CRs for unified beta deployed topology

This PR contains the custom resources based on Alpha DT type proposal of
deploying and configuring OpenStack Services on OpenShift.

.ci/automation-schema.yaml

@@ -17,6 +17,7 @@ _hook:
   type: str()
   source: str()
   inventory: str(required=False)
+  extra_vars: map(required=False)
 ---
 _stage:
   path: str()

automation/vars/uni02beta.yaml

@@ -0,0 +1,55 @@
+---
+vas:
+  uni02beta:
+    stages:
+      - pre_stage_run:
+          - name: Install cluster observability operator
+            type: playbook
+            source: "../../hooks/playbook/observability.yml"
+        path: examples/dt/uni02beta/control-plane/nncp
+        wait_conditions:
+          - >-
+            oc -n openstack wait nncp
+            -l osp/nncm-config-type=standard
+            --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured
+            --timeout=60s
+        values:
+          - name: network-values
+            src_file: values.yaml
+        build_output: nncp.yaml
+
+      - pre_stage_run:
+          - name: Apply cinder-lvm label on master-0
+            type: playbook
+            source: "../../hooks/playbooks/label.yml"
+            extra_vars:
+              cifmw_label_resource: Node
+              cifmw_label_state: patched
+              cifmw_label_resource_name: master-0
+              cifmw_label_labels:
+                openstack.org/cinder-lvm: ""
+        path: examples/dt/uni02beta/control-plane
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackcontrolplane
+            controlplane
+            --for condition=Ready
+            --timeout=30m
+        values:
+          - name: network-values
+            src_file: nncp/values.yaml
+          - name: service-values
+            src_file: service-values.yaml
+        build_output: control-plane.yaml
+
+      - path: examples/dt/uni02beta
+        wait_conditions:
+          - >-
+            oc -n openstack wait openstackdataplanedeployment
+            edpm-deployment
+            --for condition=Ready
+            --timeout=1200s
+        values:
+          - name: edpm-values
+            src_file: values.yaml
+        build_output: edpm.yaml

dt/uni02beta/README.md

@@ -0,0 +1,11 @@
+# Deployed Topology - Beta
+
+If you are looking for information on how to deploy the beta based DT, then
+please the [README](../../examples/dt/uni02beta/README.md) in the examples
+directory.
+
+This directory `dt/uni02beta/`, exists so that the
+[kustomization.yaml](../../examples/dt/uni02beta/kustomization.yaml) in
+the examples directory of uni01Beta topology, reference it by path as a
+component. It's contents are likely uninteresting unless you want to understand
+how kustomize was implemented in this repository.

dt/uni02beta/edpm/kustomization.yaml

@@ -0,0 +1,20 @@
+---
+apiVersion: kustomize.config.k8s.io/v1alpha1
+kind: Component
+
+transformers:
+  - |-
+    apiVersion: builtin
+    kind: NamespaceTransformer
+    metadata:
+      name: _ignored_
+      namespace: openstack
+    setRoleBindingSubjects: none
+    unsetOnly: true
+    fieldSpecs:
+    - path: metadata/name
+      kind: Namespace
+      create: true
+
+components:
+  - ../../../lib/dataplane

dt/uni02beta/kustomization.yaml

@@ -0,0 +1,105 @@
+---
+apiVersion: kustomize.config.k8s.io/v1alpha1
+kind: Component
+
+transformers:
+  - |-
+      apiVersion: builtin
+      kind: NamespaceTransformer
+      metadata:
+        name: _ignored_
+        namespace: openstack
+      setRoleBindingSubjects: none
+      unsetOnly: true
+      fieldSpecs:
+        - path: metadata/name
+          kind: Namespace
+          create: true
+
+components:
+  - ../../lib/control-plane
+
+replacements:
+  # Cinder
+  # - source:
+  #     kind: ConfigMap
+  #     name: service-values
+  #     fieldPath: data.cinder.cinderVolumes.ontap-iscsi.networkAttachments
+  #   targets:
+  #     - select:
+  #         kind: OpenStackControlPlane
+  #       fieldPaths:
+  #         - spec.cinder.template.cinder.cinderVolumes.ontap-iscsi.networkAttachments
+  #       options:
+  #         create: true
+  # - source:
+  #     kind: ConfigMap
+  #     name: service-values
+  #     fieldPath: data.cinder.cinderVolumes.ontap-iscsi.customServiceConfigSecrets
+  #   targets:
+  #     - select:
+  #         kind: OpenStackControlPlane
+  #       fieldPaths:
+  #         - spec.cinder.template.cinder.cinderVolumes.ontap-iscsi.customServiceConfigSecrets
+  #       options:
+  #         create: true
+  # - source:
+  #     kind: ConfigMap
+  #     name: service-values
+  #     fieldPath: data.cinder.cinderVolumes.ontap-iscsi.customServiceConfig
+  #   targets:
+  #     - select:
+  #         kind: OpenStackControlPlane
+  #       fieldPaths:
+  #         - spec.cinder.template.cinder.cinderVolumes.ontap-iscsi.customServiceConfig
+  #       options:
+  #         create: true
+  - source:
+      kind: ConfigMap
+      name: service-values
+      fieldPath: data.extraMounts
+    targets:
+      - select:
+          kind: OpenStackControlPlane
+        fieldPaths:
+          - spec.extraMounts
+        options:
+          create: true
+  - source:
+      kind: ConfigMap
+      name: service-values
+      fieldPath: data.cinder.ontap-creds
+    targets:
+      - select:
+          kind: Secret
+          name: cinder-volume-ontap-secrets
+        fieldPaths:
+          - stringData.ontap-cinder-secrets\.conf
+        options:
+          create: true
+  - source:
+      kind: ConfigMap
+      name: service-values
+      fieldPath: data.cinder.shares-config
+    targets:
+      - select:
+          kind: Secret
+          name: cinder-volume-ontap-shares-secrets
+        fieldPaths:
+          - stringData.shares-config
+        options:
+          create: true
+
+  # Manila
+  - source:
+      kind: ConfigMap
+      name: service-values
+      fieldPath: data.manila.netapp-creds
+    targets:
+      - select:
+          kind: Secret
+          name: osp-secret-manila-netapp
+        fieldPaths:
+          - stringData.netapp-secrets\.conf
+        options:
+          create: true

dt/uni02beta/namespace.yaml

@@ -0,0 +1,12 @@
+---
+apiVersion: builtin
+kind: NamespaceTransformer
+metadata:
+  name: _ignored_
+  namespace: openstack
+setRoleBindingSubjects: none
+unsetOnly: true
+fieldSpecs:
+  - path: metadata/name
+    kind: Namespace
+    create: true

examples/dt/uni02beta/.gitignore

@@ -0,0 +1 @@
+data-plane.yaml

examples/dt/uni02beta/README.md

@@ -0,0 +1,54 @@
+# Deployed Topology uni-beta
+
+**Based on OpenStack K8S operators from the "main" branch of the [OpenStack Operator repo](https://github.com/openstack-k8s-operators/openstack-operator/commit/7354503e770cbb0435700e2e5b2707de9f7d90e5)**
+
+## Purpose
+Focused on components with NFS-based backends.
+
+## Node topology
+| Node role                                        | bm/vm | amount |
+| ------------------------------------------------ | ----- | ------ |
+| Openshift master/worker combo-node cluster       | vm    | 3      |
+| Compute nodes                                    | vm    | 2      |
+
+
+## Services, enabled features and configurations
+
+| Service          | configuration                   | Lock-in coverage?  |
+| ---------------- | ------------------------------- | ------------------ |
+| Cinder           | NetApp/NFS                      | Must have          |
+| Cinder Backup    | NFS                             | Must have          |
+| Glance           | file/NFS                        | Must have          |
+| Manila           | NFS from Netapp                 | Must have          |
+| Horizon          | N/A                             | Must have          |
+
+
+### Support services
+The following table lists services which are not the main focus of the testing (which may be covered by additional scenarios), but are required for the DT to work properly and can be deployed with any/default configuration.
+
+| Service          | Reason  |
+| ---------------- |------------------ |
+| Swift            | needed for scenario testing |
+| Neutron          | needed by other services   |
+| Nova             | needed by scenario testing |
+| Keystone         | needed by all services     |
+
+
+### Additional configuration
+
+Always-on, default services and features: TLSe
+
+
+## Considerations/Constraints
+
+1. The DT requires a NetApp appliance with multiple NFS shares, which needs to be accessible and that may constraint the location.
+
+
+## Testing tree
+
+| Test framework   | When to run          | Special configuration |
+| ---------------- | -------------------- | ----------------------|
+| relevant volume tests | tempest stage |           |
+| relevant image tests  | tempest stage |           |
+| relevant share tests  | tempest stage |           |
+| horizon integration   | own stage (post-tempest)|           |

examples/dt/uni02beta/control-plane.md

@@ -0,0 +1,55 @@
+# Configuring networking and deploy the OpenStack control plane
+
+## Assumptions
+
+- A storage class called `local-storage` should already exist.
+
+## Initialize
+
+Switch to the "openstack" namespace
+
+```bash
+oc project openstack
+```
+
+Change to the uni-beta directory
+
+```bash
+cd architecture/examples/dt/uni02beta
+```
+
+Edit [service-values.yaml](service-values.yaml) and
+[nncp/values.yaml](nncp/values.yaml).
+
+Apply node network configuration
+
+```bash
+pushd control-plane/nncp
+kustomize build > nncp.yaml
+oc apply -f nncp.yaml
+oc wait nncp \
+    -l osp/nncm-config-types=standard \
+    --for jsonpath='{.status.conditions[0].reason}'=SuccessfullyConfigured \
+    --timeout=300s
+popd
+```
+
+Generate the control-plane and networking CRs.
+
+```bash
+pushd control-plane
+kustomize build > control-plane.yaml
+```
+
+## Create CRs
+
+```bash
+oc apply -f control-plane.yaml
+popd
+```
+
+Wait for control plane to be available
+
+```bash
+oc wait osctlplane controlplane --for condition=Ready --timeout=600s
+```

examples/dt/uni02beta/control-plane/.gitignore

@@ -0,0 +1 @@
+control-plane.yaml

examples/dt/uni02beta/control-plane/cinder-ontap-nfs-backend.yaml

@@ -0,0 +1,27 @@
+---
+# To be able to use this sample it is necessary to:
+# - Have a NetApp ONTAP backend with NFS support
+# - Have the NetApp storage credentials and NFS configuration in cinder-volume-netapp-secrets.yaml
+
+apiVersion: core.openstack.org/v1beta1
+kind: OpenStackControlPlane
+metadata:
+  name: controlplane
+spec:
+  cinder:
+    template:
+      cinderVolumes:
+        ontap-iscsi:
+          networkAttachments:
+            - storage
+          customServiceConfigSecrets:
+            - cinder-volume-ontap-secrets
+          customServiceConfig: |
+            [ontap]
+            volume_backend_name=ontap
+            volume_driver=cinder.volume.drivers.netapp.common.NetAppDriver
+            netapp_server_hostname=hostname
+            netapp_server_port=80
+            netapp_storage_protocol=nfs
+            netapp_storage_family=ontap_cluster
+            nfs_shares_config=/etc/cinder/nfs_shares.d/shares-config

examples/dt/uni02beta/control-plane/cinder-volume-ontap-secrets.yaml

@@ -0,0 +1,24 @@
+---
+# Define the "cinder-volume-ontap-secrets" Secret that contains sensitive
+# information pertaining to the [iscsi] backend.
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    service: cinder
+    component: cinder-volume
+  name: cinder-volume-ontap-secrets
+type: Opaque
+stringData:
+  ontap-cinder-secrets.conf: _replaced_
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    service: cinder
+    component: cinder-volume
+  name: cinder-volume-ontap-shares-secrets
+type: Opaque
+stringData:
+  shares-config: _replaced_