From dae9075ab47a6f191cb1d3fcb50c7db9e13d9279 Mon Sep 17 00:00:00 2001 From: Chris Wheeler Date: Mon, 8 Sep 2025 23:56:35 +0000 Subject: [PATCH] Updating versions of OKD, Stolostron, oran-o2ims - Updated OKD version to 4.20 - Updated Stolostron version to 2.15 - Moved PV/PVC resource definition to ocloud_platform_okd role - Added AgentServiceConfig and Provisioning resource definitions - Removed superfluous ocloud_platform_siteconfig role - Increased default CPU/memory in ocloud_infra_vm role - Bug fixes in ocloud_dms and ocloud_infra_baremetal roles Issue-ID: INF-498 Change-Id: If2f20271d8b80b719e2e6febb9669ba69f91122d Signed-Off-By: Chris Wheeler --- okd/roles/ocloud/tasks/main.yml | 19 ++--- okd/roles/ocloud_dms/templates/kubeconfig.j2 | 8 +- okd/roles/ocloud_infra_baremetal/tasks/main.yml | 6 +- okd/roles/ocloud_infra_vm/defaults/main.yml | 4 +- okd/roles/ocloud_platform_mco/tasks/main.yml | 14 ---- okd/roles/ocloud_platform_o2ims/defaults/main.yml | 2 +- okd/roles/ocloud_platform_o2ims/tasks/main.yml | 13 +++ okd/roles/ocloud_platform_okd/defaults/main.yml | 2 +- okd/roles/ocloud_platform_okd/handlers/main.yml | 25 ++++++ .../templates/99-master-pvs.yaml.j2 | 20 ++++- .../templates/provisioning.yaml.j2 | 7 ++ .../templates/pv.yaml.j2 | 92 ++++++++++++++++++++++ .../templates/sc.yaml.j2 | 0 .../ocloud_platform_siteconfig/defaults/main.yml | 4 - .../ocloud_platform_siteconfig/tasks/main.yml | 26 ------ .../ocloud_platform_stolostron/defaults/main.yml | 7 +- .../ocloud_platform_stolostron/tasks/main.yml | 19 +++++ .../templates/agent-service-config.yaml.j2 | 25 ++++++ 18 files changed, 221 insertions(+), 72 deletions(-) create mode 100644 okd/roles/ocloud_platform_okd/templates/provisioning.yaml.j2 rename okd/roles/{ocloud_platform_mco => ocloud_platform_okd}/templates/pv.yaml.j2 (59%) rename okd/roles/{ocloud_platform_mco => ocloud_platform_okd}/templates/sc.yaml.j2 (100%) delete mode 100644 okd/roles/ocloud_platform_siteconfig/defaults/main.yml delete mode 100644 okd/roles/ocloud_platform_siteconfig/tasks/main.yml create mode 100644 okd/roles/ocloud_platform_stolostron/templates/agent-service-config.yaml.j2 diff --git a/okd/roles/ocloud/tasks/main.yml b/okd/roles/ocloud/tasks/main.yml index 99be7c65..d94e1034 100644 --- a/okd/roles/ocloud/tasks/main.yml +++ b/okd/roles/ocloud/tasks/main.yml @@ -33,13 +33,6 @@ run_once: true when: ocloud_platform == "okd" -- name: Include platform role - SiteConfig - ansible.builtin.import_role: - name: "ocloud_platform_siteconfig" - delegate_to: "{{ groups['deployer'][0] }}" - run_once: true - when: ocloud_platform == "okd" - - name: Include platform role - ClusterGroupUpgrades ansible.builtin.import_role: name: "ocloud_platform_cgu" @@ -61,9 +54,9 @@ run_once: true when: ocloud_platform == "okd" -- name: Include platform role - oran-hwmgr-plugin - ansible.builtin.import_role: - name: "ocloud_platform_hwmgr" - delegate_to: "{{ groups['deployer'][0] }}" - run_once: true - when: ocloud_platform == "okd" +#- name: Include platform role - oran-hwmgr-plugin +# ansible.builtin.import_role: +# name: "ocloud_platform_hwmgr" +# delegate_to: "{{ groups['deployer'][0] }}" +# run_once: true +# when: ocloud_platform == "okd" diff --git a/okd/roles/ocloud_dms/templates/kubeconfig.j2 b/okd/roles/ocloud_dms/templates/kubeconfig.j2 index f2487d95..fd6815f3 100644 --- a/okd/roles/ocloud_dms/templates/kubeconfig.j2 +++ b/okd/roles/ocloud_dms/templates/kubeconfig.j2 @@ -2,7 +2,7 @@ apiVersion: v1 kind: Config clusters: - cluster: - certificate-authority-data: {{ o2_dms_deployment_mgr_profile['json']['extensions']['profileData']['cluster_ca_cert'] }} + certificate-authority-data: {{ o2_dms_deployment_mgr_profile['json']['extensions']['profileData']['cluster_ca_cert'] | b64encode }} server: {{ o2_dms_deployment_mgr_profile['json']['extensions']['profileData']['cluster_api_endpoint'] }} name: {{ o2_dms_deployment_mgr_profile['json']['name'] }} contexts: @@ -15,7 +15,5 @@ preferences: {} users: - name: admin user: - client-certificate-data: |- - {{ o2_dms_deployment_mgr_profile['json']['extensions']['profileData']['admin_client_cert'] | indent(6) }} - client-key-data: |- - {{ o2_dms_deployment_mgr_profile['json']['extensions']['profileData']['admin_client_key'] | indent(6) }} + client-certificate-data: {{ o2_dms_deployment_mgr_profile['json']['extensions']['profileData']['admin_client_cert'] | b64encode }} + client-key-data: {{ o2_dms_deployment_mgr_profile['json']['extensions']['profileData']['admin_client_key'] | b64encode }} diff --git a/okd/roles/ocloud_infra_baremetal/tasks/main.yml b/okd/roles/ocloud_infra_baremetal/tasks/main.yml index 6027a314..08220b11 100644 --- a/okd/roles/ocloud_infra_baremetal/tasks/main.yml +++ b/okd/roles/ocloud_infra_baremetal/tasks/main.yml @@ -49,13 +49,13 @@ category: Manager command: VirtualMediaEject virtual_media: - image_url: "{{ item[1][0]['Image'] }}" + image_url: "{{ item['Image'] }}" baseuri: "{{ bmc_address }}" username: "{{ bmc_user }}" password: "{{ bmc_password }}" resource_id: "{{ ocloud_infra_baremetal_manager_id }}" - when: item[1][0]['ConnectedVia'] != "NotConnected" and item[1][0]['Image'] | length > 0 - loop: "{{ virtual_media_info['redfish_facts']['virtual_media']['entries'] }}" + when: item['ConnectedVia'] != "NotConnected" and item['Image'] | length > 0 + loop: "{{ virtual_media_info['redfish_facts']['virtual_media']['entries'][0][1] }}" - name: Configure one-time boot from virtual media community.general.redfish_command: diff --git a/okd/roles/ocloud_infra_vm/defaults/main.yml b/okd/roles/ocloud_infra_vm/defaults/main.yml index d2d245c5..4b87904d 100644 --- a/okd/roles/ocloud_infra_vm/defaults/main.yml +++ b/okd/roles/ocloud_infra_vm/defaults/main.yml @@ -1,8 +1,8 @@ --- ocloud_action: "create" ocloud_infra_vm_cpus: 16 -ocloud_infra_vm_mem_gb: 32 -ocloud_infra_vm_disk_gb: 150 +ocloud_infra_vm_mem_gb: 64 +ocloud_infra_vm_disk_gb: 250 ocloud_infra_vm_disk_dir: "/var/lib/libvirt/images" ocloud_infra_vm_disk_path: "{{ ocloud_infra_vm_disk_dir }}/{{ inventory_hostname }}.qcow2" ocloud_infra_vm_image: "{{ ocloud_infra_vm_disk_dir }}/{{ inventory_hostname }}-image.iso" diff --git a/okd/roles/ocloud_platform_mco/tasks/main.yml b/okd/roles/ocloud_platform_mco/tasks/main.yml index b01af6fa..fb550539 100644 --- a/okd/roles/ocloud_platform_mco/tasks/main.yml +++ b/okd/roles/ocloud_platform_mco/tasks/main.yml @@ -10,20 +10,6 @@ state: present kubeconfig: "{{ ocloud_kubeconfig }}" -- name: Create StorageClass - kubernetes.core.k8s: - template: "sc.yaml.j2" - state: present - kubeconfig: "{{ ocloud_kubeconfig }}" - -- name: Create PersistentVolumes - kubernetes.core.k8s: - template: "pv.yaml.j2" - state: present - kubeconfig: "{{ ocloud_kubeconfig }}" - loop: "{{ groups['ocloud'] }}" - when: hostvars[item]['role'] == "master" - - name: Create pull secret kubernetes.core.k8s: template: "pull-secret.yaml.j2" diff --git a/okd/roles/ocloud_platform_o2ims/defaults/main.yml b/okd/roles/ocloud_platform_o2ims/defaults/main.yml index 3e3e4c44..2d389524 100644 --- a/okd/roles/ocloud_platform_o2ims/defaults/main.yml +++ b/okd/roles/ocloud_platform_o2ims/defaults/main.yml @@ -1,4 +1,4 @@ --- ocloud_kubeconfig: ~ ocloud_platform_o2ims_repo_url: "https://github.com/openshift-kni/oran-o2ims.git" -ocloud_platform_o2ims_repo_version: "osc-l-release" +ocloud_platform_o2ims_repo_version: "main" diff --git a/okd/roles/ocloud_platform_o2ims/tasks/main.yml b/okd/roles/ocloud_platform_o2ims/tasks/main.yml index 8c9c20b9..d7aa36b9 100644 --- a/okd/roles/ocloud_platform_o2ims/tasks/main.yml +++ b/okd/roles/ocloud_platform_o2ims/tasks/main.yml @@ -12,3 +12,16 @@ environment: PATH: "{{ ocloud_staging_dir['path'] }}/go/bin:{{ ansible_env.PATH }}" KUBECONFIG: "{{ ocloud_kubeconfig }}" + +- name: Patch postgresql image in oran-o2ims-controller-manager deployment + kubernetes.core.k8s_json_patch: + name: oran-o2ims-controller-manager + kind: Deployment + namespace: "oran-o2ims" + kubeconfig: "{{ ocloud_kubeconfig }}" + patch: + - op: replace + path: "/spec/template/spec/containers/0/env/1" + value: + name: POSTGRES_IMAGE + value: quay.io/sclorg/postgresql-16-c9s:c9s diff --git a/okd/roles/ocloud_platform_okd/defaults/main.yml b/okd/roles/ocloud_platform_okd/defaults/main.yml index 8e2ff134..994e2f58 100644 --- a/okd/roles/ocloud_platform_okd/defaults/main.yml +++ b/okd/roles/ocloud_platform_okd/defaults/main.yml @@ -2,6 +2,6 @@ ocloud_platform_okd_pull_secret: '{"auths":{"fake":{"auth":"aWQ6cGFzcwo="}}}' ocloud_platform_okd_ssh_pubkey: ~ ocloud_kubeconfig: ~ -ocloud_platform_okd_release: "4.19.0-okd-scos.0" +ocloud_platform_okd_release: "4.20.0-okd-scos.12" ocloud_platform_okd_base_url: "quay.io/okd/scos-release" ocloud_platform_okd_cli_url: "https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp" diff --git a/okd/roles/ocloud_platform_okd/handlers/main.yml b/okd/roles/ocloud_platform_okd/handlers/main.yml index 558f252f..8d2d4c1a 100644 --- a/okd/roles/ocloud_platform_okd/handlers/main.yml +++ b/okd/roles/ocloud_platform_okd/handlers/main.yml @@ -9,3 +9,28 @@ - install-complete listen: monitor_platform_deployment when: inventory_hostname == groups['ocloud'][0] + +- name: Create StorageClass + kubernetes.core.k8s: + template: "sc.yaml.j2" + state: present + kubeconfig: "{{ ocloud_kubeconfig }}" + listen: monitor_platform_deployment + when: inventory_hostname == groups['ocloud'][0] + +- name: Create PersistentVolumes + kubernetes.core.k8s: + template: "pv.yaml.j2" + state: present + kubeconfig: "{{ ocloud_kubeconfig }}" + loop: "{{ groups['ocloud'] }}" + listen: monitor_platform_deployment + when: inventory_hostname == groups['ocloud'][0] and hostvars[item]['role'] == "master" + +- name: Create Provisioning + kubernetes.core.k8s: + template: "provisioning.yaml.j2" + state: present + kubeconfig: "{{ ocloud_kubeconfig }}" + listen: monitor_platform_deployment + when: inventory_hostname == groups['ocloud'][0] diff --git a/okd/roles/ocloud_platform_okd/templates/99-master-pvs.yaml.j2 b/okd/roles/ocloud_platform_okd/templates/99-master-pvs.yaml.j2 index c1be32ac..00d64e0b 100644 --- a/okd/roles/ocloud_platform_okd/templates/99-master-pvs.yaml.j2 +++ b/okd/roles/ocloud_platform_okd/templates/99-master-pvs.yaml.j2 @@ -37,10 +37,26 @@ spec: number: 10 sizeMiB: 10240 startMiB: 56320 - - label: var + - label: pv7 number: 11 - sizeMiB: 0 + sizeMiB: 20480 startMiB: 66560 + - label: pv8 + number: 12 + sizeMiB: 8192 + startMiB: 87040 + - label: pv9 + number: 13 + sizeMiB: 8192 + startMiB: 95232 + - label: pv10 + number: 14 + sizeMiB: 10240 + startMiB: 103424 + - label: var + number: 15 + sizeMiB: 0 + startMiB: 113664 filesystems: - device: /dev/disk/by-partlabel/var format: xfs diff --git a/okd/roles/ocloud_platform_okd/templates/provisioning.yaml.j2 b/okd/roles/ocloud_platform_okd/templates/provisioning.yaml.j2 new file mode 100644 index 00000000..04abafc1 --- /dev/null +++ b/okd/roles/ocloud_platform_okd/templates/provisioning.yaml.j2 @@ -0,0 +1,7 @@ +apiVersion: metal3.io/v1alpha1 +kind: Provisioning +metadata: + name: provisioning-configuration +spec: + provisioningNetwork: "Disabled" + watchAllNamespaces: true diff --git a/okd/roles/ocloud_platform_mco/templates/pv.yaml.j2 b/okd/roles/ocloud_platform_okd/templates/pv.yaml.j2 similarity index 59% rename from okd/roles/ocloud_platform_mco/templates/pv.yaml.j2 rename to okd/roles/ocloud_platform_okd/templates/pv.yaml.j2 index 658fa731..ac28968e 100644 --- a/okd/roles/ocloud_platform_mco/templates/pv.yaml.j2 +++ b/okd/roles/ocloud_platform_okd/templates/pv.yaml.j2 @@ -136,3 +136,95 @@ spec: operator: In values: - {{ item }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv7-{{ item }} +spec: + capacity: + storage: "20Gi" + volumeMode: "Filesystem" + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + storageClassName: "local-storage" + local: + path: "/dev/disk/by-partlabel/pv7" + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - {{ item }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv8-{{ item }} +spec: + capacity: + storage: "8Gi" + volumeMode: "Filesystem" + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + storageClassName: "local-storage" + local: + path: "/dev/disk/by-partlabel/pv8" + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - {{ item }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv9-{{ item }} +spec: + capacity: + storage: "8Gi" + volumeMode: "Filesystem" + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + storageClassName: "local-storage" + local: + path: "/dev/disk/by-partlabel/pv9" + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - {{ item }} +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv10-{{ item }} +spec: + capacity: + storage: "10Gi" + volumeMode: "Filesystem" + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + storageClassName: "local-storage" + local: + path: "/dev/disk/by-partlabel/pv10" + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - {{ item }} diff --git a/okd/roles/ocloud_platform_mco/templates/sc.yaml.j2 b/okd/roles/ocloud_platform_okd/templates/sc.yaml.j2 similarity index 100% rename from okd/roles/ocloud_platform_mco/templates/sc.yaml.j2 rename to okd/roles/ocloud_platform_okd/templates/sc.yaml.j2 diff --git a/okd/roles/ocloud_platform_siteconfig/defaults/main.yml b/okd/roles/ocloud_platform_siteconfig/defaults/main.yml deleted file mode 100644 index af7763f6..00000000 --- a/okd/roles/ocloud_platform_siteconfig/defaults/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -ocloud_kubeconfig: ~ -ocloud_platform_siteconfig_snapshot: "2.14.0-SNAPSHOT-2025-05-19-21-04-46" -ocloud_platform_siteconfig_repo_url: "https://github.com/stolostron/siteconfig.git" diff --git a/okd/roles/ocloud_platform_siteconfig/tasks/main.yml b/okd/roles/ocloud_platform_siteconfig/tasks/main.yml deleted file mode 100644 index 36ceceae..00000000 --- a/okd/roles/ocloud_platform_siteconfig/tasks/main.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -- name: Clone stolostron/siteconfig repo - ansible.builtin.git: - repo: "{{ ocloud_platform_siteconfig_repo_url }}" - dest: "{{ ocloud_staging_dir['path'] }}/git/siteconfig" - -- name: Install siteconfig - ansible.builtin.shell: - chdir: "{{ ocloud_staging_dir['path'] }}/git/siteconfig" - cmd: "make install deploy VERSION={{ ocloud_platform_siteconfig_snapshot }}" - environment: - PATH: "{{ ocloud_staging_dir['path'] }}/go/bin:{{ ansible_env.PATH }}" - KUBECONFIG: "{{ ocloud_kubeconfig }}" - -- name: Enable siteconfig - kubernetes.core.k8s_json_patch: - name: multiclusterhub - kind: MultiClusterHub - namespace: open-cluster-management - kubeconfig: "{{ ocloud_kubeconfig }}" - patch: - - op: add - path: "/spec/overrides/components/-" - value: - name: siteconfig - enabled: true diff --git a/okd/roles/ocloud_platform_stolostron/defaults/main.yml b/okd/roles/ocloud_platform_stolostron/defaults/main.yml index 33c84af4..34e1a628 100644 --- a/okd/roles/ocloud_platform_stolostron/defaults/main.yml +++ b/okd/roles/ocloud_platform_stolostron/defaults/main.yml @@ -1,5 +1,10 @@ --- ocloud_platform_stolostron_pull_secret: "{{ ocloud_platform_okd_pull_secret }}" ocloud_kubeconfig: ~ -ocloud_platform_stolostron_snapshot: "2.14.0-SNAPSHOT-2025-05-19-21-04-46" +ocloud_platform_stolostron_snapshot: "2.15.0-SNAPSHOT-2025-12-01-04-59-34" ocloud_platform_stolostron_repo_url: "https://github.com/stolostron/deploy.git" +ocloud_platform_stolostron_assisted_os_images: +- cpuArchitecture: x86_64 + openshiftVersion: "4.19" + url: https://mirror.openshift.com/pub/openshift-v4/x86_64/dependencies/rhcos/4.19/4.19.10/rhcos-4.19.10-x86_64-live-iso.x86_64.iso + version: 9.6.20250826-1 diff --git a/okd/roles/ocloud_platform_stolostron/tasks/main.yml b/okd/roles/ocloud_platform_stolostron/tasks/main.yml index 4a2e9f0e..65a59881 100644 --- a/okd/roles/ocloud_platform_stolostron/tasks/main.yml +++ b/okd/roles/ocloud_platform_stolostron/tasks/main.yml @@ -49,3 +49,22 @@ kind: Service name: search-search-api kubeconfig: "{{ ocloud_kubeconfig }}" + +- name: Create AgentServiceConfig + kubernetes.core.k8s: + template: "agent-service-config.yaml.j2" + state: present + kubeconfig: "{{ ocloud_kubeconfig }}" + +- name: Enable siteconfig + kubernetes.core.k8s_json_patch: + name: multiclusterhub + kind: MultiClusterHub + namespace: open-cluster-management + kubeconfig: "{{ ocloud_kubeconfig }}" + patch: + - op: add + path: "/spec/overrides/components/-" + value: + name: siteconfig + enabled: true diff --git a/okd/roles/ocloud_platform_stolostron/templates/agent-service-config.yaml.j2 b/okd/roles/ocloud_platform_stolostron/templates/agent-service-config.yaml.j2 new file mode 100644 index 00000000..5ae35a16 --- /dev/null +++ b/okd/roles/ocloud_platform_stolostron/templates/agent-service-config.yaml.j2 @@ -0,0 +1,25 @@ +apiVersion: agent-install.openshift.io/v1beta1 +kind: AgentServiceConfig +metadata: + name: agent +spec: + databaseStorage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + filesystemStorage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + imageStorage: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + osImages: + {{ ocloud_platform_stolostron_assisted_os_images | to_nice_yaml(indent=2) | trim | indent(4) }} -- 2.16.6