Add adapter-hypershift-nodepool chart and fix adapter-hypershift for OCI

vkareh · vkareh · commit af065ee21c76 · 2026-06-11T11:02:32.000-04:00
Add new adapter-hypershift-nodepool Helm chart that subscribes to the
nodepools topic, validates the parent HostedCluster is Available via
adapter status, creates a HyperShift NodePool CR on the management
cluster, and reports status back to the API. Fix adapter-hypershift
task config to use Route instead of NodePort for Ignition/OAuth.
Add values-oci.yaml for sentinel-nodepools with RabbitMQ config.
Pin sentinel-nodepools Chart.yaml dependency to v0.2.0.
diff --git a/helm/adapter-hypershift-nodepool/Chart.yaml b/helm/adapter-hypershift-nodepool/Chart.yaml
@@ -0,0 +1,11 @@
+apiVersion: v2
+name: adapter-hypershift-nodepool
+description: HyperShift NodePool adapter - creates NodePool resources on a remote management cluster
+type: application
+version: 0.1.0
+appVersion: "0.0.0-dev"
+
+dependencies:
+  - name: hyperfleet-adapter
+    version: "2.0.0"
+    repository: "git+https://github.com/openshift-hyperfleet/hyperfleet-adapter@charts?ref=main"
diff --git a/helm/adapter-hypershift-nodepool/adapter-config.yaml b/helm/adapter-hypershift-nodepool/adapter-config.yaml
@@ -0,0 +1,26 @@
+# HyperShift NodePool adapter deployment configuration
+# Creates NodePool resources on a remote HyperShift management cluster
+adapter:
+  name: adapter-hypershift-nodepool
+  version: "0.2.0"
+
+debug_config: true
+log:
+  level: debug
+
+clients:
+  hyperfleet_api:
+    base_url: http://hyperfleet-api:8000
+    version: v1
+    timeout: 10s
+    retry_attempts: 3
+    retry_backoff: exponential
+
+  broker:
+    subscription_id: "adapter-hypershift-nodepool"
+    topic: "hyperfleet-nodepools"
+
+  kubernetes:
+    api_version: "v1"
+    # Use the mounted kubeconfig to target the remote HyperShift management cluster
+    kube_config_path: /etc/hypershift/kubeconfig
diff --git a/helm/adapter-hypershift-nodepool/adapter-task-config.yaml b/helm/adapter-hypershift-nodepool/adapter-task-config.yaml
@@ -0,0 +1,206 @@
+# HyperShift NodePool adapter task configuration
+# Creates a NodePool resource on the remote management cluster
+params:
+
+  - name: "nodepoolId"
+    source: "event.id"
+    type: "string"
+    required: true
+
+  - name: "clusterId"
+    source: "event.owner_references.id"
+    type: "string"
+    required: true
+
+  - name: "generation"
+    source: "event.generation"
+    type: "int"
+    required: true
+
+  - name: "namespace"
+    source: "env.CLUSTERS_NAMESPACE"
+    type: "string"
+
+  - name: "ociAD"
+    source: "env.OCI_AD"
+    type: "string"
+
+  - name: "ociSubnetId"
+    source: "env.OCI_SUBNET_ID"
+    type: "string"
+
+  - name: "ociShape"
+    source: "env.OCI_SHAPE"
+    type: "string"
+
+  - name: "ociOcpus"
+    source: "env.OCI_OCPUS"
+    type: "string"
+
+  - name: "ociMemoryGBs"
+    source: "env.OCI_MEMORY_GBS"
+    type: "string"
+
+  - name: "ociBootVolumeGB"
+    source: "env.OCI_BOOT_VOLUME_GB"
+    type: "string"
+
+# Preconditions: look up nodepool and parent cluster from the API
+preconditions:
+
+  # Fetch nodepool details (name, spec, status)
+  - name: "nodepoolDetails"
+    api_call:
+      method: "GET"
+      url: "/clusters/{{ .clusterId }}/nodepools/{{ .nodepoolId }}"
+      timeout: 10s
+      retry_attempts: 3
+      retry_backoff: "exponential"
+    capture:
+      - name: "nodepoolName"
+        field: "name"
+      - name: "generation"
+        field: "generation"
+      - name: "nodepoolSpec"
+        field: "spec"
+      - name: "nodepoolNotReady"
+        expression: |
+          status.conditions.filter(c, c.type == "Ready").size() > 0
+            ? status.conditions.filter(c, c.type == "Ready")[0].status != "True"
+            : true
+
+  # Fetch parent cluster details (need the cluster name for clusterName ref)
+  - name: "clusterDetails"
+    api_call:
+      method: "GET"
+      url: "/clusters/{{ .clusterId }}"
+      timeout: 10s
+      retry_attempts: 3
+      retry_backoff: "exponential"
+    capture:
+      - name: "clusterName"
+        field: "name"
+
+  # Check if HostedCluster is Available via adapter-hypershift status
+  - name: "clusterAdapterStatus"
+    api_call:
+      method: "GET"
+      url: "/clusters/{{ .clusterId }}/statuses"
+      timeout: 10s
+      retry_attempts: 3
+      retry_backoff: "exponential"
+    capture:
+      - name: "clusterAvailable"
+        expression: |
+          items.filter(s, s.adapter == "adapter-hypershift").size() > 0 ? (items.filter(s, s.adapter == "adapter-hypershift")[0].conditions.filter(c, c.type == "Available").size() > 0 ? items.filter(s, s.adapter == "adapter-hypershift")[0].conditions.filter(c, c.type == "Available")[0].status == "True" : false) : false
+
+  - name: "validationCheck"
+    # Only proceed if nodepool is NOT Ready AND HostedCluster adapter reports Available
+    expression: |
+      nodepoolNotReady && clusterAvailable
+
+# Resources: NodePool on the remote management cluster
+resources:
+
+  - name: "nodePool"
+    transport:
+      client: "kubernetes"
+    manifest:
+      apiVersion: hypershift.openshift.io/v1beta1
+      kind: NodePool
+      metadata:
+        name: "{{ .clusterName }}-{{ .nodepoolName }}"
+        namespace: "{{ .namespace }}"
+        labels:
+          hyperfleet.io/cluster-id: "{{ .clusterId }}"
+          hyperfleet.io/cluster-name: "{{ .clusterName }}"
+          hyperfleet.io/nodepool-id: "{{ .nodepoolId }}"
+          hyperfleet.io/nodepool-name: "{{ .nodepoolName }}"
+      spec:
+        clusterName: "{{ .clusterName }}"
+        replicas: 2
+        management:
+          autoRepair: true
+          upgradeType: Replace
+        platform:
+          type: OCI
+          oci:
+            instanceShape: "{{ .ociShape }}"
+            instanceShapeConfig:
+              ocpus: 4
+              memoryInGBs: 16
+            availabilityDomain: "{{ .ociAD }}"
+            subnetId: "{{ .ociSubnetId }}"
+            bootVolumeSize: 120
+        release:
+          image: "quay.io/openshift-release-dev/ocp-release:4.20.2-x86_64"
+    discovery:
+      namespace: "{{ .namespace }}"
+      by_selectors:
+        label_selector:
+          hyperfleet.io/nodepool-id: "{{ .nodepoolId }}"
+
+# Post-processing: report NodePool status back to API
+post:
+  payloads:
+    - name: "statusPayload"
+      build:
+        adapter: "{{ .adapter.name }}"
+        conditions:
+          - type: "Applied"
+            status:
+              expression: |
+                has(resources.nodePool.metadata.creationTimestamp) ? "True" : "False"
+            reason:
+              expression: |
+                has(resources.nodePool.metadata.creationTimestamp) ? "NodePoolCreated" : "NodePoolPending"
+            message:
+              expression: |
+                has(resources.nodePool.metadata.creationTimestamp)
+                ? "NodePool has been created on the management cluster"
+                : "NodePool is pending creation"
+          - type: "Available"
+            status:
+              expression: |
+                has(resources.nodePool.status) && has(resources.nodePool.status.conditions)
+                ? (resources.nodePool.status.conditions.filter(c, c.type == "Ready").size() > 0
+                   ? resources.nodePool.status.conditions.filter(c, c.type == "Ready")[0].status
+                   : "False")
+                : "False"
+            reason:
+              expression: |
+                has(resources.nodePool.status) && has(resources.nodePool.status.conditions)
+                ? (resources.nodePool.status.conditions.filter(c, c.type == "Ready").size() > 0
+                   ? resources.nodePool.status.conditions.filter(c, c.type == "Ready")[0].reason
+                   : "WaitingForNodes")
+                : "WaitingForNodes"
+            message:
+              expression: |
+                has(resources.nodePool.status) && has(resources.nodePool.status.conditions)
+                ? (resources.nodePool.status.conditions.filter(c, c.type == "Ready").size() > 0
+                   ? resources.nodePool.status.conditions.filter(c, c.type == "Ready")[0].message
+                   : "Waiting for worker nodes to be provisioned")
+                : "Waiting for worker nodes to be provisioned"
+          - type: "Health"
+            status:
+              expression: |
+                adapter.?executionStatus.orValue("") == "success" ? "True" : (adapter.?executionStatus.orValue("") == "failed" ? "False" : "Unknown")
+            reason:
+              expression: |
+                adapter.?errorReason.orValue("") != "" ? adapter.?errorReason.orValue("") : "Healthy"
+            message:
+              expression: |
+                adapter.?errorMessage.orValue("") != "" ? adapter.?errorMessage.orValue("") : "Adapter executed successfully"
+        observed_generation:
+          expression: "generation"
+        observed_time: "{{ now | date \"2006-01-02T15:04:05Z07:00\" }}"
+
+  post_actions:
+    - name: "reportNodepoolStatus"
+      api_call:
+        method: "POST"
+        url: "/clusters/{{ .clusterId }}/nodepools/{{ .nodepoolId }}/statuses"
+        headers:
+          - name: "Content-Type"
+            value: "application/json"
+        body: "{{ .statusPayload }}"
diff --git a/helm/adapter-hypershift-nodepool/charts/hyperfleet-adapter-2.0.0.tgz b/helm/adapter-hypershift-nodepool/charts/hyperfleet-adapter-2.0.0.tgz
diff --git a/helm/adapter-hypershift-nodepool/nodepool-manifest.yaml b/helm/adapter-hypershift-nodepool/nodepool-manifest.yaml
@@ -0,0 +1,28 @@
+apiVersion: hypershift.openshift.io/v1beta1
+kind: NodePool
+metadata:
+  name: "{{ .clusterName }}-{{ .nodepoolName }}"
+  namespace: "{{ .namespace }}"
+  labels:
+    hyperfleet.io/cluster-id: "{{ .clusterId }}"
+    hyperfleet.io/cluster-name: "{{ .clusterName }}"
+    hyperfleet.io/nodepool-id: "{{ .nodepoolId }}"
+    hyperfleet.io/nodepool-name: "{{ .nodepoolName }}"
+spec:
+  clusterName: "{{ .clusterName }}"
+  replicas: {{ index .nodepoolSpec "replicas" | default 2 }}
+  management:
+    autoRepair: true
+    upgradeType: Replace
+  platform:
+    type: OCI
+    oci:
+      instanceShape: "{{ index .nodepoolSpec "instanceShape" | default .ociShape }}"
+      instanceShapeConfig:
+        ocpus: {{ index .nodepoolSpec "ocpus" | default .ociOcpus }}
+        memoryInGBs: {{ index .nodepoolSpec "memoryInGBs" | default .ociMemoryGBs }}
+      availabilityDomain: "{{ index .nodepoolSpec "availabilityDomain" | default .ociAD }}"
+      subnetId: "{{ index .nodepoolSpec "subnetId" | default .ociSubnetId }}"
+      bootVolumeSize: {{ index .nodepoolSpec "bootVolumeSize" | default .ociBootVolumeGB }}
+  release:
+    image: "{{ index .nodepoolSpec "releaseImage" | default "quay.io/openshift-release-dev/ocp-release:4.20.2-x86_64" }}"
diff --git a/helm/adapter-hypershift-nodepool/values.yaml b/helm/adapter-hypershift-nodepool/values.yaml
@@ -0,0 +1,67 @@
+# Values for adapter-hypershift-nodepool
+# Creates NodePool resources on a remote HyperShift management cluster
+
+hyperfleet-adapter:
+  image:
+    registry: CHANGE_ME
+    repository: CHANGE_ME
+    tag: latest
+
+  adapterConfig:
+    create: true
+    log:
+      level: debug
+
+  adapterTaskConfig:
+    create: true
+
+  broker:
+    type: googlepubsub
+    googlepubsub:
+      projectId: CHANGE_ME
+      subscriptionId: CHANGE_ME
+      topic: CHANGE_ME
+      deadLetterTopic: ""
+      createTopicIfMissing: true
+      createSubscriptionIfMissing: true
+    rabbitmq:
+      url: CHANGE_ME
+      queue: ""
+      exchange: ""
+      routingKey: ""
+
+  env:
+    - name: NAMESPACE
+      valueFrom:
+        fieldRef:
+          fieldPath: metadata.namespace
+    - name: CLUSTERS_NAMESPACE
+      value: clusters
+    - name: OCI_AD
+      value: US-SANJOSE-1-AD-1
+    - name: OCI_SUBNET_ID
+      value: CHANGE_ME
+    - name: OCI_SHAPE
+      value: VM.Standard.E4.Flex
+    - name: OCI_OCPUS
+      value: "4"
+    - name: OCI_MEMORY_GBS
+      value: "16"
+    - name: OCI_BOOT_VOLUME_GB
+      value: "120"
+
+  # Mount the management cluster kubeconfig
+  extraVolumeMounts:
+    - name: hypershift-kubeconfig
+      mountPath: /etc/hypershift
+      readOnly: true
+
+  extraVolumes:
+    - name: hypershift-kubeconfig
+      secret:
+        secretName: hypershift-mgmt-kubeconfig
+
+  # RBAC is for the local CLM cluster only; remote access uses the mounted kubeconfig
+  rbac:
+    resources:
+      - configmaps
diff --git a/helm/adapter-hypershift/adapter-task-config.yaml b/helm/adapter-hypershift/adapter-task-config.yaml
@@ -36,9 +36,6 @@ params:
     source: "env.CPO_IMAGE"
     type: "string"
 
-  - name: "workerNodeIP"
-    source: "env.WORKER_NODE_IP"
-    type: "string"
 
 # Preconditions: check cluster details from API
 preconditions:
@@ -118,14 +115,10 @@ resources:
         services:
           - service: Ignition
             servicePublishingStrategy:
-              type: NodePort
-              nodePort:
-                address: "{{ .workerNodeIP }}"
+              type: Route
           - service: OAuthServer
             servicePublishingStrategy:
-              type: NodePort
-              nodePort:
-                address: "{{ .workerNodeIP }}"
+              type: Route
           - service: APIServer
             servicePublishingStrategy:
               type: LoadBalancer
diff --git a/helm/adapter-hypershift/charts/hyperfleet-adapter-2.0.0.tgz b/helm/adapter-hypershift/charts/hyperfleet-adapter-2.0.0.tgz
diff --git a/helm/sentinel-nodepools/values-oci.yaml b/helm/sentinel-nodepools/values-oci.yaml
@@ -0,0 +1,23 @@
+# OCI/OKE overrides for Sentinel nodepools (v0.2.0 config format)
+
+hyperfleet-sentinel:
+  config:
+    resourceType: nodepools
+    resourceSelector: []
+
+    hyperfleetApi:
+      baseUrl: http://hyperfleet-api:8000
+      timeout: 5s
+
+  broker:
+    type: rabbitmq
+    topic: hyperfleet-nodepools
+    rabbitmq:
+      url: amqp://guest:guest@rabbitmq:5672/
+      exchangeType: topic
+
+  monitoring:
+    podMonitoring:
+      enabled: false
+    prometheusRule:
+      enabled: false
