for: 3 | # 4 | # - 1 OpenStackVMSet with roleName unchanged 5 | # 6 | 7 | apiVersion: osp-director.openstack.org/v1beta2 8 | kind: OpenStackVMSet 9 | metadata: 10 | name: customvmset 11 | namespace: openstack 12 | spec: 13 | roleName: SomeCustomRole 14 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/07-change_openstackvmset_role_name.yaml: -------------------------------------------------------------------------------- 1 | # 2 | # Try to change the role name of the OpenStackVMSet to match that of the OpenStackBMSet 3 | # 4 | 5 | apiVersion: kuttl.dev/v1beta1 6 | kind: TestStep 7 | commands: 8 | - script: | 9 | oc patch osvmset -n openstack customvmset --type='json' -p='[{"op": "replace", "path": "/spec/roleName", "value": "Compute"}]' || true 10 | -------------------------------------------------------------------------------- /tests/kuttl/tests/unique_role_name/README.md: -------------------------------------------------------------------------------- 1 | Q: WHAT IS TESTED HERE? 2 | 3 | A: 4 | - Create 1 VMSet 5 | - Try to create a second VMSet with the same role name 6 | - Verify that the second set was not successfully created 7 | - Try to create a BMSet with the same role name 8 | - Verify that the BMSet was not successfully created 9 | - Create 1 BMSet with a new, unique role name 10 | - Try to change the VMSet's role name to the BMSet's role name 11 | - Verify that the VMSet role name was not allowed to change 12 | --------------------------------------------------------------------------------