Skip to content

Commit

Permalink
External Network Selection and Image Meta (#39)
Browse files Browse the repository at this point in the history 
In most cases I've ever seen, for various reasons, there are multiple
external networks.  We need to provide selection criteria to pick ones
that actually work.  Additionally, migrate to the new image metadata
specification to enhance selection for a flavor.
  • Loading branch information
@spjmurray
spjmurray committed Jul 25, 2024
1 parent 71a94fd commit 17d2c2e
Show file tree
Hide file tree
Showing 17 changed files with 1,006 additions and 274 deletions.
4 changes: 2 additions & 2 deletions charts/region/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ description: A Helm chart for deploying Unikorn's Region Controller

type: application

version: v0.1.25
appVersion: v0.1.25
version: v0.1.26
appVersion: v0.1.26

icon: https://raw.githubusercontent.com/unikorn-cloud/assets/main/images/logos/dark-on-light/icon.png

Expand Down
127 changes: 80 additions & 47 deletions charts/region/crds/region.unikorn-cloud.org_regions.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,60 +190,93 @@ spec:
image:
description: Image is configuration for the image service.
properties:
propertiesInclude:
selector:
description: |-
PropertiesInclude defines the set of properties that must all exist
for an image to be advertised by the provider.
items:
type: string
type: array
signingKey:
description: |-
SigningKey defines a PEM encoded public ECDSA signing key used to verify
the image is trusted. If specified, an image must contain the "digest"
property, the value of which must be a base64 encoded ECDSA signature of
the SHA256 hash of the image ID.
format: byte
type: string
Selector defines a set of rules to lookup images.
If not specified, all images are selected.
properties:
properties:
description: |-
Properties defines the set of properties an image needs to have to
be selected.
items:
type: string
type: array
signingKey:
description: |-
SigningKey defines a PEM encoded public ECDSA signing key used to verify
the image is trusted. If specified, an image must contain the "digest"
property, the value of which must be a base64 encoded ECDSA signature of
the SHA256 hash of the image ID.
format: byte
type: string
type: object
type: object
network:
description: Network is configuration for the network service.
properties:
physicalNetwork:
description: |-
PhysicalNetwork is the neutron provider specific network name used
to provision provider networks e.g. VLANs for bare metal clusters.
type: string
vlan:
description: |-
VLAN is the VLAN configuration. If not specified and a VLAN provider
network is requested then the ID will be allocated between 1-6094
inclusive.
externalNetworks:
description: ExternalNetworks allows external network options
to be specified.
properties:
segments:
selector:
description: |-
Segements allow blocks of VLAN IDs to be allocated from. In a multi
tenant system, it's possible and perhaps necessary, that this controller
be limited to certain ranges to avoid split brain scenarios when another
user or system is allocating VLAN IDs for itself.
items:
properties:
endId:
description: EndID is the VLAN ID at the end of
the range.
maximum: 4094
type: integer
startId:
description: StartID is VLAN ID at the start of
the range.
minimum: 1
type: integer
required:
- endId
- startId
type: object
minItems: 1
type: array
Selector defines a set of rules to lookup external networks.
In none is specified, all external networks are selected.
properties:
ids:
description: IDs is an explicit list of network IDs.
items:
type: string
type: array
tags:
description: Tags is an implicit selector of networks
with a set of all specified tags.
items:
type: string
type: array
type: object
type: object
providerNetworks:
description: ProviderNetworks allows provider networks to
be configured.
properties:
physicalNetwork:
description: |-
PhysicalNetwork is the neutron provider specific network name used
to provision provider networks e.g. VLANs for bare metal clusters.
type: string
vlan:
description: |-
VLAN is the VLAN configuration. If not specified and a VLAN provider
network is requested then the ID will be allocated between 1-6094
inclusive.
properties:
segments:
description: |-
Segements allow blocks of VLAN IDs to be allocated from. In a multi
tenant system, it's possible and perhaps necessary, that this controller
be limited to certain ranges to avoid split brain scenarios when another
user or system is allocating VLAN IDs for itself.
items:
properties:
endId:
description: EndID is the VLAN ID at the end
of the range.
maximum: 4094
type: integer
startId:
description: StartID is VLAN ID at the start
of the range.
minimum: 1
type: integer
required:
- endId
- startId
type: object
minItems: 1
type: array
type: object
type: object
type: object
serviceAccountSecret:
Expand Down
58 changes: 9 additions & 49 deletions charts/region/templates/region.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,59 +21,19 @@ spec:
name: {{ $openstack.serviceAccountSecret.name }}
{{- with $identity := $openstack.identity }}
{{ printf "identity:" | nindent 4 }}
{{- with $roles := $identity.clusterRoles }}
{{ printf "clusterRoles:" | nindent 6 }}
{{- range $role := $roles }}
{{ printf "- %s" $role | nindent 6 }}
{{- end }}
{{- end }}
{{- toYaml $identity | nindent 6 }}
{{- end }}
{{- with $compute := $openstack.compute -}}
{{- printf "compute:" | nindent 4 }}
{{- with $policy := $compute.regionGroupPolicy -}}
{{ printf "regionGroupPolicy: %s" $policy | nindent 6 }}
{{- end }}
{{- with $flavors := $compute.flavors -}}
{{- printf "flavors:" | nindent 6 }}
{{- printf "selectionPolicy: %s" $flavors.selectionPolicy | nindent 8 }}
{{- with $includes := $flavors.include }}
{{- printf "include:" | nindent 8 }}
{{- range $include := $includes }}
{{- printf "- id: %s" $include.id | nindent 8 }}
{{- with $cpu := $include.cpu -}}
{{- printf "cpu:" | nindent 10 }}
{{- with $family := $cpu.family -}}
{{ printf "family: %s" $family | nindent 12 }}
{{- end }}
{{- end }}
{{- with $gpu := $include.gpu -}}
{{- printf "gpu:" | nindent 10 }}
{{- printf "vendor: %s" $gpu.vendor | nindent 12 }}
{{- printf "model: %s" $gpu.model | nindent 12 }}
{{- printf "memory: %s" $gpu.memory | nindent 12 }}
{{- printf "count: %v" $gpu.count | nindent 12 }}
{{- end }}
{{- end }}
{{- end }}
{{- with $excludes := $flavors.exclude -}}
{{- printf "exclude:" | nindent 8 }}
{{- range $exclude := $excludes }}
{{- printf "- id: %s" $exclude.id | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}
{{ printf "compute:" | nindent 4 }}
{{- toYaml $compute | nindent 6 }}
{{- end }}
{{- with $image := $openstack.image -}}
{{- printf "image:" | nindent 4 }}
{{- with $properties := $image.propertiesInclude -}}
{{ printf "propertiesInclude:" | nindent 6 }}
{{- range $property := $properties }}
{{ printf "- %s" $property | nindent 6 }}
{{- end }}
{{- end }}
{{- with $signingKey := $image.signingKey -}}
{{ printf "signingKey: %s" $signingKey | nindent 6 }}
{{- end }}
{{ printf "image:" | nindent 4 }}
{{- toYaml $image | nindent 6 }}
{{- end }}
{{- with $network := $openstack.network -}}
{{ printf "network:" | nindent 4 }}
{{- toYaml $network | nindent 6 }}
{{- end }}
{{- end }}
{{- end }}
Loading

0 comments on commit 17d2c2e

Please sign in to comment.