+---
+# The purpose of this file is to define all of the NetworkLinks (i.e. layer 1
+# devices) and Networks (i.e. layer 3 configurations). The following is standard
+# for the logical networks in Airship:
+#
+# +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
+# | Network | | Per-rack or | | | VLAN tagged |
+# | Name | Purpose | per-site CIDR? | Has gateway? | Bond | or untagged? |
+# +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
+# | oob | Out of Band devices (iDrac/iLo) | per-site CIDR | Has gateway | No bond, N/A | Untagged/Native |
+# | pxe | PXE boot network | per-site CIDR | No gateway | No bond, no LACP fallback. Dedicated PXE interface | Untagged/Native |
+# | oam | management network | per-site CIDR | Has gateway | member of bond0 | tagged |
+# | storage | storage network | per-site CIDR | No gateway | member of bond0 | tagged |
+# | calico | underlay calico net; k8s traffic | per-site CIDR | No gateway | member of bond0 | tagged |
+# | overlay | overlay network for openstack SDN | per-site CIDR | No gateway | member of bond0 | tagged |
+# +----------+-----------------------------------+----------------+--------------+----------------------------------------------------+-----------------+
+#
+# For standard Airship deployments, you should not need to modify the number of
+# NetworkLinks and Networks in this file. Only the IP addresses and CIDRs should
+# need editing.
+#
+# TODO: Given that we expect all network broadcast domains to span all racks in
+# Airship, we should choose network names that do not include the rack number.
+#
+# TODO: FQDN naming standards for hosts
+#
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oob
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ # MaaS doesnt own this network like it does the others, so the noconfig label
+ # is specified.
+ labels:
+ noconfig: enabled
+ bonding:
+ mode: disabled
+ mtu: 1500
+ linkspeed: auto
+ trunking:
+ mode: disabled
+ default_network: oob
+ allowed_networks:
+ - oob
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oob
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ # NEWSITE-CHANGEME: Update with the site's out-of-band CIDR
+ cidr: {{yaml.networks.oob.cidr}}
+ routes:
+ # NEWSITE-CHANGEME: Update with the site's out-of-band gateway IP
+ - subnet: '0.0.0.0/0'
+ gateway: {{yaml.networks.oob.routes.gateway}}
+ metric: 100
+ # NEWSITE-CHANGEME: Update with the site's out-of-band IP allocation range
+ # FIXME: Is this IP range actually used/allocated for anything? The HW already
+ # has its OOB IPs assigned. None of the Ubuntu OS's should need IPs on OOB
+ # network either, as they should be routable via the default gw on OAM network
+ ranges:
+ - type: static
+ start: {{yaml.networks.oob.ranges.static.start}}
+ end: {{yaml.networks.oob.ranges.static.end}}
+...
+---
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: pxe
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ bonding:
+ mode: disabled
+ mtu: 1500
+ linkspeed: auto
+ trunking:
+ mode: disabled
+ default_network: pxe
+ allowed_networks:
+ - pxe
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: pxe
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ # NEWSITE-CHANGEME: Update with the site's PXE network CIDR
+ # NOTE: The CIDR minimum size = (number of nodes * 2) + 10
+ cidr: {{yaml.networks.pxe.cidr}}
+ routes:
+ - subnet: 0.0.0.0/0
+ # NEWSITE-CHANGEME: Set the OAM network gateway IP address
+ gateway: {{yaml.networks.pxe.routes.gateway}}
+ metric: 100
+ # NOTE: The first 10 IPs in the subnet are reserved for network infrastructure.
+ # The remainder of the range is divided between two subnets of equal size:
+ # one static, and one DHCP.
+ # The DHCP addresses are used when nodes perform a PXE boot (DHCP address gets
+ # assigned), and when a node is commissioning in MaaS (also uses DHCP to get
+ # its IP address). However, when MaaS installs the operating system
+ # ("Deploying/Deployed" states), it will write a static IP assignment to
+ # /etc/network/interfaces[.d] with IPs from the "static" subnet defined here.
+ ranges:
+ # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
+ - type: reserved
+ start: {{yaml.networks.pxe.ranges.reserved.start}}
+ end: {{yaml.networks.pxe.ranges.reserved.end}}
+ # NEWSITE-CHANGEME: Update to the first half of the remaining range after
+ # excluding the 10 reserved IPs.
+ - type: static
+ start: {{yaml.networks.pxe.ranges.static.start}}
+ end: {{yaml.networks.pxe.ranges.static.end}}
+ # NEWSITE-CHANGEME: Update to the second half of the remaining range after
+ # excluding the 10 reserved IPs.
+ - type: dhcp
+ start: {{yaml.networks.pxe.ranges.dhcp.start}}
+ end: {{yaml.networks.pxe.ranges.dhcp.end}}
+ dns:
+ # NEWSITE-CHANGEME: FQDN for bare metal nodes.
+ # Choose FQDN according to the node FQDN naming conventions at the top of
+ # this document.
+ domain: {% if 'dns' in yaml.networks.pxe and 'domain' in yaml.networks.pxe.dns %}{{yaml.networks.pxe.dns.domain}}
+ {% else %}{{yaml.dns.domain}}
+ {% endif %}
+ # List of upstream DNS forwards. Verify you can reach them from your
+ # environment. If so, you should not need to change them.
+ # TODO: This should be populated via substitution from common-addresses
+ servers: '{% if 'dns' in yaml.networks.pxe %}{{yaml.networks.pxe.dns.servers}}{% else %}{{yaml.dns.upstream_servers|join(' ')}}{% endif %}'
+...
+---
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: data
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ bonding:
+{% if yaml.networks.bonded %}
+ mode: 802.3ad
+ hash: layer3+4
+ peer_rate: fast
+ mon_rate: 100
+ up_delay: 1000
+ down_delay: 3000
+{% else %}
+ mode: disabled
+{% endif %}
+ # NEWSITE-CHANGEME: Ensure the network switches in the environment are
+ # configured for this MTU or greater. Even if switches are configured for or
+ # can support a slightly higher MTU, there is no need (and negliable benefit)
+ # to squeeze every last byte into the MTU (e.g., 9216 vs 9100). Leave MTU at
+ # 9100 for maximum compatibility.
+ mtu: 9000
+ linkspeed: auto
+ trunking:
+ mode: 802.1q
+ allowed_networks:
+ - oam
+ - storage
+ - overlay
+ - calico
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: oam
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ # NEWSITE-CHANGEME: Set the VLAN ID which the OAM network is on
+ vlan: '{{yaml.networks.host.vlan}}'
+ mtu: 9000
+ # NEWSITE-CHANGEME: Set the CIDR for the OAM network
+ # NOTE: The CIDR minimum size = number of nodes + 10
+ cidr: {{yaml.networks.host.cidr}}
+ routes:
+ - subnet: 0.0.0.0/0
+ # NEWSITE-CHANGEME: Set the OAM network gateway IP address
+ gateway: {{yaml.networks.host.routes.gateway}}
+ metric: 100
+ ranges:
+ # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
+ - type: reserved
+ start: {{yaml.networks.host.ranges.reserved.start}}
+ end: {{yaml.networks.host.ranges.reserved.end}}
+ # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
+ # 10 reserved IPs.
+ - type: static
+ start: {{yaml.networks.host.ranges.static.start}}
+ end: {{yaml.networks.host.ranges.static.end}}
+ dns:
+ # NEWSITE-CHANGEME: FQDN for bare metal nodes.
+ # Choose FQDN according to the node FQDN naming conventions at the top of
+ # this document.
+ domain: {% if 'dns' in yaml.networks.host and 'domain' in yaml.networks.host.dns %}{{yaml.networks.host.dns.domain}}
+ {% else %}{{yaml.dns.domain}}
+ {% endif %}
+ # List of upstream DNS forwards. Verify you can reach them from your
+ # environment. If so, you should not need to change them.
+ # TODO: This should be populated via substitution from common-addresses
+ servers: '{% if 'dns' in yaml.networks.host %}{{yaml.networks.host.dns.servers}}{% else %}{{yaml.dns.upstream_servers|join(' ')}}{% endif %}'
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: storage
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ # NEWSITE-CHANGEME: Set the VLAN ID which the storage network is on
+ vlan: '{{yaml.networks.storage.vlan}}'
+ mtu: 9000
+ # NEWSITE-CHANGEME: Set the CIDR for the storage network
+ # NOTE: The CIDR minimum size = number of nodes + 10
+ cidr: {{yaml.networks.storage.cidr}}
+ ranges:
+ # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
+ - type: reserved
+ start: {{yaml.networks.storage.ranges.reserved.start}}
+ end: {{yaml.networks.storage.ranges.reserved.end}}
+ # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
+ # 10 reserved IPs.
+ - type: static
+ start: {{yaml.networks.storage.ranges.static.start}}
+ end: {{yaml.networks.storage.ranges.static.end}}
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: overlay
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ # NEWSITE-CHANGEME: Set the VLAN ID which the overlay network is on
+ vlan: '{{yaml.networks.neutron.vlan}}'
+ mtu: 9000
+ # NEWSITE-CHANGEME: Set the CIDR for the overlay network
+ # NOTE: The CIDR minimum size = number of nodes + 10
+ cidr: {{yaml.networks.neutron.cidr}}
+ ranges:
+ # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
+ - type: reserved
+ start: {{yaml.networks.neutron.ranges.reserved.start}}
+ end: {{yaml.networks.neutron.ranges.reserved.end}}
+ # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
+ # 10 reserved IPs.
+ - type: static
+ start: {{yaml.networks.neutron.ranges.static.start}}
+ end: {{yaml.networks.neutron.ranges.static.end}}
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: calico
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ # NEWSITE-CHANGEME: Set the VLAN ID which the calico network is on
+ vlan: '{{yaml.networks.ksn.vlan}}'
+ mtu: 9000
+ # NEWSITE-CHANGEME: Set the CIDR for the calico network
+ # NOTE: The CIDR minimum size = number of nodes + 10
+ cidr: {{yaml.networks.ksn.cidr}}
+ ranges:
+ # NEWSITE-CHANGEME: Update to the first 10 IPs in the CIDR
+ - type: reserved
+ start: {{yaml.networks.ksn.ranges.reserved.start}}
+ end: {{yaml.networks.ksn.ranges.reserved.end}}
+ # NEWSITE-CHANGEME: Update to the remaining range after excluding the 10
+ # 10 reserved IPs.
+ - type: static
+ start: {{yaml.networks.ksn.ranges.static.start}}
+ end: {{yaml.networks.ksn.ranges.static.end}}
+...
+---
+schema: 'drydock/NetworkLink/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: dpdk
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ bonding:
+ mode: disabled
+ mtu: 1500
+ linkspeed: auto
+ trunking:
+ mode: disabled
+ default_network: dpdk
+ allowed_networks:
+ - dpdk
+...
+---
+schema: 'drydock/Network/v1'
+metadata:
+ schema: 'metadata/Document/v1'
+ name: dpdk
+ layeringDefinition:
+ abstract: false
+ layer: site
+ storagePolicy: cleartext
+data:
+ mtu: 1500
+ cidr: {{yaml.networks.vxlan.cidr}}
+ ranges:
+ - type: reserved
+ start: {{yaml.networks.vxlan.ranges.reserved.start}}
+ end: {{yaml.networks.vxlan.ranges.reserved.end}}
+ - type: static
+ start: {{yaml.networks.vxlan.ranges.static.start}}
+ end: {{yaml.networks.vxlan.ranges.static.end}}
+...