Merge pull request #116 from swapnil-bobade27/ipi-day-2-operation

ppc64le-cloud-bot · web-flow · commit 27c05491ec7d · 2025-07-15T14:21:12.000+05:30
Role for IPI day2 operations
diff --git a/README.md b/README.md
@@ -50,6 +50,7 @@ This repository consists of additional ansible playbooks for the following:
 1. Validate CPU manager feature and run e2e.
 1. Enable DISA-STIG profiles for CO on P and remediate various rules.
 1. Run Openshift-tests-private testcases.
+1. Verify IPI day2 operations
 
 ## Assumptions:
 
diff --git a/examples/all.yaml b/examples/all.yaml
@@ -535,4 +535,12 @@ openshift_test_private_e2e_repo: "https://github.com/openshift/openshift-tests-p
 openshift_test_private_git_branch: "master"
 openshift_test_private_directory: "/tmp/openshift_test_private_e2e"
 openshift_test_private_golang_tarball: "https://go.dev/dl/go1.24.1.linux-ppc64le.tar.gz"
-testcase_filters : 'Image_Registry\\|API_Server'
+testcase_filters : 'Image_Registry\\|API_Server'
+
+#ipi-day2-operation vars
+enable_ipi_day2_operation: false
+rsct_operator_repo: "https://github.com/ocp-power-automation/rsct-operator.git"
+rsct_dir: "{{ lookup('env', 'PWD') }}/rsct"
+rsct_namespace: rsct-operator-system
+lso_index: "" # provide LSO index image
+cluster_upi: false  #set to true if using UPI cluster
diff --git a/examples/ipi_day2_operations_vars.yaml b/examples/ipi_day2_operations_vars.yaml
@@ -0,0 +1,7 @@
+# ipi-day2-operation vars
+enable_ipi_day2_operation: true
+rsct_git_repo: "https://github.com/ocp-power-automation/rsct-operator.git"
+rsct_dir: "{{ lookup('env', 'PWD') }}/rsct"
+rsct_namespace: rsct-operator-system
+lso_index: "" # provide LSO index image
+cluster_upi: false  #set to true if using UPI cluster
diff --git a/playbooks/ipi-day2-operation.yml b/playbooks/ipi-day2-operation.yml
@@ -0,0 +1,24 @@
+---
+- name: Run ipi day2 operation
+  hosts: all
+  tasks:
+    - name: Fail incase 'KUBECONFIG' environment variable is an empty string
+      fail:
+        msg: KUBECONFIG environment variable must be a non-empty string
+      when: (lookup('env', 'KUBECONFIG') == "")
+
+    - name: Check golang version
+      shell: go version | awk '{ print substr ($3,3) }'
+      register: golang_version
+
+    - fail:
+        msg: golang is not installed or version < 1.22
+      when: golang_version.rc !=0 or golang_version.stdout < "1.22"
+    - debug:
+        msg: "{{ golang_version }}"
+
+    - include_role:
+        name: ipi-day2-operation
+      vars:
+        KUBECONFIG: "{{ lookup('env', 'KUBECONFIG') }}"
+      
diff --git a/playbooks/main.yml b/playbooks/main.yml
@@ -152,3 +152,6 @@
 
 - import_playbook: openshift-test-private-e2e.yml
   when: openshift_test_private_validation is defined and openshift_test_private_validation  
+
+- import_playbook: ipi-day2-operation.yml
+  when: enable_ipi_day2_operation is defined and enable_ipi_day2_operation
diff --git a/playbooks/roles/ipi-day2-operation/README.md b/playbooks/roles/ipi-day2-operation/README.md
@@ -0,0 +1,66 @@
+IPI-day2-operations
+=========
+
+This play will perform the day2 operation on IPI cluster
+
+This playbook will:
+- Install RSCT operator
+- Install LSO operator
+- Install ODF operator
+
+Requirements
+------------
+
+- Access to the cluster as a user with the cluster-admin role
+- The cluster is in a known good state, without any errors
+- OCP secret with name ***podman-secret*** in the default namespace which is used for global secret update and has following keys:
+   ***username***, ***password*** and ***registry***
+
+
+Role Variables
+--------------
+| Variable                       | Required | Default     | Comments                                       |
+|--------------------------------|----------|-------------|------------------------------------------------|
+| enable_ipi_day2_operation      | no       |    false    | Set it to true to run this playbook            |
+| rsct_git_repo                  | yes      | https://github.com/ocp-power-automation/rsct-operator.git  | RSCT git repo     |
+| rsct_dir                       | no       | "{{ lookup('env', 'PWD') }}/rsct" | directory for RSCT         |
+| rsct_namespace                 | no       | rsct-operator-system        | RSCT namespace |
+| lso_index                      | no       |    " "    | Index image for LSO operator    |
+| cluster_upi                    | no       |    false    | #set to true if using UPI cluster             |
+
+
+Dependencies
+------------
+
+- Export KUBECONFIG
+- Install go with version 1.22 and above
+- Import LSO role
+- Import ODF role
+
+Example Playbook
+----------------
+
+```
+- name: Run ipi day2 operation
+  hosts: all
+  tasks:
+    - name: Fail incase 'KUBECONFIG' environment variable is an empty string
+      fail:
+        msg: KUBECONFIG environment variable must be a non-empty string
+      when: (lookup('env', 'KUBECONFIG') == "")
+
+    - include_role:
+        name: ipi-day2-operation
+      vars:
+        KUBECONFIG: "{{ lookup('env', 'KUBECONFIG') }}"
+```
+
+License
+-------
+
+See LICENCE.txt
+
+Author Information
+------------------
+
+swapnil.bobade@ibm.com
diff --git a/playbooks/roles/ipi-day2-operation/defaults/main.yml b/playbooks/roles/ipi-day2-operation/defaults/main.yml
@@ -0,0 +1,7 @@
+# ipi-day2-operation vars
+enable_ipi_day2_operation: true
+rsct_git_repo: https://github.com/ocp-power-automation/rsct-operator.git
+rsct_dir: "{{ lookup('env', 'PWD') }}/rsct"
+rsct_namespace: rsct-operator-system
+lso_index: "" # provide LSO index image
+cluster_upi: false  #set to true if using UPI cluster
diff --git a/playbooks/roles/ipi-day2-operation/tasks/main.yml b/playbooks/roles/ipi-day2-operation/tasks/main.yml
@@ -0,0 +1,128 @@
+---
+# tasks file for playbooks/roles/ipi-day2-operation
+
+- name: Check if cluster operators and nodes are healthy
+  include_role:
+    name: check-cluster-health
+
+- name: Check if secret podman-secret exist
+  shell: oc get secret podman-secret | wc -l
+  register: login_secret
+
+- name: Fail if podman-secret does not exist in current namespace
+  fail:
+    msg: "Secret podman-secret does not exist in current namespace"
+  when: login_secret.stdout|int!=2
+
+# Deploy RSCT operator
+- name: Ensure 'rsct' directory exists
+  ansible.builtin.file:
+    path: "{{ rsct_dir }}"
+    state: directory
+    mode: '0755'
+
+- name: Clone the RSCT repository from GitHub
+  ansible.builtin.git:
+    repo: "{{ rsct_git_repo }}"
+    dest: "{{ rsct_dir }}"
+    force: yes
+
+# install controller-gen
+- name: Install controller-gen
+  ansible.builtin.shell: |
+    go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.15.0
+
+- name: Install kustomize
+  ansible.builtin.shell: |
+    go install sigs.k8s.io/kustomize/kustomize/v4@latest
+
+#Set version for RSCT
+- name: Echo version
+  ansible.builtin.shell: echo "VERSION is $VERSION"
+  environment:
+    VERSION: "0.0.1-alpha1"
+
+# Run make command for RSCT
+- name: Deploy RSCT operator
+  command: make deploy
+  args:
+    chdir: "{{ lookup('env', 'PWD') }}/rsct"
+
+# Check RSCT pods
+- name: Check created pods
+  shell: oc get pods -n "{{ rsct_namespace }}"
+  register: rsct_pods
+
+- debug:
+    msg: "{{ rsct_pods.stdout_lines }}"
+
+# Add test user as rsct-test
+- name: Add the test user as rsct-test
+  shell: "oc adm policy add-scc-to-user -z rsct-test privileged -n {{ rsct_namespace }}"
+
+# Create cluster role binding
+- name: Create cluster binding role
+  shell: oc apply -f rsct_v1alpha1_rsct.yaml
+  args:
+    chdir: "{{ lookup('env', 'PWD') }}/rsct/config/samples/"
+
+# Check pods after cluster role binding
+- name: Check created pods
+  ansible.builtin.shell: |
+    oc get pods -n "{{ rsct_namespace }}" --no-headers | grep -v "Running\|Completed" | wc -l
+  register: rsct_pods1
+  until: (rsct_pods1.stdout | int) == 0 and rsct_pods1.stderr == ""
+  retries: 5
+  delay: 30
+  changed_when: false
+
+# Check all resources from rsct-operator-system namespace
+- name: Check all the created resources
+  shell: oc get all -n "{{ rsct_namespace }}"
+  register: all_resources
+
+- debug:
+    msg: "{{ all_resources.stdout_lines }}"
+
+# Install dependencies
+- name: Install pip
+  become: true
+  package:
+    name: python3-pip
+    state: present
+
+- name: Install kubernetes Python module
+  pip:
+    name: kubernetes
+    executable: pip3
+
+# Install LSO
+- name: Install LSO - Local Storage operator
+  include_role:
+    name: ocp-lso
+  vars:
+    lso_catalogsource_image: "{{ lso_index }}"
+    upi_cluster: "{{ cluster_upi }}"
+
+# Get worker nodes to check processor/CPU
+- name: Get worker node names
+  shell: oc get nodes -o custom-columns=NAME:.metadata.name --no-headers | grep worker
+  register: worker_nodes
+
+# Check available CPU's on worker nodes
+- name: Get CPU count for each worker node
+  shell: >
+    oc get node {{ item }} -o jsonpath='{.status.capacity.cpu}'
+  loop: "{{ worker_nodes.stdout_lines }}"
+  register: worker_cores
+
+- name: Fail if any worker node has less than 16 CPUs
+  fail:
+    msg: "Node {{ item.item }} has only {{ item.stdout }} CPUs, which is less than minimum requirement for ODF."
+  when: item.stdout | int < 16
+  loop: "{{ worker_cores.results }}"
+
+# ODF installation
+- name: Install ODF - Openshift Data Foundation
+  include_role:
+    name: ocp-odf-operator
