---
# The purpose of this file is to define all of the NetworkLinks (i.e. layer 1
# devices) and Networks (i.e. layer 3 configurations).
#
# The following is reference configuration for Intel hosted POD17
# https://wiki.opnfv.org/display/pharos/Intel+POD17
# +--------+------------+-----------------------------------+-----------+----------+----------------+
# |        |            |                                   |           |          |                |
# +--------+------------+-----------------------------------+-----------+----------+----------------+
# |IF0 1G  | dmz        | OoB & OAM (default route)         | VLAN  170 | untagged | 10.10.170.0/24 |
# |IF1 1G  | admin      | PXE boot network                  | VLAN  171 | untagged | 10.10.171.0/24 |
# |IF2 10G | private    | Underlay calico and ovs overlay   | VLAN  172 | untagged | 10.10.172.0/24 |
# |        | management | Management (unused for now)       | VLAN  174 | tagged   | 10.10.174.0/24 |
# |IF3 10G | storage    | Storage network                   | VLAN  173 | untagged | 10.10.173.0/24 |
# |        | public     | Public network for VMs            | VLAN 1173 | tagged   | 10.10.175.0/24 |
# +--------+------------+-----------------------------------+-----------+----------+----------------+
#
# For standard Airshipi/OPNFV deployments, you should not need to modify the
# number of NetworkLinks and Networks in this file. Only the IP addresses and
# CIDRs should need editing.
#
# The general Drydock documentation contains additional details, exmaples
# and how-tos on working with Drydock/YAMLs in more generic way and enabling
# custom/additional features not represented here  (such as bonded networks).
# https://airship-drydock.readthedocs.io/en/latest/topology.html#defining-networking

schema: 'drydock/NetworkLink/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: oob
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  # MaaS doesnt own this network like it does the others,
  # so the noconfig label is specified.
  labels:
    noconfig: enabled
  bonding:
    mode: disabled
  mtu: 1500
  linkspeed: auto
  trunking:
    mode: disabled
    default_network: oob
  allowed_networks:
    - oob
...
---
schema: 'drydock/Network/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: oob
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  # NEWSITE-CHANGEME: Update with the site's out-of-band CIDR
  cidr: 10.10.170.0/24
  routes:
    # NEWSITE-CHANGEME: Update with the site's out-of-band gateway IP
    - subnet: '0.0.0.0/0'
      gateway: 10.10.170.1
      metric: 100
...
---
schema: 'drydock/NetworkLink/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: dmz
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  bonding:
    mode: disabled
  mtu: 1500
  linkspeed: auto
  trunking:
    mode: disabled
    default_network: dmz
  allowed_networks:
    - dmz
...
---
schema: 'drydock/Network/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: dmz
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  # NEWSITE-CHANGEME: Update with the site's DMZ network CIDR
  cidr: 10.10.170.0/24
  routes:
    - subnet: 0.0.0.0/0
      # NEWSITE-CHANGEME: Set the DMZ network gateway IP address
      # NOTE: This serves as the site's default route.
      gateway: 10.10.170.1
      metric: 100
  ranges:
    # NEWSITE-CHANGEME: Exclude any reserved IPs for the lab.
    - type: reserved
      start: 10.10.171.1
      end: 10.10.171.19
    # NEWSITE-CHANGEME: Update static range that will be used for the nodes.
    # See minimum range required for the nodes in baremetal/nodes.yaml.
    - type: static
      start: 10.10.170.20
      end: 10.10.170.39
  dns:
    # NEWSITE-CHANGEME: FQDN for bare metal nodes.
    # Choose FQDN according to the node FQDN naming conventions at the top of
    # this document.
    domain: intel-pod17.opnfv.org
    # List of upstream DNS forwards. Verify you can reach them from your
    # environment. If so, you should not need to change them.
    # TODO: This should be populated via substitution from common-addresses
    servers: '8.8.8.8,8.8.4.4'
...
---
schema: 'drydock/NetworkLink/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: admin
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  bonding:
    mode: disabled
  mtu: 1500
  linkspeed: auto
  trunking:
    mode: disabled
    default_network: admin
  allowed_networks:
    - admin
...
---
schema: 'drydock/Network/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: admin
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  # NEWSITE-CHANGEME: Update with the site's PXE network CIDR
  # NOTE: The CIDR minimum size = (number of nodes * 2) + 10
  cidr: 10.10.171.0/24
  routes:
    - subnet: 0.0.0.0/0
      # NEWSITE-CHANGEME: Set the Admin network gateway IP address
      gateway: 10.10.171.1
      metric: 100
  # NOTE: The DHCP addresses are used when nodes perform a PXE boot
  # (DHCP address gets assigned), and when a node is commissioning in MaaS
  # (also uses DHCP to get its IP address). However, when MaaS installs the
  # operating system ("Deploying/Deployed" states), it will write a static IP
  # assignment to /etc/network/interfaces[.d] with IPs from the "static"
  # subnet defined here.
  ranges:
    # NEWSITE-CHANGEME: Exclude any reserved IPs for the lab.
    - type: reserved
      start: 10.10.171.1
      end: 10.10.171.19
    # NEWSITE-CHANGEME: Update to the first half of the remaining range after
    # excluding the reserved IPs.
    - type: static
      start: 10.10.171.20
      end: 10.10.171.39
    # NEWSITE-CHANGEME: Update to the second half of the remaining range after
    # excluding the reserved IPs.
    - type: dhcp
      start: 10.10.171.40
      end: 10.10.171.79
  dns:
    # NEWSITE-CHANGEME: FQDN for bare metal nodes.
    # Choose FQDN according to the node FQDN naming conventions at the top of
    # this document.
    domain: intel-pod17.opnfv.org
    # NEWSITE-CHANGEME: Use MAAS VIP as the DNS server.
    # MAAS has inbuilt DNS server and Debian mirror that allows nodes to be
    # deployed without requiring routed/internet access for the Admin/PXE interface.
    # See data.vip.maas_vip in networks/common-addresses.yaml.
    # TODO: This should be populated via substitution from common-addresses
    servers: '10.10.171.100'
...
---
schema: 'drydock/NetworkLink/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: data1
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  bonding:
    mode: disabled
  # NEWSITE-CHANGEME: Ensure the network switches in the environment are
  # configured for this MTU or greater.
  mtu: 1500
  linkspeed: auto
  trunking:
    mode: 802.1q
  allowed_networks:
    - private
    - management
...
---
schema: 'drydock/Network/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: private
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  # NEWSITE-CHANGEME: Set the VLAN ID which the Private network is on
  vlan: '0'
  mtu: 1500
  # NEWSITE-CHANGEME: Set the CIDR for the Private network
  # NOTE: The CIDR minimum size = number of nodes + 10
  cidr: 10.10.172.0/24
  ranges:
    # NEWSITE-CHANGEME: Update to the remaining range excluding (if any)
    # reserved IPs.
    - type: static
      start: 10.10.172.1
      end: 10.10.172.19
...
---
schema: 'drydock/Network/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: management
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  # NEWSITE-CHANGEME: Set the VLAN ID which the Management network is on
  vlan: '174'
  mtu: 1500
  # NEWSITE-CHANGEME: Set the CIDR for the Management network
  # NOTE: The CIDR minimum size = number of nodes + 10
  cidr: 10.10.174.0/24
  ranges:
    # NEWSITE-CHANGEME: Update to the remaining range excluding (if any)
    # reserved IPs.
    - type: static
      start: 10.10.174.1
      end: 10.23.21.19
...
---
schema: 'drydock/NetworkLink/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: data2
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  bonding:
    mode: disabled
  # NEWSITE-CHANGEME: Ensure the network switches in the environment are
  # configured for this MTU or greater.
  mtu: 1500
  linkspeed: auto
  trunking:
    mode: 802.1q
    default_network: storage
  allowed_networks:
    - storage
    - public
...
---
schema: 'drydock/Network/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: storage
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  # NEWSITE-CHANGEME: Set the VLAN ID which the Storage network is on
  vlan: '0'
  # NEWSITE-CHANGEME: Ensure the network switches in the environment are
  # configured for this MTU or greater.
  mtu: 1500
  # NEWSITE-CHANGEME: Set the CIDR for the Storage network
  # NOTE: The CIDR minimum size = number of nodes + 10
  cidr: 10.10.173.0/24
  ranges:
    # NEWSITE-CHANGEME: Update to the remaining range excludin (if any)
    # reserved IPs.
    - type: static
      start: 10.10.173.1
      end: 10.10.173.19
...
---
# The public network for OpenStack VMs.
# NOTE: Only interface 'ens785f1.1173' will be setup, no IPs assigned to hosts
schema: 'drydock/Network/v1'
metadata:
  schema: 'metadata/Document/v1'
  name: public
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  # NEWSITE-CHANGEME: Set the VLAN ID which the Public network is on
  vlan: '1173'
  # NEWSITE-CHANGEME: Ensure the network switches in the environment are
  # configured for this MTU or greater.
  mtu: 1500
  # NEWSITE-CHANGEME: Set the CIDR for the Public network
  cidr: 10.10.175.0/24
...