diff --git a/argocd/applications/configs/infra-onboarding.yaml b/argocd/applications/configs/infra-onboarding.yaml index a4fdb7d89..8184738fd 100644 --- a/argocd/applications/configs/infra-onboarding.yaml +++ b/argocd/applications/configs/infra-onboarding.yaml @@ -62,3 +62,5 @@ infra-config: config: enAgentManifestTag: "1.4.11" embImageUrl: files-edge-orch/repository/microvisor/uos/emb_uos_x86_64_20251113.tar.gz + skipOSProvisioning: false + diff --git a/argocd/applications/custom/infra-core.tpl b/argocd/applications/custom/infra-core.tpl index bbc325107..8c7f68e36 100644 --- a/argocd/applications/custom/infra-core.tpl +++ b/argocd/applications/custom/infra-core.tpl @@ -17,8 +17,11 @@ global: import: tenant-config: - enabled: {{ index .Values.argo "infra-core" "tenant-config" "enabled" }} - + enabled: {{ dig "infra-core" "tenant-config" "enabled" false .Values.argo }} + api: + enabled: {{ dig "infra-core" "api" "enabled" true .Values.argo }} + exporter: + enabled: {{ dig "infra-core" "exporter" "enabled" true .Values.argo }} api: serviceArgs: enableTracing: {{ index .Values.argo "infra-core" "enableTracing" | default false }} diff --git a/argocd/applications/custom/infra-managers.tpl b/argocd/applications/custom/infra-managers.tpl index 608cbd2c7..17c3728a4 100644 --- a/argocd/applications/custom/infra-managers.tpl +++ b/argocd/applications/custom/infra-managers.tpl @@ -15,6 +15,20 @@ global: {{- end }} {{- end }} +import: + maintenance-manager: + enabled: {{ dig "infra-managers" "maintenance-manager" "enabled" true .Values.argo }} + telemetry-manager: + enabled: {{ dig "infra-managers" "telemetry-manager" "enabled" true .Values.argo }} + os-resource-manager: + enabled: {{ dig "infra-managers" "os-resource-manager" "enabled" true .Values.argo }} + networking-manager: + enabled: {{ dig "infra-managers" "networking-manager" "enabled" true .Values.argo }} + attestationstatus-manager: + enabled: {{ dig "infra-managers" "attestationstatus-manager" "enabled" true .Values.argo }} + host-manager: + enabled: {{ dig "infra-managers" "host-manager" "enabled" true .Values.argo }} + host-manager: serviceArgs: enableTracing: {{ index .Values.argo "infra-managers" "enableTracing" | default false }} diff --git a/argocd/applications/custom/infra-onboarding.tpl b/argocd/applications/custom/infra-onboarding.tpl index 6caf6dc78..cf97a009e 100644 --- a/argocd/applications/custom/infra-onboarding.tpl +++ b/argocd/applications/custom/infra-onboarding.tpl @@ -20,6 +20,8 @@ import: enabled: {{ index .Values.argo "infra-onboarding" "onboarding-manager" "enabled" }} pxe-server: enabled: {{ index .Values.argo "infra-onboarding" "pxe-server" "enabled" }} + tinkerbell: + enabled: {{ index .Values.argo "infra-onboarding" "tinkerbell" "enabled" }} infra-config: config: diff --git a/installer/generate_cluster_yaml.sh b/installer/generate_cluster_yaml.sh index e0064a108..d2640b2c3 100755 --- a/installer/generate_cluster_yaml.sh +++ b/installer/generate_cluster_yaml.sh @@ -57,7 +57,6 @@ fi # ----------------------------------------------------------------------------- export PLATFORM_PROFILE='- orch-configs/profiles/enable-platform.yaml' export KYVERNO_PROFILE='- orch-configs/profiles/enable-kyverno.yaml' -export EDGEINFRA_PROFILE='- orch-configs/profiles/enable-edgeinfra.yaml' export FULL_UI_PROFILE='- orch-configs/profiles/enable-full-ui.yaml' export SRE_PROFILE='- orch-configs/profiles/enable-sre.yaml' export PROXY_NONE_PROFILE='- orch-configs/profiles/proxy-none.yaml' @@ -156,6 +155,20 @@ else export SINGLE_TENANCY_PROFILE="#- orch-configs/profiles/enable-singleTenancy.yaml" fi +# ----------------------------------------------------------------------------- +# Modular Vpro profile logic +# ----------------------------------------------------------------------------- +if [ "${MODULAR_PROFILE:-}" = "vpro" ]; then + export EDGEINFRA_PROFILE='- orch-configs/profiles/enable-modular-vpro.yaml' + # Disable CO, AO, O11Y profiles for Modular VPro + export CO_PROFILE="#- orch-configs/profiles/enable-cluster-orch.yaml" + export AO_PROFILE="#- orch-configs/profiles/enable-app-orch.yaml" + export O11Y_ENABLE_PROFILE="#- orch-configs/profiles/enable-o11y.yaml" + export O11Y_PROFILE="#- orch-configs/profiles/o11y-onprem.yaml" +else + export EDGEINFRA_PROFILE='- orch-configs/profiles/enable-edgeinfra.yaml' +fi + # ----------------------------------------------------------------------------- # Explicit proxy configuration # ----------------------------------------------------------------------------- @@ -328,7 +341,6 @@ if [ "${ONPREM_UPGRADE_SYNC:-false}" = "true" ]; then ' "$OUTPUT_FILE" fi - # ----------------------------------------------------------------------------- # Proxy variable updates # ----------------------------------------------------------------------------- diff --git a/on-prem-installers/onprem/onprem_installer.sh b/on-prem-installers/onprem/onprem_installer.sh index 0624ee970..9a852a15f 100755 --- a/on-prem-installers/onprem/onprem_installer.sh +++ b/on-prem-installers/onprem/onprem_installer.sh @@ -11,7 +11,7 @@ # # Usage: ./onprem_installer.sh [PRE_OPTIONS] [-- MAIN_OPTIONS] # PRE_OPTIONS: Options for onprem_pre_install.sh (--skip-download, -y/--yes, -t/--trace) -# MAIN_OPTIONS: Options for onprem_orch_install.sh (after --) (-s/--sre, -d/--notls, -y/--yes, --disable-*, -t/--trace) +# MAIN_OPTIONS: Options for onprem_orch_install.sh (after --) (-s/--sre, -d/--notls, -y/--yes, --disable-*, --modular-vpro, -t/--trace) # # Prerequisites: onprem.env file must exist with proper configuration @@ -65,6 +65,10 @@ Examples: ./$(basename "$0") -- -st --disable-o11y # Enable single tenancy mode and disable observability in main install +./$(basename "$0") -- --modular-vpro + # Deploy only vPro services (MPS, RPS, AMT) + # Disable CO, AO, and O11y profiles in the installation + Pre-Install Options (before --): -h, --help Show this help message and exit --skip-download Skip downloading install packages from registry @@ -79,6 +83,7 @@ Main Install Options (after --): --disable-co Disable Cluster Orchestrator profile --disable-ao Disable Application Orchestrator profile --disable-o11y Disable Observability profile + --modular-vpro Set modular vpro services deployment profile -st, --single_tenancy Enable single tenancy mode -t, --trace Enable bash debug tracing @@ -93,10 +98,11 @@ Configuration: EOF } -# Parse command line arguments +# Parse command line arguments - simple passthrough without validation while [[ $# -gt 0 ]]; do case "$1" in -h|--help) + # Only handle help at the orchestrator level usage exit 0 ;; @@ -107,6 +113,7 @@ while [[ $# -gt 0 ]]; do continue ;; *) + # Pass all other options directly to the appropriate script if [[ "$COLLECTING_MAIN" == true ]]; then MAIN_OPTIONS+=("$1") else diff --git a/on-prem-installers/onprem/onprem_orch_install.sh b/on-prem-installers/onprem/onprem_orch_install.sh index d8ddc46f8..4050bbf44 100755 --- a/on-prem-installers/onprem/onprem_orch_install.sh +++ b/on-prem-installers/onprem/onprem_orch_install.sh @@ -24,6 +24,7 @@ # -y, --yes Assume 'yes' to all prompts and run non-interactively # --disable-co Disable Cluster Orchestrator profile # --disable-ao Disable Application Orchestrator profile +# --modular-vpro Enable Modular VPro profile # --disable-o11y Disable Observability profile # -st, --single_tenancy Enable single tenancy mode # -t, --trace Enable debug tracing @@ -178,7 +179,7 @@ reset_runtime_variables() { fi # Check if line is a runtime variable - if [[ "$line" =~ ^export\ (SRE_TLS_ENABLED|SRE_DEST_CA_CERT|SMTP_SKIP_VERIFY|DISABLE_CO_PROFILE|DISABLE_AO_PROFILE|DISABLE_O11Y_PROFILE)= ]]; then + if [[ "$line" =~ ^export\ (SRE_TLS_ENABLED|SRE_DEST_CA_CERT|SMTP_SKIP_VERIFY|DISABLE_CO_PROFILE|DISABLE_AO_PROFILE|DISABLE_O11Y_PROFILE|MODULAR_PROFILE)= ]]; then # Check if it's multi-line (opening quote without closing quote on same line) if [[ "$line" =~ =[\'\"]. ]] && ! [[ "$line" =~ =[\'\"].*[\'\"][[:space:]]*$ ]]; then in_multiline=1 @@ -194,7 +195,7 @@ reset_runtime_variables() { # Unset variables in current shell unset SRE_TLS_ENABLED SRE_DEST_CA_CERT SMTP_SKIP_VERIFY - unset DISABLE_CO_PROFILE DISABLE_AO_PROFILE DISABLE_O11Y_PROFILE + unset DISABLE_CO_PROFILE DISABLE_AO_PROFILE DISABLE_O11Y_PROFILE MODULAR_PROFILE echo "Runtime variables cleaned successfully." } @@ -263,6 +264,9 @@ Options: --disable-o11y Disable Observability (O11y) profile Skips monitoring and observability component installation + + --modular-vpro Enable Modular VPro profile + Skip AO, CO, Observability components; installs Modular VPro related components -st, --single_tenancy Enable single tenancy mode Configures the system for single tenant deployment @@ -311,6 +315,10 @@ write_shared_variables() { update_config_variable "$config_file" "DISABLE_O11Y_PROFILE" "${DISABLE_O11Y_PROFILE}" fi + if [[ -n "${MODULAR_PROFILE:-}" ]]; then + update_config_variable "$config_file" "MODULAR_PROFILE" "${MODULAR_PROFILE}" + fi + if [[ -n "${SINGLE_TENANCY_PROFILE:-}" && "${SINGLE_TENANCY_PROFILE}" == "true" ]]; then update_config_variable "$config_file" "SINGLE_TENANCY_PROFILE" "${SINGLE_TENANCY_PROFILE}" fi @@ -367,6 +375,12 @@ if [ -n "${1-}" ]; then --disable-o11y) DISABLE_O11Y_PROFILE="true" ;; + --modular-vpro) + DISABLE_CO_PROFILE="true" + DISABLE_AO_PROFILE="true" + DISABLE_O11Y_PROFILE="true" + MODULAR_PROFILE="vpro" + ;; -t|--trace) set -x ENABLE_TRACE=true diff --git a/orch-configs/profiles/enable-modular-vpro.yaml b/orch-configs/profiles/enable-modular-vpro.yaml new file mode 100644 index 000000000..a4ba27657 --- /dev/null +++ b/orch-configs/profiles/enable-modular-vpro.yaml @@ -0,0 +1,91 @@ +# SPDX-FileCopyrightText: 2025 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +# Includes Edge Infrastructure Manager and UI +# Use either this or enable-full + +# This enables Modular Vpro Edge Infrastructure Manager to support 100 edge nodes. + +argo: + enabled: + infra-core: true + infra-managers: true + infra-external: true + infra-onboarding: true + web-ui-infra: false + copy-keycloak-admin-to-infra: true + infra-managers: + host-manager: + enabled: false + maintenance-manager: + enabled: false + telemetry-manager: + enabled: false + os-resource-manager: + enabled: false + networking-manager: + enabled: false + attestationstatus-manager: + enabled: false + infra-core: + tenant-config: + enabled: false + exporter: + enabled: false + api: + enabled: false + apiv2: + enabled: true + resources: + requests: + memory: "16Mi" + cpu: "10m" + limits: + memory: "64Gi" + cpu: "64" + inventory: + enabled: true + resources: + requests: + memory: "16Mi" + cpu: "10m" + limits: + memory: "64Gi" + cpu: "64" + tenant-controller: + enabled: true + resources: + requests: + memory: "16Mi" + cpu: "10m" + limits: + memory: "64Gi" + cpu: "64" + infra-onboarding: + pxe-server: + enabled: false + tinkerbell: + enabled: false + infra-config: + enabled: true + skipOSProvisioning: true + onboarding-manager: + enabled: true + resources: + requests: + memory: "16Mi" + cpu: "10m" + limits: + memory: "64Gi" + cpu: "64" + dkam: + enabled: true + resources: + requests: + memory: "16Mi" + cpu: "10m" + limits: + memory: "64Gi" + cpu: "64" + infra-external: {}