Skip to content

BREAKING CHANGE: Quickstart Openshift Variation #1154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 89 commits into from
Sep 27, 2025
Merged

BREAKING CHANGE: Quickstart Openshift Variation #1154

Show file tree
Hide file tree
Changes from 78 commits
Commits
Show all changes
89 commits
Select commit Hold shift + click to select a range
af3a557
feat: openshift cluster deployment modules(dev code)
stafaniasaju Jul 30, 2025
d26959a
feat: script update(dev code)
stafaniasaju Jul 30, 2025
b57c6f2
Merge branch 'main' into qs-openshift
ludwig-mueller Aug 18, 2025
27f95ad
feat: expose vpn server dns ip addresses
ludwig-mueller Aug 18, 2025
0024c74
feat: add landing zone back in ocp, move dns instance to landing zone…
ludwig-mueller Aug 20, 2025
1c19028
fix: invalid powervs route names
ludwig-mueller Aug 22, 2025
8eac3bb
Merge branch 'main' into qs-openshift
ludwig-mueller Aug 25, 2025
ef069c5
fix: vpn supports only two dns servers
ludwig-mueller Aug 25, 2025
4d14b9f
fix: add lon06 to openshift region map
ludwig-mueller Aug 26, 2025
1ee7430
feat: automatically select supported system type if user passes null
ludwig-mueller Aug 26, 2025
a9486f1
fix: add wait for install on cluster create
ludwig-mueller Aug 27, 2025
f5cb588
fix: use ocp-rg
ludwig-mueller Aug 27, 2025
631d686
fix: second rg wasn't used for PowerVS workspace
ludwig-mueller Aug 28, 2025
52cb072
fix: switch from wait for install to wait for bootstrap and add missi…
ludwig-mueller Aug 28, 2025
06a807a
feat: add machine network to avoid conflict with vpn network
ludwig-mueller Aug 29, 2025
0037b19
Merge branch 'main' into qs-openshift
ludwig-mueller Sep 1, 2025
d8f22c3
fix: add vpc subnet to install-config
ludwig-mueller Sep 1, 2025
6ff3766
chore: add validation for proc_type
ludwig-mueller Sep 1, 2025
ac9fd0a
chore add validation for system_type
ludwig-mueller Sep 1, 2025
c441b03
fix: wrong vpc subnet format
ludwig-mueller Sep 3, 2025
17e092d
debug: skip openshift playbooks for debugging purposes with pipeline
ludwig-mueller Sep 3, 2025
8226ce4
fix: disable nfs and ntp forwarder by default
ludwig-mueller Sep 4, 2025
f4f6b1b
fix: bad private subnet as default value
ludwig-mueller Sep 4, 2025
d5aa905
fix: ccp configs, remove ntp, nfs and DNS (#1152)
surajsbharadwaj Sep 8, 2025
0cd4597
Merge branch 'main' into qs-openshift
ludwig-mueller Sep 8, 2025
3166bb9
fix: change defaults to create bigger subnet ranges for the cluster n…
ludwig-mueller Sep 8, 2025
c266d04
chore: remove vpcSubnets parameter since it's only kept for backwards…
ludwig-mueller Sep 8, 2025
ce28c36
feat: expose node memory
ludwig-mueller Sep 8, 2025
c779bf3
fix: remove quotes from memory (int) so it doesn't error out
ludwig-mueller Sep 9, 2025
0eccc4f
fix: add wait for cluster to complete
ludwig-mueller Sep 9, 2025
5c75fb2
fix: execute first playbook with vault since it contains secrets
ludwig-mueller Sep 9, 2025
000954e
fix: encrypted playbook wasn't using ansible vault during execution
ludwig-mueller Sep 9, 2025
2105129
refactor: consolidate prefix and cluster name by removing prefix and …
ludwig-mueller Sep 9, 2025
edd2b3b
feat: cat openshift install log
ludwig-mueller Sep 9, 2025
c8a9f71
feat: fill outputs.tf
ludwig-mueller Sep 10, 2025
612957d
feat: remove cluster_dir and hardcode it to ocp-powervs-deploy to min…
ludwig-mueller Sep 10, 2025
07d4aba
chore: update intel images
ludwig-mueller Sep 10, 2025
69e811e
fix: add validation for supported regions
ludwig-mueller Sep 10, 2025
32c6b21
chore: change defaults to shared processors
ludwig-mueller Sep 10, 2025
4044411
chore: revert intel image back to rhel9-4
ludwig-mueller Sep 10, 2025
c9ad9ef
chore(docs): var description
ludwig-mueller Sep 10, 2025
e788d31
feat: add openshift DA to catalog manifest
ludwig-mueller Sep 10, 2025
b7b331a
chore(docs): minor edits in catalog manifest
ludwig-mueller Sep 11, 2025
d008ec2
fix: add ca-mon to existing secrets manager regions
ludwig-mueller Sep 11, 2025
63122a7
chore: reorder memory
ludwig-mueller Sep 12, 2025
1ae6ce6
fix: add validation to ensure subnets are sufficiently large
ludwig-mueller Sep 12, 2025
510c9b9
BREAKING CHANGE: remove extension variation
ludwig-mueller Sep 12, 2025
f028043
fix: add back support for lon04
ludwig-mueller Sep 12, 2025
5b2bcc3
feat: expose user_data for cloud init on intel VSIs
ludwig-mueller Sep 15, 2025
711040d
Merge branch 'main' into qs-openshift
ludwig-mueller Sep 15, 2025
46a2acc
docs: add heatmap and architecture diagram
ludwig-mueller Sep 15, 2025
6a5ea88
docs: update toc version
ludwig-mueller Sep 15, 2025
6efd24d
ci: add standard-openshift to catalog onboarding pipeline
ludwig-mueller Sep 15, 2025
92bca23
docs: add openshift entries to readme
ludwig-mueller Sep 15, 2025
9dd918c
chore: hide user_data attribute
ludwig-mueller Sep 15, 2025
799c99f
fix: remove dns, ntp, nfs from outputs
ludwig-mueller Sep 15, 2025
d21787d
docs: add features to catalog manifest
ludwig-mueller Sep 15, 2025
4ac46c8
refactor: fix account_name wrong variable name
ludwig-mueller Sep 15, 2025
d269d46
refactor: rename wrong playbook task
ludwig-mueller Sep 15, 2025
556284a
fix: landing zone module outputting wrong powervs workspace name
ludwig-mueller Sep 15, 2025
0404f5c
fix: powervs rg compatibility with standard and quickstart
ludwig-mueller Sep 15, 2025
dc8d813
fix: add user_data null check
ludwig-mueller Sep 16, 2025
f0e5e96
refactor: remove service id prefix as it's just the cluster name
ludwig-mueller Sep 16, 2025
2303038
refactor: move ansible module into openshift variation
ludwig-mueller Sep 16, 2025
7bb9cda
fix: powervs resource group name output in landing zone module
ludwig-mueller Sep 18, 2025
d1633c1
chore(deps): update intel images
ludwig-mueller Sep 19, 2025
3655f4d
docs: arch diagram dhcp subnet and load balancer names
ludwig-mueller Sep 19, 2025
b3db007
feat: add validation for node replicas
ludwig-mueller Sep 19, 2025
9a0dd03
docs: add readmes
ludwig-mueller Sep 19, 2025
4757fda
fix: broken link
ludwig-mueller Sep 19, 2025
b1a9a52
docs: wrong subnets
ludwig-mueller Sep 19, 2025
1ec0854
Merge branch 'main' into qs-openshift
ludwig-mueller Sep 22, 2025
c534545
fix: remove outputs sections from catalog manifest
ludwig-mueller Sep 22, 2025
1074110
docs: update ref arch
ludwig-mueller Sep 22, 2025
aa38887
fix: remove default value for cluster name
ludwig-mueller Sep 22, 2025
a55d556
feat: encrypt ocp config when not in use
ludwig-mueller Sep 24, 2025
14ba28a
fix: add encrypting to ansible exec scripts
ludwig-mueller Sep 24, 2025
04c0b1c
fix: close if statements
ludwig-mueller Sep 24, 2025
5dfbb04
fix: add check if file is already encrypted to prevent ansible vault …
ludwig-mueller Sep 25, 2025
a3ce2a8
chore: include schematics IPs (#1159)
surajsbharadwaj Sep 25, 2025
f879c5a
feat: lon06 now support p10
ludwig-mueller Sep 25, 2025
3579c23
fix: check if file is encrypted before decrypting
ludwig-mueller Sep 25, 2025
e5ad0b3
fix: missing file name
ludwig-mueller Sep 25, 2025
3fb256f
fix: logic error during decryption
ludwig-mueller Sep 25, 2025
2302bf7
feat: upgrade instance module to 2.8.0
ludwig-mueller Sep 25, 2025
f33c78b
fix: split password file creation and deletion to ensure terraform fa…
ludwig-mueller Sep 26, 2025
6e72dde
fix: upgrade instance module to 2.8.1
ludwig-mueller Sep 26, 2025
4e3a67e
docs: add pull secret link
ludwig-mueller Sep 26, 2025
b086307
chore(deps): update openshift release to 4.19.13
ludwig-mueller Sep 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .catalog-onboard-pipeline.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,9 @@ offerings:
scc:
instance_id: d9f6ba0c-dd0e-4348-a834-6002b675fe40
region: us-south
- name: standard-extend
- name: standard-openshift
mark_ready: false
install_type: extension
install_type: fullstack
scc:
instance_id: d9f6ba0c-dd0e-4348-a834-6002b675fe40
region: us-south
40 changes: 39 additions & 1 deletion .secrets.baseline
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"files": "go.sum|^.secrets.baseline$",
"lines": null
},
"generated_at": "2025-05-26T17:03:08Z",
"generated_at": "2025-09-16T12:27:11Z",
"plugins_used": [
{
"name": "AWSKeyDetector"
Expand Down Expand Up @@ -121,6 +121,44 @@
"verified_result": null
}
],
"solutions/standard-openshift/ansible/templates-ansible/deploy-openshift-cluster/playbook-configure-ocp-cluster.yml.tftpl": [
{
"hashed_secret": "6f803b24314c39062efe38d0c1da8c472f47eab3",
"is_secret": false,
"is_verified": false,
"line_number": 174,
"type": "Secret Keyword",
"verified_result": null
},
{
"hashed_secret": "d2e2ab0f407e4ee3cf2ab87d61c31b25a74085e5",
"is_secret": false,
"is_verified": false,
"line_number": 190,
"type": "Secret Keyword",
"verified_result": null
}
],
"solutions/standard-openshift/ansible/templates-ansible/deploy-openshift-cluster/playbook-create-ocp-cluster-manifests.yml.tftpl": [
{
"hashed_secret": "d2e2ab0f407e4ee3cf2ab87d61c31b25a74085e5",
"is_secret": false,
"is_verified": false,
"line_number": 61,
"type": "Secret Keyword",
"verified_result": null
}
],
"solutions/standard-openshift/ansible/templates-ansible/deploy-openshift-cluster/playbook-deploy-ocp-cluster.yml.tftpl": [
{
"hashed_secret": "d2e2ab0f407e4ee3cf2ab87d61c31b25a74085e5",
"is_secret": false,
"is_verified": false,
"line_number": 53,
"type": "Secret Keyword",
"verified_result": null
}
],
"solutions/standard-plus-vsi/catalogValidationValues.json.template": [
{
"hashed_secret": "fa501f2ceec739604d621b521446b88d41a7f76b",
Expand Down
22 changes: 12 additions & 10 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,26 +12,28 @@ This repository contains deployable architecture solutions that help provision V
Three solutions are offered:
1. [Standard Landscape](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard)
- Creates a VPC and Power Virtual Server workspace, interconnects them, and configures OS network management services (SQUID proxy, NTP, NFS, and DNS services) using Ansible Galaxy collection roles [ibm.power_linux_sap collection](https://galaxy.ansible.com/ui/repo/published/ibm/power_linux_sap/).
2. [Extend Standard Landscape](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard-extend)
- Extends the standard landscape solution by creating a new Power Virtual Server workspace in a different zone and interconnects with the previous solution.
- This solution is typically used for **High Availability scenarios** where a single management VPC can be used to reach both PowerVS workspaces.
3. [Quickstart (Standard Landscape plus VSI)](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard-plus-vsi)
2. [Quickstart (Standard Landscape plus VSI)](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard-plus-vsi)
- Creates a VPC and a Power Virtual Server workspace, interconnects them, and configures operating network management services (SQUID proxy, NTP, NFS, and DNS services) using Ansible Galaxy collection roles [ibm.power_linux_sap collection](https://galaxy.ansible.com/ui/repo/published/ibm/power_linux_sap/).
- Additionally creates a Power Virtual Server Instance of a selected t-shirt size. Network management services, filesystems and SCC Workload protection agents are configured for AIX and Linux instances.
- This solution is typically utilized for **PoCs, demos, and quick onboarding** to PowerVS Infrastructure.
3. [Quickstart Openshift](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard-openshift)
- Creates a VPC and a Power Virtual Server workspace and then deploys an OpenShift Cluster in them by using the [RedHat IPI Installer](https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html-single/installing_on_ibm_power_virtual_server/index) for IBM PowerVS.
- The number of PowerVS Master and Worker nodes and their compute configuration is fully customizable.
- Optionally creates IBM Cloud Monitoring and a SCC Workload protection instances.
- This solution is typically utilized for **PoCs, demos, and quick onboarding** of OpenShift on PowerVS Infrastructure.

## Reference architectures
- [Standard Landscape](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/reference-architectures/standard/deploy-arch-ibm-pvs-inf-standard.md)
- [Extend Standard Landscape](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/reference-architectures/standard-extend/deploy-arch-ibm-pvs-inf-standard-extend.md)
- [Quickstart (Standard Landscape plus VSI)](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/reference-architectures/standard-plus-vsi/deploy-arch-ibm-pvs-inf-standard-plus-vsi.md)
- [Quickstart Openshift](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/reference-architectures/standard-openshift/deploy-arch-ibm-pvs-inf-standard-openshift.md)

## Solutions

| Variation | Available on IBM Catalog | Requires IBM Schematics Workspace ID | Creates VPC Landing Zone | Performs VPC VSI OS Config | Creates PowerVS Infrastructure | Creates PowerVS Instance | Performs PowerVS OS Config |
| ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- |
| [Standard Landscape](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard) | :heavy_check_mark: | N/A | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | N/A | N/A |
| [Extend Standard Landscape](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard-extend) | :heavy_check_mark: | :heavy_check_mark: | N/A | N/A | :heavy_check_mark: | N/A | N/A |
| [Quickstart (Standard Landscape plus VSI)](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard-plus-vsi) | :heavy_check_mark: | N/A | :heavy_check_mark:| :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
| Variation | Available on IBM Catalog | Creates VPC Landing Zone | Performs VPC VSI OS Config | Creates PowerVS Infrastructure | Creates PowerVS Instance | Performs PowerVS OS Config |
| ------------- | ------------- | ------------- | ------------- | ------------- | ------------- | ------------- |
| [Standard Landscape](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard) | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | N/A | N/A |
| [Quickstart (Standard Landscape plus VSI)](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard-plus-vsi) | :heavy_check_mark: | :heavy_check_mark:| :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
| [Quickstart OpenShift](https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure/tree/main/solutions/standard-openshift) | :heavy_check_mark: | :heavy_check_mark:| :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |


## Required IAM access policies
Expand Down
Loading