diff --git a/extras/sample-site-policies/common.yaml b/extras/sample-site-policies/common.yaml index 00a58028..bb2de919 100644 --- a/extras/sample-site-policies/common.yaml +++ b/extras/sample-site-policies/common.yaml @@ -11,40 +11,42 @@ spec: mcp: master remediationAction: inform sourceFiles: - - fileName: DefaultCatsrc.yaml - metadata: - name: redhat-operator-index - spec: - image: registry.redhat.io/redhat/redhat-operator-index:v4.16 - policyName: config-policy - - fileName: ReduceMonitoringFootprint.yaml - policyName: config-policy - - fileName: StorageLVMSubscriptionNS.yaml - metadata: - annotations: - workload.openshift.io/allowed: management - policyName: subscriptions-policy - - fileName: StorageLVMSubscriptionOperGroup.yaml - policyName: subscriptions-policy - - fileName: StorageLVMSubscription.yaml - spec: - channel: stable-4.16 - source: redhat-operator-index - policyName: subscriptions-policy - - fileName: LVMOperatorStatus.yaml - policyName: subscriptions-policy - - fileName: SriovSubscriptionNS.yaml - policyName: "subscriptions-policy" - - fileName: SriovSubscriptionOperGroup.yaml - policyName: "subscriptions-policy" - - fileName: SriovSubscription.yaml - spec: - channel: stable - source: redhat-operator-index - config: - env: - - name: "DEV_MODE" - value: "TRUE" - policyName: "subscriptions-policy" - - fileName: SriovOperatorStatus.yaml - policyName: subscriptions-policy + - fileName: DefaultCatsrc.yaml + metadata: + name: redhat-operator-index + spec: + image: registry.redhat.io/redhat/redhat-operator-index:v4.16 + policyName: config-policy + - fileName: OperatorHub.yaml + policyName: config-policy + - fileName: ReduceMonitoringFootprint.yaml + policyName: config-policy + - fileName: StorageLVMSubscriptionNS.yaml + metadata: + annotations: + workload.openshift.io/allowed: management + policyName: subscriptions-policy + - fileName: StorageLVMSubscriptionOperGroup.yaml + policyName: subscriptions-policy + - fileName: StorageLVMSubscription.yaml + spec: + channel: stable-4.16 + source: redhat-operator-index + policyName: subscriptions-policy + - fileName: LVMOperatorStatus.yaml + policyName: subscriptions-policy + - fileName: SriovSubscriptionNS.yaml + policyName: "subscriptions-policy" + - fileName: SriovSubscriptionOperGroup.yaml + policyName: "subscriptions-policy" + - fileName: SriovSubscription.yaml + spec: + channel: stable + source: redhat-operator-index + config: + env: + - name: "DEV_MODE" + value: "TRUE" + policyName: "subscriptions-policy" + - fileName: SriovOperatorStatus.yaml + policyName: subscriptions-policy diff --git a/extras/sample-site-policies/group-du-sno-validator.yaml b/extras/sample-site-policies/group-du-sno-validator.yaml index 2280e58d..978c910d 100644 --- a/extras/sample-site-policies/group-du-sno-validator.yaml +++ b/extras/sample-site-policies/group-du-sno-validator.yaml @@ -12,6 +12,6 @@ spec: ztp-done: "" mcp: "master" sourceFiles: - - fileName: validatorCRs/informDuValidator.yaml - remediationAction: inform - policyName: "validation" + - fileName: validatorCRs/informDuValidator.yaml + remediationAction: inform + policyName: "validation" diff --git a/extras/sample-site-policies/group-du-sno.yaml b/extras/sample-site-policies/group-du-sno.yaml index a51647df..7511ec2a 100644 --- a/extras/sample-site-policies/group-du-sno.yaml +++ b/extras/sample-site-policies/group-du-sno.yaml @@ -12,74 +12,74 @@ spec: mcp: master remediationAction: inform sourceFiles: - - fileName: DisableSnoNetworkDiag.yaml - policyName: "group-policy" - - fileName: DisableOLMPprof.yaml # wave 10 - policyName: "group-policy" - - fileName: SriovOperatorConfig.yaml - policyName: "group-policy" - # Using hub templating to obtain if the SR-IOV card is supported for this hw type - spec: - disableDrain: true - enableOperatorWebhook: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-supported-sriov-nic" (index .ManagedClusterLabels "hardware-type")) | toBool hub}}' - - fileName: StorageLVMCluster.yaml - # Using hub templating to obtain the storage device name for this hw type - spec: - storage: - deviceClasses: - - name: vg1 - thinPoolConfig: - name: thin-pool-1 - sizePercent: 90 - overprovisionRatio: 10 - deviceSelector: - paths: - - '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-storage-path" (index .ManagedClusterLabels "hardware-type")) hub}}' - policyName: "group-policy" - - fileName: PerformanceProfile.yaml - # Using hub templating to obtain if the tunning config for this hw type - policyName: "group-policy" - metadata: - annotations: - kubeletconfig.experimental: | - {"topologyManagerScope": "pod", - "systemReserved": {"memory": "3Gi"} - } - spec: - cpu: - isolated: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-cpu-isolated" (index .ManagedClusterLabels "hardware-type")) hub}}' - reserved: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-cpu-reserved" (index .ManagedClusterLabels "hardware-type")) hub}}' - hugepages: - defaultHugepagesSize: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-hugepages-default" (index .ManagedClusterLabels "hardware-type"))| hub}}' - pages: - - count: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-hugepages-count" (index .ManagedClusterLabels "hardware-type")) | toInt hub}}' - size: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-hugepages-size" (index .ManagedClusterLabels "hardware-type")) hub}}' - numa: - topologyPolicy: single-numa-node - realTimeKernel: - enabled: false - globallyDisableIrqLoadBalancing: false - # WorkloadHints defines the set of upper level flags for different type of workloads. - # The configuration below is set for a low latency, performance mode. - workloadHints: - realTime: true - highPowerConsumption: false - perPodPowerManagement: false - - fileName: TunedPerformancePatch.yaml - policyName: "group-policy" - spec: - profile: - - name: performance-patch - data: | - [main] - summary=Configuration changes profile inherited from performance created tuned - include=openshift-node-performance-openshift-node-performance-profile - [sysctl] - # When using the standard (non-realtime) kernel, remove the kernel.timer_migration override from the [sysctl] section - # kernel.timer_migration=0 - [scheduler] - group.ice-ptp=0:f:10:*:ice-ptp.* - group.ice-gnss=0:f:10:*:ice-gnss.* - [service] - service.stalld=start,enable - service.chronyd=stop,disable + - fileName: DisableSnoNetworkDiag.yaml + policyName: "group-policy" + - fileName: DisableOLMPprof.yaml # wave 10 + policyName: "group-policy" + - fileName: SriovOperatorConfig.yaml + policyName: "group-policy" + # Using hub templating to obtain if the SR-IOV card is supported for this hw type + spec: + disableDrain: true + enableOperatorWebhook: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-supported-sriov-nic" (index .ManagedClusterLabels "hardware-type")) | toBool hub}}' + - fileName: StorageLVMCluster.yaml + # Using hub templating to obtain the storage device name for this hw type + spec: + storage: + deviceClasses: + - name: vg1 + thinPoolConfig: + name: thin-pool-1 + sizePercent: 90 + overprovisionRatio: 10 + deviceSelector: + paths: + - '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-storage-path" (index .ManagedClusterLabels "hardware-type")) hub}}' + policyName: "group-policy" + - fileName: PerformanceProfile.yaml + # Using hub templating to obtain if the tunning config for this hw type + policyName: "group-policy" + metadata: + annotations: + kubeletconfig.experimental: | + {"topologyManagerScope": "pod", + "systemReserved": {"memory": "3Gi"} + } + spec: + cpu: + isolated: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-cpu-isolated" (index .ManagedClusterLabels "hardware-type")) hub}}' + reserved: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-cpu-reserved" (index .ManagedClusterLabels "hardware-type")) hub}}' + hugepages: + defaultHugepagesSize: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-hugepages-default" (index .ManagedClusterLabels "hardware-type"))| hub}}' + pages: + - count: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-hugepages-count" (index .ManagedClusterLabels "hardware-type")) | toInt hub}}' + size: '{{hub fromConfigMap "" "group-hardware-types-configmap" (printf "%s-hugepages-size" (index .ManagedClusterLabels "hardware-type")) hub}}' + numa: + topologyPolicy: single-numa-node + realTimeKernel: + enabled: false + globallyDisableIrqLoadBalancing: false + # WorkloadHints defines the set of upper level flags for different type of workloads. + # The configuration below is set for a low latency, performance mode. + workloadHints: + realTime: true + highPowerConsumption: false + perPodPowerManagement: false + - fileName: TunedPerformancePatch.yaml + policyName: "group-policy" + spec: + profile: + - name: performance-patch + data: | + [main] + summary=Configuration changes profile inherited from performance created tuned + include=openshift-node-performance-openshift-node-performance-profile + [sysctl] + # When using the standard (non-realtime) kernel, remove the kernel.timer_migration override from the [sysctl] section + # kernel.timer_migration=0 + [scheduler] + group.ice-ptp=0:f:10:*:ice-ptp.* + group.ice-gnss=0:f:10:*:ice-gnss.* + [service] + service.stalld=start,enable + service.chronyd=stop,disable diff --git a/extras/sample-site-policies/group-hardware-types-configmap.yaml b/extras/sample-site-policies/group-hardware-types-configmap.yaml index 07144004..6201e20a 100644 --- a/extras/sample-site-policies/group-hardware-types-configmap.yaml +++ b/extras/sample-site-policies/group-hardware-types-configmap.yaml @@ -14,4 +14,4 @@ data: hw-type-platform-1-hugepages-count: "16" hw-type-platform-1-hugepages-size: "1G" hw-type-platform-1-supported-sriov-nic: "true" - hw-type-platform-1-storage-path: "/dev/vda" + hw-type-platform-1-storage-path: "/dev/sdb" diff --git a/extras/sample-site-policies/sites-specific.yaml b/extras/sample-site-policies/sites-specific.yaml index 09308fe1..e2db34a5 100644 --- a/extras/sample-site-policies/sites-specific.yaml +++ b/extras/sample-site-policies/sites-specific.yaml @@ -12,32 +12,32 @@ spec: mcp: master remediationAction: inform sourceFiles: - - fileName: SriovNetwork.yaml - # Using hub templating to obtain the SR-IOV config of each SNO - policyName: "sites-policy" - metadata: - name: "sriov-nw-du-netdev" - spec: - ipam: '{"type": "host-local","ranges": [[{"subnet": "192.168.100.0/24"}]],"dataDir": - "/run/my-orchestrator/container-ipam-state-1"}' - resourceName: '{{hub fromConfigMap "" "site-data-configmap" (printf "%s-resourcename1" .ManagedClusterName) hub}}' - spoofChk: "off" - trust: "on" - - fileName: SriovNetworkNodePolicy.yaml - policyName: "sites-policy" - complianceType: mustonlyhave - metadata: - name: '{{hub fromConfigMap "" "site-data-configmap" (printf "%s-resourcename1" .ManagedClusterName) hub}}' - spec: - deviceType: netdevice - needVhostNet: false - mtu: 1500 - linkType: eth - isRdma: false - nicSelector: - vendor: "8086" - deviceID: "10c9" - pfNames: - - '{{hub fromConfigMap "" "site-data-configmap" (printf "%s-sriovnic1" .ManagedClusterName) hub}}' - numVfs: 2 - resourceName: '{{hub fromConfigMap "" "site-data-configmap" (printf "%s-resourcename1" .ManagedClusterName) hub}}' + - fileName: SriovNetwork.yaml + # Using hub templating to obtain the SR-IOV config of each SNO + policyName: "sites-policy" + metadata: + name: "sriov-nw-du-netdev" + spec: + ipam: '{"type": "host-local","ranges": [[{"subnet": "192.168.100.0/24"}]],"dataDir": + "/run/my-orchestrator/container-ipam-state-1"}' + resourceName: '{{hub fromConfigMap "" "site-data-configmap" (printf "%s-resourcename1" .ManagedClusterName) hub}}' + spoofChk: "off" + trust: "on" + - fileName: SriovNetworkNodePolicy.yaml + policyName: "sites-policy" + complianceType: mustonlyhave + metadata: + name: '{{hub fromConfigMap "" "site-data-configmap" (printf "%s-resourcename1" .ManagedClusterName) hub}}' + spec: + deviceType: netdevice + needVhostNet: false + mtu: 1500 + linkType: eth + isRdma: false + nicSelector: + vendor: "8086" + deviceID: "10c9" + pfNames: + - '{{hub fromConfigMap "" "site-data-configmap" (printf "%s-sriovnic1" .ManagedClusterName) hub}}' + numVfs: 2 + resourceName: '{{hub fromConfigMap "" "site-data-configmap" (printf "%s-resourcename1" .ManagedClusterName) hub}}' diff --git a/paramfiles/lab.yml b/paramfiles/lab.yml index d5130c01..1bc213cf 100644 --- a/paramfiles/lab.yml +++ b/paramfiles/lab.yml @@ -38,7 +38,8 @@ vmrules: disks: - size: 120 interface: scsi - - 50 + - size: 100 + interface: scsi nets: - name: lab-baremetal mac: aa:aa:aa:aa:bb:04 diff --git a/paramfiles/lab_ipv6.yml b/paramfiles/lab_ipv6.yml index 001d4e5c..b529c33a 100644 --- a/paramfiles/lab_ipv6.yml +++ b/paramfiles/lab_ipv6.yml @@ -36,7 +36,8 @@ vmrules: disks: - size: 120 interface: scsi - - 50 + - size: 100 + interface: scsi nets: - name: lab-baremetal mac: aa:aa:aa:aa:bb:04 diff --git a/plans/kcli_plan.yml b/plans/kcli_plan.yml index 6846a3ee..2bbf6202 100644 --- a/plans/kcli_plan.yml +++ b/plans/kcli_plan.yml @@ -6,10 +6,6 @@ {{ disconnected_operators.append("multicluster-engine") or "" }} {% endif %} -{% if not ztp_acm and 'multicluster-engine' not in disconnected_operators %} -{{ disconnected_operators.append("multicluster-engine") or "" }} -{% endif %} - {% if ztp_gitops and 'openshift-gitops-operator' not in disconnected_operators %} {{ disconnected_operators.append("openshift-gitops-operator") or "" }} {% endif %} @@ -18,6 +14,14 @@ {{ disconnected_operators.append("topology-aware-lifecycle-manager") or "" }} {% endif %} +{% if ztp_gitops and ztp_spokes|length > 0 and 'sriov-network-operator' not in disconnected_operators %} +{{ disconnected_operators.append("sriov-network-operator") or "" }} +{% endif %} + +{% if ztp_gitops and ztp_spokes|length > 0 and 'lvms-operator' not in disconnected_operators %} +{{ disconnected_operators.append("lvms-operator") or "" }} +{% endif %} + {% set snoplus_bmcs = [] %} {% for spoke in ztp_spokes %} diff --git a/ztp/scripts/generate_gitops.sh b/ztp/scripts/generate_gitops.sh index fe10c8c8..685e7dad 100755 --- a/ztp/scripts/generate_gitops.sh +++ b/ztp/scripts/generate_gitops.sh @@ -43,7 +43,7 @@ if [[ "$REPO_URL" =~ "$GIT_SERVER:3000" ]] ; then mv /root/ztp/scripts/siteconfig.yml site-configs/$HUB if [ -d /root/ztp/scripts/site-policies ] ; then if [ "$REGISTRY" != "registry.redhat.io" ] ; then - sed -i "/image: registry.redhat.io/image: $REGISTRY/" /root/ztp/scripts/site-policies/* + sed -i "s/image: registry.redhat.io/image: $REGISTRY/" /root/ztp/scripts/site-policies/* fi cp -r /root/ztp/scripts/site-policies . fi