From 37efbaa4fd4bc6016ab52a0efd8138794725105c Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Mon, 18 Dec 2023 01:47:22 +0000
Subject: [PATCH 1/6] Revert "release-notes.rst: update for H release"

This reverts commit b333642db7d7c5e8a4117995cc8dd64c169eabfd.

Reason for revert: The msg is not correct

Change-Id: I9e4b2e684199345846c2d820ac912aa6d25ca279
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
 docs/release-notes.rst | 42 +-----------------------------------------
 1 file changed, 1 insertion(+), 41 deletions(-)

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 49227e8..e6a541b 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -6,7 +6,7 @@
 INF Release Notes
 =================
 
-This document provides the release notes for I-Release (9.0.0) of INF RTP.
+This document provides the release notes for G-Release (7.0.0) of INF RTP.
 
 .. contents::
    :depth: 3
@@ -43,46 +43,6 @@ Version history
 | 2023-06-15         | 8.0.0              | Jackie Huang       | H Release          |
 |                    |                    |                    |                    |
 +--------------------+--------------------+--------------------+--------------------+
-| 2023-12-15         | 9.0.0              | Jackie Huang       | I Release          |
-|                    |                    |                    |                    |
-+--------------------+--------------------+--------------------+--------------------+
-
-Version 9.0.0, 2023-12-15
--------------------------
-#. Nineth version (I release)
-#. INF MultiOS support:
-
-   * Three images will be provided:
-
-     * Yocto based image
-     * CentOS based image
-     * Debian based image
-
-#. INF MultiArch support:
-
-   * Add support for ARM64 arch.
-   * See developer-guide for how to build image for ARM64.
-   * No image will be provided.
-
-#. Enable three deployment modes on Yocto based image:
-
-   * AIO simplex mode
-   * AIO duplex mode (2 servers with High Availabity)
-   * AIO duplex mode (2 servers with High Availabity) with additional worker node
-
-#. Enable four deployment modes on CentOS based image:
-
-   * AIO simplex mode
-   * AIO duplex mode (2 servers with High Availabity)
-   * AIO duplex mode (2 servers with High Availabity) with additional worker node
-   * Distributed Cloud
-
-#. Enable four deployment modes on Debian based image:
-
-   * AIO simplex mode
-   * AIO duplex mode (2 servers with High Availabity)
-   * AIO duplex mode (2 servers with High Availabity) with additional worker node
-   * Distributed Cloud
 
 Version 8.0.0, 2023-06-15
 -------------------------
-- 
2.16.6


From 4774a0dcbd593e34f6c9e653a460f7bf18327907 Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Mon, 18 Dec 2023 10:12:17 +0800
Subject: [PATCH 2/6] readthedocs: fix the build.os

Set build.os to ubuntu-22.04 to fix the config issue:

```
Invalid configuration option "build.os": expected one of (ubuntu-20.04,
ubuntu-22.04), got latest
```

Issue-ID: INF-438

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Change-Id: I1f1bf70a6cd5f6b9ef1710d4f41519ce6ccca491
---
 .readthedocs.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.readthedocs.yaml b/.readthedocs.yaml
index 243587e..19b2821 100644
--- a/.readthedocs.yaml
+++ b/.readthedocs.yaml
@@ -9,7 +9,7 @@ formats:
   - htmlzip
 
 build:
-  os: latest
+  os: ubuntu-22.04
   tools:
     python: "3.7"
 
-- 
2.16.6


From bd89ac3be268cb73bc82bf45f1598b930c9fc338 Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Fri, 15 Dec 2023 16:15:37 +0800
Subject: [PATCH 3/6] release-notes.rst: update for I release

Issue-ID: INF-436

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Change-Id: I049115e90c051773192e7f9dafe4084678c93f72
---
 docs/release-notes.rst | 42 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index e6a541b..49227e8 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -6,7 +6,7 @@
 INF Release Notes
 =================
 
-This document provides the release notes for G-Release (7.0.0) of INF RTP.
+This document provides the release notes for I-Release (9.0.0) of INF RTP.
 
 .. contents::
    :depth: 3
@@ -43,6 +43,46 @@ Version history
 | 2023-06-15         | 8.0.0              | Jackie Huang       | H Release          |
 |                    |                    |                    |                    |
 +--------------------+--------------------+--------------------+--------------------+
+| 2023-12-15         | 9.0.0              | Jackie Huang       | I Release          |
+|                    |                    |                    |                    |
++--------------------+--------------------+--------------------+--------------------+
+
+Version 9.0.0, 2023-12-15
+-------------------------
+#. Nineth version (I release)
+#. INF MultiOS support:
+
+   * Three images will be provided:
+
+     * Yocto based image
+     * CentOS based image
+     * Debian based image
+
+#. INF MultiArch support:
+
+   * Add support for ARM64 arch.
+   * See developer-guide for how to build image for ARM64.
+   * No image will be provided.
+
+#. Enable three deployment modes on Yocto based image:
+
+   * AIO simplex mode
+   * AIO duplex mode (2 servers with High Availabity)
+   * AIO duplex mode (2 servers with High Availabity) with additional worker node
+
+#. Enable four deployment modes on CentOS based image:
+
+   * AIO simplex mode
+   * AIO duplex mode (2 servers with High Availabity)
+   * AIO duplex mode (2 servers with High Availabity) with additional worker node
+   * Distributed Cloud
+
+#. Enable four deployment modes on Debian based image:
+
+   * AIO simplex mode
+   * AIO duplex mode (2 servers with High Availabity)
+   * AIO duplex mode (2 servers with High Availabity) with additional worker node
+   * Distributed Cloud
 
 Version 8.0.0, 2023-06-15
 -------------------------
-- 
2.16.6


From 0daac088192e38f8f920a6817c4396c2bb1d5343 Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Tue, 19 Dec 2023 15:16:16 +0800
Subject: [PATCH 4/6] Revert "readthedocs: fix the build.os"

This reverts commit 4774a0dcbd593e34f6c9e653a460f7bf18327907.

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Change-Id: I2356c296ec417f63e97c9c955ebde2cc5bffaf13
---
 .readthedocs.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.readthedocs.yaml b/.readthedocs.yaml
index 19b2821..243587e 100644
--- a/.readthedocs.yaml
+++ b/.readthedocs.yaml
@@ -9,7 +9,7 @@ formats:
   - htmlzip
 
 build:
-  os: ubuntu-22.04
+  os: latest
   tools:
     python: "3.7"
 
-- 
2.16.6


From c99cd24e81f9571f2d676a35dc181b445b65a22d Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Tue, 14 May 2024 02:01:30 -0700
Subject: [PATCH 5/6] build_inf_debian: update to stx9.0 for J release

Issue-ID: INF-456

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Change-Id: Ia13fef8234aff0ea47b0bd0eee123d60bd4dd8bc
---
 scripts/build_inf_debian/build_inf_debian.sh | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/scripts/build_inf_debian/build_inf_debian.sh b/scripts/build_inf_debian/build_inf_debian.sh
index 7aa8e1d..96c96ec 100755
--- a/scripts/build_inf_debian/build_inf_debian.sh
+++ b/scripts/build_inf_debian/build_inf_debian.sh
@@ -25,8 +25,8 @@ SRC_ORAN_BRANCH="master"
 
 SRC_ORAN_URL="https://gerrit.o-ran-sc.org/r/pti/rtp"
 
-STX_VER="8.0"
-ORAN_REL="ORAN H-Release (${STX_VER})"
+STX_VER="9.0"
+ORAN_REL="ORAN J-Release (${STX_VER})"
 
 SCRIPTS_DIR=$(dirname $(readlink -f $0))
 SCRIPTS_NAME=$(basename $0)
@@ -125,12 +125,11 @@ fi
 # "_" can't be used in project name
 PRJ_NAME=prj-oran-stx-deb
 
-# stx 8.0 is not released yet
-#STX_SRC_BRANCH="r/stx.${STX_VER}"
+STX_SRC_BRANCH="r/stx.${STX_VER}"
 
 # Temporary for master
-STX_TAG="master-1ba0db8"
-STX_SRC_BRANCH="master"
+#STX_TAG="master-1ba0db8"
+#STX_SRC_BRANCH="master"
 
 STX_LOCAL_DIR=${WORKSPACE}/localdisk
 STX_LOCAL_SRC_DIR=${STX_LOCAL_DIR}/designer/${USER}/${PRJ_NAME}
@@ -143,8 +142,8 @@ STX_APTLY_DIR=${WORKSPACE}/aptly
 STX_MINIKUBE_HOME=${WORKSPACE}/minikube_home
 STX_MANIFEST_URL="https://opendev.org/starlingx/manifest"
 
-#MIRROR_SRC_STX=infbuilder/inf-src-stx:${STX_VER}
-MIRROR_SRC_STX=infbuilder/inf-src-stx:${STX_TAG}
+MIRROR_SRC_STX=infbuilder/inf-src-stx:${STX_VER}
+#MIRROR_SRC_STX=infbuilder/inf-src-stx:${STX_TAG}
 MIRROR_CONTAINER_IMG=infbuilder/inf-debian-mirror:2022.11-stx-${STX_VER}
 MIRROR_APTLY_IMG=infbuilder/inf-debian-aptly:2022.11-stx-${STX_VER}
 
-- 
2.16.6


From 748eb57417b9fcc1ce70f1e509f1b3b652a0e22f Mon Sep 17 00:00:00 2001
From: Chris Wheeler <chwheele@redhat.com>
Date: Tue, 9 Apr 2024 09:01:37 -0700
Subject: [PATCH 6/6] OKD O-Cloud implementation

Implementing OKD (https://www.okd.io/) as an alternative O-Cloud platform.

Issue-ID: INF-441
Change-Id: I92a0b7dd2057642d50a4c931e78c273a27b6b7d3
Signed-off-by: Chris Wheeler <chwheele@redhat.com>
---
 okd/README.md                                      | 194 +++++++++++++++++++++
 okd/ansible.cfg                                    |   7 +
 okd/inventory/group_vars/all/vars.yml              |   4 +
 okd/inventory/group_vars/all/vault.yml             |   4 +
 okd/inventory/host_vars/master-0/vars.yml          |   4 +
 okd/inventory/hosts.yml                            |  13 ++
 okd/playbooks/ocloud.yml                           |   6 +
 okd/requirements.txt                               |   2 +
 okd/requirements.yml                               |   6 +
 okd/roles/ocloud/defaults/main.yml                 |   7 +
 okd/roles/ocloud/tasks/main.yml                    |  12 ++
 okd/roles/ocloud_infra_vm/defaults/main.yml        |  10 ++
 okd/roles/ocloud_infra_vm/tasks/main.yml           |  50 ++++++
 okd/roles/ocloud_infra_vm/templates/virt.xml.j2    | 102 +++++++++++
 .../ocloud_infra_vm/templates/virt_net.xml.j2      |  18 ++
 okd/roles/ocloud_platform_okd/defaults/main.yml    |   5 +
 okd/roles/ocloud_platform_okd/handlers/main.yml    |   7 +
 okd/roles/ocloud_platform_okd/tasks/main.yml       |  56 ++++++
 .../templates/agent-config.yaml.j2                 |   5 +
 .../templates/install-config.yaml.j2               |  26 +++
 20 files changed, 538 insertions(+)
 create mode 100644 okd/README.md
 create mode 100644 okd/ansible.cfg
 create mode 100644 okd/inventory/group_vars/all/vars.yml
 create mode 100644 okd/inventory/group_vars/all/vault.yml
 create mode 100644 okd/inventory/host_vars/master-0/vars.yml
 create mode 100644 okd/inventory/hosts.yml
 create mode 100644 okd/playbooks/ocloud.yml
 create mode 100644 okd/requirements.txt
 create mode 100644 okd/requirements.yml
 create mode 100644 okd/roles/ocloud/defaults/main.yml
 create mode 100644 okd/roles/ocloud/tasks/main.yml
 create mode 100644 okd/roles/ocloud_infra_vm/defaults/main.yml
 create mode 100644 okd/roles/ocloud_infra_vm/tasks/main.yml
 create mode 100644 okd/roles/ocloud_infra_vm/templates/virt.xml.j2
 create mode 100644 okd/roles/ocloud_infra_vm/templates/virt_net.xml.j2
 create mode 100644 okd/roles/ocloud_platform_okd/defaults/main.yml
 create mode 100644 okd/roles/ocloud_platform_okd/handlers/main.yml
 create mode 100644 okd/roles/ocloud_platform_okd/tasks/main.yml
 create mode 100644 okd/roles/ocloud_platform_okd/templates/agent-config.yaml.j2
 create mode 100644 okd/roles/ocloud_platform_okd/templates/install-config.yaml.j2

diff --git a/okd/README.md b/okd/README.md
new file mode 100644
index 0000000..53af7c7
--- /dev/null
+++ b/okd/README.md
@@ -0,0 +1,194 @@
+# Overview
+The purpose of the contained Ansible playbook and roles is to deploy an ORAN-compliant O-Cloud instance.
+
+Currently supported Kubernetes platforms and infrastructure targets are:
+
+## Platform
+- [OKD](https://www.okd.io/)
+
+## Infrastructure
+- KVM/libvirtd virtual machine
+
+# Prerequisites
+The following prerequisites must be installed on the host where the playbook will be run (localhost, by default):
+
+# DNS
+To enable network access to cluster services, DNS address records must be defined for the following endpoints:
+
+* api.<cluster>.<domain> (e.g. api.ocloud.example.com)
+* api-int.<cluster>.<domain> (e.g. api-int.ocloud.example.com)
+* *.apps.<cluster>.<domain> (e.g. *.apps.ocloud.example.com)
+
+In the case of all-in-one topology clusters, all addresses must resolve to the machine network IP assigned to the node.
+
+## Ansible
+
+Install Ansible per [Installing Ansible on specific operating systems](https://docs.ansible.com/ansible/latest/installation_guide/installation_distros.html) documentation.
+
+## libvirt/KVM
+
+If deploying the O-Cloud as a virtual machine, the host must be configured as a libvirt/KVM host.
+Instructions for doing so vary by Linux distribution, for example:
+
+- [Fedora](https://docs.fedoraproject.org/en-US/quick-docs/virtualization-getting-started/)
+- [Ubuntu](https://ubuntu.com/server/docs/virtualization-libvirt)
+
+Ensure that the 'libvirt-devel' package is installed, as it is a dependency for the 'libvirt-python' module.
+
+## Python Modules
+
+Install required python modules by installing via the package manager (e.g. yum, dnf, apt) or running:
+
+```
+pip install -r requirements.txt
+```
+
+## Ansible Collections
+
+Install required Ansible collections by running:
+
+```
+ansible-galaxy collection install -r requirements.yml
+```
+
+## Ansible Variables
+
+### General
+
+#### Optional
+The following variables can be set to override deployment defaults:
+- ocloud_infra [default="vm"]: infrastructure target
+- ocloud_platform [default="okd"]: platform target
+- ocloud_topology [default="aio"]: O-Cloud cluster topology
+- ocloud_cluster_name [default="ocloud-{{ ocloud_infra }}-{{ ocloud_platform }}-{{ ocloud_topology }}"]: O-Cloud cluster name
+- ocloud_domain_name [default="example.com"]: O-Cloud domain name
+- ocloud_net_cidr [default="192.168.123.0/24"]: O-Cloud machine network CIDR
+
+### Infrastructure / VM
+
+#### Optional
+The following variables can be set to override defaults for deploying to a VM infrastructure target:
+
+- ocloud_infra_vm_cpus [default=8]: Number of vCPUs to allocate to the VM
+- ocloud_infra_vm_mem_gb [default=24]: Amount of RAM to allocate to the VM in GB
+- ocloud_infra_vm_disk_gb [default=120]: Amount of disk space to allocate to the VM in GB
+- ocloud_infra_vm_disk_dir [default="/var/lib/libvirt/images"]: directory where VM images are stored
+- ocloud_net_name [default="ocloud"]: virtual network name
+- ocloud_net_bridge [default="ocloud-br"]: virtual network bridge name
+- ocloud_net_mac_prefix [default="52:54:00:01:23"]: virtual network MAC prefix
+
+### Platform / OKD
+
+#### Required
+The following Ansible variables must be defined in group_vars/all.yml:
+
+- ocloud_platform_okd_ssh_pubkey: the SSH public key that will be embedded in the OKD install image and used to access deployed nodes
+
+#### Optional
+Optionally, the following variables can be set to override default settings:
+
+- ocloud_platform_okd_release [default=4.14.0-0.okd-2024-01-26-175629]: OKD release, as defined in [OKD releases](https://github.com/okd-project/okd/releases)
+- ocloud_platform_okd_pull_secret [default=None]: pull secret for use with non-public image registries
+
+# Installation
+
+Execute the playbook from the base directory as follows:
+
+```
+ansible-playbook -i inventory playbooks/ocloud.yml
+```
+
+This will deploy the O-Cloud up through the bootstrap phase.
+Continue to monitor the cluster deployment through completion per the Validation section below.
+
+# Validation
+
+## OKD
+
+Set the KUBECONFIG variable to point to the config generated by the agent-based installer, for example:
+
+```
+export KUBECONFIG=/tmp/ansible.6u4ydu5n/cfg/auth/kubeconfig
+```
+
+Monitor the progress of the installation by running the 'oc get nodes', 'oc get clusteroperators', and
+'oc get clusterversion' commands until all nodes are ready and all cluster operators are available, for example:
+
+```
+$ oc get nodes
+NAME       STATUS   ROLES                         AGE    VERSION
+master-0   Ready    control-plane,master,worker   105m   v1.27.9+e36e183
+
+$ oc get clusteroperators
+NAME                                       VERSION                          AVAILABLE   PROGRESSING   DEGRADED   SINCE   MESSAGE
+authentication                             4.14.0-0.okd-2024-01-26-175629   True        False         False      87m
+baremetal                                  4.14.0-0.okd-2024-01-26-175629   True        False         False      94m
+cloud-controller-manager                   4.14.0-0.okd-2024-01-26-175629   True        False         False      93m
+cloud-credential                           4.14.0-0.okd-2024-01-26-175629   True        False         False      116m
+cluster-autoscaler                         4.14.0-0.okd-2024-01-26-175629   True        False         False      94m
+config-operator                            4.14.0-0.okd-2024-01-26-175629   True        False         False      92m
+console                                    4.14.0-0.okd-2024-01-26-175629   True        False         False      88m
+control-plane-machine-set                  4.14.0-0.okd-2024-01-26-175629   True        False         False      94m
+csi-snapshot-controller                    4.14.0-0.okd-2024-01-26-175629   True        False         False      96m
+dns                                        4.14.0-0.okd-2024-01-26-175629   True        False         False      93m
+etcd                                       4.14.0-0.okd-2024-01-26-175629   True        False         False      94m
+image-registry                             4.14.0-0.okd-2024-01-26-175629   True        False         False      89m
+ingress                                    4.14.0-0.okd-2024-01-26-175629   True        False         False      96m
+insights                                   4.14.0-0.okd-2024-01-26-175629   True        False         False      91m
+kube-apiserver                             4.14.0-0.okd-2024-01-26-175629   True        False         False      92m
+kube-controller-manager                    4.14.0-0.okd-2024-01-26-175629   True        False         False      93m
+kube-scheduler                             4.14.0-0.okd-2024-01-26-175629   True        False         False      91m
+kube-storage-version-migrator              4.14.0-0.okd-2024-01-26-175629   True        False         False      97m
+machine-api                                4.14.0-0.okd-2024-01-26-175629   True        False         False      91m
+machine-approver                           4.14.0-0.okd-2024-01-26-175629   True        False         False      94m
+machine-config                             4.14.0-0.okd-2024-01-26-175629   True        False         False      96m
+marketplace                                4.14.0-0.okd-2024-01-26-175629   True        False         False      96m
+monitoring                                 4.14.0-0.okd-2024-01-26-175629   True        False         False      85m
+network                                    4.14.0-0.okd-2024-01-26-175629   True        False         False      98m
+node-tuning                                4.14.0-0.okd-2024-01-26-175629   True        False         False      93m
+openshift-apiserver                        4.14.0-0.okd-2024-01-26-175629   True        False         False      89m
+openshift-controller-manager               4.14.0-0.okd-2024-01-26-175629   True        False         False      90m
+openshift-samples                          4.14.0-0.okd-2024-01-26-175629   True        False         False      90m
+operator-lifecycle-manager                 4.14.0-0.okd-2024-01-26-175629   True        False         False      93m
+operator-lifecycle-manager-catalog         4.14.0-0.okd-2024-01-26-175629   True        False         False      94m
+operator-lifecycle-manager-packageserver   4.14.0-0.okd-2024-01-26-175629   True        False         False      93m
+service-ca                                 4.14.0-0.okd-2024-01-26-175629   True        False         False      97m
+storage                                    4.14.0-0.okd-2024-01-26-175629   True        False         False      92m
+
+$ oc get clusterversion
+NAME      VERSION                          AVAILABLE   PROGRESSING   SINCE   STATUS
+version   4.14.0-0.okd-2024-01-26-175629   True        False         83m     Cluster version is 4.14.0-0.okd-2024-01-26-175629
+```
+
+# Troubleshooting
+
+## OKD
+
+Refer to [Troubleshooting installation issues](https://docs.okd.io/4.14/installing/installing-troubleshooting.html) for information
+on diagnosing OKD deployment failures.
+
+# Cleanup
+
+## VM
+
+To cleanup a VM-based deployment due to failure, or to prepare to redeploy, execute the following as root on the libvirt/KVM host:
+
+1. Shut down and remove the virtual machine (note that the VM name may differ if the default is overridden):
+
+   ```
+   virsh destroy master-0
+   virsh undefine master-0
+   ```
+
+2. Disable and remove the virtual network (note that the network name may differ if the default is overridden):
+
+   ```
+   virsh net-destroy ocloud
+   virsh net-undefine ocloud
+   ```
+
+3. Remove virtual disk and boot media:
+
+   ```
+   rm /var/lib/libvirt/images/master-0*.{qcow2,iso}
+   ```
diff --git a/okd/ansible.cfg b/okd/ansible.cfg
new file mode 100644
index 0000000..c8be80d
--- /dev/null
+++ b/okd/ansible.cfg
@@ -0,0 +1,7 @@
+[defaults]
+roles_path = ./roles
+remote_tmp = /tmp
+
+[privilege_escalation]
+become_method = sudo
+become_ask_pass = True
diff --git a/okd/inventory/group_vars/all/vars.yml b/okd/inventory/group_vars/all/vars.yml
new file mode 100644
index 0000000..d2c01a3
--- /dev/null
+++ b/okd/inventory/group_vars/all/vars.yml
@@ -0,0 +1,4 @@
+---
+ocloud_platform_okd_ssh_pubkey: ~
+# Uncomment to override default release from ocloud_platform_okd role:
+#ocloud_platform_okd_release: ~
diff --git a/okd/inventory/group_vars/all/vault.yml b/okd/inventory/group_vars/all/vault.yml
new file mode 100644
index 0000000..51458e0
--- /dev/null
+++ b/okd/inventory/group_vars/all/vault.yml
@@ -0,0 +1,4 @@
+---
+# Encrypt with `ansible-vault encrypt vault.yml` before adding secrets
+# Uncomment to override default pull secret from ocloud_platform_okd role:
+#ocloud_platform_okd_pull_secret: ~
diff --git a/okd/inventory/host_vars/master-0/vars.yml b/okd/inventory/host_vars/master-0/vars.yml
new file mode 100644
index 0000000..db03d06
--- /dev/null
+++ b/okd/inventory/host_vars/master-0/vars.yml
@@ -0,0 +1,4 @@
+---
+ocloud_infra: vm
+ocloud_platform: okd
+ocloud_topology: aio
diff --git a/okd/inventory/hosts.yml b/okd/inventory/hosts.yml
new file mode 100644
index 0000000..8d36d51
--- /dev/null
+++ b/okd/inventory/hosts.yml
@@ -0,0 +1,13 @@
+deployer:
+  hosts:
+    localhost:
+      ansible_connection: local
+
+kvm:
+  hosts:
+    localhost:
+      ansible_connection: local
+
+ocloud:
+  hosts:
+    master-0:
diff --git a/okd/playbooks/ocloud.yml b/okd/playbooks/ocloud.yml
new file mode 100644
index 0000000..291cd34
--- /dev/null
+++ b/okd/playbooks/ocloud.yml
@@ -0,0 +1,6 @@
+---
+- name: Deploy O-Cloud
+  hosts: ocloud
+  gather_facts: false
+  roles:
+    - ocloud
diff --git a/okd/requirements.txt b/okd/requirements.txt
new file mode 100644
index 0000000..4aa2ac0
--- /dev/null
+++ b/okd/requirements.txt
@@ -0,0 +1,2 @@
+netaddr
+libvirt-python
diff --git a/okd/requirements.yml b/okd/requirements.yml
new file mode 100644
index 0000000..e20467d
--- /dev/null
+++ b/okd/requirements.yml
@@ -0,0 +1,6 @@
+collections:
+  - ansible.posix
+  - ansible.utils
+  - community.general
+  - community.libvirt
+  - kubernetes.core
diff --git a/okd/roles/ocloud/defaults/main.yml b/okd/roles/ocloud/defaults/main.yml
new file mode 100644
index 0000000..fa0e81f
--- /dev/null
+++ b/okd/roles/ocloud/defaults/main.yml
@@ -0,0 +1,7 @@
+---
+ocloud_infra: "vm"
+ocloud_platform: "okd"
+ocloud_topology: "aio"
+ocloud_cluster_name: "ocloud-{{ ocloud_infra }}-{{ ocloud_platform }}-{{ ocloud_topology }}"
+ocloud_domain_name: "example.com"
+ocloud_net_cidr: "192.168.123.0/24"
diff --git a/okd/roles/ocloud/tasks/main.yml b/okd/roles/ocloud/tasks/main.yml
new file mode 100644
index 0000000..9f9a930
--- /dev/null
+++ b/okd/roles/ocloud/tasks/main.yml
@@ -0,0 +1,12 @@
+---
+- name: Include platform role - {{ ocloud_platform }}
+  ansible.builtin.import_role:
+    name: "ocloud_platform_okd"
+  delegate_to: "{{ groups['deployer'][0] }}"
+  when: ocloud_platform == "okd"
+
+- name: Include infra role - {{ ocloud_infra }}
+  ansible.builtin.import_role:
+    name: "ocloud_infra_vm"
+  delegate_to: "{{ groups['kvm'][0] }}"
+  when: ocloud_infra == "vm"
diff --git a/okd/roles/ocloud_infra_vm/defaults/main.yml b/okd/roles/ocloud_infra_vm/defaults/main.yml
new file mode 100644
index 0000000..7c9ef66
--- /dev/null
+++ b/okd/roles/ocloud_infra_vm/defaults/main.yml
@@ -0,0 +1,10 @@
+---
+ocloud_infra_vm_cpus: 8
+ocloud_infra_vm_mem_gb: 24
+ocloud_infra_vm_disk_gb: 120
+ocloud_infra_vm_disk_dir: "/var/lib/libvirt/images"
+ocloud_infra_vm_disk_path: "{{ ocloud_infra_vm_disk_dir }}/{{ inventory_hostname }}.qcow2"
+ocloud_infra_vm_image: "{{ ocloud_infra_vm_disk_dir }}/{{ inventory_hostname }}-image.iso"
+ocloud_net_name: "ocloud"
+ocloud_net_bridge: "ocloud-br"
+ocloud_net_mac_prefix: "52:54:00:01:23"
diff --git a/okd/roles/ocloud_infra_vm/tasks/main.yml b/okd/roles/ocloud_infra_vm/tasks/main.yml
new file mode 100644
index 0000000..320e4df
--- /dev/null
+++ b/okd/roles/ocloud_infra_vm/tasks/main.yml
@@ -0,0 +1,50 @@
+---
+- name: Define virtual network - {{ ocloud_net_name }}
+  community.libvirt.virt_net:
+    command: define
+    name: "{{ ocloud_net_name }}"
+    xml: '{{ lookup("template", "virt_net.xml.j2") }}'
+  run_once: true
+  become: true
+
+- name: Activate virtual network - {{ ocloud_net_name }}
+  community.libvirt.virt_net:
+    name: "{{ ocloud_net_name }}"
+    state: active
+  run_once: true
+  become: true
+
+- name: Configure virtual network to auto-start - {{ ocloud_net_name }}
+  community.libvirt.virt_net:
+    name: "{{ ocloud_net_name }}"
+    autostart: true
+  run_once: true
+  become: true
+
+- name: Create virtual machine - {{ inventory_hostname }}
+  community.libvirt.virt:
+    command: define
+    xml: '{{ lookup("template", "virt.xml.j2") }}'
+  register: ocloud_infra_vm_definition
+  become: true
+
+- name: Create VM disk
+  ansible.builtin.command:
+    cmd: "qemu-img create -f qcow2 {{ ocloud_infra_vm_disk_path }} {{ ocloud_infra_vm_disk_gb }}G"
+  when: ocloud_infra_vm_definition.changed
+  become: true
+
+- name: Copy platform boot image
+  ansible.builtin.copy:
+    src: "{{ ocloud_platform_image }}"
+    dest: "{{ ocloud_infra_vm_image }}"
+    remote_src: true
+  when: ocloud_infra_vm_definition.changed
+  become: true
+
+- name: Activate virtual machine - {{ inventory_hostname }}
+  community.libvirt.virt:
+    name: "{{ inventory_hostname }}"
+    state: running
+  notify: monitor_platform_deployment
+  become: true
diff --git a/okd/roles/ocloud_infra_vm/templates/virt.xml.j2 b/okd/roles/ocloud_infra_vm/templates/virt.xml.j2
new file mode 100644
index 0000000..3f6565e
--- /dev/null
+++ b/okd/roles/ocloud_infra_vm/templates/virt.xml.j2
@@ -0,0 +1,102 @@
+<domain type='kvm'>
+  <name>{{ inventory_hostname }}</name>
+  <memory unit='KiB'>{{ ocloud_infra_vm_mem_gb * 1048576 }}</memory>
+  <currentMemory unit='KiB'>{{ ocloud_infra_vm_mem_gb * 1048576 }}</currentMemory>
+  <vcpu>{{ ocloud_infra_vm_cpus }}</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc'>hvm</type>
+  </os>
+  <features>
+    <acpi/>
+    <apic/>
+    <vmport state='off'/>
+  </features>
+  <cpu mode='host-model' check='partial'/>
+  <clock offset='utc'>
+    <timer name='rtc' tickpolicy='catchup'/>
+    <timer name='pit' tickpolicy='delay'/>
+    <timer name='hpet' present='no'/>
+  </clock>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <pm>
+    <suspend-to-mem enabled='no'/>
+    <suspend-to-disk enabled='no'/>
+  </pm>
+  <devices>
+    <emulator>/usr/libexec/qemu-kvm</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='{{ ocloud_infra_vm_disk_path }}'/>
+      <target dev='vda' bus='virtio'/>
+      <boot order='1'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
+    </disk>
+    <disk type='file' device='cdrom'>
+      <driver name='qemu' type='raw'/>
+      <source file='{{ ocloud_infra_vm_image }}'/>
+      <target dev='hdb' bus='ide'/>
+      <readonly/>
+      <boot order='2'/>
+      <address type='drive' controller='0' bus='0' target='0' unit='1'/>
+    </disk>
+    <controller type='usb' index='0' model='ich9-ehci1'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x7'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci1'>
+      <master startport='0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0' multifunction='on'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci2'>
+      <master startport='2'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x1'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci3'>
+      <master startport='4'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x2'/>
+    </controller>
+    <controller type='pci' index='0' model='pci-root'/>
+    <controller type='ide' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+    </controller>
+    <controller type='virtio-serial' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
+    </controller>
+    <interface type='network'>
+{% for ocloud_host in groups['ocloud'] %}
+{% if ocloud_host == inventory_hostname %}
+      <mac address='{{ ocloud_net_mac_prefix }}:{{ loop.index + 10 }}'/>
+{% endif %}
+{% endfor %}
+      <source network='{{ ocloud_net_name }}'/>
+      <model type='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+    </interface>
+    <serial type='pty'>
+      <target type='isa-serial' port='0'>
+        <model name='isa-serial'/>
+      </target>
+    </serial>
+    <console type='pty'>
+      <target type='serial' port='0'/>
+    </console>
+    <input type='tablet' bus='usb'>
+      <address type='usb' bus='0' port='1'/>
+    </input>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <graphics type='vnc' port='5900' autoport='yes' listen='127.0.0.1'>
+      <listen type='address' address='127.0.0.1'/>
+    </graphics>
+    <audio id='1' type='none'/>
+    <video>
+      <model type='vga' vram='16384' heads='1' primary='yes'/>
+      <alias name='video0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
+    </video>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
+    </memballoon>
+  </devices>
+</domain>
diff --git a/okd/roles/ocloud_infra_vm/templates/virt_net.xml.j2 b/okd/roles/ocloud_infra_vm/templates/virt_net.xml.j2
new file mode 100644
index 0000000..da1e461
--- /dev/null
+++ b/okd/roles/ocloud_infra_vm/templates/virt_net.xml.j2
@@ -0,0 +1,18 @@
+<network>
+  <name>{{ ocloud_net_name }}</name>
+  <forward mode='nat'>
+    <nat>
+      <port start='1024' end='65535'/>
+    </nat>
+  </forward>
+  <bridge name='{{ ocloud_net_bridge }}' stp='on' delay='0'/>
+  <mac address='{{ ocloud_net_mac_prefix }}:01'/>
+  <ip address='{{ ocloud_net_cidr | ansible.utils.ipmath(1) }}' netmask='{{ ocloud_net_cidr | ansible.utils.ipaddr('netmask') }}'>
+    <dhcp>
+      <range start='{{ ocloud_net_cidr | ansible.utils.ipmath(100) }}' end='{{ ocloud_net_cidr | ansible.utils.ipmath(250) }}'/>
+{% for ocloud_host in groups['ocloud'] %}
+      <host mac='{{ ocloud_net_mac_prefix }}:{{ loop.index + 10 }}' name='{{ ocloud_host }}' ip='{{ ocloud_net_cidr | ansible.utils.ipmath(loop.index + 10) }}'/>
+{% endfor %}
+    </dhcp>
+  </ip>
+</network>
diff --git a/okd/roles/ocloud_platform_okd/defaults/main.yml b/okd/roles/ocloud_platform_okd/defaults/main.yml
new file mode 100644
index 0000000..16e0318
--- /dev/null
+++ b/okd/roles/ocloud_platform_okd/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+ocloud_platform_okd_pull_secret: '{"auths":{"fake":{"auth":"aWQ6cGFzcwo="}}}'
+ocloud_platform_okd_ssh_pubkey: ~
+ocloud_platform_okd_release: "4.14.0-0.okd-2024-01-26-175629"
+ocloud_platform_okd_base_url: "https://github.com/okd-project/okd/releases/download"
diff --git a/okd/roles/ocloud_platform_okd/handlers/main.yml b/okd/roles/ocloud_platform_okd/handlers/main.yml
new file mode 100644
index 0000000..a89e727
--- /dev/null
+++ b/okd/roles/ocloud_platform_okd/handlers/main.yml
@@ -0,0 +1,7 @@
+---
+- name: Monitor OKD platform bootstrap
+  ansible.builtin.command:
+    cmd: "openshift-install agent wait-for bootstrap-complete --log-level=info --dir {{ ocloud_platform_okd_staging_dir['path'] }}/cfg"
+  environment:
+    PATH: "{{ ocloud_platform_okd_staging_dir['path'] }}/bin:{{ ansible_env.PATH }}"
+  listen: monitor_platform_deployment
diff --git a/okd/roles/ocloud_platform_okd/tasks/main.yml b/okd/roles/ocloud_platform_okd/tasks/main.yml
new file mode 100644
index 0000000..472a81a
--- /dev/null
+++ b/okd/roles/ocloud_platform_okd/tasks/main.yml
@@ -0,0 +1,56 @@
+---
+- name: Gather facts
+  ansible.builtin.setup:
+    gather_subset: all
+
+- name: Create staging dir for OKD installation
+  ansible.builtin.tempfile:
+    state: directory
+  register: ocloud_platform_okd_staging_dir
+
+- name: Create staging subdirs
+  ansible.builtin.file:
+    path: "{{ ocloud_platform_okd_staging_dir['path'] }}/{{ item }}"
+    state: directory
+  loop:
+    - bin
+    - cfg
+
+- name: Download OKD binaries
+  ansible.builtin.get_url:
+    url: "{{ ocloud_platform_okd_base_url }}/{{ ocloud_platform_okd_release }}/{{ item }}-{{ ocloud_platform_okd_release }}.tar.gz"
+    dest: "{{ ocloud_platform_okd_staging_dir['path'] }}"
+  loop:
+    - openshift-client-linux
+    - openshift-install-linux
+
+- name: Extract OKD binaries
+  ansible.builtin.unarchive:
+    src: "{{ ocloud_platform_okd_staging_dir['path'] }}/{{ item }}-{{ ocloud_platform_okd_release }}.tar.gz"
+    dest: "{{ ocloud_platform_okd_staging_dir['path'] }}/bin"
+    remote_src: true
+  loop:
+    - openshift-client-linux
+    - openshift-install-linux
+
+- name: Template OKD configs
+  ansible.builtin.template:
+    src: "{{ item }}.j2"
+    dest: "{{ ocloud_platform_okd_staging_dir['path'] }}/cfg/{{ item }}"
+  loop:
+    - agent-config.yaml
+    - install-config.yaml
+
+- name: Generate OKD agent-based installer image
+  ansible.builtin.shell:
+    cmd: "openshift-install agent create image --dir {{ ocloud_platform_okd_staging_dir['path'] }}/cfg"
+  environment:
+    PATH: "{{ ocloud_platform_okd_staging_dir['path'] }}/bin:{{ ansible_env.PATH }}"
+
+- debug:
+    msg: |
+       OKD agent-based installer image has been created as {{ ocloud_platform_okd_staging_dir['path'] }}/cfg/agent.x86_64.iso
+       kubeconfig and kubeadmin-password can be found under {{ ocloud_platform_okd_staging_dir['path'] }}/cfg/auth/
+
+- ansible.builtin.set_fact:
+    ocloud_platform_image: "{{ ocloud_platform_okd_staging_dir['path'] }}/cfg/agent.x86_64.iso"
diff --git a/okd/roles/ocloud_platform_okd/templates/agent-config.yaml.j2 b/okd/roles/ocloud_platform_okd/templates/agent-config.yaml.j2
new file mode 100644
index 0000000..db24c18
--- /dev/null
+++ b/okd/roles/ocloud_platform_okd/templates/agent-config.yaml.j2
@@ -0,0 +1,5 @@
+apiVersion: v1beta1
+kind: AgentConfig
+metadata:
+  name: {{ ocloud_cluster_name }}
+rendezvousIP: {{ ocloud_net_cidr | ansible.utils.ipmath(11) }}
diff --git a/okd/roles/ocloud_platform_okd/templates/install-config.yaml.j2 b/okd/roles/ocloud_platform_okd/templates/install-config.yaml.j2
new file mode 100644
index 0000000..781122e
--- /dev/null
+++ b/okd/roles/ocloud_platform_okd/templates/install-config.yaml.j2
@@ -0,0 +1,26 @@
+apiVersion: v1
+baseDomain: {{ ocloud_domain_name }}
+compute:
+- name: worker
+  replicas: 0
+controlPlane:
+  name: master
+  replicas: 1
+metadata:
+  name: {{ ocloud_cluster_name }}
+networking:
+  clusterNetwork:
+  - cidr: 10.128.0.0/14
+    hostPrefix: 23
+  networkType: OVNKubernetes
+  machineNetwork:
+  - cidr: {{ ocloud_net_cidr }}
+  serviceNetwork:
+  - 172.30.0.0/16
+platform:
+  none: {}
+bootstrapInPlace:
+  installationDisk: /dev/vda
+fips: false
+pullSecret: '{{ ocloud_platform_okd_pull_secret }}'
+sshKey: '{{ ocloud_platform_okd_ssh_pubkey }}'
-- 
2.16.6