diff --git a/apis/core/v1beta1/openstackcontrolplane_webhook.go b/apis/core/v1beta1/openstackcontrolplane_webhook.go index 6584e0dd9..39c1cc637 100644 --- a/apis/core/v1beta1/openstackcontrolplane_webhook.go +++ b/apis/core/v1beta1/openstackcontrolplane_webhook.go @@ -863,6 +863,10 @@ func (r *OpenStackControlPlane) DefaultServices() { r.Spec.Heat.Template = &heatv1.HeatSpecCore{} } r.Spec.Heat.Template.Default() + initializeOverrideSpec(&r.Spec.Heat.APIOverride.Route, true) + r.Spec.Heat.Template.SetDefaultRouteAnnotations(r.Spec.Heat.APIOverride.Route.Annotations) + initializeOverrideSpec(&r.Spec.Heat.CnfAPIOverride.Route, true) + r.Spec.Heat.Template.SetDefaultRouteAnnotations(r.Spec.Heat.CnfAPIOverride.Route.Annotations) } // Swift diff --git a/docs/assemblies/ctlplane_resources.adoc b/docs/assemblies/ctlplane_resources.adoc index c290e8230..611bed323 100644 --- a/docs/assemblies/ctlplane_resources.adoc +++ b/docs/assemblies/ctlplane_resources.adoc @@ -289,7 +289,6 @@ * <> * <> * <> -* <> * <> * <> * <> @@ -471,6 +470,7 @@ * <> * <> * <> +* <> * <> * <> * <> @@ -2008,11 +2008,6 @@ ContainerTemplate - struct that contains container image URLs for each service i | *string | false -| infraInstanceHaImage -| -| *string -| false - | ironicAPIImage | | *string @@ -4371,6 +4366,11 @@ DesignateSpecBase - | Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | corev1.ResourceRequirements | false + +| designateNetworkAttachment +| DesignateNetworkAttachment is a NetworkAttachment resource name for the Designate Control Network +| string +| true |=== <> @@ -4716,6 +4716,26 @@ DesignateBackendbind9SpecBase - | ServiceAccount - service account name used internally to provide Designate services the default SA name | string | true + +| customBindOptions +| CustomBindOptions - custom bind9 options +| []string +| false + +| controlNetworkName +| ControlNetworkName - specify which network attachment is to be used for control, notifys and zone transfers. +| string +| true + +| storageClass +| StorageClass +| string +| false + +| storageRequest +| StorageRequest +| string +| true |=== <> @@ -5457,6 +5477,8 @@ ImageCache - struct where the exposed imageCache params are defined [#storage] ==== Storage +Storage - + |=== | Field | Description | Scheme | Required @@ -5591,7 +5613,7 @@ GlanceSpec defines the desired state of Glance [#glancespeccore] ==== GlanceSpecCore -GlanceSpec defines the desired state of Glance +GlanceSpecCore defines the desired state of Glance |=== | Field | Description | Scheme | Required @@ -5976,10 +5998,15 @@ HeatServiceTemplate - | false | customServiceConfig -| CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc/++++++/++++++.conf.d directory as custom.conf file.++++++++++++ +| CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc/heat/heat.conf.d directory as 02-custom-service.conf file. | string | false +| customServiceConfigSecrets +| CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc/heat/heat.conf.d directory as a custom config file. +| []string +| false + | resources | Resources - Compute Resources required by this service (Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | corev1.ResourceRequirements @@ -6036,6 +6063,11 @@ PasswordSelector .. | AuthEncryptionKey - Selector to get the heat auth encryption key from the Secret | string | true + +| stackDomainAdminPassword +| StackDomainAdminPassword - Selector to get the heat stack domain admin password from the Secret +| string +| true |=== <> @@ -6137,10 +6169,15 @@ HeatSpec defines the desired state of Heat | true | customServiceConfig -| CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc/++++++/++++++.conf.d directory as custom.conf file.++++++++++++ +| CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc/heat/heat.conf.d directory as 01-custom.conf file. | string | false +| customServiceConfigSecrets +| CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets that contain sensitive service config data. The content of each Secret gets added to the /etc/heat/heat.conf.d directory as a custom config file. +| []string +| false + | preserveJobs | PreserveJobs - do not delete jobs after they finished e.g. to check logs | bool @@ -6155,6 +6192,11 @@ HeatSpec defines the desired state of Heat | NodeSelector to target subset of worker nodes for running the Heat services | map[string]string | false + +| apiTimeout +| APITimeout for Route and Apache +| int +| true |=== <> @@ -8178,6 +8220,16 @@ KeystoneAPISpec defines the desired state of KeystoneAPI | bool | true +| fernetRotationDays +| FernetRotationDays - Rotate fernet token keys every X days +| *int32 +| true + +| fernetMaxActiveKeys +| FernetMaxActiveKeys - Maximum number of fernet token keys after rotation +| *int32 +| true + | passwordSelectors | PasswordSelectors - Selectors to identify the AdminUser password from the Secret | <> @@ -9337,22 +9389,6 @@ ManilaShareTemplateCore - <> -[#adoptionredirectspec] -==== AdoptionRedirectSpec - -AdoptionRedirectSpec defines redirection to a different DB instance during Adoption - -|=== -| Field | Description | Scheme | Required - -| host -| MariaDB host to redirect to (IP or name) -| string -| false -|=== - -<> - [#galera] ==== Galera @@ -9387,11 +9423,26 @@ GaleraAttributes holds startup information for a Galera host |=== | Field | Description | Scheme | Required +| uuid +| UUID of the partition that is seen by the galera node +| string +| false + | seqno | Last recorded replication sequence number in the DB | string | true +| safe_to_bootstrap +| This galera node can bootstrap a galera cluster +| bool +| false + +| no_grastate +| This galera node has its state recovered from the DB +| bool +| false + | gcomm | Gcomm URI used to connect to the galera cluster | string @@ -9480,11 +9531,6 @@ GaleraSpec defines the desired state of Galera | string | false -| adoptionRedirect -| Adoption configuration -| <> -| true - | tls | TLS settings for MySQL service and internal Galera replication | tls.SimpleService @@ -9894,6 +9940,16 @@ NeutronAPISpecCore - | bool | true +| corePlugin +| CorePlugin - Neutron core plugin to use. Using "ml2" if not set. +| string +| true + +| ml2MechanismDrivers +| Ml2MechanismDrivers - list of ml2 drivers to enable. Using {"ovn"} if not set. +| []string +| true + | customServiceConfig | CustomServiceConfig - customize the service config using this parameter to change service defaults, or overwrite rendered information using raw OpenStack config format. The content gets added to to /etc/++++++/++++++.conf.d directory as custom.conf file.++++++++++++ | string @@ -12084,6 +12140,11 @@ OctaviaAmphoraControllerSpecCore - | OctaviaProviderSubnetCIDR - | string | true + +| octaviaProviderSubnetExtraCIDRs +| OctaviaProviderSubnetExtraCIDRs - +| []string +| false |=== <> @@ -12205,14 +12266,29 @@ OctaviaLbMgmtNetworks Settings for Octavia management networks | Field | Description | Scheme | Required | manageLbMgmtNetworks -| +| ManageLbMgmtNetworks - when True, octavia-operator creates the Neutron resources needed for its Management Network +| bool +| true + +| createDefaultLbMgmtNetwork +| CreateDefaultLbMgmtNetwork - when True, octavia-operator creates a Management Network for the default Availability Zone of the control plane. Can be set to false when deploying OpenStack in DCN mode. | bool +| true + +| lbMgmtRouterGateway +| LbMgmtRouterGateway is the IP address of the Octavia router on the Provider network, it's optional and used only when the routing informations are not passed through the Network Attachment Definition +| string | false | availabilityZones | Availability zones for the octavia management network resources | []string | false + +| availabilityZoneCIDRs +| AvailabilityZoneCIDRs are the CIDRs of each management network associated with an Availability Zone (ex: {"az":"172.34.0.0/24", ...}) +| map[string]string +| false |=== <> @@ -12377,6 +12453,11 @@ OctaviaSpecBase - | string | true +| apiTimeout +| Octavia API timeout +| string +| false + | octaviaNetworkAttachment | OctaviaNetworkAttachment is a NetworkAttachment resource name for the Octavia Management Network | string @@ -13139,10 +13220,15 @@ InstanceSpec Instance specific attributes |=== | Field | Description | Scheme | Required +| bmhLabelSelector +| BmhLabelSelector allows for the selection of a particular BaremetalHost based on arbitrary labels +| map[string]string +| false + | ctlPlaneIP | CtlPlaneIP - Control Plane IP in CIDR notation | string -| true +| false | userData | UserData - Host User Data @@ -13153,11 +13239,6 @@ InstanceSpec Instance specific attributes | NetworkData - Host Network Data | *corev1.SecretReference | false - -| preprovisioningNetworkDataName -| PreprovisioningNetworkDataName - NetwoData Secret name for Preprovisining in the local namespace -| string -| false |=== <> @@ -13279,16 +13360,6 @@ OpenStackBaremetalSetSpec defines the desired state of OpenStackBaremetalSet | string | false -| userData -| UserData holds the reference to the Secret containing the user data to be passed to the host before it boots. UserData can be set per host in BaremetalHosts or here. If none of these are provided it will use a default cloud-config. -| *corev1.SecretReference -| false - -| networkData -| NetworkData holds the reference to the Secret containing network data to be passed to the hosts. NetworkData can be set per host in BaremetalHosts or here. If none of these are provided it will use default NetworkData to configure CtlPlaneIP. -| *corev1.SecretReference -| false - | automatedCleaningMode | When set to disabled, automated cleaning will be avoided during provisioning and deprovisioning. | AutomatedCleaningMode @@ -15294,6 +15365,11 @@ Ceilometer is the Schema for the ceilometers API | | <> | false + +| ksmStatus +| +| <> +| false |=== <> @@ -15356,6 +15432,11 @@ CeilometerSpec defines the desired state of Ceilometer | | string | true + +| ksmImage +| +| string +| true |=== <> @@ -15407,6 +15488,11 @@ CeilometerSpecCore defines the desired state of Ceilometer. This version is used | TLS - Parameters related to the TLS | tls.SimpleService | false + +| ksmTls +| KSMTLS - Parameters related to the TLS for kube-state-metrics +| tls.SimpleService +| false |=== <> @@ -15452,6 +15538,37 @@ CeilometerStatus defines the observed state of Ceilometer <> +[#ksmstatus] +==== KSMStatus + +KSMStatus defines the observed state of kube-state-metrics + +|=== +| Field | Description | Scheme | Required + +| readyCount +| ReadyCount of ksm instances +| int32 +| false + +| hash +| Map of hashes to track e.g. job status +| map[string]string +| false + +| conditions +| Conditions +| condition.Conditions +| false + +| observedGeneration +| ObservedGeneration - the most recent generation observed for this service. If the observed generation is less than the spec generation, then the controller has not processed the latest changes injected by the openstack-operator in the top-level CR (e.g. the ContainerImage) +| int64 +| false +|=== + +<> + [#logging] ==== Logging @@ -15507,11 +15624,6 @@ LoggingSpec defines the desired state of Logging |=== | Field | Description | Scheme | Required -| ipaddr -| IPAddr is the address where the service will listen on -| string -| true - | port | Port is the port where the service will listen on | int32 @@ -16573,6 +16685,11 @@ IPSetReservation defines reservation status per requested network | DNSDomain of the subnet | string | true + +| serviceNetwork +| ServiceNetwork mapping +| ServiceNetNameStr +| true |=== <> @@ -16735,6 +16852,11 @@ Network definition | Subnets of the network | []<> | true + +| serviceNetwork +| Service network mapping +| ServiceNetNameStr +| false |=== <> diff --git a/docs/assemblies/dataplane_resources.adoc b/docs/assemblies/dataplane_resources.adoc index 3ea88ab5b..cb9f50ac3 100644 --- a/docs/assemblies/dataplane_resources.adoc +++ b/docs/assemblies/dataplane_resources.adoc @@ -126,6 +126,11 @@ OpenStackDataPlaneDeploymentSpec defines the desired state of OpenStackDataPlane | Time before the deployment is requeued in seconds | int | true + +| ansibleJobNodeSelector +| AnsibleJobNodeSelector to target subset of worker nodes running the ansible jobs +| map[string]string +| false |=== <> @@ -458,7 +463,7 @@ OpenStackDataPlaneServiceSpec defines the desired state of OpenStackDataPlaneSer | caCerts | CACerts - Secret containing the CA certificate chain | string -| false +| true | openStackAnsibleEERunnerImage | OpenStackAnsibleEERunnerImage image to use as the ansibleEE runner image @@ -713,6 +718,11 @@ NodeSection defines the top level attributes inherited by nodes in the CR. | []infranetworkv1.IPSetNetwork | false +| bmhLabelSelector +| BmhLabelSelector allows for a sub-selection of BaremetalHosts based on arbitrary labels for a node. +| map[string]string +| false + | userData | UserData node specific user-data | *corev1.SecretReference @@ -737,11 +747,6 @@ NodeSection defines the top level attributes inherited by nodes in the CR. | ManagementNetwork - Name of network to use for management (SSH/Ansible) | string | false - -| preprovisioningNetworkDataName -| PreprovisioningNetworkDataName - NetworkData secret name in the local namespace for pre-provisioing -| string -| false |=== <> diff --git a/tests/functional/ctlplane/base_test.go b/tests/functional/ctlplane/base_test.go index 5acbf4985..e0c4de660 100644 --- a/tests/functional/ctlplane/base_test.go +++ b/tests/functional/ctlplane/base_test.go @@ -423,6 +423,13 @@ func GetDefaultOpenStackControlPlaneSpec() map[string]interface{} { "enabled": false, }, } + heatTemplate := map[string]interface{}{ + "databaseInstance": "openstack", + "secret": "osp-secret", + "passwordSelectors": map[string]interface{}{ + "AuthEncryptionKey": "HeatAuthEncryptionKey", + }, + } return map[string]interface{}{ "secret": "osp-secret", @@ -490,6 +497,10 @@ func GetDefaultOpenStackControlPlaneSpec() map[string]interface{} { "enabled": true, "template": telemetryTemplate, }, + "heat": map[string]interface{}{ + "enabled": true, + "template": heatTemplate, + }, } } diff --git a/tests/functional/ctlplane/openstackoperator_controller_test.go b/tests/functional/ctlplane/openstackoperator_controller_test.go index 176103433..debe49c6c 100644 --- a/tests/functional/ctlplane/openstackoperator_controller_test.go +++ b/tests/functional/ctlplane/openstackoperator_controller_test.go @@ -574,6 +574,12 @@ var _ = Describe("OpenStackOperator controller", func() { Expect(OSCtlplane.Spec.Glance.APIOverride[name].Route.Annotations).Should(HaveKeyWithValue("haproxy.router.openshift.io/timeout", "60s")) Expect(OSCtlplane.Spec.Glance.APIOverride[name].Route.Annotations).Should(HaveKeyWithValue("api.glance.openstack.org/timeout", "60s")) } + Expect(OSCtlplane.Spec.Heat.APIOverride.Route).Should(Not(BeNil())) + Expect(OSCtlplane.Spec.Heat.APIOverride.Route.Annotations).Should(HaveKeyWithValue("haproxy.router.openshift.io/timeout", "600s")) + Expect(OSCtlplane.Spec.Heat.APIOverride.Route.Annotations).Should(HaveKeyWithValue("api.heat.openstack.org/timeout", "600s")) + Expect(OSCtlplane.Spec.Heat.CnfAPIOverride.Route).Should(Not(BeNil())) + Expect(OSCtlplane.Spec.Heat.CnfAPIOverride.Route.Annotations).Should(HaveKeyWithValue("haproxy.router.openshift.io/timeout", "600s")) + Expect(OSCtlplane.Spec.Heat.CnfAPIOverride.Route.Annotations).Should(HaveKeyWithValue("api.heat.openstack.org/timeout", "600s")) Expect(OSCtlplane.Spec.Manila.APIOverride.Route).Should(Not(BeNil())) Expect(OSCtlplane.Spec.Manila.APIOverride.Route.Annotations).Should(HaveKeyWithValue("haproxy.router.openshift.io/timeout", "60s")) Expect(OSCtlplane.Spec.Manila.APIOverride.Route.Annotations).Should(HaveKeyWithValue("api.manila.openstack.org/timeout", "60s")) @@ -855,6 +861,12 @@ var _ = Describe("OpenStackOperator controller", func() { Expect(OSCtlplane.Spec.Telemetry.AodhAPIOverride.Route).Should(Not(BeNil())) Expect(OSCtlplane.Spec.Telemetry.AodhAPIOverride.Route.Annotations).Should(HaveKeyWithValue("haproxy.router.openshift.io/timeout", "60s")) Expect(OSCtlplane.Spec.Telemetry.AodhAPIOverride.Route.Annotations).Should(HaveKeyWithValue("api.aodh.openstack.org/timeout", "60s")) + Expect(OSCtlplane.Spec.Heat.APIOverride.Route).Should(Not(BeNil())) + Expect(OSCtlplane.Spec.Heat.APIOverride.Route.Annotations).Should(HaveKeyWithValue("haproxy.router.openshift.io/timeout", "600s")) + Expect(OSCtlplane.Spec.Heat.APIOverride.Route.Annotations).Should(HaveKeyWithValue("api.heat.openstack.org/timeout", "600s")) + Expect(OSCtlplane.Spec.Heat.CnfAPIOverride.Route).Should(Not(BeNil())) + Expect(OSCtlplane.Spec.Heat.CnfAPIOverride.Route.Annotations).Should(HaveKeyWithValue("haproxy.router.openshift.io/timeout", "600s")) + Expect(OSCtlplane.Spec.Heat.CnfAPIOverride.Route.Annotations).Should(HaveKeyWithValue("api.heat.openstack.org/timeout", "600s")) }) It("should create selfsigned issuer and public, internal, libvirt and ovn CA and issuer", func() { diff --git a/tests/functional/ctlplane/openstackversion_controller_test.go b/tests/functional/ctlplane/openstackversion_controller_test.go index 68ee88a09..b12e80624 100644 --- a/tests/functional/ctlplane/openstackversion_controller_test.go +++ b/tests/functional/ctlplane/openstackversion_controller_test.go @@ -233,6 +233,9 @@ var _ = Describe("OpenStackOperator controller", func() { spec["telemetry"] = map[string]interface{}{ "enabled": false, } + spec["heat"] = map[string]interface{}{ + "enabled": false, + } spec["tls"] = GetTLSPublicSpec() spec["ovn"] = map[string]interface{}{ "enabled": true,