Feature rhoai

configure-job-templates.yaml

@@ -55,7 +55,8 @@
                         "manage-with-acm",
                         "redhat-internal-certificate",
                         "coe-sso",
-                        "lvms"
+                        "lvms",
+                        "rhoai"
                     ],
                     "default": "manage-with-acm\nredhat-internal-certificate\ncoe-sso",
                     "max": 1024,

inventory/host_vars/ocp11.yaml

@@ -16,18 +16,20 @@ cluster_name: ocp11
 # cluster_api_vip:
 # cluster_ingress_vip:
 
-control_plan_cores: 16
-control_plan_ram_gb: 32
+control_plan_cores: 12
+control_plan_ram_gb: 48
 control_plans:
   - vm_network_ip_address: 10.32.105.128
     vm_network_mac_address: 0E:C0:EF:20:6F:80
 
 openshift_version: 4.17.2
 
 stormshift_cluster_features:
-  - lvms
-  - coe-sso
   - redhat-internal-certificate
+  - coe-sso
+  - lvms
+  - rhoai
+
 
 
 # See https://docs.openshift.com/container-platform/4.17/installing/overview/cluster-capabilities.html

roles/feature-lvms/tasks/add-disk-to-vm.yaml

@@ -25,8 +25,10 @@
             requests:
               storage: "{{ disk_size }}"
           storageClassName: "{{ disk_storageclass }}"
+  register: dataVolume
 
 - name: Hotplug virtual disk to VM
+  when: dataVolume is changed
   kubernetes.core.k8s:
     api_key:         "{{ hostvars['isar']['k8s_auth_api_key'] }}"
     host:            "{{ hostvars['isar']['k8s_auth_host'] }}"
@@ -70,6 +72,7 @@
   register: diskAdded
 
 - name: Stop VM (hotplug did not work via ansible)
+  when: diskAdded is defined and diskAdded is changed
   kubevirt.core.kubevirt_vm:
     api_key:         "{{ hostvars['isar']['k8s_auth_api_key'] }}"
     host:            "{{ hostvars['isar']['k8s_auth_host'] }}"
@@ -81,9 +84,9 @@
     running: false
     wait: yes
   register: vmStopped
-  when: diskAdded is changed
 
 - name: Start VM (hotplug did not work via ansible)
+  when: vmStopped is defined and vmStopped is changed
   kubevirt.core.kubevirt_vm:
     api_key:         "{{ hostvars['isar']['k8s_auth_api_key'] }}"
     host:            "{{ hostvars['isar']['k8s_auth_host'] }}"
@@ -94,4 +97,3 @@
     namespace: "{{ target_namespace }}"
     running: true
     wait: yes
-  when: vmStopped is defined and vmStopped is changed

roles/feature-lvms/tasks/post-deploy.yaml

@@ -41,7 +41,7 @@
     host: "api.{{ inventory_hostname }}.{{ cluster_base_domain }}"
     port: 443
     sleep: 1
-    timeout: 300
+    timeout: 600
 
 
 - name: Install LVMS operator
@@ -68,7 +68,6 @@
         spec:
           targetNamespaces:
           - openshift-storage
-
       - kind: Subscription
         apiVersion: operators.coreos.com/v1alpha1
         metadata:
@@ -87,10 +86,23 @@
     kind: CustomResourceDefinition
     name: lvmclusters.lvm.topolvm.io
     wait: yes
+    wait_timeout: 300
     wait_condition:
       type: Established
       status: True
 
+- name: Wait for operator pod to be ready
+  kubernetes.core.k8s_info:
+    kubeconfig: "{{ temp.path }}/kubeconfig"
+    kind: Pod
+    namespace: openshift-storage
+    label_selectors:
+      - "app.kubernetes.io/name = lvms-operator"
+    wait: yes
+    wait_timeout: 300
+    wait_condition:
+      type: Ready
+      status: True
 
 - name: Deploy LVMS
   kubernetes.core.k8s:

roles/feature-redhat-internal-certificate/tasks/post-deploy.yaml

@@ -17,7 +17,7 @@
     engine_mount_point: apps
 
     path: "coe-lab/cluster-credential/stormshift-{{ inventory_hostname }}"
-  register: cluster_credential 
+  register: cluster_credential
 
 - name: Temp folder
   ansible.builtin.tempfile:
@@ -37,7 +37,7 @@
     definition:
       apiVersion: v1
       data:
-        ca-bundle.crt: | 
+        ca-bundle.crt: |
           -----BEGIN CERTIFICATE-----
           MIIENDCCAxygAwIBAgIJANunI0D662cnMA0GCSqGSIb3DQEBCwUAMIGlMQswCQYD
           VQQGEwJVUzEXMBUGA1UECAwOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcMB1JhbGVp
@@ -103,7 +103,7 @@
       kind: ConfigMap
       metadata:
         name: redhat-current-it-root-cas
-        namespace: openshift-config 
+        namespace: openshift-config
 
 - name: Configure Red Hat Root CA
   kubernetes.core.k8s:
@@ -119,7 +119,7 @@
         trustedCA:
           name: redhat-current-it-root-cas
 
-- name: Fetch cluster certificate 
+- name: Fetch cluster certificate
   community.hashi_vault.vault_kv2_get:
     url: "{{ lookup('ansible.builtin.env', 'RH_VAULT_URL' ) }}"
     auth_method: approle
@@ -129,7 +129,7 @@
     engine_mount_point: apps
 
     path: "coe-lab/certificate/api.{{ inventory_hostname }}.{{ cluster_base_domain }}"
-  register: certificate 
+  register: certificate
 # certificate.secret.cert_and_intermediate_pem
 # certificate.secret.key
 
@@ -153,7 +153,6 @@
 - name: Apply certificate
   kubernetes.core.k8s:
     kubeconfig: "{{ temp.path }}/kubeconfig"
-
     state: present
     definition:
       apiVersion: operator.openshift.io/v1
@@ -164,4 +163,47 @@
       spec:
         defaultCertificate:
           name: redhat-cluster-certificate
+    wait: yes
+  register: apply_cert
+
 
+- name: Wait for IngressController to start Progressing
+  when: apply_cert is changed
+  kubernetes.core.k8s_info:
+    kubeconfig: "{{ temp.path }}/kubeconfig"
+    kind: IngressController
+    name: default
+    namespace: openshift-ingress-operator
+    wait: yes
+    wait_timeout: 480
+    wait_condition:
+      type: Progressing
+      status: True
+
+- name: Wait for IngressController to be stable again
+  kubernetes.core.k8s_info:
+    kubeconfig: "{{ temp.path }}/kubeconfig"
+    kind: IngressController
+    name: default
+    namespace: openshift-ingress-operator
+    wait: yes
+    wait_timeout: 480
+    wait_condition:
+      type: Progressing
+      status: False
+
+- name: Wait for API to be stable again
+  kubernetes.core.k8s_info:
+    kubeconfig: "{{ temp.path }}/kubeconfig"
+    kind: ClusterOperator
+    name: kube-apiserver
+    namespace: openshift-ingress-operator
+    wait: yes
+    wait_timeout: 480
+    wait_condition:
+      type: Progressing
+      status: False
+
+#
+# Todo:
+# to avoid subsequent features to fail while it is restarting

roles/feature-rhoai/defaults/main.yaml

@@ -0,0 +1,8 @@
+---
+# defaults file
+rhods_operator_channel: fast
+service_mesh_operator_channel: stable
+serverless_operator_channel: stable
+certmgr_operator_channel: stable-v1
+
+kserve_manifest_url: "https://github.com/kserve/kserve/releases/download/v0.14.1/kserve.yaml"