Reference Airship manifests, CICD, and reference architecture.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

302 lines
10 KiB

  1. ---
  2. # The purpose of this file is to define all of the NetworkLinks (i.e. layer 1
  3. # devices) and Networks (i.e. layer 3 configurations). The following is standard
  4. # for the logical networks in Airship:
  5. #
  6. # +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
  7. # | Network | | Per-rack or | | | VLAN tagged |
  8. # | Name | Purpose | per-site CIDR? | Has gateway? | Bond | or untagged? |
  9. # +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
  10. # | oob | Out of Band devices (iDrac/iLo) | per-site CIDR | Has gateway | No bond, N/A | Untagged/Native |
  11. # | pxe | PXE boot network | per-site CIDR | No gateway | No bond, no LACP fallback. Dedicated PXE interface | Untagged/Native |
  12. # | oam | management network | per-site CIDR | Has gateway | member of bond0 | tagged |
  13. # | storage | storage network | per-site CIDR | No gateway | member of bond0 | tagged |
  14. # | calico | underlay calico net; k8s traffic | per-site CIDR | No gateway | member of bond0 | tagged |
  15. # | overlay | overlay network for openstack SDN | per-site CIDR | No gateway | member of bond0 | tagged |
  16. # +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
  17. #
  18. # For standard Airship deployments, you should not need to modify the number of
  19. # NetworkLinks and Networks in this file. Only the IP addresses and CIDRs should
  20. # need editing.
  21. #
  22. # TODO: Given that we expect all network broadcast domains to span all racks in
  23. # Airship, we should choose network names that do not include the rack number.
  24. #
  25. # TODO: FQDN naming standards for hosts
  26. #
  27. schema: 'drydock/NetworkLink/v1'
  28. metadata:
  29. schema: 'metadata/Document/v1'
  30. name: oob
  31. layeringDefinition:
  32. abstract: false
  33. layer: site
  34. storagePolicy: cleartext
  35. data:
  36. # MaaS doesnt own this network like it does the others, so the noconfig label
  37. # is specified.
  38. labels:
  39. noconfig: enabled
  40. bonding:
  41. mode: disabled
  42. mtu: 1500
  43. linkspeed: auto
  44. trunking:
  45. mode: disabled
  46. default_network: oob
  47. allowed_networks:
  48. - oob
  49. ...
  50. ---
  51. schema: 'drydock/Network/v1'
  52. metadata:
  53. schema: 'metadata/Document/v1'
  54. name: oob
  55. layeringDefinition:
  56. abstract: false
  57. layer: site
  58. storagePolicy: cleartext
  59. data:
  60. # NEWSITE-CHANGEME: Update with the site's out-of-band CIDR
  61. cidr: 10.23.104.0/24
  62. routes:
  63. # NEWSITE-CHANGEME: Update with the site's out-of-band gateway IP
  64. - subnet: '0.0.0.0/0'
  65. gateway: 10.23.104.1
  66. metric: 100
  67. # NEWSITE-CHANGEME: Update with the site's out-of-band IP allocation range
  68. # FIXME: Is this IP range actually used/allocated for anything? The HW already
  69. # has its OOB IPs assigned. None of the Ubuntu OS's should need IPs on OOB
  70. # network either, as they should be routable via the default gw on OAM network
  71. ranges:
  72. - type: static
  73. start: 10.23.104.11
  74. end: 10.23.104.21
  75. ...
  76. ---
  77. schema: 'drydock/NetworkLink/v1'
  78. metadata:
  79. schema: 'metadata/Document/v1'
  80. name: pxe
  81. layeringDefinition:
  82. abstract: false
  83. layer: site
  84. storagePolicy: cleartext
  85. data:
  86. bonding:
  87. mode: disabled
  88. mtu: 1500
  89. linkspeed: auto
  90. trunking:
  91. mode: disabled
  92. default_network: pxe
  93. allowed_networks:
  94. - pxe
  95. ...
  96. ---
  97. schema: 'drydock/Network/v1'
  98. metadata:
  99. schema: 'metadata/Document/v1'
  100. name: pxe
  101. layeringDefinition:
  102. abstract: false
  103. layer: site
  104. storagePolicy: cleartext
  105. data:
  106. # NEWSITE-CHANGEME: Update with the site's PXE network CIDR
  107. # NOTE: The CIDR minimum size = (number of nodes * 2) + 10
  108. cidr: 10.23.20.0/24
  109. routes:
  110. - subnet: 0.0.0.0/0
  111. # NEWSITE-CHANGEME: Set the OAM network gateway IP address
  112. gateway: 10.23.20.1
  113. metric: 100
  114. # NOTE: The first 10 IPs in the subnet are reserved for network infrastructure.
  115. # The remainder of the range is divided between two subnets of equal size:
  116. # one static, and one DHCP.
  117. # The DHCP addresses are used when nodes perform a PXE boot (DHCP address gets
  118. # assigned), and when a node is commissioning in MaaS (also uses DHCP to get
  119. # its IP address). However, when MaaS installs the operating system
  120. # ("Deploying/Deployed" states), it will write a static IP assignment to
  121. # /etc/network/interfaces[.d] with IPs from the "static" subnet defined here.
  122. ranges:
  123. # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
  124. - type: reserved
  125. start: 10.23.20.1
  126. end: 10.23.20.10
  127. # NEWSITE-CHANGEME: Update to the first half of the remaining range after
  128. # excluding the 10 reserved IPs.
  129. - type: static
  130. start: 10.23.20.11
  131. end: 10.23.20.21
  132. # NEWSITE-CHANGEME: Update to the second half of the remaining range after
  133. # excluding the 10 reserved IPs.
  134. - type: dhcp
  135. start: 10.23.20.40
  136. end: 10.23.20.80
  137. dns:
  138. # NEWSITE-CHANGEME: FQDN for bare metal nodes.
  139. # Choose FQDN according to the node FQDN naming conventions at the top of
  140. # this document.
  141. domain: atlantafoundry.com
  142. # NEWSITE-CHANGEME: Use MAAS VIP as the DNS server.
  143. # MAAS has inbuilt DNS server and Debian mirror that allows nodes to be
  144. # deployed without requiring routed/internet access for the PXE interface.
  145. # See data.vip.maas_vip in networks/common-addresses.yaml
  146. servers: '10.23.20.9'
  147. ...
  148. ---
  149. schema: 'drydock/NetworkLink/v1'
  150. metadata:
  151. schema: 'metadata/Document/v1'
  152. name: bond0
  153. layeringDefinition:
  154. abstract: false
  155. layer: site
  156. storagePolicy: cleartext
  157. data:
  158. bonding:
  159. mode: 802.3ad
  160. hash: layer3+4
  161. peer_rate: fast
  162. mon_rate: 100
  163. up_delay: 1000
  164. down_delay: 3000
  165. # NEWSITE-CHANGEME: Ensure the network switches in the environment are
  166. # configured for this MTU or greater. Even if switches are configured for or
  167. # can support a slightly higher MTU, there is no need (and negliable benefit)
  168. # to squeeze every last byte into the MTU (e.g., 9216 vs 9100). Leave MTU at
  169. # 9100 for maximum compatibility.
  170. mtu: 9100
  171. linkspeed: auto
  172. trunking:
  173. mode: 802.1q
  174. allowed_networks:
  175. - oam
  176. - storage
  177. - overlay
  178. - calico
  179. ...
  180. ---
  181. schema: 'drydock/Network/v1'
  182. metadata:
  183. schema: 'metadata/Document/v1'
  184. name: oam
  185. layeringDefinition:
  186. abstract: false
  187. layer: site
  188. storagePolicy: cleartext
  189. data:
  190. # NEWSITE-CHANGEME: Set the VLAN ID which the OAM network is on
  191. vlan: '21'
  192. mtu: 9100
  193. # NEWSITE-CHANGEME: Set the CIDR for the OAM network
  194. # NOTE: The CIDR minimum size = number of nodes + 10
  195. cidr: 10.23.21.0/24
  196. routes:
  197. - subnet: 0.0.0.0/0
  198. # NEWSITE-CHANGEME: Set the OAM network gateway IP address
  199. gateway: 10.23.21.1
  200. metric: 100
  201. ranges:
  202. # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
  203. - type: reserved
  204. start: 10.23.21.1
  205. end: 10.23.21.10
  206. # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
  207. # 10 reserved IPs.
  208. - type: static
  209. start: 10.23.21.11
  210. end: 10.23.21.21
  211. dns:
  212. # NEWSITE-CHANGEME: FQDN for bare metal nodes.
  213. # Choose FQDN according to the node FQDN naming conventions at the top of
  214. # this document.
  215. domain: atlantafoundry.com
  216. # List of upstream DNS forwards. Verify you can reach them from your
  217. # environment. If so, you should not need to change them.
  218. # TODO: This should be populated via substitution from common-addresses
  219. servers: '8.8.8.8,8.8.4.4,208.67.222.222'
  220. ...
  221. ---
  222. schema: 'drydock/Network/v1'
  223. metadata:
  224. schema: 'metadata/Document/v1'
  225. name: storage
  226. layeringDefinition:
  227. abstract: false
  228. layer: site
  229. storagePolicy: cleartext
  230. data:
  231. # NEWSITE-CHANGEME: Set the VLAN ID which the storage network is on
  232. vlan: '23'
  233. mtu: 9100
  234. # NEWSITE-CHANGEME: Set the CIDR for the storage network
  235. # NOTE: The CIDR minimum size = number of nodes + 10
  236. cidr: 10.23.23.0/24
  237. ranges:
  238. # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
  239. - type: reserved
  240. start: 10.23.23.1
  241. end: 10.23.23.10
  242. # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
  243. # 10 reserved IPs.
  244. - type: static
  245. start: 10.23.23.11
  246. end: 10.23.23.21
  247. ...
  248. ---
  249. schema: 'drydock/Network/v1'
  250. metadata:
  251. schema: 'metadata/Document/v1'
  252. name: overlay
  253. layeringDefinition:
  254. abstract: false
  255. layer: site
  256. storagePolicy: cleartext
  257. data:
  258. # NEWSITE-CHANGEME: Set the VLAN ID which the overlay network is on
  259. vlan: '24'
  260. mtu: 9100
  261. # NEWSITE-CHANGEME: Set the CIDR for the overlay network
  262. # NOTE: The CIDR minimum size = number of nodes + 10
  263. cidr: 10.23.24.0/24
  264. ranges:
  265. # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
  266. - type: reserved
  267. start: 10.23.24.1
  268. end: 10.23.24.10
  269. # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
  270. # 10 reserved IPs.
  271. - type: static
  272. start: 10.23.24.11
  273. end: 10.23.24.21
  274. ...
  275. ---
  276. schema: 'drydock/Network/v1'
  277. metadata:
  278. schema: 'metadata/Document/v1'
  279. name: calico
  280. layeringDefinition:
  281. abstract: false
  282. layer: site
  283. storagePolicy: cleartext
  284. data:
  285. # NEWSITE-CHANGEME: Set the VLAN ID which the calico network is on
  286. vlan: '22'
  287. mtu: 9100
  288. # NEWSITE-CHANGEME: Set the CIDR for the calico network
  289. # NOTE: The CIDR minimum size = number of nodes + 10
  290. cidr: 10.23.22.0/24
  291. ranges:
  292. # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
  293. - type: reserved
  294. start: 10.23.22.1
  295. end: 10.23.22.10
  296. # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
  297. # 10 reserved IPs.
  298. - type: static
  299. start: 10.23.22.11
  300. end: 10.23.22.21
  301. ...