Skip to content

Add support for OCP 4.18 and make it the default #1026

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 11 commits into from
Aug 13, 2025
Merged

Add support for OCP 4.18 and make it the default #1026

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
cb5e2d1
Add support for OCP 4.18 and make it the default
ocofaigh Aug 8, 2025
0c254c8
Update variables.tf
ocofaigh Aug 8, 2025
c9da28f
Update cluster.tf
ocofaigh Aug 8, 2025
33812f8
Update README.md
ocofaigh Aug 8, 2025
1baed4d
fix: align ocp addon map with new format
toddgiguere Aug 8, 2025
aea7155
Merge branch 'main' into ocofaigh-patch-1
toddgiguere Aug 8, 2025
571a32f
fix: default roks os to rhcos
toddgiguere Aug 8, 2025
d7042d6
Merge branch 'main' into ocofaigh-patch-1
vkuma17 Aug 12, 2025
e756396
fix: cluster addons refactor to not include null version
toddgiguere Aug 12, 2025
e1f2604
fix: os should be RHEL_9_64
toddgiguere Aug 12, 2025
c2c1d5c
chore: skipping upgrade tests
toddgiguere Aug 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -852,7 +852,7 @@ module "cluster_pattern" {
| Name | Source | Version |
|------|--------|---------|
| <a name="module_bastion_host"></a> [bastion\_host](#module\_bastion\_host) | terraform-ibm-modules/landing-zone-vsi/ibm | 5.1.23 |
| <a name="module_cluster"></a> [cluster](#module\_cluster) | terraform-ibm-modules/base-ocp-vpc/ibm | 3.48.3 |
| <a name="module_cluster"></a> [cluster](#module\_cluster) | terraform-ibm-modules/base-ocp-vpc/ibm | 3.55.0 |
| <a name="module_dynamic_values"></a> [dynamic\_values](#module\_dynamic\_values) | ./dynamic_values | n/a |
| <a name="module_f5_vsi"></a> [f5\_vsi](#module\_f5\_vsi) | terraform-ibm-modules/landing-zone-vsi/ibm | 5.1.23 |
| <a name="module_key_management"></a> [key\_management](#module\_key\_management) | ./kms | n/a |
Expand Down
4 changes: 2 additions & 2 deletions cluster.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -244,7 +244,7 @@ module "cluster" {
if cluster.kube_type == "openshift"
}
source = "terraform-ibm-modules/base-ocp-vpc/ibm"
version = "3.48.3"
version = "3.55.0"
resource_group_id = local.resource_groups[each.value.resource_group]
region = var.region
cluster_name = each.value.cluster_name
Expand Down Expand Up @@ -297,7 +297,7 @@ module "cluster" {
disable_public_endpoint = coalesce(each.value.disable_public_endpoint, true) # disable if not set or null
verify_worker_network_readiness = each.value.verify_cluster_network_readiness
use_private_endpoint = each.value.use_ibm_cloud_private_api_endpoints
addons = each.value.addons
addons = { for addon_name, addon_version in each.value.addons : addon_name => { version = addon_version } if addon_version != null }
enable_ocp_console = each.value.enable_ocp_console
manage_all_addons = each.value.manage_all_addons
disable_outbound_traffic_protection = each.value.disable_outbound_traffic_protection
Expand Down
2 changes: 1 addition & 1 deletion dynamic_values/cluster.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ module "ut_cluster_map" {
workers_per_subnet = 2
flavor = "spicy"
secondary_storage = "300gb.5iops-tier"
operating_system = "REDHAT_8_64"
operating_system = "RHCOS"
}
]
}
Expand Down
2 changes: 1 addition & 1 deletion dynamic_values/cluster_worker_pools.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ module "ut_worker_pools" {
workers_per_subnet = 2
flavor = "spicy"
secondary_storage = "300gb.5iops-tier"
operating_system = "REDHAT_8_64"
operating_system = "RHCOS"
}
]
}
Expand Down
2 changes: 1 addition & 1 deletion dynamic_values/config_modules/cluster_worker_pools/worker_pools.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ locals {
vpc_id = var.vpc_modules[pool.vpc_name].vpc_id # add vpc_id
subnets = module.worker_pool_subnets["${var.prefix}-${cluster.name}-${pool.name}"].subnets
kube_type = cluster.kube_type
operating_system = lookup(pool, "operating_system", "REDHAT_8_64")
operating_system = lookup(pool, "operating_system", "RHCOS")
}) if pool != null
] if cluster.worker_pools != null
]
Expand Down
10 changes: 5 additions & 5 deletions examples/override-example/override.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
"name": "workload-cluster",
"secondary_storage": "300gb.5iops-tier",
"resource_group": "slz-workload-rg",
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"use_ibm_cloud_private_api_endpoints": false,
"verify_cluster_network_readiness": false,
"kms_config": {
Expand All @@ -37,7 +37,7 @@
"flavor": "bx2.16x64",
"name": "logging-worker-pool",
"secondary_storage": "300gb.5iops-tier",
"operating_system" : "REDHAT_8_64",
"operating_system": "RHCOS",
"subnet_names": [
"vsi-zone-1",
"vsi-zone-2",
Expand Down Expand Up @@ -115,13 +115,13 @@
"enable": true,
"days": 30,
"prefix": "logs/"
},
"archive_rule": {
},
"archive_rule": {
"rule_id": "a-bucket-arch-rule",
"enable": true,
"days": 0,
"type": "Glacier"
}
}
}
],
"keys": [
Expand Down
18 changes: 10 additions & 8 deletions ibm_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1279,11 +1279,8 @@
"key": "kube_version",
"type": "string",
"required": true,
"default_value": "4.18_openshift",
"options": [
{
"displayname": "Default",
"value": "default"
},
{
"displayname": "4.14_openshift",
"value": "4.14_openshift"
Expand All @@ -1299,6 +1296,10 @@
{
"displayname": "4.17_openshift",
"value": "4.17_openshift"
},
{
"displayname": "4.18_openshift",
"value": "4.18_openshift"
}
],
"custom_config": {}
Expand Down Expand Up @@ -1594,11 +1595,8 @@
"key": "kube_version",
"type": "string",
"required": true,
"default_value": "4.18_openshift",
"options": [
{
"displayname": "Default",
"value": "default"
},
{
"displayname": "4.14_openshift",
"value": "4.14_openshift"
Expand All @@ -1614,6 +1612,10 @@
{
"displayname": "4.17_openshift",
"value": "4.17_openshift"
},
{
"displayname": "4.18_openshift",
"value": "4.18_openshift"
}
],
"custom_config": {}
Expand Down
4 changes: 2 additions & 2 deletions patterns/mixed/config.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ locals {
entitlement = var.entitlement
secondary_storage = var.secondary_storage
use_private_endpoint = var.use_private_endpoint
operating_system = "REDHAT_8_64"
operating_system = "RHCOS"
verify_worker_network_readiness = var.verify_worker_network_readiness
boot_volume_crk_name = "${var.prefix}-roks-key"
# By default, create dedicated pool for logging
Expand All @@ -123,7 +123,7 @@ locals {
"vsi-zone-${zone}"
]
entitlement = var.entitlement
operating_system = "REDHAT_8_64"
operating_system = "RHCOS"
workers_per_subnet = var.workers_per_zone
flavor = var.flavor
secondary_storage = var.secondary_storage
Expand Down
5 changes: 2 additions & 3 deletions patterns/mixed/override.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
"entitlement": "cloud_pak",
"flavor": "bx2.16x64",
"name": "logging-worker-pool",
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"subnet_names": [
"vsi-zone-1",
"vsi-zone-2",
Expand Down Expand Up @@ -169,7 +169,6 @@
"resource_group": "slz-service-rg",
"use_hs_crypto": false,
"service_endpoints": "public-and-private"

},
"resource_groups": [
{
Expand All @@ -187,7 +186,7 @@
],
"security_groups": [],
"service_endpoints": "public-and-private",
"existing_vpc_cbr_zone_id" : null,
"existing_vpc_cbr_zone_id": null,
"ssh_keys": [
{
"name": "slz-ssh-key",
Expand Down
2 changes: 1 addition & 1 deletion patterns/roks-quickstart/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ locals {
"resource_group": "workload-rg",
"disable_outbound_traffic_protection": true,
"cluster_force_delete_storage": true,
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"kms_wait_for_apply": true,
"kms_config": {
"crk_name": "roks-key",
Expand Down
6 changes: 3 additions & 3 deletions patterns/roks/module/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -272,10 +272,10 @@ variable "cluster_force_delete_storage" {
variable "operating_system" {
type = string
description = "The operating system of the workers in the default worker pool. If no value is specified, the current default version OS will be used. See https://cloud.ibm.com/docs/openshift?topic=openshift-openshift_versions#openshift_versions_available ."
default = "REDHAT_8_64"
default = "RHCOS"
validation {
error_message = "RHEL 8 (REDHAT_8_64) or Red Hat Enterprise Linux CoreOS (RHCOS) are the allowed OS values. RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS."
condition = var.operating_system == "REDHAT_8_64" || var.operating_system == "RHCOS"
error_message = "RHEL 8 (REDHAT_8_64), RHEL 9 (RHEL_9_64) or Red Hat Enterprise Linux CoreOS (RHCOS) are the allowed OS values. RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS."
condition = var.operating_system == "REDHAT_8_64" || var.operating_system == "RHEL_9_64" || var.operating_system == "RHCOS"
}
}

Expand Down
8 changes: 4 additions & 4 deletions patterns/roks/override.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"resource_group": "slz-management-rg",
"disable_outbound_traffic_protection": false,
"cluster_force_delete_storage": false,
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"kms_wait_for_apply": true,
"kms_config": {
"crk_name": "slz-roks-key",
Expand All @@ -39,7 +39,7 @@
"vsi-zone-3"
],
"vpc_name": "management",
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"workers_per_subnet": 2
}
],
Expand All @@ -53,7 +53,7 @@
"machine_type": "bx2.16x64",
"name": "workload-cluster",
"resource_group": "slz-workload-rg",
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"disable_outbound_traffic_protection": false,
"cluster_force_delete_storage": false,
"kms_wait_for_apply": true,
Expand All @@ -78,7 +78,7 @@
"vsi-zone-3"
],
"vpc_name": "workload",
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"workers_per_subnet": 2
}
],
Expand Down
13 changes: 7 additions & 6 deletions patterns/roks/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -192,19 +192,20 @@ variable "cluster_zones" {
}

variable "kube_version" {
description = "The version of the OpenShift cluster that should be provisioned. Current supported values are '4.17_openshift', '4.16_openshift', '4.15_openshift' or '4.14_openshift'. NOTE: This is only used during initial cluster provisioning, but ignored for future updates. Cluster version updates should be done outside of terraform to prevent possible destructive changes."
description = "The version of the OpenShift cluster that should be provisioned. NOTE: This is only used during initial cluster provisioning, but ignored for future updates. Cluster version updates should be done outside of terraform to prevent possible destructive changes."
type = string
default = "4.16_openshift"
default = null
validation {
condition = anytrue([
var.kube_version == null,
var.kube_version == "default",
var.kube_version == "4.18_openshift",
var.kube_version == "4.17_openshift",
var.kube_version == "4.16_openshift",
var.kube_version == "4.15_openshift",
var.kube_version == "4.14_openshift",
])
error_message = "The kube_version value can currently only be '4.17_openshift', '4.16_openshift', '4.15_openshift' or '4.14_openshift'"
error_message = "The kube_version value can currently only be '4.18_openshift', '4.17_openshift', '4.16_openshift', '4.15_openshift' or '4.14_openshift'"
}
}

Expand Down Expand Up @@ -289,10 +290,10 @@ variable "cluster_force_delete_storage" {
variable "operating_system" {
type = string
description = "The operating system of the workers in the default worker pool. If no value is specified, the current default version OS will be used. See https://cloud.ibm.com/docs/openshift?topic=openshift-openshift_versions#openshift_versions_available ."
default = "REDHAT_8_64"
default = "RHCOS"
validation {
error_message = "RHEL 8 (REDHAT_8_64) or Red Hat Enterprise Linux CoreOS (RHCOS) are the allowed OS values. RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS."
condition = var.operating_system == "REDHAT_8_64" || var.operating_system == "RHCOS"
error_message = "RHEL 8 (REDHAT_8_64), RHEL 9 (RHEL_9_64) or Red Hat Enterprise Linux CoreOS (RHCOS) are the allowed OS values. RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS."
condition = var.operating_system == "REDHAT_8_64" || var.operating_system == "RHEL_9_64" || var.operating_system == "RHCOS"
}
}

Expand Down
4 changes: 2 additions & 2 deletions tests/resources/override-example.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
"name": "workload-cluster",
"secondary_storage": "300gb.5iops-tier",
"resource_group": "slz-work-rg",
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"use_ibm_cloud_private_api_endpoints": false,
"verify_cluster_network_readiness": false,
"kms_config": {
Expand All @@ -37,7 +37,7 @@
"flavor": "bx2.16x64",
"name": "logging-worker-pool",
"secondary_storage": "300gb.5iops-tier",
"operating_system": "REDHAT_8_64",
"operating_system": "RHCOS",
"subnet_names": [
"vsi-zone-1",
"vsi-zone-2",
Expand Down
4 changes: 2 additions & 2 deletions variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1007,8 +1007,8 @@ variable "clusters" {

# operating_system validation
validation {
error_message = "RHEL 8 (REDHAT_8_64) or Red Hat Enterprise Linux CoreOS (RHCOS) are the allowed OS values. RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS."
condition = length([for cluster in var.clusters : true if cluster.operating_system == null || cluster.operating_system == "REDHAT_8_64" || cluster.operating_system == "RHCOS"]) == length(var.clusters)
error_message = "RHEL 8 (REDHAT_8_64), RHEL 9 (RHEL_9_64) or Red Hat Enterprise Linux CoreOS (RHCOS) are the allowed OS values. RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS."
condition = length([for cluster in var.clusters : true if cluster.operating_system == null || cluster.operating_system == "REDHAT_8_64" || cluster.operating_system == "RHEL_9_64" || cluster.operating_system == "RHCOS"]) == length(var.clusters)
}

}
Expand Down