ocs_ci.deployment.helpers package

Submodules

ocs_ci.deployment.helpers.ceph_cluster module

ocs_ci.deployment.helpers.ceph_cluster.clear_ceph_bluestore_signature_on_wnodes(wnodes, disk_names=None, namespace=None)

Clears Ceph BlueStore signatures on the specified worker nodes.

Parameters:

• wnodes (list) – List of worker node objects where the Ceph BlueStore signatures will be cleared.

• disk_names (dict) – Map of node name to disk name to clear. When absent, the disk is auto-detected per node.

• namespace (str) – Namespace for the debug pod.

Returns:

True if the clearing succeeded on all nodes, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.get_ceph_admin_key(host_node, namespace=None)

Retrieves the Ceph admin key from the specified host node.

Parameters:

• host_node (ocs_ci.ocs.resources.ocs.OCS) – The host node object from which to retrieve the Ceph admin key.

• namespace (str) – Namespace for the debug pod.

Returns:

The Ceph admin key.

Return type:

str

Raises:

RuntimeError – If the key cannot be parsed from the output.

ocs_ci.deployment.helpers.ceph_cluster.get_ceph_fsid(host_node, namespace=None)

Retrieves the Ceph FSID from the specified host node.

Parameters:

• host_node (ocs_ci.ocs.resources.ocs.OCS) – The host node object from which to retrieve the FSID.

• namespace (str) – Namespace for the debug pod.

Returns:

The Ceph FSID.

Return type:

str

Raises:

RuntimeError – If the FSID cannot be parsed from the output.

ocs_ci.deployment.helpers.ceph_cluster.get_wipe_devices_from_other_clusters_flag()

Read the wipeDevicesFromOtherClusters flag from the StorageCluster CR.

Returns:

The raw value of

spec.managedResources.cephCluster.cleanupPolicy .wipeDevicesFromOtherClusters — True, False, or None when the key is absent.

Return type:

object

ocs_ci.deployment.helpers.ceph_cluster.install_minimal_ceph_cluster(wnode, namespace=None)

Installs a minimal Ceph cluster on the specified worker node.

Parameters:

• wnode (ocs_ci.ocs.resources.ocs.OCS) – The worker node object where the Ceph cluster will be installed.

• namespace (str) – Namespace for the debug pod.

Returns:

True if the installation succeeded, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.install_minimal_ceph_cluster_and_conf_on_wnodes(wnodes, host_node=None, namespace=None)

Installs a minimal Ceph cluster and configuration on the specified worker nodes.

Parameters:

• wnodes (list) – List of worker node objects where the Ceph cluster and configuration will be installed.

• host_node (ocs_ci.ocs.resources.ocs.OCS) – The host node object where the Ceph cluster will be installed. If None, the first worker node in the list will be used as the host node.

• namespace (str) – Namespace for the debug pod.

Returns:

True if the installation succeeded on all nodes, False otherwise.

Return type:

bool

Raises:

RuntimeError – If the Ceph cluster or configuration installation fails on any node.

ocs_ci.deployment.helpers.ceph_cluster.install_minimal_ceph_conf(wnode, host_node, namespace=None)

Installs a minimal Ceph configuration on the specified worker node.

Parameters:

• wnode (ocs_ci.ocs.resources.ocs.OCS) – The worker node object where the Ceph configuration will be installed.

• host_node (ocs_ci.ocs.resources.ocs.OCS) – The host node object from which to copy the Ceph configuration.

• namespace (str) – Namespace for the debug pod.

Returns:

True if the installation succeeded, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.post_deployment_verify_wipe_devices()

Post-deployment wipe verification dispatcher.

Reads wipe_devices_from_other_clusters and odf_forceful_deployment from config to decide which verification path to take:

• If either flag is set, verifies the correct wipe scenario occurred (unencrypted or dm-crypt, depending on simulate_bluestore_label / simulate_bluestore_label_dmcrypt).

• Otherwise, asserts that no wipe of foreign bluestore data took place.

Raises:

AssertionError – When the no-wipe check fails.

ocs_ci.deployment.helpers.ceph_cluster.remove_minimal_ceph_cluster(host_node, namespace=None)

Removes a minimal Ceph cluster from the specified host node.

Parameters:

• host_node (ocs_ci.ocs.resources.ocs.OCS) – The host node object from which to remove the Ceph cluster.

• namespace (str) – Namespace for the debug pod.

Returns:

True if the removal succeeded, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.simulate_ceph_bluestore_dmcrypt_on_node_disk(wnode, disk_name=None, namespace=None)

Simulates an encrypted Ceph BlueStore OSD (dm-crypt/LUKS) on a disk of a given worker node.

Uploads the simulate_bluestore_label_dmcrypt.sh script to the node and executes it, creating a LUKS container with BlueStore metadata inside and LUKS header metadata matching a real Rook encrypted OSD layout.

Parameters:

• wnode (ocs_ci.ocs.resources.ocs.OCS) – The worker node object where the simulation should be performed.

• disk_name (str, optional) – The disk device name to simulate on. If not provided, auto-detects the last /dev/sd* or nvme disk.

• namespace (str) – Namespace for the debug pod.

Returns:

True if the simulation succeeded, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.simulate_ceph_bluestore_dmcrypt_on_wnodes(wnodes, namespace=None, disk_map=None)

Simulates encrypted Ceph BlueStore OSDs (dm-crypt/LUKS) on worker nodes.

Parameters:

• wnodes (list) – List of worker node objects where the simulation should be performed.

• namespace (str) – Namespace for the debug pod.

• disk_map (dict) – Map of node name to pre-detected disk name. When provided, skips per-node disk detection.

Returns:

True if the simulation succeeded on all nodes, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.simulate_ceph_bluestore_on_node_disk(wnode, disk_name=None, namespace=None)

Simulates a Ceph BlueStore label on a specified disk of a given worker node.

This function uploads a local shell script to the node using base64 encoding, and executes it to simulate a BlueStore label on the specified disk. If no disk is specified, the function attempts to auto-detect a suitable disk. The output is parsed to determine whether the simulation was successful.

Parameters:

• wnode (ocs_ci.ocs.resources.ocs.OCS) – The worker node object where the simulation should be performed.

• disk_name (str, optional) – The disk device name to simulate the label on. If not provided, the function auto-detects the last /dev/sd* or the nvme disk on the node.

• namespace (str) – Namespace for the debug pod.

Returns:

True if the simulation succeeded (BlueStore label detected), False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.simulate_ceph_bluestore_on_wnodes(wnodes, namespace=None, disk_map=None)

Simulates Ceph BlueStore labels on the specified worker nodes.

This function iterates over a list of worker nodes and simulates a BlueStore label on each node’s disk. It uses the simulate_ceph_bluestore_on_node_disk function to perform the simulation on each node.

Parameters:

• wnodes (list) – List of worker node objects where the BlueStore simulation should be performed.

• namespace (str) – Namespace for the debug pod.

• disk_map (dict) – Map of node name to pre-detected disk name. When provided, skips per-node disk detection.

Returns:

True if the simulation succeeded on all nodes, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.simulate_full_ceph_bluestore_dmcrypt_process_on_wnodes(wnodes=None, namespace=None, add_disks=True, remove_ceph_cluster=True, clear_signatures=True)

Simulates the full encrypted Ceph BlueStore (dm-crypt/LUKS) process on the specified worker nodes.

Steps performed on each worker node: 1. Adds disks to the nodes if specified. 2. Installs a minimal Ceph cluster and configuration. 3. Simulates an encrypted BlueStore OSD on the node’s disk. 4. Removes the minimal Ceph cluster if specified. 5. Clears BlueStore signatures from disks if specified.

Parameters:

• wnodes (list) – List of worker node objects. Defaults to all worker nodes.

• namespace (str) – Namespace for the debug pod.

• add_disks (bool) – Whether to add disks to the nodes before simulation.

• remove_ceph_cluster (bool) – Whether to remove the minimal Ceph cluster after simulation.

• clear_signatures (bool) – Whether to clear BlueStore signatures from disks after simulation.

Returns:

True if all steps succeeded on all nodes, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.simulate_full_ceph_bluestore_process_on_wnodes(wnodes=None, namespace=None, add_disks=True, remove_ceph_cluster=True, clear_signatures=True)

Simulates the full Ceph BlueStore process on the specified worker nodes.

This function performs the following steps on each worker node: 1. Adds disks to the nodes if specified. 2. Installs a minimal Ceph cluster and configuration. 3. Simulates a BlueStore label on the node’s disk. 4. Removes the minimal Ceph cluster if specified.

Parameters:

• wnodes (list) – List of worker node objects where the full BlueStore simulation should be performed.

• namespace (str) – Namespace for the debug pod.

• add_disks (bool) – Whether to add disks to the nodes before simulation.

• remove_ceph_cluster (bool) – Whether to remove the minimal Ceph cluster after simulation.

• clear_signatures (bool) – Whether to clear BlueStore signatures from disks after simulation.

Returns:

True if all steps succeeded on all nodes, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.verify_no_wipe_devices_from_other_clusters()

Verify that no bluestore wipe of foreign OSD data occurred when neither wipe_devices_from_other_clusters nor odf_forceful_deployment was requested.

Performs two checks:

1. StorageCluster CR — asserts that spec.managedResources.cephCluster.cleanupPolicy.wipeDevicesFromOtherClusters is not true.

2. OSD prepare logs — checks each rook-ceph-osd-prepare pod and asserts that the following pattern is absent:

   • completed wiping OSD <id> device "<dev>" belonging to a different ceph cluster — would indicate an unexpected wipe occurred

Returns:

True if both checks pass (no wipe found), False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.verify_wipe_devices_from_other_clusters_flag()

Verify that the StorageCluster CR has wipeDevicesFromOtherClusters set to true.

Returns:

True if the flag is set to true, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.verify_wipe_encrypted_devices_from_other_clusters()

Verify that the cluster correctly wiped pre-existing encrypted (LUKS) OSDs from another cluster before provisioning new OSDs.

Used when simulate_bluestore_label_dmcrypt is set — the simulation stamps LUKS headers on each disk, and this function confirms Rook detected and wiped them before creating fresh OSDs.

Checks each rook-ceph-osd-prepare pod for the following regex patterns:

• cleaning encrypted disk .+ that is part of a different ceph cluster — LUKS header detected as belonging to a foreign cluster

• successfully zapped device ".+" — low-level wipe succeeded

• completed wiping device ".+" belonging to a different ceph cluster — wipe fully complete

• ceph-volume .+ raw prepare — new OSD creation command

Returns:

True if all checks pass, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.ceph_cluster.verify_wipe_unencrypted_devices_from_other_clusters()

Verify that the cluster correctly wiped pre-existing bluestore OSDs from another cluster before provisioning new OSDs.

Checks each rook-ceph-osd-prepare pod for the following regex patterns, which confirm that foreign bluestore data was detected and zapped:

• completed wiping OSD <id> device "<dev>" belonging to a different ceph cluster — foreign bluestore data detected and zapped

• successfully zapped osd.<id> path "<dev>" — low-level wipe succeeded

• ceph-volume raw dmcrypt prepare successful — new OSD prepared (emitted for both encrypted and unencrypted OSDs)

• ceph-volume .+ raw prepare — new OSD creation command

Returns:

True if all checks pass, False otherwise.

Return type:

bool

ocs_ci.deployment.helpers.external_cluster_helpers module

This module contains helpers functions needed for external cluster deployment.

class ocs_ci.deployment.helpers.external_cluster_helpers.ExternalCluster(host, user, password=None, ssh_key=None)

Bases: object

Helper for External RHCS cluster

apply_topology_export_resources(resources: list[dict], namespace: str | None = None) → dict[str, list[str]]

Apply exported topology resources (secrets, configmaps) to the cluster.

Parameters:

• resources (list[dict]) – List of resource dicts from exporter script. Each dict has ‘name’, ‘kind’, and ‘data’ keys.

• namespace (str) – Namespace to create resources in. Defaults to cluster_namespace from config.

Returns:

Dictionary with keys ‘secrets’ and ‘configmaps’,

each containing list of created resource names.

Return type:

dict[str, list[str]]

Raises:

CommandFailed – If resource creation fails.

build_exporter_base_params(include_rgw=True)

Build the base parameter string for the exporter script.

Reads cluster config to construct the flags needed by create-external-cluster-resources.py. This method has no side effects (does not modify config, delete users, or create namespaces).

Parameters:

include_rgw (bool) – If True (default), include –rgw-endpoint. Set to False for clusters without RGW deployed.

Returns:

Parameter string for run_exporter_script().

Return type:

str

build_topology_replica1_config() → TopologyReplica1Config

Build topology configuration from EXTERNAL_MODE config or CRUSH tree.

Reads replica1_zones from config.EXTERNAL_MODE if available. Falls back to auto-detecting zones from the cluster’s CRUSH tree.

Returns:

Configuration for replica-1 setup.

Return type:

TopologyReplica1Config

cleanup_replica_one_pools(pool_names: list[str]) → None

Remove replica-1 pools from external cluster.

Note

This method logs warnings for failed deletions but does not raise exceptions to allow cleanup of remaining resources.

Parameters:

pool_names (list[str]) – List of pool names to remove.

cleanup_zone_crush_rules(rule_names: list[str]) → None

Remove CRUSH rules from external cluster.

Parameters:

rule_names (list[str]) – List of rule names to remove.

create_object_store_user()

Create object store user on external cluster and update access_key and secret_key to config

create_rbd_namespace(rbd, namespace=None)

Create RBD namespace

Parameters:

• rbd (str) – RBD pool name where namespace has to create

• namespace (str) – Name of RBD namespace

Returns:

RBD Namespace name

Return type:

str

Raises:

ExternalClusterRBDNamespaceCreationFailed – In case fails to create RBD namespace

create_rbd_pool(pool_name: str, pg_num: int, pool_size: int, crush_rule: str | None = None, min_size: int | None = None) → None

Create a single replicated RBD pool on the external Ceph cluster.

Parameters:

• pool_name (str) – Name of the pool to create.

• pg_num (int) – Placement groups for the pool.

• pool_size (int) – Replication factor.

• crush_rule (str) – Optional CRUSH rule name for the pool.

• min_size (int) – Optional minimum replication size.

Raises:

ExternalClusterPoolCreationFailed – If any step fails.

create_replica_one_pools(topology_config: TopologyReplica1Config) → list[str]

Create replica-1 RBD pools for each zone in the topology configuration.

For each zone executes: - ceph osd pool create <pool-name> <pg_num> <pg_num> replicated <rule-name> - ceph osd pool set <pool-name> size 1 –yes-i-really-mean-it - ceph osd pool set <pool-name> min_size 1 - ceph osd pool application enable <pool-name> rbd

Parameters:

topology_config (TopologyReplica1Config) – Topology configuration.

Returns:

List of created pool names.

Return type:

list[str]

Raises:

ExternalClusterPoolCreationFailed – If pool creation fails.

create_topology_pools(pool_names: list[str], pool_size: int = 3, pg_num: int = 32) → list[str]

Create replicated RBD pools for topology-aware provisioning.

Unlike create_replica_one_pools(), this creates standard replicated pools (size >= 2) without per-zone CRUSH rules — the default replicated_rule distributes replicas across hosts automatically.

For each pool executes: - ceph osd pool create <pool-name> <pg_num> <pg_num> replicated - ceph osd pool set <pool-name> size <pool_size> - ceph osd pool application enable <pool-name> rbd

Parameters:

• pool_names (list[str]) – List of pool names to create.

• pool_size (int) – Replication factor (default 3).

• pg_num (int) – Placement groups per pool (default 32).

Returns:

List of created pool names.

Return type:

list[str]

Raises:

ExternalClusterPoolCreationFailed – If pool creation fails.

create_zone_crush_rules(topology_config: TopologyReplica1Config) → list[str]

Create CRUSH rules for each zone in the topology configuration.

Executes: ceph osd crush rule create-simple <rule-name> <host> osd

Parameters:

topology_config (TopologyReplica1Config) – Topology configuration.

Returns:

List of created rule names.

Return type:

list[str]

Raises:

ExternalClusterCrushRuleCreationFailed – If rule creation fails.

disable_certificate_check()

Disable certificate check

Raises:

ExternalClusterDisableCertificateCheckFailed – In case fails to disable certificate check

discover_zones_from_crush_tree() → list[ocs_ci.deployment.helpers.external_cluster_helpers.ZoneConfig]

Auto-detect zones from the external cluster’s CRUSH tree.

Queries ‘ceph osd tree’ and extracts host-type buckets. Each host becomes a zone (zone-a, zone-b, …).

Returns:

Zone configurations derived from CRUSH hosts.

Return type:

list[ZoneConfig]

Raises:

CommandFailed – If ‘ceph osd tree’ command fails.

enable_replica_one_pools() → None

Enable replica-1 pool support on the external Ceph cluster.

Executes: ceph config set mon mon_allow_pool_size_one true

Raises:

ExternalClusterReplica1ConfigurationFailed – If configuration fails.

enable_secure_connection_mode()

Enables secure connection mode for RHCS cluster

exec_external_ceph_cmd(cmd: str, error_msg: str, exception_class: type, raise_on_error: bool = True) → tuple[int, str, str]

Execute a Ceph command on the external RHCS cluster with error handling.

This method wraps rhcs_conn.exec_cmd() with standardized logging and exception handling for external cluster operations.

Parameters:

• cmd (str) – The Ceph command to execute.

• error_msg (str) – Error message prefix for logging on failure.

• exception_class (type) – Exception class to raise on failure.

• raise_on_error (bool) – If True, raise exception on non-zero return code.

Returns:

Return code, stdout, stderr.

Return type:

tuple[int, str, str]

Raises:

exception_class – If command fails and raise_on_error is True.

fetch_cephadm_root_ca_cert_pem()

Return the cephadm-managed root CA (cephadm_root_ca_cert) from this host.

Used for Ceph 19+ when RGW TLS is signed by the cephadm CA. Runs cephadm shell; prefixes sudo when the SSH user is not root.

Returns:

PEM text (with trailing newline).

Return type:

str

Raises:

ExternalClusterExporterRunFailed – If the remote command fails or PEM is empty.

fetch_rgw_server_certificate(rgw_endpoint)

Fetch the actual certificate presented by the RGW server for Ceph < 19.0.

For Reef (18.x), cephadm doesn’t have certmgr, so we extract the cert directly from the RGW server endpoint using openssl s_client.

Parameters:

rgw_endpoint (str) – RGW endpoint (e.g., “10.1.112.76:443”)

Returns:

PEM-encoded certificate

Return type:

str

Raises:

ExternalClusterExporterRunFailed – If certificate fetch fails or endpoint format is invalid

get_admin_keyring()

Fetches admin keyring from external RHCS cluster and updates to config.EXTERNAL_MODE

get_ceph_fs()

Fetches the ceph filesystem name

Returns:

ceph filesystem name

Return type:

str

Raises:

ExternalClusterCephfsMissing – in case of ceph filesystem doesn’t exist

get_external_cluster_details()

Gets the external RHCS cluster details and updates to config.EXTERNAL_MODE

Raises:

ExternalClusterExporterRunFailed – If exporter script failed to run on external RHCS cluster

get_object_store_user_secrets(user)

Get the access and secret key for user

Returns:

tuple which contains access_key and secret_key

Return type:

tuple

get_rgw_endpoint_api_port()

Fetches rgw endpoint api port.

For ceph 6.x, get port information from cephadm ls, for ceph 5.x, get port information from ceph config dump and for ceph 4.x, get port information from ceph.conf on rgw node

Returns:

RGW endpoint port

Return type:

str

get_rhel_version()

Fetches the RHEL version on external RHCS cluster

Returns:

RHEL version

Return type:

str

is_object_store_user_exists(user, realm=None)

Checks whether user exists in external cluster

Parameters:

• user (str) – Object store user name

• realm (str) – Name of realm to check

Returns:

True if user exists, otherwise false

Return type:

bool

is_rgw_user_exists(user)

Checks whether RGW user exists or not

Parameters:

user (str) – RGW user name

Returns:

True incase user exists, otherwise False

Return type:

bool

remove_rbd_images(images, pool)

Removes rbd images from external RHCS cluster

Parameters:

• images (list) – List of rbd images to delete

• pool (str) – rbd pool name

remove_rgw_user(user=None)

Remove RGW user if it exists

Parameters:

user (str) – RGW user name

run_exporter_script(params)

Runs the exporter script on RHCS cluster

Parameters:

params (str) – Parameter to pass to exporter script

Returns:

output of exporter script

Return type:

str

run_topology_exporter_script(topology_config: TopologyReplica1Config, additional_params: str = '') → list[dict]

Run exporter script with topology flags for replica-1 pools.

Builds topology-specific parameters from the configuration: - –topology-pools (comma-separated pool names) - –topology-failure-domain-label (from constants.ZONE_LABEL) - –topology-failure-domain-values (comma-separated zone names) - –rbd-data-pool-name (first pool in list) - –format json

Parameters:

• topology_config (TopologyReplica1Config) – Topology configuration with zones.

• additional_params (str) – Additional parameters to pass to the script.

Returns:

Parsed JSON output from the exporter script.

Return type:

list[dict]

Raises:

• ExternalClusterExporterRunFailed – If script execution fails.

• ValueError – If topology_config.zones is empty.

setup_topology_replica_one(topology_config: TopologyReplica1Config) → dict[str, list[str]]

Complete setup of topology-based replica-1 provisioning.

This is the main entry point that orchestrates: 1. Enable replica-1 pools (mon_allow_pool_size_one) 2. Create CRUSH rules for each zone 3. Create replica-1 pools for each zone 4. Verify the setup

Parameters:

topology_config (TopologyReplica1Config) – Topology configuration.

Returns:

Dictionary with keys ‘pools’ and ‘rules’,

each containing list of created resource names.

Return type:

dict[str, list[str]]

Raises:

• ExternalClusterReplica1ConfigurationFailed – If setup fails.

• ValueError – If topology_config.zones is empty.

update_permission_caps(user=None)

Update permission caps on the external RHCS cluster

upload_config_ini_file(params)

Upload config.ini file that is used for external cluster exporter script –config-file param

Parameters:

params (str) – Parameter to pass to exporter script

Returns:

absolute path to config.ini file

Return type:

str

upload_exporter_script()

Upload exporter script to RHCS cluster

Returns:

absolute path to exporter script

Return type:

str

upload_rgw_cert_ca()

Upload RGW Cert CA to RHCS cluster

Returns:

absolute path to the CA Cert

Return type:

str

verify_replica_one_setup(expected_pools: list[str], expected_rules: list[str]) → None

Verify that replica-1 pools and CRUSH rules are properly configured.

Parameters:

• expected_pools (list[str]) – List of expected pool names.

• expected_rules (list[str]) – List of expected CRUSH rule names.

Raises:

ExternalClusterReplica1ConfigurationFailed – If verification fails.

class ocs_ci.deployment.helpers.external_cluster_helpers.TopologyReplica1Config(zones: list[ocs_ci.deployment.helpers.external_cluster_helpers.ZoneConfig], pool_prefix: str = 'rbd-zone', pg_num: int = 32)

Bases: object

Configuration for topology-based replica-1 provisioning.

Parameters:

• zones (list[ZoneConfig]) – List of zone configurations.

• pool_prefix (str) – Prefix for auto-generated pool names.

• pg_num (int) – Number of placement groups per pool.

pg_num: int = 32

property pool_names: list[str]

pool_prefix: str = 'rbd-zone'

property zone_names: list[str]

zones: list[ocs_ci.deployment.helpers.external_cluster_helpers.ZoneConfig]

class ocs_ci.deployment.helpers.external_cluster_helpers.ZoneConfig(zone_name: str, host_name: str, pool_name: str = '')

Bases: object

Configuration for a single zone in topology-based replica-1 setup.

Parameters:

• zone_name (str) – Name of the zone (e.g., “zone-a”).

• host_name (str) – Ceph OSD host name for this zone (e.g., “osd-0”).

• pool_name (str) – Custom pool name. If empty, auto-generated from zone_name.

Raises:

ValueError – If zone_name or host_name is empty.

host_name: str

pool_name: str = ''

zone_name: str

ocs_ci.deployment.helpers.external_cluster_helpers.external_rgw_ca_should_use_cephadm_fetch()

True when external Ceph reports version >= 19.0 (cephadm certmgr path), or if version is not determined (None) - assuming that from ODF 4.18 we are using Ceph >= 19.

ocs_ci.deployment.helpers.external_cluster_helpers.generate_exporter_script(use_configmap=False)

Generates exporter script for RHCS cluster

Parameters:

use_configmap (bool) – If True, we will use the configmap to get the external exporter script. Otherwise, if False, we will get it from the CSV.

Returns:

path to the exporter script

Return type:

str

ocs_ci.deployment.helpers.external_cluster_helpers.get_and_apply_rgw_cert_ca(apply=True)

Obtain the RGW TLS CA: for external Ceph 19.0+, fetch cephadm_root_ca_cert from the _admin node via SSH; for Ceph 18.x (Reef), fetch the certificate directly from the RGW server; otherwise download from rgw_cert_ca URL.

Parameters:

apply (bool) – if True, the certificate is applied as trusted CA by the OCP cluster

Returns:

path to the local RGW CA PEM file

Return type:

str

ocs_ci.deployment.helpers.external_cluster_helpers.get_exporter_script(use_configmap=False)

Get the external exporter script encoded

Parameters:

use_configmap (bool) – If True, we will use the configmap to get the external exporter script. Otherwise, if False, we will get it from the CSV.

Returns:

The external exporter script

Return type:

str

ocs_ci.deployment.helpers.external_cluster_helpers.get_exporter_script_from_configmap()

Get the external exporter script from the configmap. From 4.18 we can get the external exporter script from the configmap

Returns:

The exporter script from the configmap

Return type:

str

ocs_ci.deployment.helpers.external_cluster_helpers.get_exporter_script_from_csv()

Get the external exporter script from the csv.

From ODF 4.19 the external mode script was removed from the CSV and is shipped only in the ConfigMap (rook-ceph-external-cluster-script-config). This function must not be used for ODF 4.19+; use get_exporter_script_from_configmap() or get_exporter_script(use_configmap=True) instead.

Returns:

The exporter script from the csv

Return type:

str

Raises:

ValueError – If running ODF version is 4.19 or above (script is no longer in CSV).

ocs_ci.deployment.helpers.external_cluster_helpers.get_external_cluster_client(role=None)

Resolve SSH target for an external RHCS node by role.

Parameters:

role (str or None) – Node role to match in external_cluster_node_roles (e.g. client, _admin). If None, uses _admin when multicluster else client.

Returns:

(ip_address, user, password, ssh_key)

Return type:

tuple

Raises:

ExternalClusterCephSSHAuthDetailsMissing – In case one of SSH key or password is not provided.

ocs_ci.deployment.helpers.external_cluster_helpers.get_external_cluster_instance() → ExternalCluster

Create and return an ExternalCluster instance using credentials from config.

Returns:

Configured external cluster connection.

Return type:

ExternalCluster

Raises:

ExternalClusterCephSSHAuthDetailsMissing – If credentials missing.

ocs_ci.deployment.helpers.external_cluster_helpers.get_node_by_role(nodes, role, user, password, ssh_key)

Get a node (a tuple with ip, user, password, ssh_key)

Parameters:

• nodes (list) – List of nodes participating

• role (str) – Specific role of the nodes we are looking for

• user (str) – Login user name for the node

• password (str) – Login password for the node

• ssh_key (str) – Path to ssh key

Returns:

(ip_address, user, password, ssh_key)

Return type:

Tuple

Raises:

ExternalClusterNodeRoleNotFound (Exception) – if no node found with the desired role

ocs_ci.deployment.helpers.external_cluster_helpers.get_rgw_endpoint()

Fetches rgw endpoint

Returns:

rgw endpoint

Return type:

str

Raises:

ExternalClusterRGWEndPointMissing – in case of rgw endpoint missing

ocs_ci.deployment.helpers.external_cluster_helpers.patch_external_cluster_secret(exporter_json_output)

Patch the rook-ceph-external-cluster-details secret with new exporter output.

Parameters:

exporter_json_output (str) – Raw JSON output from the exporter script.

ocs_ci.deployment.helpers.external_cluster_helpers.remove_csi_users()

Remove csi users from external RHCS cluster

ocs_ci.deployment.helpers.external_cluster_helpers.restore_external_cluster_secret(original_b64_value)

Restore the external cluster secret to its original value.

Parameters:

original_b64_value (str) – The original base64-encoded value from save_external_cluster_secret().

ocs_ci.deployment.helpers.external_cluster_helpers.save_external_cluster_secret()

Save the current external cluster secret data for later restoration.

Returns:

The base64-encoded external_cluster_details value.

Return type:

str

ocs_ci.deployment.helpers.external_cluster_helpers.try_embed_rgw_ca_pem_in_mcg_cli_resources(service_ca_data, sts_dict)

If deploy stashed embedded_external_rgw_ca_pem, add it to the service-ca ConfigMap and add a matching volumeMount on sts_dict (first container).

Returns:

True if embedding was applied.

Return type:

bool

ocs_ci.deployment.helpers.hypershift_base module

class ocs_ci.deployment.helpers.hypershift_base.HyperShiftBase

Bases: object

Class to handle HyperShift hosted cluster management

apply_idms_to_hosted_cluster(name, idms_json_dict=None, replace=False)

Apply ImageDigestMirrorSet data to an existing HostedCluster as imageContentSources. This patches spec.imageContentSources of the HostedCluster resource in the management (hub) cluster.

Parameters:

• name (str) – HostedCluster name (namespace is clusters-<name> but resource lives in clusters namespace)

• idms_json_dict (dict|None) – If provided, use this pre-fetched dict. Can be either: - Output of ‘oc get imagedigestmirrorsets -o json’ (list with “items”) - A single ImageDigestMirrorSet resource dict (without “items” wrapper) If None, it will be fetched automatically.

• replace (bool) – If True, replace any existing spec.imageContentSources with the new list. If False, merge (append new unique entries after existing ones).

Returns:

True if patch applied (or nothing to do), False on failure.

Return type:

bool

Notes

• Empty or missing IDMS items will result in a no-op (returns True).

• Deduplication retains first occurrence (existing entries preserved if replace=False).

create_agent_ocp_cluster(name: str = None, nodepool_replicas: int = 3, ocp_version=None, cp_availability_policy=None, infra_availability_policy=None, disable_default_sources=None, auto_repair=True, hcp_image=None)

Create agent hosted cluster. Default parameters have minimal requirements for the cluster.

Parameters:

• name (str) – Name of the cluster

• nodepool_replicas (int) – Number of nodes in the cluster

• ocp_version (str) – OCP version of the cluster

• cp_availability_policy (str) – Control plane availability policy, default HighlyAvailable; if SingleReplica selected, cluster will be created with etcd kube-apiserver, kube-controller-manager, openshift-oauth-apiserver, openshift-controller-manager, kube-scheduler with min available quorum 1 in pdb.

• infra_availability_policy (str) – Infra availability policy, default HighlyAvailable, if SingleReplica selected, cluster will be created with etcd ingress controller, monitoring, cloud controller with min available quorum 1 in pdb.

• disable_default_sources (bool) – Disable default sources on hosted cluster, such as ‘redhat-operators’

• auto_repair (bool) – Enables machine autorepair with machine health checks, default True

• hcp_image (str) – OCP image url for HCP cluster

Returns:

Name of the hosted cluster

Return type:

str

create_kubevirt_ocp_cluster(name: str = None, nodepool_replicas: int = 3, memory: str = '12Gi', cpu_cores: int = 6, root_volume_size: str = 40, ocp_version=None, cp_availability_policy=None, infra_availability_policy=None, disable_default_sources=None, data_replication_separation=False, auto_repair=True, hcp_image=None)

Create HyperShift hosted cluster. Default parameters have minimal requirements for the cluster.

Parameters:

• name (str) – Name of the cluster

• nodepool_replicas (int) – Number of nodes in the cluster

• memory (str) – Memory size of the cluster, minimum 12Gi

• cpu_cores (str) – CPU cores of the cluster, minimum 6

• ocp_version (str) – OCP version of the cluster

• root_volume_size (str) – Root volume size of the cluster, default 40 (Gi is not required)

• cp_availability_policy (str) – Control plane availability policy, default HighlyAvailable; if SingleReplica selected, cluster will be created with etcd kube-apiserver, kube-controller-manager, openshift-oauth-apiserver, openshift-controller-manager, kube-scheduler with min available quorum 1 in pdb.

• infra_availability_policy (str) – Infra availability policy, default HighlyAvailable, if SingleReplica selected, cluster will be created with etcd ingress controller, monitoring, cloud controller with min available quorum 1 in pdb.

• disable_default_sources (bool) – Disable default sources on hosted cluster, such as ‘redhat-operators’

• data_replication_separation (bool) – If the deployment uses data replication separation then add additional network

• auto_repair (bool) – Enables machine autorepair with machine health checks, default True

• hcp_image (str) – OCP image url for HCP cluster

Returns:

Name of the hosted cluster

Return type:

str

delete_hcp_and_hypershift_bin()

Delete hcp binary

destroy_kubevirt_cluster(name)

Destroy HyperShift hosted cluster

Parameters:

name (str) – Name of the cluster

static download_hosted_cluster_kubeadmin_password(name: str, cluster_path: str)

Download HyperShift hosted cluster kubeadmin password

Parameters:

• name (str) – name of the cluster

• cluster_path (str) – path to create auth directory and download kubeadmin-password there

Returns:

path to the downloaded kubeadmin-password file, None if failed

Return type:

str

download_hosted_cluster_kubeconfig(name: str, cluster_path: str, from_hcp: bool = True)

Download HyperShift hosted cluster kubeconfig

Parameters:

• name (str) – name of the cluster

• cluster_path (str) – path to create auth_path folder and download kubeconfig there

• from_hcp (bool) – if True, use hcp binary to download kubeconfig, otherwise use ocp secret

Returns:

path to the downloaded kubeconfig, None if failed

Return type:

str

get_hosted_cluster_progress(name: str)

Get HyperShift hosted cluster creation progress

Parameters:

name (str) – name of the cluster

Returns:

progress status; ‘Completed’ is expected in most cases, ‘’ if cluster not found

Return type:

str

get_hypershift_csv_version()

Get hypershift operator version

Returns:

hypershift operator version

Return type:

str

get_mce_version()

Get multicluster engine version

Returns:

multicluster engine version

Return type:

str

hcp_binary_exists()

Check if hcp binary exists

Returns:

True if hcp binary exists, False otherwise

Return type:

bool

hypershift_binary_exists()

Check if hypershift binary exists

Returns:

True if hypershift binary exists, False otherwise

Return type:

bool

hypershift_clusters_exist()

Check if hypershift is installed on the cluster

Returns:

True if hypershift is installed, False otherwise

Return type:

bool

install_hcp_and_hypershift_from_git(install_latest=False)

Install hcp binary from git

Parameters:

• install_latest (bool) – If True, install the latest Hypershift version from git.

• False (If) –

• hub. (use the configured hcp_version or latest supported version from) –

install_hypershift_upstream_on_cluster()

Install hypershift on the cluster

Returns:

True if hypershift is installed, False otherwise

Return type:

bool

save_mirrors_list_to_file()

Save IDMS mirrors list to a file Note: here this function has been converted from icsp to idms

update_hcp_binary(install_latest=False)

Update hcp binary only if a newer version is available.

Compares the current installed hypershift binary version with the latest supported version from the hub cluster. Only performs update if the hub version is higher than the current binary version.

Parameters:

• install_latest (bool) – If True, install the latest Hypershift version from git.

• False (If) –

• hcp_version. (use the configured) –

update_mirrors_list_to_file()

Update IDMS list to a file Note: here this function has been converted from icsp to idms

verify_hosted_ocp_cluster_from_provider(name, timeout_pods_wait_min=30, timeout_hosted_cluster_completed_min=20, timeout_worker_nodes_ready_min=30)

Verify HyperShift hosted cluster from provider

Parameters:

• name (str) – hosted OCP cluster name

• timeout_pods_wait_min (int) – timeout in minutes for pods to be ready (default: 30)

• timeout_hosted_cluster_completed_min (int) – timeout in minutes for hosted cluster completion (default: 20)

• timeout_worker_nodes_ready_min (int) – timeout in minutes for worker nodes to be ready (default: 30)

Returns:

True if hosted OCP cluster is verified, False otherwise

Return type:

bool

wait_hosted_cluster_completed(name: str, timeout=3600)

Wait for HyperShift hosted cluster creation to complete

Parameters:

• name – name of the cluster

• timeout – timeout in seconds

Returns:

True if cluster creation completed, False otherwise

Return type:

bool

ocs_ci.deployment.helpers.hypershift_base.create_cluster_dir(cluster_name)

Create the kubeconfig directory for the cluster

Parameters:

cluster_name (str) – Name of the cluster

Returns:

Path to the kubeconfig directory

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.create_kubeadmin_password_file_hosted_cluster()

Export kubeadmin-password to auth directory in cluster path.

This function is wrapped with retry decorator to handle CommandFailed errors. It will retry up to 3 times with 20 sec delay between attempts.

Raises:

CommandFailed – if the kubeadmin-password file could not be downloaded

ocs_ci.deployment.helpers.hypershift_base.create_kubeconfig_file_hosted_cluster()

Export kubeconfig to auth directory in cluster path.

This function is wrapped with retry decorator to handle CommandFailed errors. It will retry up to 5 times with 30 sec delay between attempts.

ocs_ci.deployment.helpers.hypershift_base.delete_hcp_podman_container()

Delete hcp podman container. This method will not fail if the container does not exist.

ocs_ci.deployment.helpers.hypershift_base.fix_hypershift_webhook_ca_bundle()

Fix HyperShift webhook configurations when the CA bundle is missing or mismatched, causing ‘x509: certificate signed by unknown authority’ errors during hosted cluster creation.

Patches all HyperShift-related MutatingWebhookConfiguration and ValidatingWebhookConfiguration resources (including ‘hypershift.openshift.io’ and ‘nodepools.hypershift.openshift.io’) with the CA bundle from the ‘webhook-serving-ca’ secret in the ‘hypershift’ namespace.

This workaround addresses a known race condition where the HyperShift operator creates or rotates its webhook-serving-ca after the webhook configurations are registered, leaving the caBundle field stale or empty.

ocs_ci.deployment.helpers.hypershift_base.get_available_hosted_clusters_to_ocp_ver_dict()

Get available HyperShift hosted clusters with their versions

Returns:

hosted clusters available with their versions. Example: {‘cl-418-x’: ‘4.18.7’, ‘cl-418-c’: ‘4.19.0’}

Return type:

dict

ocs_ci.deployment.helpers.hypershift_base.get_binary_hcp_ocp_version()

Extract the OCP version from hypershift version output.

Example output:

Client Version: openshift/hypershift: 4be85900d761c04ab69fdf79408ced718cef5628. Latest supported OCP: 4.21.0 Server Version: c20bbad4d528bfb51687f02684ef5eb79669b850 Server Supports OCP Versions: 4.21, 4.20, 4.19, 4.18, 4.17, 4.16, 4.15, 4.14

Returns:

OCP version in ‘major.minor’ format (e.g., ‘4.21’) or None if not found

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.get_binary_hcp_version()

Get hcp version output. Handles hcp 4.16 and 4.17 cmd differences

Returns:

hcp version output

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.get_current_nodepool_size(name)

Get existing nodepool of HyperShift hosted cluster

Parameters:

name (str) – name of the cluster

Returns:

total number of current nodes across all nodepools for the cluster

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.get_desired_nodepool_size(name: str)

Get desired nodepool of HyperShift hosted cluster

Parameters:

name (str) – of the cluster

Returns:

total number of desired nodes across all nodepools for the cluster

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.get_hosted_cluster_condition_status(cluster_name, condition_type='Available')

Get hosted cluster condition status

Equivalent to: oc get hostedcluster <cluster_name> -n clusters

-o jsonpath=’{.status.conditions[?(@.type==”<condition_type>”)].status}’

Parameters:

• cluster_name (str) – Name of the hosted cluster

• condition_type (str) – Type of condition to check (default: “Available”) Other common types: “Ready”, “Progressing”, “Degraded”

Returns:

Condition status (typically “True”, “False”, or “Unknown”) None: If condition not found or command fails

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.get_hosted_cluster_kubeconfig_name(name: str)

Get HyperShift hosted cluster kubeconfig, for example ‘hcp414-bm2-a-admin-kubeconfig’

Parameters:

name – name of the cluster

Returns:

hosted cluster kubeconfig name

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.get_hosted_cluster_names()

Get HyperShift hosted cluster names

Returns:

the list of hosted cluster names

Return type:

list

ocs_ci.deployment.helpers.hypershift_base.get_latest_supported_hypershift_version() → str | None

Get the latest supported Hypershift version from the hub cluster

Returns:

latest supported Hypershift version in ‘major.minor’ format, e.g. ‘4.18’ or None in case of failure

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.get_random_hosted_cluster_name()

Get a random cluster name

Returns:

random cluster name

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.kubeconfig_exists_decorator(func)

Decorator to check if the kubeconfig exists before executing the decorated method

Parameters:

func – Function to decorate. Should be used only for methods of a class having a ‘cluster_kubeconfig’ attribute.

Returns:

The decorated function.

Return type:

wrapper

ocs_ci.deployment.helpers.hypershift_base.prepare_vsphere_agent_host_cluster_config()

Prepares config object for the HUB Cluster to be used as host cluster for vSphere Agent Assisted Installer deployment

Returns:

Config object for the HUB Cluster

Return type:

Config

ocs_ci.deployment.helpers.hypershift_base.resolve_ocp_image(ocp_version: str) → str

Resolve OCP image based on the provided ocp_version. If ocp_version is not provided, it will use the version from the hosting platform.

Parameters:

ocp_version (str) – OCP version of the cluster

Returns:

OCP index image (registry:tag)

Return type:

str

ocs_ci.deployment.helpers.hypershift_base.wait_for_hosted_cluster_available(cluster_name, timeout=600, sleep=30)

Wait for hosted cluster to become available using TimeoutSampler

! Executed always from Provider context !

Parameters:

• cluster_name (str) – Name of the hosted cluster

• timeout (int) – Timeout in seconds (default: 600 = 10 minutes)

• sleep (int) – Sleep interval between checks in seconds (default: 30)

Returns:

True if cluster becomes available, False if timeout

Return type:

bool

Raises:

TimeoutExpiredError – If cluster doesn’t become available within timeout

ocs_ci.deployment.helpers.hypershift_base.wait_for_worker_nodes_ready(timeout=600, sleep=10, expected_nodes=None)

Wait for worker nodes to appear in the agent cluster inventory and become ready. This function operates on the default context (agent cluster).

Parameters:

• timeout (int) – Maximum time in seconds to wait for nodes to be ready (default: 600)

• sleep (int) – Time in seconds to sleep between checks (default: 10)

• expected_nodes (int) – Expected number of worker nodes. If None, waits for at least one node.

Raises:

TimeoutExpiredError – If worker nodes don’t appear or become ready within the timeout

ocs_ci.deployment.helpers.hypershift_base.wait_for_worker_nodes_to_be_ready(name: str, timeout: int = 2400)

Wait for worker nodes to be ready for HyperShift hosted cluster

Parameters:

• name (str) – name of the cluster

• timeout (int) – timeout in seconds

Returns:

True if worker nodes are ready, False otherwise

Return type:

bool

ocs_ci.deployment.helpers.hypershift_base.worker_nodes_deployed(name: str)

Check if worker nodes are deployed for HyperShift hosted cluster

Parameters:

name (str) – name of the cluster

Returns:

True if worker nodes are deployed, False otherwise

Return type:

bool

ocs_ci.deployment.helpers.icsp_parser module

class ocs_ci.deployment.helpers.icsp_parser.ImageContentItem(apiVersion=None, kind=None, metadata=None, spec=None, **kwargs)

Bases: object

ImageContentItem object to parse the ImageContentSourcePolicy CR in dict format to a file

class ocs_ci.deployment.helpers.icsp_parser.ImageContentMetadata(annotations=None, creationTimestamp=None, generation=None, name=None, resourceVersion=None, uid=None, **kwargs)

Bases: object

ImageContentMetadata object to parse the ImageContentSourcePolicy CR in dict format to a file

class ocs_ci.deployment.helpers.icsp_parser.ImageContentSourcePolicy(apiVersion=None, items=None, kind=None, metadata=None, **kwargs)

Bases: object

ImageContentSourcePolicy object to parse the ImageContentSourcePolicy CR in dict format to a file Main purpose is to use parse_ICSP_json_to_mirrors_file and create a file with mirrors and their sources in format required for the ‘hcp’ or ‘hypershift’ binaries

class ocs_ci.deployment.helpers.icsp_parser.ImageContentSpec(repositoryDigestMirrors, **kwargs)

Bases: object

ImageContentSpec object to parse the ImageContentSourcePolicy CR in dict format to a file

class ocs_ci.deployment.helpers.icsp_parser.RepositoryDigestMirror(mirrors=None, source=None, **kwargs)

Bases: object

RepositoryDigestMirror object to parse the ImageContentSourcePolicy CR in dict format to a file

ocs_ci.deployment.helpers.icsp_parser.parse_ICSP_json_to_mirrors_file(icsp_json_dict, file_path)

Parse the ImageContentSourcePolicy object to a file :param icsp_json_dict: ImageContentSourcePolicy CR in dict format :param file_path: file path to write the mirrors to

ocs_ci.deployment.helpers.icsp_parser.parse_image_content_source_policy(image_content_source_policy)

Parse the image content source policy :param image_content_source_policy: image content source policy

Returns:

ImageContentSourcePolicy object

ocs_ci.deployment.helpers.icsp_parser.write_mirrors_to_file(file_path, mirrors_to_source_list)

Write the mirrors to a file :param file_path: file path to write the mirrors to :param mirrors_to_source_list: mirrors and their sources to write to the file, list of mirrors and their sources

ocs_ci.deployment.helpers.idms_parser module

class ocs_ci.deployment.helpers.idms_parser.ImageContentItem(apiVersion=None, kind=None, metadata=None, spec=None, **kwargs)

Bases: object

ImageContentItem object to parse the ImageDigestMirrorSet CR in dict format to a file

class ocs_ci.deployment.helpers.idms_parser.ImageContentMetadata(annotations=None, creationTimestamp=None, generation=None, name=None, resourceVersion=None, uid=None, **kwargs)

Bases: object

ImageContentMetadata object to parse the ImageDigestMirrorSet CR in dict format to a file

class ocs_ci.deployment.helpers.idms_parser.ImageContentSpec(imageDigestMirrors, **kwargs)

Bases: object

ImageContentSpec object to parse the ImageDigestMirrorSet CR in dict format to a file

class ocs_ci.deployment.helpers.idms_parser.ImageDigestMirror(mirrors=None, source=None, **kwargs)

Bases: object

ImageDigestMirror object to parse the ImageDigestMirrorSet CR in dict format to a file

class ocs_ci.deployment.helpers.idms_parser.ImageDigestMirrorSet(apiVersion=None, items=None, kind=None, metadata=None, **kwargs)

Bases: object

ImageDigestMirrorSet object to parse the ImageDigestMirrorSet CR in dict format to a file Main purpose is to use parse_IDMS_json_to_mirrors_file and create a file with mirrors and their sources in format required for the ‘hcp’ or ‘hypershift’ binaries

ocs_ci.deployment.helpers.idms_parser.extract_image_content_sources(idms_json_dict)

Extract imageContentSources list (for HostedCluster spec) from ImageDigestMirrorSet JSON.

Parameters:

idms_json_dict (dict) – Either: - Output of ‘oc get imagedigestmirrorsets -o json’ parsed as dict (with “items” list) - A single ImageDigestMirrorSet resource dict (without “items” wrapper)

Returns:

imageContentSources entries (possibly empty)

Return type:

list[dict]

ocs_ci.deployment.helpers.idms_parser.parse_IDMS_json_to_mirrors_file(idms_json_dict, file_path)

Parse the ImageDigestMirrorSet object to a file :param idms_json_dict: ImageDigestMirrorSet CR in dict format :param file_path: file path to write the mirrors to

ocs_ci.deployment.helpers.idms_parser.parse_image_digest_mirror_set(image_digest_mirror_set)

Parse the image content source policy :param image_digest_mirror_set: image content source policy

Returns:

ImageDigestMirrorSet object

ocs_ci.deployment.helpers.idms_parser.write_mirrors_to_file(file_path, mirrors_to_source_list)

Write the mirrors to a file :param file_path: file path to write the mirrors to :param mirrors_to_source_list: mirrors and their sources to write to the file, list of mirrors and their sources

ocs_ci.deployment.helpers.lso_helpers module

This module contains helpers functions needed for LSO ( local storage operator ) deployment.

ocs_ci.deployment.helpers.lso_helpers.add_disk_for_rhv_platform()

Add disk for RHV platform

ocs_ci.deployment.helpers.lso_helpers.add_disk_for_vsphere_platform()

Add RDM/VMDK disk for vSphere platform

ocs_ci.deployment.helpers.lso_helpers.add_disks_lso()

Add disks based on which platform we are running on

ocs_ci.deployment.helpers.lso_helpers.catalog_source_created(catalogsource_name, namespace=None)

Check if catalog source is created

Returns:

True if catalog source is created, False otherwise

Return type:

bool

ocs_ci.deployment.helpers.lso_helpers.cleanup_nodes_for_lso_install()

Cleanup before installing lso

ocs_ci.deployment.helpers.lso_helpers.create_local_volume_set(storage_node_names, storageclass, device_types=None)

Create LocalVolumeSet based on the provided configuration

Parameters:

• storage_node_names (list) – list of compute node names

• storageclass (str) – storageClassName value to be used in LocalVolume CR based on LOCAL_VOLUME_YAML

• device_types (list) – list of required device types (if None, no change is done in the template)

ocs_ci.deployment.helpers.lso_helpers.create_optional_operators_catalogsource_non_ga(force=False)

Creating optional operators CatalogSource and ImageContentSourcePolicy for non-ga OCP. If platform is hci_baremetal then force delete static pods to apply the changes and wait machines in machineconfig pool are ready. If the platform is hci_baremetal we force-delete vm and hcp pods if wait for ready Machines is not successful.

Parameters:

force (bool) – enable/disable lso catalog setup

ocs_ci.deployment.helpers.lso_helpers.get_device_paths(worker_names)

Retrieve a list of the device paths for each worker node

Parameters:

worker_names (list) – worker node names

Returns:

device path ids

Return type:

list

ocs_ci.deployment.helpers.lso_helpers.lso_operator_installed(namespace=None)

” Check lso operator is installed or not

Returns:

True if Local Storage instance is created, False otherwise

Return type:

bool

ocs_ci.deployment.helpers.lso_helpers.lso_upgrade()

Upgrade lso operator

ocs_ci.deployment.helpers.lso_helpers.running_lso_version(namespace=None)

This method is to fetch the running lso version

Returns:

metalLB version

Return type:

string

ocs_ci.deployment.helpers.lso_helpers.setup_local_storage(storageclass, add_new_disks=True)

Setup the necessary resources for enabling local storage.

Parameters:

• storageclass (string) – storageClassName value to be used in LocalVolume CR based on LOCAL_VOLUME_YAML

• add_new_disks (bool) – whether to add new disks to nodes after LSO installation

ocs_ci.deployment.helpers.lso_helpers.verify_pvs_created(expected_pvs, storageclass, exact_count_pvs=True)

Verify that PVs were created and are in the Available state

Parameters:

• expected_pvs (int) – number of PVs to verify

• storageclass (str) – Name of storageclass

• exact_count_pvs (bool) – True if expected_pvs should match exactly with PVs created, False, if PVs created is more than or equal to expected_pvs

Raises:

AssertionError – if any PVs are not in the Available state or if the number of PVs does not match the given parameter.

ocs_ci.deployment.helpers.mcg_helpers module

This module contains helper functions which is needed for MCG only deployment

ocs_ci.deployment.helpers.mcg_helpers.check_if_mcg_root_secret_public()

Verify if MCG root secret is public

Returns:

False if the secrets are not public and True otherwise

ocs_ci.deployment.helpers.mcg_helpers.check_if_mcg_secrets_in_env()

Verify if mcg secrets are used in noobaa app environment variable except for the POSTGRES/POSTGRESQL

Returns:

True if secrets are used in env variable else False

ocs_ci.deployment.helpers.mcg_helpers.mcg_only_deployment()

Creates cluster with MCG only deployment

ocs_ci.deployment.helpers.mcg_helpers.mcg_only_post_deployment_checks()

Verification of MCG only after deployment

ocs_ci.deployment.helpers.odf_deployment_helpers module

This module contains helpers functions needed for ODF deployment.

ocs_ci.deployment.helpers.odf_deployment_helpers.get_required_csvs()

Get the mandatory CSVs needed for the ODF cluster

Returns:

list of CSVs needed

Return type:

list

ocs_ci.deployment.helpers.odf_deployment_helpers.is_storage_system_needed()

Checks whether creation of storage system is needed or not

Returns:

True if storage system is need, otherwise False

Return type:

bool

ocs_ci.deployment.helpers.odf_deployment_helpers.set_ceph_config(entity, config_name, value)

Sets the ceph config values

Parameters:

• entity (str) – The Ceph entity like “osd”, “mon”, “mds”, etc. but can be “global” as well.

• config_name (str) – Name of the Ceph config option (e.g., “bluestore_slow_ops_warn_lifetime”).

• value (str) – The value to set for the config.

ocs_ci.deployment.helpers.odf_deployment_helpers.set_ceph_mclock_balanced_profile(osd_ids=None)

Apply the ‘balanced’ mClock profile to specified OSDs (or all OSDs if not provided).

Parameters:

osd_ids (list) – List of OSD IDs. If None, the profile is applied to all OSDs.

Raises:

CommandFailed – If enabling override or setting the profile fails.

ocs_ci.deployment.helpers.odf_deployment_helpers.set_ceph_mclock_config_profile(profile_name, osd_ids=None)

Set the Ceph mClock profile for the specified OSDs.

If no OSDs are specified, the profile is applied to all OSDs in the cluster.

Parameters:

• profile_name (str) – The mClock profile to set (‘balanced’, ‘high_client_ops’, ‘high_recovery_ops’).

• osd_ids (list) – List of OSD IDs. If None, the profile is applied to all OSDs.

Raises:

• ValueError – If the given profile name is invalid.

• CommandFailed – If enabling override or setting the profile fails.

ocs_ci.deployment.helpers.odf_deployment_helpers.set_ceph_mclock_high_client_recovery_profile(osd_ids=None)

Apply the ‘high_client_ops’ mClock profile to specified OSDs (or all OSDs if not provided).

Parameters:

osd_ids (list) – List of OSD IDs. If None, the profile is applied to all OSDs.

Raises:

CommandFailed – If enabling override or setting the profile fails.

ocs_ci.deployment.helpers.odf_deployment_helpers.set_ceph_mclock_high_recovery_profile(osd_ids=None)

Apply the ‘high_recovery_ops’ mClock profile to specified OSDs (or all OSDs if not provided).

Parameters:

osd_ids (list) – List of OSD IDs. If None, the profile is applied to all OSDs.

Raises:

CommandFailed – If enabling override or setting the profile fails.

ocs_ci.deployment.helpers.prechecks module

This module contains the pre-checks needed for deployment. Some of the common pre-checks are memory, CPU and storage. If the minimum requirements are not satisfied in the target environment, there is no need to proceed with deployment. This module is mainly intended for on-prem platforms.

class ocs_ci.deployment.helpers.prechecks.BareMetalPreChecks

Bases: PreChecks

pre-checks for Bare Metal platform (PSI environment)

cpu_check()

CPU checks

get_all_checks()

Aggregate all the checks needed for BM platform

memory_check()

Memory checks

network_check()

Network related checks

storage_check()

Storage checks

class ocs_ci.deployment.helpers.prechecks.PreChecks

Bases: object

A base class for pre-checks. Should be inherited by specific platform classes

cpu_check()

memory_check()

network_check()

storage_check()

class ocs_ci.deployment.helpers.prechecks.VSpherePreChecks

Bases: PreChecks

Pre-checks for vSphere platform

cpu_check()

CPU checks

get_all_checks()

Aggregate all the checks needed for vSphere platform

memory_check()

Memory checks

network_check()

Network related checks

pre_req()

Pre-Requisites for vSphere checks

storage_check()

Checks for storage capacity in the datastore

Raises:

StorageNotSufficientException – In case if there is no sufficient storage in Datastore.

template_check()

Checks whether template exists in Datacenter or not for UPI deployments

Raises:

TemplateNotFound – If template not found in Datacenter.

ocs_ci.deployment.helpers.rosa_cluster_helpers module

This module contains helper classes related to Managed Service ROSA Clusters in different environments.

class ocs_ci.deployment.helpers.rosa_cluster_helpers.ROSAEnvCluster(cluster, env_prefix)

Bases: object

A helper class for Managed Service ROSA Clusters in any environment.

cluster_admin_login(skip_tls_verify=False)

Logs in to the cluster as admin.

Parameters:

skip_tls_verify (bool) – If True, bypasses the certificate check and uses insecure connections.

Returns:

Output of the oc login command.

Return type:

str

create_admin_and_login()

Creates an admin account for the cluster and logs in.

create_username_file()

Creates a file with the username for the cluster.

generate_kubeadmin_password_file(path=None)

Creates a kubeadmin password file for the cluster.

Parameters:

path (str) – Path to create the kubeadmin password file.

generate_kubeconfig_file(path=None, skip_tls_verify=False)

Creates a kubeconfig file for the cluster.

Parameters:

• path (str) – Path to create the kubeconfig file.

• skip_tls_verify (bool) – If True, bypasses the certificate check and uses insecure connections.

get_admin_name()

Get the admin username for the cluster.

Returns:

Admin username for the cluster.

Return type:

str

get_admin_password()

Get the admin password for the cluster.

Returns:

Admin password for the cluster.

Return type:

str

wait_for_cluster_admin_login_successful()

Waits for the admin login to be successful.

Raises:

ROSAAdminLoginFailedException – If admin fails to log in to the cluster.

class ocs_ci.deployment.helpers.rosa_cluster_helpers.ROSAProdEnvCluster(cluster)

Bases: ROSAEnvCluster

A helper class for Managed Service ROSA Clusters in the Production Environment.

class ocs_ci.deployment.helpers.rosa_cluster_helpers.ROSAStageEnvCluster(cluster)

Bases: ROSAEnvCluster

A helper class for Managed Service ROSA Clusters in the Stage Environment.

ocs_ci.deployment.helpers.storage_class module

ocs_ci.deployment.helpers.storage_class.create_custom_storageclass(storage_class_path: str) → str

Create a custom storageclass using the yaml file defined at the storage_class_path

Parameters:

storage_class_path (str) – Filepath to storageclass yaml definition

Returns:

Name of the storageclass

Return type:

str

ocs_ci.deployment.helpers.storage_class.get_custom_storage_class_path() → str

Get the custom storage class path for the given platform

ocs_ci.deployment.helpers.storage_class.get_storageclass() → str

Retrieve the storageclass to use from the config or based on platform

Returns:

Name of the storageclass

Return type:

str

ocs_ci.deployment.helpers.storage_class.set_custom_storage_class_path()

Set the custom storage class path for the given platform

ocs_ci.deployment.helpers.vsphere_helpers module

This module contains helpers functions needed for deployment of clusters on vsphere platform.

class ocs_ci.deployment.helpers.vsphere_helpers.VSPHEREHELPERS

Bases: object

Helper class for vSphere

generate_cluster_info()

Generates the cluster information file

generate_config_yaml()

Generate config yaml file

generate_terraform_vars_for_scaleup(rhcos_ips)

Generates the terraform variables file for scaling nodes

get_host_file_for_time_sync()

Fetches the host file for time sync

Returns:

host file

Return type:

str

modify_scaleup_repo()

Modify the scale-up repo. Considering the user experience, removing the access and secret keys and variable from appropriate location in the scale-up repo

Module contents