Openshift cluster values

root/values_openshift.yaml

@@ -0,0 +1,203 @@
+disabledApps:
+  - amd-gpu-operator
+  - minio-operator
+  - minio-tenant
+  - minio-tenant-config
+
+enabledApps:
+  - gitea
+  - gitea-config
+  - argocd
+  - argocd-config
+  - amd-gpu-operator-config
+  - aim-cluster-model-source
+  - airm
+  - appwrapper
+  - cert-manager
+  - cluster-auth
+  - cluster-auth-config
+  - cnpg-operator
+  - external-secrets
+  - external-secrets-config
+  - kaiwo
+  - kaiwo-config
+  - kaiwo-crds
+  - keda
+  - kedify-otel
+  - keycloak
+  - kserve
+  - kserve-crds
+  - kueue
+  - kueue-config
+  - kuberay-operator
+  - kyverno
+  - kyverno-policies-base
+  - kyverno-policies-storage-local-path
+  - openbao
+  - openbao-config
+  - opentelemetry-operator
+  - otel-lgtm-stack
+  - prometheus-crds
+  - rabbitmq
+
+apps:
+
+  gitea:
+    helmParameters:
+      - name: persistence.storageClass
+        value: direct
+
+  # Modular Kyverno policy applications (only the storage-local-path addition)
+  kyverno-policies-storage-local-path:
+    namespace: kyverno
+    path: kyverno-policies/storage-local-path
+    syncWave: -20
+    ignoreDifferences:
+      - group: kyverno.io
+        kind: ClusterPolicy
+        jsonPointers:
+          - /spec/rules/*/skipBackgroundRequests
+          - /spec/rules/*/validate/allowExistingViolations
+  argocd:
+    valuesObject:
+      applicationSet:
+        replicas: 1
+      controller:
+        replicas: 1
+        resources:
+          limits:
+            cpu: "1000m"
+            memory: "2Gi"
+          requests:
+            cpu: "500m" 
+            memory: "1Gi"
+      redis-ha:
+        enabled: false
+        redis:
+          resources:
+            limits:
+              cpu: "500m"
+              memory: "1Gi"
+            requests:
+              cpu: "250m"
+              memory: "512Mi"
+      repoServer:
+        replicas: 1
+        resources:
+          limits:
+            cpu: "500m" 
+            memory: "1Gi"
+          requests:
+            cpu: "250m"
+            memory: "512Mi"
+      server:
+        replicas: 1
+        resources:
+          limits:
+            cpu: "500m"
+            memory: "1Gi"
+          requests:
+            cpu: "125m"
+            memory: "256Mi"
+  grafana:
+    valuesObject:
+      persistence:
+        accessModes:
+          - ReadWriteOnce
+        enabled: true
+        size: 5Gi
+        storageClassName: direct
+      replicas: 1
+      resources:
+        limits:
+          cpu: "1000m"
+          memory: "2Gi"
+        requests:
+          cpu: "250m"
+          memory: "512Mi"
+  keycloak:
+    valuesObject:
+      # Increase memory resources for Keycloak to prevent OOMKilled during initialization
+      # Medium preset provides 1536Mi memory limit vs small preset's 768Mi
+      resourcesPreset: "medium"
+  minio-tenant:
+    valuesObject:
+      tenant:
+        buckets:
+          - name: default-bucket
+            objectLock: true
+          - name: models
+            objectLock: true
+          - name: datasets
+            objectLock: false
+        pools:
+          - name: pool-0
+            servers: 1
+            size: 2Ti
+            storageClassName: direct
+            volumesPerServer: 2
+        resources:
+          limits:
+            cpu: "4000m"
+            memory: "8Gi"
+          requests:
+            cpu: "1000m"
+            memory: "2Gi"
+  openbao:
+    valuesObject:
+      server:
+        dataStorage:
+          size: 5Gi
+          storageClass: direct
+        ha:
+          enabled: false
+          raft:
+            enabled: false
+          replicas: 1
+        resources:
+          limits:
+            cpu: "1000m"
+            memory: "2Gi"
+          requests:
+            cpu: "250m"
+            memory: "512Mi"
+  opentelemetry-operator:
+    valuesObject:
+      manager:
+        resources:
+          requests:
+            cpu: "250m"
+            memory: "512Mi"
+  otel-lgtm-stack:
+    valuesObject:
+      collectors:
+        resources:
+          metrics:
+            cpu: '1'
+            limits:
+              memory: 4Gi
+      services:
+        nodeExporter:
+          metrics: 9101
+  prometheus:
+    valuesObject:
+      prometheus:
+        prometheusSpec:
+          resources:
+            limits:
+              cpu: "2000m"
+              memory: "4Gi"
+            requests:
+              cpu: "500m"
+              memory: "1Gi"
+          retention: 15d
+          retentionSize: 20GB
+          storageSpec:
+            volumeClaimTemplate:
+              spec:
+                accessModes:
+                  - ReadWriteOnce
+                resources:
+                  requests:
+                    storage: 25Gi
+                storageClassName: direct

scripts/bootstrap.sh

@@ -209,6 +209,18 @@ parse_args() {
           CLUSTER_SIZE="${1#*=}"
           shift
           ;;
+        --CLUSTER_SIZE)
+          if [ -z "$2" ]; then
+            echo "ERROR: --CLUSTER_SIZE requires an argument"
+            exit 1
+          fi
+          CLUSTER_SIZE="$2"
+          shift 2
+          ;;
+        --CLUSTER_SIZE=*)
+          CLUSTER_SIZE="${1#*=}"
+          shift
+          ;;
         --TARGET-REVISION|--target-revision|-r)
           if [ -z "$2" ]; then
             echo "WARNING: defaulting to --target-revision=$LATEST_RELEASE (no value specified)"
@@ -296,7 +308,7 @@ parse_args() {
           --disabled-apps=app1[,app2,glob*]  Exclude specified apps from installation. Supports * and ? wildcards.
                                              Example: --disabled-apps=airm,airm-infra-* skips airm, airm-infra-cnpg, airm-infra-external-secrets, etc.
 
-          --cluster-size=[size],      -s     [size] can be one of small|medium|large, default: medium
+          --cluster-size=[size],      -s     [size] can be one of small|medium|large|openshift, default: medium
           --help,                     -h     Show this help message and exit
           --skip-deps                        Skip dependency checking (not recommended)
           --target-revision,          -r     Git revision for ArgoCD to sync from, [tag|commit_hash|branch_name], default: $LATEST_RELEASE
@@ -306,14 +318,15 @@ parse_args() {
         Examples:
           $0 compute.amd.com values_custom.yaml --cluster-size=large
           $0 112.100.97.17.nip.io
-          $0 dev.example.com --cluster-size=small --target-revision=v1.8.0
+          $0 dev.example.com --cluster-size=small --target-revision=v2.0.2
           $0 dev.example.com -s=small -r=feature-branch
           $0 example.com --apps=openbao
           $0 example.com --apps=keycloak -t
           $0 example.com --disabled-apps=airm,airm-infra-*
           $0 example.com --apps=airm,keycloak --disabled-apps=airm
           $0 example.com --aiwb-only
           $0 example.com --aiwb-only --disabled-apps=extra-app
+          $0 example.com --cluster-size=openshift
 
         Bootstrap Behavior:
           • deploys ArgoCD + OpenBao + Gitea directly (essential infrastructure)
@@ -351,18 +364,18 @@ validate_args() {
   # Validate required arguments
   if [ -z "$DOMAIN" ]; then
       echo "ERROR: Domain argument is required"
-      echo "Usage: $0 <domain> [values_file] [--CLUSTER_SIZE=small|medium|large]"
+      echo "Usage: $0 <domain> [values_file] [--CLUSTER_SIZE=small|medium|large|openshift]"
       echo "Use --help for more details"
       exit 1
   fi
 
   # Validate cluster size
   case "$CLUSTER_SIZE" in
-    small|medium|large)
+    small|medium|large|openshift)
       ;;
     *)
       echo "ERROR: Invalid cluster size '$CLUSTER_SIZE'"
-      echo "Valid sizes: small, medium, large"
+      echo "Valid sizes: small, medium, large, openshift"
       exit 1
       ;;
   esac