feat(cluster_healthcheck): add cluster health validation role

extensions/audit/event_query.yml

@@ -0,0 +1,118 @@
+---
+infra.openshift_virtualization_migration.*:
+  query: >-
+    (
+      {
+        "virtualmachine": "Virtual Machine",
+        "migration": "Migration",
+        "plan": "Migration Plan",
+        "provider": "Provider",
+        "networkmap": "Network Map",
+        "storagemap": "Storage Map",
+        "backup": "VM Backup",
+        "snapshot": "VM Snapshot",
+        "operator": "Operator"
+      } as $mapping |
+      (.vm // .resources // .) |
+      (if type=="array" then .[] else if type=="object" then . else empty end end) as $data |
+      select($data.metadata != null or $data.name != null) |
+      (
+        if $data | has("kind") then
+          (
+            if $data.kind == "VirtualMachine" then "virtualmachine"
+            elif $data.kind == "VirtualMachineInstance" then "virtualmachine"
+            elif $data.kind == "Migration" then "migration"
+            elif $data.kind == "Plan" then "plan"
+            elif $data.kind == "Provider" then "provider"
+            elif $data.kind == "NetworkMap" then "networkmap"
+            elif $data.kind == "StorageMap" then "storagemap"
+            elif $data.kind | test("Backup") then "backup"
+            elif $data.kind | test("Snapshot") then "snapshot"
+            else "unknown"
+            end
+          )
+        elif $data.metadata.labels then
+          (
+            if $data.metadata.labels | has("kubevirt.io/vm") then "virtualmachine"
+            elif $data.metadata.labels | has("migration.openshift.io/plan-name") then "migration"
+            else "unknown"
+            end
+          )
+        else "unknown"
+        end
+      ) as $node_type |
+      (
+        if $node_type == "virtualmachine" then
+          (
+            if $data.status.printableStatus then $data.status.printableStatus
+            else "vm"
+            end
+          )
+        elif $node_type == "migration" then "migration"
+        elif $node_type == "plan" then "plan"
+        elif $node_type == "provider" then ($data.spec.type // "provider")
+        elif $node_type == "networkmap" then "network"
+        elif $node_type == "storagemap" then "storage"
+        elif $node_type == "backup" then "backup"
+        elif $node_type == "snapshot" then "snapshot"
+        else "unknown"
+        end
+      ) as $sub_node_type |
+      {
+        name: (
+          if $data.metadata then ($data.metadata.name // $data.metadata.uid)
+          else ($data.name // "UNKNOWN")
+          end
+        ),
+        canonical_facts: {
+          name: (
+            if $data.metadata then ($data.metadata.name // "UNKNOWN")
+            else ($data.name // "UNKNOWN")
+            end
+          ),
+          id: (
+            if $data.metadata then ($data.metadata.uid // $data.metadata.name)
+            else ($data.id // $data.name)
+            end
+          ),
+          node_type: $node_type
+        },
+        facts: {
+          infra_type: "openshift_virtualization",
+          infra_bucket: ($mapping[$node_type] // "UNKNOWN"),
+          device_type: $sub_node_type,
+          namespace: (
+            if $data.metadata then ($data.metadata.namespace // "")
+            else ""
+            end
+          ),
+          status: (
+            if $data.status then
+              (
+                if $data.status.printableStatus then $data.status.printableStatus
+                elif $data.status.phase then $data.status.phase
+                elif $data.status.conditions then
+                  (
+                    $data.status.conditions |
+                    map(select(.status == "True")) |
+                    .[0].type // "unknown"
+                  )
+                else "unknown"
+                end
+              )
+            else "unknown"
+            end
+          ),
+          migration_source: (
+            if $data.spec and $data.spec.source then $data.spec.source.type
+            else ""
+            end
+          ),
+          labels: (
+            if $data.metadata and $data.metadata.labels then $data.metadata.labels
+            else {}
+            end
+          )
+        }
+      }
+    )

playbooks/cluster_healthcheck.yml

@@ -0,0 +1,10 @@
+---
+- name: Run cluster healthchecks
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+    - name: Include cluster_healthcheck role
+      ansible.builtin.import_role:
+        name: infra.openshift_virtualization_migration.cluster_healthcheck
+...

roles/cluster_healthcheck/README.md

@@ -0,0 +1,69 @@
+# cluster_healthcheck
+
+```
+Role belongs to infra/openshift_virtualization_migration
+Namespace - infra
+Collection - openshift_virtualization_migration
+```
+
+Description: Cluster health validation for OpenShift Virtualization migration environments.
+
+## Requirements
+
+- OpenShift cluster with `kubeconfig` configured
+- `kubernetes.core` collection installed
+- OpenShift Virtualization (CNV) operator installed
+- Migration Toolkit for Virtualization (MTV) operator installed
+
+## Role Variables
+
+### Defaults
+
+| Variable | Type | Default | Description |
+|----------|------|---------|-------------|
+| `cluster_healthcheck_checks` | list | See defaults/main.yml | List of health checks to run |
+| `cluster_healthcheck_post_migration_vms` | list | `[]` | VMs to check post-migration |
+| `cluster_healthcheck_generate_report` | bool | `true` | Generate HTML report |
+| `cluster_healthcheck_report_path` | str | `/tmp/cluster_healthcheck_report.html` | Report output path |
+| `cluster_healthcheck_mtv_namespace` | str | `openshift-mtv` | MTV operator namespace |
+| `cluster_healthcheck_kubevirt_namespace` | str | `openshift-cnv` | KubeVirt operator namespace |
+| `cluster_healthcheck_ssh_timeout` | int | `10` | SSH check timeout in seconds |
+| `cluster_healthcheck_debug` | bool | `false` | Enable verbose debug output |
+
+### Post-Migration VM Format
+
+```yaml
+cluster_healthcheck_post_migration_vms:
+  - name: my-vm
+    namespace: my-namespace
+    check_ssh: true  # optional, default false
+```
+
+## Health Checks
+
+| Check | Description |
+|-------|-------------|
+| `ocp_node_health` | Node Ready status, resource pressure, kubevirt.io/schedulable label |
+| `kubevirt_health` | HyperConverged CR, virt-* pods, CDI operator |
+| `mtv_health` | ForkliftController, MTV pods, Providers, Plans |
+| `storage_health` | StorageClasses, CSI drivers, PV capacity, pending PVCs |
+| `network_health` | Multus, NADs, OVN/SDN health, migration network |
+
+## Example Playbook
+
+```yaml
+- name: Run cluster healthchecks
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  roles:
+    - role: infra.openshift_virtualization_migration.cluster_healthcheck
+      vars:
+        cluster_healthcheck_post_migration_vms:
+          - name: rhel9-vm
+            namespace: migration-target
+```
+
+## License
+
+GPL-3.0-only

roles/cluster_healthcheck/defaults/main.yml

@@ -0,0 +1,23 @@
+---
+# defaults file for cluster_healthcheck
+cluster_healthcheck_checks:
+  - ocp_node_health
+  - kubevirt_health
+  - mtv_health
+  - storage_health
+  - network_health
+
+cluster_healthcheck_post_migration_vms: []
+
+cluster_healthcheck_generate_report: true
+
+cluster_healthcheck_report_path: "/tmp/cluster_healthcheck_report.html"
+
+cluster_healthcheck_mtv_namespace: "openshift-mtv"
+
+cluster_healthcheck_kubevirt_namespace: "openshift-cnv"
+
+cluster_healthcheck_ssh_timeout: 10
+
+cluster_healthcheck_debug: false
+...

roles/cluster_healthcheck/meta/main.yml

@@ -0,0 +1,10 @@
+---
+galaxy_info:
+  author: ""
+  description: Cluster health validation for OpenShift Virtualization migration environments.
+  company: Red Hat
+  license: GPL-3.0-only
+  min_ansible_version: 2.15.0
+  galaxy_tags: []
+dependencies: []
+...