summaryrefslogtreecommitdiffstats
path: root/site/intel-pod17/networks/common-addresses.yaml
blob: 1fe0357e73d319f1348f3a338e8657e696db2d4f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
---
# The purpose of this file is to define network related paramters that are
# referenced elsewhere in the manifests for this site.
#
schema: pegleg/CommonAddresses/v1
metadata:
  schema: metadata/Document/v1
  name: common-addresses
  layeringDefinition:
    abstract: false
    layer: site
  storagePolicy: cleartext
data:
  calico:
    # NEWSITE-CHANGEME: The interface that calico will use. Update if your
    # logical bond interface name or calico VLAN have changed from the reference
    # site design.
    # This should be whichever
    # bond and VLAN number specified in networks/physical/networks.yaml for the Calico
    # network. E.g. VLAN 22 for the calico network as a member of bond0, you
    # would set "interface=bond0.22" as shown here.
    ip_autodetection_method: interface=ens785f0
    etcd:
      # etcd service IP address
      service_ip: 10.96.232.136

  vip:
    ingress_vip: '10.10.170.100/32'
    maas_vip: '10.10.171.100/32'

  dns:
    # Kubernetes cluster domain. Do not change. This is internal to the cluster.
    cluster_domain: cluster.local
    # DNS service ip
    service_ip: 10.96.0.10
    # List of upstream DNS forwards. Verify you can reach them from your
    # environment. If so, you should not need to change them.
    upstream_servers:
      - 8.8.8.8
      - 8.8.4.4
    # Repeat the same values as above, but formatted as a common separated
    # string
    upstream_servers_joined: 8.8.8.8,8.8.4.4
    # NEWSITE-CHANGEME: FQDN for ingress (i.e. "publicly facing" access point)
    # Choose FQDN according to the ingress/public FQDN naming conventions at
    # the top of this document.
    ingress_domain: intel-pod17.opnfv.org

  genesis:
    # NEWSITE-CHANGEME: Update with the hostname for the node which will take on
    # the Genesis role. Refer to the hostname naming stardards in
    # networks/physical/networks.yaml
    # NOTE: Ensure that the genesis node is manually configured with this
    # hostname before running `genesis.sh` on the node.
    hostname: pod17-jump
    # NEWSITE-CHANGEME: Calico IP of the Genesis node. Use the "start" value for
    # the calico network defined in networks/physical/networks.yaml for this IP.
    ip: 10.10.172.20

  bootstrap:
    # NEWSITE-CHANGEME: Update with the "start" value/IP of the static range
    # defined for the pxe network in networks/physical/networks.yaml
    ip: 10.10.171.20

  kubernetes:
    # K8s API service IP
    api_service_ip: 10.96.0.1
    # etcd service IP
    etcd_service_ip: 10.96.0.2
    # k8s pod CIDR (network which pod traffic will traverse)
    pod_cidr: 10.97.0.0/16
    # k8s service CIDR (network which k8s API traffic will traverse)
    service_cidr: 10.96.0.0/16
    # misc k8s port settings
    apiserver_port: 6443
    haproxy_port: 6553
    service_node_port_range: 30000-32767

  # etcd port settings
  etcd:
    container_port: 2379
    haproxy_port: 2378

  # NEWSITE-CHANGEME: A list of nodes (apart from Genesis) which act as the
  # control plane servers. Ensure that this matches the nodes with the 'masters'
  # tags applied in baremetal/nodes.yaml
  masters:
    - hostname: pod17-node1
    - hostname: pod17-node2

  # NEWSITE-CHANGEME: Environment proxy information.
  # NOTE: Reference Airship sites do not deploy behind a proxy, so this proxy section
  # should be commented out.
  # However if you are in a lab that requires proxy, ensure that these proxy
  # settings are correct and reachable in your environment; otherwise update
  # them with the correct values for your environment.
  proxy:
    http: ""
    https: ""
    no_proxy: []

  node_ports:
    drydock_api: 30000
    maas_api: 30001
    maas_proxy: 31800  # hardcoded in MAAS

  ntp:
    # comma separated NTP server list. Verify that these upstream NTP servers are
    # reachable in your environment; otherwise update them with the correct
    # values for your environment.
    servers_joined: '0.ubuntu.pool.ntp.org,1.ubuntu.pool.ntp.org,2.ubuntu.pool.ntp.org,4.ubuntu.pool.ntp.org'

  # NOTE: This will be updated soon
  ldap:
    # NEWSITE-CHANGEME: FQDN for LDAP. Update to the FQDN that is
    # relevant for your type of deployment (test vs prod values, etc).
    base_url: 'ldap.example.com'
    # NEWSITE-CHANGEME: As above, with the protocol included to create a full URI
    url: 'ldap://ldap.example.com'
    # NEWSITE-CHANGEME: Update to the correct expression relevant for this
    # deployment (test vs prod values, etc)
    auth_path: DC=test,DC=test,DC=com?sAMAccountName?sub?memberof=CN=test,OU=Application,OU=Groups,DC=test,DC=test,DC=com
    # NEWSITE-CHANGEME: Update to the correct AD group that contains the users
    # relevant for this deployment (test users vs prod users/values, etc)
    common_name: test
    # NEWSITE-CHANGEME: Update to the correct subdomain for your type of
    # deployment (test vs prod values, etc)
    subdomain: test
    # NEWSITE-CHANGEME: Update to the correct domain for your type of
    # deployment (test vs prod values, etc)
    domain: example

  storage:
    ceph:
      # NEWSITE-CHANGEME: CIDRs for Ceph. Update to match the network CIDR
      # used for the `storage` network in networks/physical/networks.yaml
      public_cidr: '10.10.173.0/24'
      cluster_cidr: '10.10.173.0/24'

  neutron:
    # NEWSITE-CHANGEME: Overlay network for VM traffic. Ensure the bond name and
    # VLAN number are consistent with what's defined for the bond and the overlay
    # network in networks/physical/networks.yaml
    tunnel_device: 'ens785f0'
    # bond which the overlay is a member of. Ensure the bond name is consistent
    # with the bond assigned to the overlay network in
    # networks/physical/networks.yaml
    external_iface: 'ens785f1.1173'

  openvswitch:
    # bond which the overlay is a member of. Ensure the bond name is consistent
    # with the bond assigned to the overlay network in
    # networks/physical/networks.yaml
    external_iface: 'ens785f1.1173'
...