apiVersion: dataplane.openstack.org/v1beta1 kind: OpenStackDataPlaneNodeSet metadata: annotations: kubectl.kubernetes.io/last-applied-configuration: | {"apiVersion":"dataplane.openstack.org/v1beta1","kind":"OpenStackDataPlaneNodeSet","metadata":{"annotations":{},"name":"edpm-a","namespace":"openstack"},"spec":{"baremetalSetTemplate":{"bmhLabelSelector":{"app":"openstack"},"bmhNamespace":"openstack","cloudUserName":"cloud-admin","ctlplaneInterface":"enp4s0","deploymentSSHSecret":"dataplane-ansible-ssh-private-key-secret","dnsSearchDomains":["osptest.openstack.org"]},"env":[{"name":"ANSIBLE_FORCE_COLOR","value":"True"}],"networkAttachments":["ctlplane"],"nodeTemplate":{"ansible":{"ansiblePort":22,"ansibleUser":"cloud-admin","ansibleVars":{"edpm_bootstrap_command":"#!/bin/bash\n# Copyright Red Hat, Inc.\n# All Rights Reserved.\n#\n# Licensed under the Apache License, Version 2.0 (the \"License\"); you may\n# not use this file except in compliance with the License. You may obtain\n# a copy of the License at\n#\n# http://www.apache.org/licenses/LICENSE-2.0\n#\n# Unless required by applicable law or agreed to in writing, software\n# distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the\n# License for the specific language governing permissions and limitations\n# under the License.\n\nset -euxo pipefail\n\npushd /var/tmp\n\ncurl -sL https://github.com/openstack-k8s-operators/repo-setup/archive/refs/heads/main.tar.gz | tar -xz\n\npushd repo-setup-main\n\npython3 -m venv ./venv\nPBR_VERSION=0.0.0 ./venv/bin/pip install ./\n\n# This is required for FIPS enabled until trunk.rdoproject.org\n# is not being served from a centos7 host, tracked by\n# https://issues.redhat.com/browse/RHOSZUUL-1517\nupdate-crypto-policies --set FIPS:NO-ENFORCE-EMS\n\n./venv/bin/repo-setup current-podified -b antelope\n\npopd\n\nrm -rf repo-setup-main\n","edpm_container_registry_logins":{},"edpm_network_config_hide_sensitive_logs":false,"edpm_network_config_template":"---\n{% set mtu_list = [ctlplane_mtu] %}\n{% for network in nodeset_networks %}\n{{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }}\n{%- endfor %}\n{% set min_viable_mtu = mtu_list | max %}\nnetwork_config:\n - type: ovs_bridge\n name: {{ neutron_physical_bridge_name }}\n mtu: {{ min_viable_mtu }}\n use_dhcp: false\n dns_servers: {{ ctlplane_dns_nameservers }}\n domain: {{ dns_search_domains }}\n addresses:\n - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }}\n routes: {{ ctlplane_host_routes }}\n members:\n - type: interface\n name: nic2\n mtu: {{ min_viable_mtu }}\n primary: true\n{% for network in nodeset_networks %}\n - type: vlan\n mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }}\n vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }}\n addresses:\n - ip_netmask: \u003e-\n {{\n lookup('vars', networks_lower[network] ~ '_ip')\n }}/{{\n lookup('vars', networks_lower[network] ~ '_cidr')\n }}\n routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }}\n{% endfor %}\n","edpm_podman_registries":[],"edpm_sshd_allowed_ranges":["192.168.32.254/32","192.168.122.0/24"],"gather_facts":false,"neutron_physical_bridge_name":"br-ex","neutron_public_interface_name":"enp4s0","timesync_ntp_servers":[{"hostname":"pool.ntp.org"}]}},"ansibleSSHPrivateKeySecret":"dataplane-ansible-ssh-private-key-secret","managementNetwork":"ctlplane","networks":[{"defaultRoute":true,"name":"ctlplane","subnetName":"subnet1"},{"name":"internalapi","subnetName":"subnet1"},{"name":"storage","subnetName":"subnet1"},{"name":"tenant","subnetName":"subnet1"}]},"nodes":{"edpm-compute-0":{"bmhLabelSelector":{"nodeName":"bmh0"},"hostName":"edpm-compute-a-0"}},"preProvisioned":false,"services":["bootstrap","configure-network","validate-network","install-os","configure-os","ssh-known-hosts","run-os","reboot-os","install-certs","ovn","neutron-metadata","libvirt","nova"]}} creationTimestamp: "2026-03-19T12:34:58Z" generation: 1 managedFields: - apiVersion: dataplane.openstack.org/v1beta1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:kubectl.kubernetes.io/last-applied-configuration: {} f:spec: .: {} f:baremetalSetTemplate: .: {} f:automatedCleaningMode: {} f:bmhLabelSelector: .: {} f:app: {} f:bmhNamespace: {} f:cloudUserName: {} f:ctlplaneInterface: {} f:deploymentSSHSecret: {} f:osImage: {} f:osImageDeploymentType: {} f:env: {} f:networkAttachments: {} f:nodeTemplate: .: {} f:ansible: .: {} f:ansiblePort: {} f:ansibleUser: {} f:ansibleVars: .: {} f:edpm_bootstrap_command: {} f:edpm_container_registry_logins: {} f:edpm_network_config_hide_sensitive_logs: {} f:edpm_network_config_template: {} f:edpm_podman_registries: {} f:edpm_sshd_allowed_ranges: {} f:gather_facts: {} f:neutron_physical_bridge_name: {} f:neutron_public_interface_name: {} f:timesync_ntp_servers: {} f:ansibleSSHPrivateKeySecret: {} f:managementNetwork: {} f:networks: {} f:nodes: .: {} f:edpm-compute-0: .: {} f:bmhLabelSelector: .: {} f:nodeName: {} f:hostName: {} f:preProvisioned: {} f:secretMaxSize: {} f:services: {} f:tlsEnabled: {} manager: kubectl-client-side-apply operation: Update time: "2026-03-19T12:34:58Z" - apiVersion: dataplane.openstack.org/v1beta1 fieldsType: FieldsV1 fieldsV1: f:status: .: {} f:allHostnames: .: {} f:edpm-compute-a-0: .: {} f:ctlplane: {} f:internalapi: {} f:storage: {} f:tenant: {} f:allIPs: .: {} f:edpm-compute-a-0: .: {} f:ctlplane: {} f:internalapi: {} f:storage: {} f:tenant: {} f:conditions: {} f:configHash: {} f:ctlplaneSearchDomain: {} f:dnsClusterAddresses: {} f:observedGeneration: {} manager: manager operation: Update subresource: status time: "2026-03-19T12:38:54Z" name: edpm-a namespace: openstack resourceVersion: "37188" uid: a932aa40-cf63-48a9-bda2-d2763ae0020d spec: baremetalSetTemplate: automatedCleaningMode: metadata bmhLabelSelector: app: openstack bmhNamespace: openstack cloudUserName: cloud-admin ctlplaneInterface: enp4s0 deploymentSSHSecret: dataplane-ansible-ssh-private-key-secret hardwareReqs: cpuReqs: countReq: {} mhzReq: {} diskReqs: gbReq: {} ssdReq: {} memReqs: gbReq: {} osImage: edpm-hardened-uefi.qcow2 osImageDeploymentType: SelfExtracting env: - name: ANSIBLE_FORCE_COLOR value: "True" networkAttachments: - ctlplane nodeTemplate: ansible: ansiblePort: 22 ansibleUser: cloud-admin ansibleVars: edpm_bootstrap_command: | #!/bin/bash # Copyright Red Hat, Inc. # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. set -euxo pipefail pushd /var/tmp curl -sL https://github.com/openstack-k8s-operators/repo-setup/archive/refs/heads/main.tar.gz | tar -xz pushd repo-setup-main python3 -m venv ./venv PBR_VERSION=0.0.0 ./venv/bin/pip install ./ # This is required for FIPS enabled until trunk.rdoproject.org # is not being served from a centos7 host, tracked by # https://issues.redhat.com/browse/RHOSZUUL-1517 update-crypto-policies --set FIPS:NO-ENFORCE-EMS ./venv/bin/repo-setup current-podified -b antelope popd rm -rf repo-setup-main edpm_container_registry_logins: {} edpm_network_config_hide_sensitive_logs: false edpm_network_config_template: | --- {% set mtu_list = [ctlplane_mtu] %} {% for network in nodeset_networks %} {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }} {%- endfor %} {% set min_viable_mtu = mtu_list | max %} network_config: - type: ovs_bridge name: {{ neutron_physical_bridge_name }} mtu: {{ min_viable_mtu }} use_dhcp: false dns_servers: {{ ctlplane_dns_nameservers }} domain: {{ dns_search_domains }} addresses: - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }} routes: {{ ctlplane_host_routes }} members: - type: interface name: nic2 mtu: {{ min_viable_mtu }} primary: true {% for network in nodeset_networks %} - type: vlan mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }} vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }} addresses: - ip_netmask: >- {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }} routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }} {% endfor %} edpm_podman_registries: [] edpm_sshd_allowed_ranges: - 192.168.32.254/32 - 192.168.122.0/24 gather_facts: false neutron_physical_bridge_name: br-ex neutron_public_interface_name: enp4s0 timesync_ntp_servers: - hostname: pool.ntp.org ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret managementNetwork: ctlplane networks: - defaultRoute: true name: ctlplane subnetName: subnet1 - name: internalapi subnetName: subnet1 - name: storage subnetName: subnet1 - name: tenant subnetName: subnet1 nodes: edpm-compute-0: ansible: {} bmhLabelSelector: nodeName: bmh0 hostName: edpm-compute-a-0 secretMaxSize: 1048576 services: - bootstrap - configure-network - validate-network - install-os - configure-os - ssh-known-hosts - run-os - reboot-os - install-certs - ovn - neutron-metadata - libvirt - nova tlsEnabled: true status: allHostnames: edpm-compute-a-0: ctlplane: edpm-compute-a-0.ctlplane.openstack.lab internalapi: edpm-compute-a-0.internalapi.openstack.lab storage: edpm-compute-a-0.storage.openstack.lab tenant: edpm-compute-a-0.tenant.openstack.lab allIPs: edpm-compute-a-0: ctlplane: 192.168.122.100 internalapi: 172.17.0.100 storage: 172.18.0.100 tenant: 172.19.0.100 conditions: - lastTransitionTime: "2026-03-19T12:36:09Z" message: Setup started reason: Requested severity: Info status: "False" type: Ready - lastTransitionTime: "2026-03-19T12:34:59Z" message: Deployment not started reason: Init status: Unknown type: DeploymentReady - lastTransitionTime: "2026-03-19T12:38:54Z" message: Input data complete reason: Ready status: "True" type: InputReady - lastTransitionTime: "2026-03-19T12:38:54Z" message: NodeSetBaremetalProvisionReady not yet ready reason: Requested severity: Info status: "False" type: NodeSetBaremetalProvisionReady - lastTransitionTime: "2026-03-19T12:38:54Z" message: NodeSetDNSDataReady ready reason: Ready status: "True" type: NodeSetDNSDataReady - lastTransitionTime: "2026-03-19T12:34:59Z" message: NodeSetIPReservationReady ready reason: Ready status: "True" type: NodeSetIPReservationReady - lastTransitionTime: "2026-03-19T12:38:54Z" message: ServiceAccount created reason: Ready status: "True" type: ServiceAccountReady - lastTransitionTime: "2026-03-19T12:34:59Z" message: Setup started reason: Requested severity: Info status: "False" type: SetupReady configHash: n554h5c4h56fh646h59ch547h5h58h66hd4h66bh7dh9bh5d8h7chd9hfdh59dh5b7h564h575h545hd4h575h64bh558hb9hc7h68fh667h5c8h56cq ctlplaneSearchDomain: ctlplane.openstack.lab dnsClusterAddresses: - 172.30.215.73 observedGeneration: 1