Dustin C. Hatch
7201f7ed5c
To improve the performance of persistent volumes accessed directly from the Synology by Kubernetes pods, I've decided to expose the storage network to the Kubernetes worker node VMs. This way, iSCSI traffic does not have to go through the firewall. I chose not to use the physical interfaces that are already directly connected to the storage network for this for two reasons: 1) I like the physical separation of concerns and 2) it would add complexity to the setup by introducing a bridge on top of the existing bond.
265 lines
4.8 KiB
YAML
265 lines
4.8 KiB
YAML
libvirt_networks:
|
|
- name: prod
|
|
type: bridge
|
|
bridge_iface: br0
|
|
- name: test
|
|
type: bridge
|
|
bridge_iface: br1
|
|
- name: camera
|
|
type: bridge
|
|
bridge_iface: camera
|
|
- name: mgmt
|
|
type: bridge
|
|
bridge_iface: mgmt
|
|
- name: kube
|
|
type: bridge
|
|
bridge_iface: kube
|
|
- name: storage
|
|
type: bridge
|
|
bridge_iface: storage
|
|
storage_host: storage0.pyrocufflink.blue
|
|
shared_volume_mount_packages:
|
|
- nfs-utils
|
|
mount_shared_volumes:
|
|
- mountpoint: /var/lib/libvirt/images
|
|
host: '[{{ lookup("dig", storage_host, "qtype=AAAA") }}]'
|
|
share: /volume1/VirtualMachines
|
|
opts: vers=4,intr
|
|
|
|
vmhost_netdevs:
|
|
- name: 40-bond0
|
|
NetDev:
|
|
Description: Bonded link for Virtual Machines
|
|
Name: bond0
|
|
Kind: bond
|
|
Bond:
|
|
Mode: 802.3ad
|
|
MIIMonitorSec: 100ms
|
|
- name: 40-bond1
|
|
NetDev:
|
|
Description: Bonded link for storage network
|
|
Name: bond1
|
|
Kind: bond
|
|
Bond:
|
|
Mode: 802.3ad
|
|
MIIMonitorSec: 100ms
|
|
|
|
- name: 50-vlan1
|
|
NetDev:
|
|
Description: pyrocufflink.blue network (VLAN 1)
|
|
Name: vlan1
|
|
Kind: vlan
|
|
VLAN:
|
|
Id: 1
|
|
- name: 51-vlan10
|
|
NetDev:
|
|
Description: Management network (VLAN 10)
|
|
Name: vlan10
|
|
Kind: vlan
|
|
VLAN:
|
|
Id: 10
|
|
- name: 51-vlan60
|
|
NetDev:
|
|
Description: Kubernetes network (VLAN 60)
|
|
Name: vlan60
|
|
Kind: vlan
|
|
VLAN:
|
|
Id: 60
|
|
- name: 51-vlan64
|
|
NetDev:
|
|
Description: Storage network (VLAN 64)
|
|
Name: vlan64
|
|
Kind: vlan
|
|
VLAN:
|
|
Id: 64
|
|
- name: 52-vlan101
|
|
NetDev:
|
|
Description: pyrocufflink.red network (VLAN 101)
|
|
Name: vlan101
|
|
Kind: vlan
|
|
VLAN:
|
|
Id: 101
|
|
- name: 52-vlan102
|
|
NetDev:
|
|
Description: Camera network (VLAN 102)
|
|
Name: vlan102
|
|
Kind: vlan
|
|
VLAN:
|
|
Id: 102
|
|
|
|
- name: 60-prod
|
|
NetDev:
|
|
Description: pyrocufflink.blue VM network bridge
|
|
Name: br0
|
|
Kind: bridge
|
|
Bridge:
|
|
MulticastQuerier: 'yes'
|
|
- name: 60-mgmt
|
|
NetDev:
|
|
Description: Management VM network bridge
|
|
Name: mgmt
|
|
Kind: bridge
|
|
- name: 60-test
|
|
NetDev:
|
|
Description: pyrocufflink.red VM network bridge
|
|
Name: br1
|
|
Kind: bridge
|
|
- name: 60-camera
|
|
NetDev:
|
|
Description: Camera VM network bridge
|
|
Name: camera
|
|
Kind: bridge
|
|
- name: 60-kube
|
|
NetDev:
|
|
Description: Kubernetes VM network bridge
|
|
Name: kube
|
|
Kind: bridge
|
|
- name: 60-storage
|
|
NetDev:
|
|
Description: Storage VM network bridge
|
|
Name: storage
|
|
Kind: bridge
|
|
|
|
vmhost_networks:
|
|
- name: 40-bond0
|
|
Match:
|
|
Name: bond0
|
|
Network:
|
|
Description: VM network bond
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
VLAN:
|
|
- vlan1 # pyrocufflink.blue
|
|
- vlan10 # Management
|
|
- vlan60 # Kubernetes
|
|
- vlan64 # Storage
|
|
- vlan101 # pyrocufflink.red
|
|
- vlan102 # Cameras
|
|
- name: 40-bond1
|
|
Match:
|
|
Name: bond1
|
|
Network:
|
|
Description: Storage network bond
|
|
DHCP: 'no'
|
|
Address: '{{ storage_net_address }}'
|
|
IPv6AcceptRA: 'no'
|
|
RequiredFamilyForOnline: ipv6
|
|
Link:
|
|
MTUBytes: 9000
|
|
|
|
- name: 50-vlan1
|
|
Match:
|
|
Name: vlan1
|
|
Network:
|
|
Description: pyrocufflink.blue network
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
Bridge: br0
|
|
- name: 51-vlan10
|
|
Match:
|
|
Name: vlan10
|
|
Network:
|
|
Description: Management network
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
Bridge: mgmt
|
|
- name: 51-vlan60
|
|
Match:
|
|
Name: vlan60
|
|
Network:
|
|
Description: Kubernetes network
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
Bridge: kube
|
|
- name: 51-vlan64
|
|
Match:
|
|
Name: vlan64
|
|
Network:
|
|
Description: Storage network
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
Bridge: storage
|
|
- name: 52-vlan101
|
|
Match:
|
|
Name: vlan101
|
|
Network:
|
|
Description: pyrocufflink.red network
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
Bridge: br1
|
|
- name: 52-vlan102
|
|
Match:
|
|
Name: vlan102
|
|
Network:
|
|
Description: Camera network
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
Bridge: camera
|
|
|
|
- name: 60-prod
|
|
Match:
|
|
Name: br0
|
|
Network:
|
|
Description: pyrocufflink.blue VM network bridge
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
- name: 60-kube
|
|
Match:
|
|
Name: kube
|
|
Network:
|
|
Description: Kubernetes network bridge
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
- name: 60-storage
|
|
Match:
|
|
Name: storage
|
|
Network:
|
|
Description: Storage network bridge
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
- name: 60-mgmt
|
|
Match:
|
|
Name: mgmt
|
|
Network:
|
|
Description: Management VM network bridge
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
- name: 60-test
|
|
Match:
|
|
Name: br1
|
|
Network:
|
|
Description: pyrocufflink.red VM network bridge
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
- name: 60-camera
|
|
Match:
|
|
Name: camera
|
|
Network:
|
|
Description: Camera VM network bridge
|
|
DHCP: 'no'
|
|
LinkLocalAddressing: 'no'
|
|
|
|
vm_autostart:
|
|
- dc-grumbly
|
|
- dc-headphone
|
|
- delay 30s
|
|
- logs0
|
|
- delay 10s
|
|
- k8s-ctrl0
|
|
- delay 10s
|
|
- k8s-amd64-n0
|
|
- k8s-amd64-n1
|
|
- k8s-amd64-n2
|
|
- k8s-amd64-n3
|
|
- delay 15s
|
|
- web0
|
|
- file0
|
|
- cloud0
|
|
- bw0
|
|
- delay 5s
|
|
- smtp1
|
|
- matrix0
|
|
- delay 10s
|
|
- pxe0
|
|
- unifi2
|