diff --git a/root/values_openshift.yaml b/root/values_openshift.yaml new file mode 100644 index 00000000..2d942b04 --- /dev/null +++ b/root/values_openshift.yaml @@ -0,0 +1,203 @@ +disabledApps: + - amd-gpu-operator + - minio-operator + - minio-tenant + - minio-tenant-config + +enabledApps: + - gitea + - gitea-config + - argocd + - argocd-config + - amd-gpu-operator-config + - aim-cluster-model-source + - airm + - appwrapper + - cert-manager + - cluster-auth + - cluster-auth-config + - cnpg-operator + - external-secrets + - external-secrets-config + - kaiwo + - kaiwo-config + - kaiwo-crds + - keda + - kedify-otel + - keycloak + - kserve + - kserve-crds + - kueue + - kueue-config + - kuberay-operator + - kyverno + - kyverno-policies-base + - kyverno-policies-storage-local-path + - openbao + - openbao-config + - opentelemetry-operator + - otel-lgtm-stack + - prometheus-crds + - rabbitmq + +apps: + + gitea: + helmParameters: + - name: persistence.storageClass + value: direct + + # Modular Kyverno policy applications (only the storage-local-path addition) + kyverno-policies-storage-local-path: + namespace: kyverno + path: kyverno-policies/storage-local-path + syncWave: -20 + ignoreDifferences: + - group: kyverno.io + kind: ClusterPolicy + jsonPointers: + - /spec/rules/*/skipBackgroundRequests + - /spec/rules/*/validate/allowExistingViolations + argocd: + valuesObject: + applicationSet: + replicas: 1 + controller: + replicas: 1 + resources: + limits: + cpu: "1000m" + memory: "2Gi" + requests: + cpu: "500m" + memory: "1Gi" + redis-ha: + enabled: false + redis: + resources: + limits: + cpu: "500m" + memory: "1Gi" + requests: + cpu: "250m" + memory: "512Mi" + repoServer: + replicas: 1 + resources: + limits: + cpu: "500m" + memory: "1Gi" + requests: + cpu: "250m" + memory: "512Mi" + server: + replicas: 1 + resources: + limits: + cpu: "500m" + memory: "1Gi" + requests: + cpu: "125m" + memory: "256Mi" + grafana: + valuesObject: + persistence: + accessModes: + - ReadWriteOnce + enabled: true + size: 5Gi + storageClassName: direct + replicas: 1 + resources: + limits: + cpu: "1000m" + memory: "2Gi" + requests: + cpu: "250m" + memory: "512Mi" + keycloak: + valuesObject: + # Increase memory resources for Keycloak to prevent OOMKilled during initialization + # Medium preset provides 1536Mi memory limit vs small preset's 768Mi + resourcesPreset: "medium" + minio-tenant: + valuesObject: + tenant: + buckets: + - name: default-bucket + objectLock: true + - name: models + objectLock: true + - name: datasets + objectLock: false + pools: + - name: pool-0 + servers: 1 + size: 2Ti + storageClassName: direct + volumesPerServer: 2 + resources: + limits: + cpu: "4000m" + memory: "8Gi" + requests: + cpu: "1000m" + memory: "2Gi" + openbao: + valuesObject: + server: + dataStorage: + size: 5Gi + storageClass: direct + ha: + enabled: false + raft: + enabled: false + replicas: 1 + resources: + limits: + cpu: "1000m" + memory: "2Gi" + requests: + cpu: "250m" + memory: "512Mi" + opentelemetry-operator: + valuesObject: + manager: + resources: + requests: + cpu: "250m" + memory: "512Mi" + otel-lgtm-stack: + valuesObject: + collectors: + resources: + metrics: + cpu: '1' + limits: + memory: 4Gi + services: + nodeExporter: + metrics: 9101 + prometheus: + valuesObject: + prometheus: + prometheusSpec: + resources: + limits: + cpu: "2000m" + memory: "4Gi" + requests: + cpu: "500m" + memory: "1Gi" + retention: 15d + retentionSize: 20GB + storageSpec: + volumeClaimTemplate: + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 25Gi + storageClassName: direct \ No newline at end of file diff --git a/scripts/bootstrap.sh b/scripts/bootstrap.sh index 860a0ac3..cff4aedc 100755 --- a/scripts/bootstrap.sh +++ b/scripts/bootstrap.sh @@ -209,6 +209,18 @@ parse_args() { CLUSTER_SIZE="${1#*=}" shift ;; + --CLUSTER_SIZE) + if [ -z "$2" ]; then + echo "ERROR: --CLUSTER_SIZE requires an argument" + exit 1 + fi + CLUSTER_SIZE="$2" + shift 2 + ;; + --CLUSTER_SIZE=*) + CLUSTER_SIZE="${1#*=}" + shift + ;; --TARGET-REVISION|--target-revision|-r) if [ -z "$2" ]; then echo "WARNING: defaulting to --target-revision=$LATEST_RELEASE (no value specified)" @@ -296,7 +308,7 @@ parse_args() { --disabled-apps=app1[,app2,glob*] Exclude specified apps from installation. Supports * and ? wildcards. Example: --disabled-apps=airm,airm-infra-* skips airm, airm-infra-cnpg, airm-infra-external-secrets, etc. - --cluster-size=[size], -s [size] can be one of small|medium|large, default: medium + --cluster-size=[size], -s [size] can be one of small|medium|large|openshift, default: medium --help, -h Show this help message and exit --skip-deps Skip dependency checking (not recommended) --target-revision, -r Git revision for ArgoCD to sync from, [tag|commit_hash|branch_name], default: $LATEST_RELEASE @@ -306,7 +318,7 @@ parse_args() { Examples: $0 compute.amd.com values_custom.yaml --cluster-size=large $0 112.100.97.17.nip.io - $0 dev.example.com --cluster-size=small --target-revision=v1.8.0 + $0 dev.example.com --cluster-size=small --target-revision=v2.0.2 $0 dev.example.com -s=small -r=feature-branch $0 example.com --apps=openbao $0 example.com --apps=keycloak -t @@ -314,6 +326,7 @@ parse_args() { $0 example.com --apps=airm,keycloak --disabled-apps=airm $0 example.com --aiwb-only $0 example.com --aiwb-only --disabled-apps=extra-app + $0 example.com --cluster-size=openshift Bootstrap Behavior: • deploys ArgoCD + OpenBao + Gitea directly (essential infrastructure) @@ -351,18 +364,18 @@ validate_args() { # Validate required arguments if [ -z "$DOMAIN" ]; then echo "ERROR: Domain argument is required" - echo "Usage: $0 [values_file] [--CLUSTER_SIZE=small|medium|large]" + echo "Usage: $0 [values_file] [--CLUSTER_SIZE=small|medium|large|openshift]" echo "Use --help for more details" exit 1 fi # Validate cluster size case "$CLUSTER_SIZE" in - small|medium|large) + small|medium|large|openshift) ;; *) echo "ERROR: Invalid cluster size '$CLUSTER_SIZE'" - echo "Valid sizes: small, medium, large" + echo "Valid sizes: small, medium, large, openshift" exit 1 ;; esac