From 5820e22d9f436df2f93d8b71286b2ad0492279bc Mon Sep 17 00:00:00 2001 From: Matthew Fuller Date: Sat, 20 Feb 2021 00:35:27 +0000 Subject: [PATCH] Create NetworkCatalogue structural schema CRD Replaces the networking VariableCatalogue with a structural schema NetworkCatalogue CRD. Relates-To: #468 Change-Id: I9973708799ec35c2dde5832e7400c798dc7adae1 --- .../networking.yaml | 106 +++++++-------- .../airshipctl-schemas/kustomization.yaml | 1 + .../airshipctl-schemas/network-catalogue.yaml | 121 ++++++++++++++++++ .../replacements/networking.yaml | 12 +- .../ephemeral/replacements/networking.yaml | 16 +-- .../hostgenerator-m3/replacements/hosts.yaml | 4 +- .../k8scontrol/replacements/networking.yaml | 12 +- .../ephemeral/catalogues/cleanup/smp.yaml | 2 +- .../ephemeral/catalogues/networking.yaml | 25 ++-- .../target/catalogues/cleanup/smp.yaml | 2 +- .../target/catalogues/networking.yaml | 23 ++-- .../gating/shared/catalogues/networking.yaml | 76 +++++------ 12 files changed, 260 insertions(+), 140 deletions(-) create mode 100644 manifests/function/airshipctl-schemas/network-catalogue.yaml diff --git a/manifests/function/airshipctl-base-catalogues/networking.yaml b/manifests/function/airshipctl-base-catalogues/networking.yaml index d85797efe..dfe555b19 100644 --- a/manifests/function/airshipctl-base-catalogues/networking.yaml +++ b/manifests/function/airshipctl-base-catalogues/networking.yaml @@ -1,62 +1,62 @@ # The default networking catalogue for functions hosted in the airshipctl project. # These values can be overridden at the site, type, etc levels as appropriate. apiVersion: airshipit.org/v1alpha1 -kind: VariableCatalogue +kind: NetworkCatalogue metadata: name: networking labels: airshipit.org/deploy-k8s: "false" +spec: + # The catalogue should be overridden as appropriate for different kubernetes + # clusters, e.g. ephemeral vs target vs tenant + kubernetes: + serviceCidr: "10.96.0.0/12" + podCidr: "192.168.0.0/18" + controlPlaneEndpoint: + host: "10.23.25.102" # ephemeral will be different + port: 6443 + # NOTE: This stringing is required to do substring replacement. + # Ideally, improve this in the future. + apiserverCertSANs: "[10.23.25.201, 10.23.24.201]" -# The catalogue should be overridden as appropriate for different kubernetes -# clusters, e.g. ephemeral vs target vs tenant -kubernetes: - serviceCidr: "10.96.0.0/12" - podCidr: "192.168.0.0/18" - controlPlaneEndpoint: - host: "10.23.25.102" # ephemeral will be different - port: 6443 - # NOTE: This stringing is required to do substring replacement. - # Ideally, improve this in the future. - apiserverCertSANs: "[10.23.25.201, 10.23.24.201]" + ironic: + provisioningInterface: "pxe" + provisioningIp: "10.23.25.102" + dhcpRange: "10.23.25.200,10.23.25.250" -ironic: - provisioningInterface: "pxe" - provisioningIp: "10.23.25.102" - dhcpRange: "10.23.25.200,10.23.25.250" - -# This section is only relevant when using Metal3 BareMetalHosts, and -# is consumed by the `hostgenerator-m3` function. -# It defines host-level networking that is common across all BMHs in a site, -# and will typically be fully overridden at the Type and Site level. -commonHostNetworking: - links: - - id: oam - name: oam - type: phy - mtu: "1500" - # ethernet_mac_address: (optional) - - id: pxe - name: pxe - type: phy - mtu: "1500" - # ethernet_mac_address: (optional) - networks: - - id: oam-ipv4 - type: ipv4 - link: oam - # ip_address: - netmask: 255.255.255.0 - routes: - - network: 0.0.0.0 - netmask: 0.0.0.0 - gateway: 10.23.25.1 - - id: pxe-ipv4 - type: ipv4 - link: pxe - # ip_address: - netmask: 255.255.255.0 - services: - - address: 8.8.8.8 - type: dns - - address: 8.8.4.4 - type: dns + # This section is only relevant when using Metal3 BareMetalHosts, and + # is consumed by the `hostgenerator-m3` function. + # It defines host-level networking that is common across all BMHs in a site, + # and will typically be fully overridden at the Type and Site level. + commonHostNetworking: + links: + - id: oam + name: oam + type: phy + mtu: "1500" + # ethernet_mac_address: (optional) + - id: pxe + name: pxe + type: phy + mtu: "1500" + # ethernet_mac_address: (optional) + networks: + - id: oam-ipv4 + type: ipv4 + link: oam + # ip_address: + netmask: 255.255.255.0 + routes: + - network: 0.0.0.0 + netmask: 0.0.0.0 + gateway: 10.23.25.1 + - id: pxe-ipv4 + type: ipv4 + link: pxe + # ip_address: + netmask: 255.255.255.0 + services: + - address: 8.8.8.8 + type: dns + - address: 8.8.4.4 + type: dns diff --git a/manifests/function/airshipctl-schemas/kustomization.yaml b/manifests/function/airshipctl-schemas/kustomization.yaml index 1623f2868..ecd57fb18 100644 --- a/manifests/function/airshipctl-schemas/kustomization.yaml +++ b/manifests/function/airshipctl-schemas/kustomization.yaml @@ -1,2 +1,3 @@ resources: - versions-catalogue.yaml + - network-catalogue.yaml diff --git a/manifests/function/airshipctl-schemas/network-catalogue.yaml b/manifests/function/airshipctl-schemas/network-catalogue.yaml new file mode 100644 index 000000000..e2701b683 --- /dev/null +++ b/manifests/function/airshipctl-schemas/network-catalogue.yaml @@ -0,0 +1,121 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: networkcatalogues.airshipit.org +spec: + group: airshipit.org + names: + kind: NetworkCatalogue + plural: networkcatalogues + singular: networkcatalogue + scope: Namespaced + versions: + - name: v1alpha1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + commonHostNetworking: + type: object + properties: + links: + type: array + items: + type: object + properties: + id: + type: string + name: + type: string + type: + type: string + mtu: + type: string + networks: + type: array + items: + type: object + properties: + id: + type: string + type: + type: string + link: + type: string + netmask: + type: string + oneOf: + - format: ipv4 + - format: ipv6 + routes: + type: array + items: + type: object + properties: + network: + type: string + oneOf: + - format: ipv4 + - format: ipv6 + netmask: + type: string + oneOf: + - format: ipv4 + - format: ipv6 + gateway: + type: string + oneOf: + - format: ipv4 + - format: ipv6 + services: + type: array + items: + type: object + properties: + address: + type: string + oneOf: + - format: ipv4 + - format: ipv6 + type: + type: string + kubernetes: + type: object + properties: + serviceCidr: + type: string + format: cidr + podCidr: + type: string + format: cidr + controlPlaneEndpoint: + type: object + properties: + host: + type: string + oneOf: + - format: ipv4 + - format: ipv6 + port: + type: integer + maximum: 65535 + apiserverCertSANs: + type: string + ironic: + type: object + properties: + provisioningInterface: + type: string + provisioningIp: + type: string + oneOf: + - format: ipv4 + - format: ipv6 + dhcpRange: + # TODO(mfuller): should this be enforced with a pattern? + type: string diff --git a/manifests/function/baremetal-operator/replacements/networking.yaml b/manifests/function/baremetal-operator/replacements/networking.yaml index 51c4889aa..6e372119e 100644 --- a/manifests/function/baremetal-operator/replacements/networking.yaml +++ b/manifests/function/baremetal-operator/replacements/networking.yaml @@ -11,9 +11,9 @@ replacements: # Replace the pod & service networks - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: ironic.provisioningInterface + fieldref: spec.ironic.provisioningInterface target: objref: kind: ConfigMap @@ -21,9 +21,9 @@ replacements: fieldrefs: ["data.PROVISIONING_INTERFACE"] - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: ironic.provisioningIp + fieldref: spec.ironic.provisioningIp target: objref: kind: ConfigMap @@ -31,9 +31,9 @@ replacements: fieldrefs: ["data.PROVISIONING_IP"] - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: ironic.dhcpRange + fieldref: spec.ironic.dhcpRange target: objref: kind: ConfigMap diff --git a/manifests/function/ephemeral/replacements/networking.yaml b/manifests/function/ephemeral/replacements/networking.yaml index a908a3618..be6cac4f9 100644 --- a/manifests/function/ephemeral/replacements/networking.yaml +++ b/manifests/function/ephemeral/replacements/networking.yaml @@ -11,9 +11,9 @@ replacements: # Substring-replace the ephemeral control plane's info - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: kubernetes.controlPlaneEndpoint.host + fieldref: spec.kubernetes.controlPlaneEndpoint.host target: objref: name: ephemeral-bmc-secret @@ -21,9 +21,9 @@ replacements: fieldrefs: ["stringData.userData%REPLACEMENT_CP_IP%"] - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: kubernetes.controlPlaneEndpoint.port + fieldref: spec.kubernetes.controlPlaneEndpoint.port target: objref: name: ephemeral-bmc-secret @@ -31,9 +31,9 @@ replacements: fieldrefs: ["stringData.userData%REPLACEMENT_CP_PORT%"] - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: kubernetes.apiserverCertSANs + fieldref: spec.kubernetes.apiserverCertSANs target: objref: name: ephemeral-bmc-secret @@ -41,9 +41,9 @@ replacements: fieldrefs: ["stringData.userData%REPLACEMENT_CERT_SANS%"] - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: kubernetes.podCidr + fieldref: spec.kubernetes.podCidr target: objref: name: ephemeral-bmc-secret diff --git a/manifests/function/hostgenerator-m3/replacements/hosts.yaml b/manifests/function/hostgenerator-m3/replacements/hosts.yaml index 7e2a08e7b..24ce77325 100644 --- a/manifests/function/hostgenerator-m3/replacements/hosts.yaml +++ b/manifests/function/hostgenerator-m3/replacements/hosts.yaml @@ -29,9 +29,9 @@ replacements: fieldrefs: ["{.values.hostsToGenerate}"] - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: "{.commonHostNetworking}" + fieldref: "{.spec.commonHostNetworking}" target: objref: kind: Templater diff --git a/manifests/function/k8scontrol/replacements/networking.yaml b/manifests/function/k8scontrol/replacements/networking.yaml index c203f3280..b0fba381e 100644 --- a/manifests/function/k8scontrol/replacements/networking.yaml +++ b/manifests/function/k8scontrol/replacements/networking.yaml @@ -16,18 +16,18 @@ replacements: # Replace the pod & service networks - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: kubernetes.serviceCidr + fieldref: spec.kubernetes.serviceCidr target: objref: kind: Cluster fieldrefs: ["spec.clusterNetwork.services.cidrBlocks.0"] - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: kubernetes.podCidr + fieldref: spec.kubernetes.podCidr target: objref: kind: Cluster @@ -36,9 +36,9 @@ replacements: # Replace the k8s controlplane host endpoint - source: objref: - kind: VariableCatalogue + kind: NetworkCatalogue name: networking - fieldref: kubernetes.controlPlaneEndpoint + fieldref: spec.kubernetes.controlPlaneEndpoint target: objref: kind: Metal3Cluster diff --git a/manifests/site/test-site/ephemeral/catalogues/cleanup/smp.yaml b/manifests/site/test-site/ephemeral/catalogues/cleanup/smp.yaml index d04903445..f8af103d2 100644 --- a/manifests/site/test-site/ephemeral/catalogues/cleanup/smp.yaml +++ b/manifests/site/test-site/ephemeral/catalogues/cleanup/smp.yaml @@ -11,7 +11,7 @@ patches: |- $patch: delete --- apiVersion: airshipit.org/v1alpha1 - kind: VariableCatalogue + kind: NetworkCatalogue metadata: name: networking $patch: delete diff --git a/manifests/site/test-site/ephemeral/catalogues/networking.yaml b/manifests/site/test-site/ephemeral/catalogues/networking.yaml index 448134876..568f4fb9d 100644 --- a/manifests/site/test-site/ephemeral/catalogues/networking.yaml +++ b/manifests/site/test-site/ephemeral/catalogues/networking.yaml @@ -2,19 +2,18 @@ # ephemeral cluster, on top of the target cluster networking definition. # These values can be overridden at the site, type, etc levels as appropriate. apiVersion: airshipit.org/v1alpha1 -kind: VariableCatalogue +kind: NetworkCatalogue metadata: name: networking +spec: + # The catalogue should be overridden as appropriate for different kubernetes + # clusters, e.g. ephemeral vs target vs tenant + kubernetes: + podCidr: "192.168.0.0/24" + controlPlaneEndpoint: + host: "10.23.25.101" + apiserverCertSANs: "[10.23.25.101, 10.23.24.101]" -# The catalogue should be overridden as appropriate for different kubernetes -# clusters, e.g. ephemeral vs target vs tenant -kubernetes: - podCidr: "192.168.0.0/24" - controlPlaneEndpoint: - host: "10.23.25.101" - apiserverCertSANs: "[10.23.25.101, 10.23.24.101]" - -ironic: - provisioningIp: "10.23.24.101" - dhcpRange: "10.23.24.200,10.23.24.250" - + ironic: + provisioningIp: "10.23.24.101" + dhcpRange: "10.23.24.200,10.23.24.250" diff --git a/manifests/site/test-site/target/catalogues/cleanup/smp.yaml b/manifests/site/test-site/target/catalogues/cleanup/smp.yaml index d04903445..f8af103d2 100644 --- a/manifests/site/test-site/target/catalogues/cleanup/smp.yaml +++ b/manifests/site/test-site/target/catalogues/cleanup/smp.yaml @@ -11,7 +11,7 @@ patches: |- $patch: delete --- apiVersion: airshipit.org/v1alpha1 - kind: VariableCatalogue + kind: NetworkCatalogue metadata: name: networking $patch: delete diff --git a/manifests/site/test-site/target/catalogues/networking.yaml b/manifests/site/test-site/target/catalogues/networking.yaml index 83795898a..e80ca2a33 100644 --- a/manifests/site/test-site/target/catalogues/networking.yaml +++ b/manifests/site/test-site/target/catalogues/networking.yaml @@ -2,18 +2,17 @@ # ephemeral cluster, on top of the target cluster networking definition. # These values can be overridden at the site, type, etc levels as appropriate. apiVersion: airshipit.org/v1alpha1 -kind: VariableCatalogue +kind: NetworkCatalogue metadata: name: networking +spec: + # The catalogue should be overridden as appropriate for different kubernetes + # clusters, e.g. ephemeral vs target vs tenant + kubernetes: + controlPlaneEndpoint: + host: "10.23.25.102" + apiserverCertSANs: "[10.23.25.102, 10.23.24.102]" -# The catalogue should be overridden as appropriate for different kubernetes -# clusters, e.g. ephemeral vs target vs tenant -kubernetes: - controlPlaneEndpoint: - host: "10.23.25.102" - apiserverCertSANs: "[10.23.25.102, 10.23.24.102]" - -ironic: - provisioningIp: "10.23.24.102" - dhcpRange: "10.23.24.200,10.23.24.250" - + ironic: + provisioningIp: "10.23.24.102" + dhcpRange: "10.23.24.200,10.23.24.250" diff --git a/manifests/type/gating/shared/catalogues/networking.yaml b/manifests/type/gating/shared/catalogues/networking.yaml index 240809b14..e9586b42f 100644 --- a/manifests/type/gating/shared/catalogues/networking.yaml +++ b/manifests/type/gating/shared/catalogues/networking.yaml @@ -1,45 +1,45 @@ # The default networking catalogue for site- and operator-specific networking. # These values can be overridden at the site, type, etc levels as appropriate. apiVersion: airshipit.org/v1alpha1 -kind: VariableCatalogue +kind: NetworkCatalogue metadata: name: networking labels: airshipit.org/deploy-k8s: "false" - -# This section is only relevant when using Metal3 BareMetalHosts, and -# is consumed by the `hostgenerator-m3` function. -# It defines host-level networking that is common across all BMHs in a site, -# and will typically be fully overridden at the Type and Site level. -commonHostNetworking: - links: - - id: oam - name: oam - type: phy - mtu: "1500" - # ethernet_mac_address: (optional) - - id: pxe - name: pxe - type: phy - mtu: "1500" - # ethernet_mac_address: (optional) - networks: - - id: oam-ipv4 - type: ipv4 - link: oam - # ip_address: - netmask: 255.255.255.0 - routes: - - network: 0.0.0.0 - netmask: 0.0.0.0 - gateway: 10.23.25.1 - - id: pxe-ipv4 - type: ipv4 - link: pxe - # ip_address: - netmask: 255.255.255.0 - services: - - address: 8.8.8.8 - type: dns - - address: 8.8.4.4 - type: dns +spec: + # This section is only relevant when using Metal3 BareMetalHosts, and + # is consumed by the `hostgenerator-m3` function. + # It defines host-level networking that is common across all BMHs in a site, + # and will typically be fully overridden at the Type and Site level. + commonHostNetworking: + links: + - id: oam + name: oam + type: phy + mtu: "1500" + # ethernet_mac_address: (optional) + - id: pxe + name: pxe + type: phy + mtu: "1500" + # ethernet_mac_address: (optional) + networks: + - id: oam-ipv4 + type: ipv4 + link: oam + # ip_address: + netmask: 255.255.255.0 + routes: + - network: 0.0.0.0 + netmask: 0.0.0.0 + gateway: 10.23.25.1 + - id: pxe-ipv4 + type: ipv4 + link: pxe + # ip_address: + netmask: 255.255.255.0 + services: + - address: 8.8.8.8 + type: dns + - address: 8.8.4.4 + type: dns