feat: Neutron resync to Nautobot

docs/component-argo-workflows.md

@@ -14,6 +14,7 @@ set of WorkflowTemplates below.
 | nautobot-api            | HTTP Template Workflow to query the Nautobot API          | method,nautobot_url,uri | result     |   |
 | bmc-sync-creds          | Sync's a devices BMC password with what we have on record | device_id               |            |   |
 | resync-ironic-nautobot  | Resync Ironic nodes to Nautobot                           | node (optional)         |            |   |
+| resync-neutron-nautobot | Resync Neutron networks/subnets to Nautobot               | network (optional)      |            |   |
 
 \* WorkflowTemplate which requires a manual / custom implementation.
 

docs/operator-guide/index.md

@@ -37,7 +37,7 @@ be the regular project area.
 
 - [Gateway API Migration Guide](gateway-api.md) - Migration from ingress-nginx to Kubernetes Gateway API with Envoy Gateway
 - [Argo Workflows](workflows.md) - Workflow orchestration and troubleshooting
-- [Ironic to Nautobot Sync](ironic-nautobot-sync.md) - Event-driven sync and bulk resync operations
+- [OpenStack to Nautobot Sync](openstack-nautobot-sync.md) - Event-driven sync and bulk resync operations
 - [Monitoring Stack](monitoring.md) - Prometheus and Grafana monitoring
 
 [cli]: <../user-guide/openstack-cli.md>

docs/operator-guide/openstack-nautobot-sync.md

@@ -0,0 +1,170 @@
+# OpenStack to Nautobot Synchronization
+
+This guide explains how OpenStack data (Ironic and Neutron) is synchronized
+to Nautobot and how to handle situations when they get out of sync.
+
+## Event-Driven Sync
+
+Under normal operation, OpenStack data is automatically synchronized to Nautobot
+via Oslo notifications. When changes occur, events are published to RabbitMQ
+and processed by Argo Events workflows.
+
+### How It Works
+
+1. OpenStack services publish Oslo notifications to RabbitMQ
+2. Argo Events EventSources consume messages from the queues
+3. Sensors filter for relevant events and trigger workflows
+4. The `openstack-oslo-event` workflow processes events and updates Nautobot
+
+### Supported Ironic Events
+
+| Event Type | Action |
+|------------|--------|
+| `baremetal.node.create.end` | Creates device in Nautobot |
+| `baremetal.node.update.end` | Updates device in Nautobot |
+| `baremetal.node.delete.end` | Deletes device from Nautobot |
+| `baremetal.node.provision_set.end` | Updates device status and syncs inspection data |
+| `baremetal.port.create.end` | Creates interface in Nautobot |
+| `baremetal.port.update.end` | Updates interface in Nautobot |
+| `baremetal.port.delete.end` | Deletes interface from Nautobot |
+
+### Supported Neutron Events
+
+| Event Type | Action |
+|------------|--------|
+| `network.create.end` | Creates UCVNI and IPAM namespace in Nautobot |
+| `network.update.end` | Updates UCVNI in Nautobot |
+| `network.delete.end` | Deletes UCVNI and namespace from Nautobot |
+| `subnet.create.end` | Creates prefix in Nautobot |
+| `subnet.update.end` | Updates prefix in Nautobot |
+| `subnet.delete.end` | Deletes prefix from Nautobot |
+
+### Data Synchronized
+
+**From Ironic:**
+
+- Device name (generated from manufacturer and service tag)
+- Serial number
+- Manufacturer and model
+- Hardware specs (memory, CPUs, local storage)
+- Provision state (mapped to Nautobot status)
+- Location and rack (derived from connected switches)
+- Tenant (from Ironic lessee field)
+- Network interfaces and their connections
+
+**From Neutron:**
+
+- Networks → UCVNI (undercloud VNI) with segmentation ID
+- Networks → IPAM Namespaces
+- Subnets → IPAM Prefixes
+
+## Bulk Resync
+
+When Nautobot gets out of sync with OpenStack, you can perform a bulk resync.
+Run Neutron resync first to ensure IPAM namespaces and prefixes exist before
+syncing Ironic devices and interfaces.
+
+### Resync Order
+
+For a full resync, run in this order:
+
+1. Neutron (creates namespaces and prefixes)
+2. Ironic (creates devices and interfaces)
+
+### Scheduled Resync (CronWorkflow)
+
+A CronWorkflow runs daily at 2:00 AM UTC to catch any drift between Ironic
+and Nautobot. This provides a safety net for missed events.
+
+Check the schedule:
+
+```bash
+argo -n argo-events cron list
+```
+
+Manually trigger the scheduled workflow:
+
+```bash
+argo -n argo-events submit --from cronworkflow/resync-ironic-nautobot
+```
+
+Suspend/resume the schedule:
+
+```bash
+argo -n argo-events cron suspend resync-ironic-nautobot
+argo -n argo-events cron resume resync-ironic-nautobot
+```
+
+### On-Demand Resync (WorkflowTemplate)
+
+**Neutron (run first):**
+
+```bash
+# Resync all networks and subnets
+argo -n argo-events submit --from workflowtemplate/resync-neutron-nautobot
+
+# Resync a specific network
+argo -n argo-events submit --from workflowtemplate/resync-neutron-nautobot \
+  -p network="<network-uuid>"
+```
+
+**Ironic (run after Neutron):**
+
+Resync all nodes:
+
+```bash
+argo -n argo-events submit --from workflowtemplate/resync-ironic-nautobot
+```
+
+Resync a specific node:
+
+```bash
+argo -n argo-events submit --from workflowtemplate/resync-ironic-nautobot \
+  -p node="<node-uuid>"
+```
+
+### Using CLI Directly
+
+For debugging or running outside the cluster:
+
+**Neutron:**
+
+```bash
+# Resync all networks and subnets
+resync-neutron-nautobot \
+  --nautobot_url https://nautobot.example.com \
+  --nautobot_token <token>
+
+# Resync a specific network
+resync-neutron-nautobot \
+  --network <uuid> \
+  --nautobot_url https://nautobot.example.com \
+  --nautobot_token <token>
+
+# Dry run
+resync-neutron-nautobot \
+  --dry-run \
+  --nautobot_url https://nautobot.example.com \
+  --nautobot_token <token>
+```
+
+**Ironic:**
+
+```bash
+# Resync all nodes
+resync-ironic-nautobot \
+  --nautobot_url https://nautobot.example.com \
+  --nautobot_token <token>
+
+# Resync a specific node
+resync-ironic-nautobot \
+  --node <uuid> \
+  --nautobot_url https://nautobot.example.com \
+  --nautobot_token <token>
+
+# Dry run to see what would be synced
+resync-ironic-nautobot \
+  --dry-run \
+  --nautobot_url https://nautobot.example.com \
+  --nautobot_token <token>
+```

mkdocs.yml

@@ -174,7 +174,7 @@ nav:
     - 'Infrastructure':
       - operator-guide/argocd-helm-chart.md
       - operator-guide/workflows.md
-      - operator-guide/ironic-nautobot-sync.md
+      - operator-guide/openstack-nautobot-sync.md
       - operator-guide/monitoring.md
       - operator-guide/gateway-api.md
       - operator-guide/bmc-password.md

python/understack-workflows/pyproject.toml

@@ -39,6 +39,7 @@ netapp-configure-interfaces = "understack_workflows.main.netapp_configure_net:ma
 netapp-create-svm = "understack_workflows.main.netapp_create_svm:main"
 openstack-oslo-event = "understack_workflows.main.openstack_oslo_event:main"
 resync-ironic-nautobot = "understack_workflows.main.resync_ironic_to_nautobot:main"
+resync-neutron-nautobot = "understack_workflows.main.resync_neutron_to_nautobot:main"
 sync-keystone = "understack_workflows.main.sync_keystone:main"
 sync-network-segment-range = "understack_workflows.main.sync_ucvni_group_range:main"
 undersync-switch = "understack_workflows.main.undersync_switch:main"