ibm-mas · Divyesh-Khokhar · Apr 13, 2026 · Apr 15, 2026 · Apr 16, 2026 · Apr 16, 2026
diff --git a/instance-applications/112-ibm-odh/README.md b/instance-applications/112-ibm-odh/README.md
@@ -4,6 +4,11 @@ Deploy and configure ODH with configurable version
 
 <!--docs-include-start-->
 
+## Migration to RHOAI
+
+**Note**: OpenDataHub (ODH) is being replaced by Red Hat OpenShift AI (RHOAI). To migrate to RHOAI, see the [RHOAI Migration Guide](../116-ibm-rhoai/README.md#migration-from-odh-to-rhoai).
+
+Shared resources (aiservice namespace, ServiceMesh, Authorino, Serverless operators, and NetworkPolicies) have ArgoCD protection annotations that prevent deletion during ODH uninstallation, ensuring a safe migration path to RHOAI.
 
 ## Resources Created
 
@@ -25,6 +30,7 @@ This chart accepts the following configuration values in the ArgoCD Application
 
 ```yaml
 ibm_odh:
+  install: string                    # Set to "true" to enable ODH installation
   openshift_namespace: string
   odh_pipeline_channel: string
   odh_pipeline_installplan: string

diff --git a/instance-applications/112-ibm-odh/templates/01-odh-serverless-subscription.yaml b/instance-applications/112-ibm-odh/templates/01-odh-serverless-subscription.yaml
@@ -6,6 +6,9 @@ metadata:
     name:  {{ .Values.serverless_namespace}}
     annotations:
       argocd.argoproj.io/sync-wave: "117"
+      # Prevent ArgoCD from deleting this namespace during ODH to RHOAI migration
+      # This namespace is shared between ODH and RHOAI
+      argocd.argoproj.io/sync-options: Prune=false,Delete=false
 
 ---
 apiVersion: operators.coreos.com/v1
@@ -24,6 +27,9 @@ metadata:
     namespace: {{ .Values.serverless_namespace}}
     annotations:
       argocd.argoproj.io/sync-wave: "118"
+      # Prevent ArgoCD from deleting this subscription during ODH to RHOAI migration
+      # This subscription is shared between ODH and RHOAI
+      argocd.argoproj.io/sync-options: Prune=false,Delete=false
 spec:
     channel: stable
     installPlanApproval: Automatic

diff --git a/instance-applications/112-ibm-odh/templates/02-odh-servicemesh-operator-sa.yaml b/instance-applications/112-ibm-odh/templates/02-odh-servicemesh-operator-sa.yaml
@@ -7,6 +7,9 @@ metadata:
   namespace: openshift-operators
   annotations:
     argocd.argoproj.io/sync-wave: "118"
+    # Prevent ArgoCD from deleting this subscription during ODH to RHOAI migration
+    # This subscription is shared between ODH and RHOAI
+    argocd.argoproj.io/sync-options: Prune=false,Delete=false
 spec:
   channel: stable
   installPlanApproval: Automatic

diff --git a/instance-applications/112-ibm-odh/templates/03-odh-authorino-operator.yaml b/instance-applications/112-ibm-odh/templates/03-odh-authorino-operator.yaml
@@ -7,6 +7,9 @@ metadata:
   namespace: openshift-operators
   annotations:
     argocd.argoproj.io/sync-wave: "121"
+    # Prevent ArgoCD from deleting this subscription during ODH to RHOAI migration
+    # This subscription is shared between ODH and RHOAI
+    argocd.argoproj.io/sync-options: Prune=false,Delete=false
 spec:
   channel: stable
   name: authorino-operator

diff --git a/instance-applications/112-ibm-odh/templates/05-odh-namespace.yaml b/instance-applications/112-ibm-odh/templates/05-odh-namespace.yaml
@@ -6,5 +6,8 @@ metadata:
   name: "{{ .Values.aiservice_namespace }}"
   annotations:
     argocd.argoproj.io/sync-wave: "128"
+    # Prevent ArgoCD from deleting this namespace during ODH uninstall
+    # This namespace is shared with RHOAI and must persist during migration
+    argocd.argoproj.io/sync-options: Prune=false,Delete=false
 
 {{- end }}
diff --git a/instance-applications/116-ibm-rhoai/Chart.yaml b/instance-applications/116-ibm-rhoai/Chart.yaml
@@ -0,0 +1,11 @@
+apiVersion: v2
+name: ibm-rhoai
+description: IBM RHOAI (Red Hat OpenShift AI)
+type: application
+version: 1.0.0
+
+dependencies:
+- name: junitreporter
+  version: 1.0.0
+  repository: "file://../../sub-charts/junitreporter/"
+  condition: junitreporter.devops_mongo_uri != ""
diff --git a/instance-applications/116-ibm-rhoai/README.md b/instance-applications/116-ibm-rhoai/README.md
@@ -0,0 +1,112 @@
+IBM RHOAI (Red Hat OpenShift AI)
+===============================================================================
+Deploy and configure Red Hat OpenShift AI with configurable version
+
+<!--docs-include-start-->
+
+## Migration from ODH to RHOAI
+
+To migrate from OpenDataHub (ODH) to Red Hat OpenShift AI (RHOAI):
+
+1. **Disable ODH**: Set `ibm_odh.install: "false"` in your configuration
+2. **Sync with Prune**: Sync the ODH application in ArgoCD with the prune option enabled
+3. **Wait for Uninstallation**: Wait for ODH resources to be removed (shared resources like namespaces, operators, and NetworkPolicies are protected and will not be deleted)
+4. **Enable RHOAI**: Set `ibm_rhoai.install: "true"` in your configuration
+5. **Sync RHOAI**: Sync the RHOAI application in ArgoCD
+
+**Note**: The migration is safe because shared resources (aiservice namespace, ServiceMesh, Authorino, Serverless operators, and NetworkPolicies) have ArgoCD protection annotations (`Prune=false,Delete=false`) that prevent deletion during ODH uninstallation. RHOAI will reuse these existing resources.
+
+## Resources Created
+
+| Resource Type | Resource Name | Namespace | Condition | Installed By |
+|--------------|---------------|-----------|-----------|--------------|
+| `Namespace` | RHOAI and serverless namespaces | RHOAI-related namespaces | Always | `application_admin_role` |
+| `OperatorGroup` | RHOAI operator groups | RHOAI-related namespaces | Always | `application_admin_role` |
+| `Subscription` | RHOAI/operator subscriptions | RHOAI-related namespaces | Always | `application_admin_role` |
+| `ServiceAccount` | RHOAI service mesh service account | RHOAI-related namespaces | Always | `application_admin_role` |
+| `DSCInitialization` | RHOAI DSC initialization CR | RHOAI namespace | Always | `application_admin_role` |
+| `DataScienceCluster` | RHOAI data science cluster CR | RHOAI namespace | Always | `application_admin_role` |
+| `PeerAuthentication` | Istio peer authentication for RHOAI | RHOAI namespace | Always | `application_admin_role` |
+| `DestinationRule` | Istio destination rule for RHOAI | RHOAI namespace | Always | `application_admin_role` |
+| `NetworkPolicy` | RHOAI network policy | RHOAI namespace | Always | `application_admin_role` |
+
+## Configuration
+
+This chart accepts the following configuration values in the ArgoCD Application values:
+
+```yaml
+ibm_rhoai:
+  install: string                    # Set to "true" to enable RHOAI installation
+  openshift_namespace: string
+  rhoai_pipeline_name: string
+  rhoai_pipeline_namespace: string
+  rhoai_pipeline_operatorName: string
+  rhoai_pipeline_source: string
+  rhoai_pipeline_sourceNamespace: string
+  serverless_namespace: string
+  serverless_operator_name: string
+  serverless_operator_source: string
+  serverless_operator_sourceNamespace: string
+  rhoai_OperatorGroup_name: string
+  rhoai_name: string
+  rhoai_channel: string
+  rhoai_namespace: string
+  rhoai_applications_namespace: string
+  rhoai_monitoring_namespace: string
+  rhoai_installPlanApproval: string
+  rhoai_source: string
+  rhoai_sourceNamespace: string
+  rhoai_pipeline_channel: string
+  rhoai_pipeline_installplan: string
+  service_mesh_namespace: string
+  service_mesh_channel: string
+  service_mesh_catalog_source: string
+  serverless_channel: string
+  authorino_catalog_source: string
+  rhoai_catalog_source: string
+  rhoai_operator_version: string
+
+  aiservice_namespace: string
+  pull_secret_name: string (secret reference)
+
+  mas_aiservice_storage_provider: string
+  mas_aiservice_storage_accesskey: string (secret reference)
+  mas_aiservice_storage_secretkey: string (secret reference)
+  mas_aiservice_storage_host: string
+  mas_aiservice_storage_port: string
+  mas_aiservice_storage_ssl: string
+  mas_aiservice_storage_region: string
+  mas_aiservice_storage_pipelines_bucket: string
+  primary_storage_class: string
+  aiservice_rhoai_model_deployment_type: string
+```
+
+**Note**: Values marked with "(secret reference)" should use the format `<path:secrets/path:key>` to reference secrets stored in the Secrets Vault.
+
+## Base Instance Values
+
+This chart inherits common instance configuration values. The most frequently used base values are:
+
+```yaml
+account:
+  id: string                    # Account identifier
+  name: string                  # Account name
+
+region:
+  id: string                    # Region identifier
+  name: string                  # Region name
+
+cluster:
+  id: string                    # Cluster identifier
+  name: string                  # Cluster name
+
+instance:
+  id: string                    # MAS instance identifier
+
+sm:                             # Secrets Manager configuration
+  aws_secret_region: string
+  aws_access_key_id: string (secret reference)
+  aws_secret_access_key: string (secret reference)
+```
+
+For complete documentation of all base instance values including optional fields like `custom_labels`, `argocluster_instance`, `application_admin_service_account`, `mas_wipe_mongo_data`, `allow_list`, `additional_vpn`, `application_configuration`, `use_postdelete_hooks`, `additional_resources`, `extensions`, `enhanced_dr`, and `cli_image_repo`, see the [Instance Base Values Reference](../../docs/reference/instance-base-values.md).
diff --git a/instance-applications/116-ibm-rhoai/templates/01-rhoai-serverless-subscription.yaml b/instance-applications/116-ibm-rhoai/templates/01-rhoai-serverless-subscription.yaml
@@ -0,0 +1,33 @@
+{{- if .Values.cluster_admin_role }}
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+    name:  {{ .Values.serverless_namespace}}
+    annotations:
+      argocd.argoproj.io/sync-wave: "117"
+
+---
+apiVersion: operators.coreos.com/v1
+kind: OperatorGroup
+metadata:
+    name: operatorgroup
+    namespace: {{ .Values.serverless_namespace}}
+    annotations:
+      argocd.argoproj.io/sync-wave: "117"
+
+---
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+    name: {{ .Values.serverless_operator_name}}
+    namespace: {{ .Values.serverless_namespace}}
+    annotations:
+      argocd.argoproj.io/sync-wave: "118"
+spec:
+    channel: stable
+    installPlanApproval: Automatic
+    name: {{ .Values.serverless_operator_name}}
+    source: {{ .Values.serverless_operator_source}}
+    sourceNamespace: {{ .Values.serverless_operator_sourceNamespace}}
+{{- end }}
diff --git a/instance-applications/116-ibm-rhoai/templates/02-rhoai-servicemesh-operator-sa.yaml b/instance-applications/116-ibm-rhoai/templates/02-rhoai-servicemesh-operator-sa.yaml
@@ -0,0 +1,26 @@
+{{- if .Values.cluster_admin_role }}
+---
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: servicemeshoperator
+  namespace: openshift-operators
+  annotations:
+    argocd.argoproj.io/sync-wave: "118"
+spec:
+  channel: stable
+  installPlanApproval: Automatic
+  name: servicemeshoperator
+  source: redhat-operators
+  sourceNamespace: openshift-marketplace
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: istio-operator
+  namespace: openshift-operators
+  annotations:
+      argocd.argoproj.io/sync-wave: "119"
+
+{{- end }}
diff --git a/instance-applications/116-ibm-rhoai/templates/03-rhoai-authorino-operator.yaml b/instance-applications/116-ibm-rhoai/templates/03-rhoai-authorino-operator.yaml
@@ -0,0 +1,15 @@
+{{- if .Values.cluster_admin_role }}
+---
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: authorino-operator
+  namespace: openshift-operators
+  annotations:
+    argocd.argoproj.io/sync-wave: "121"
+spec:
+  channel: stable
+  name: authorino-operator
+  source: community-operators
+  sourceNamespace: openshift-marketplace
+{{- end }}
diff --git a/instance-applications/116-ibm-rhoai/templates/04-rhoai-operator-subscription.yaml b/instance-applications/116-ibm-rhoai/templates/04-rhoai-operator-subscription.yaml
@@ -0,0 +1,33 @@
+{{- if .Values.cluster_admin_role }}
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: {{ .Values.rhoai_namespace }}
+  annotations:
+    argocd.argoproj.io/sync-wave: "125"
+---
+apiVersion: operators.coreos.com/v1
+kind: OperatorGroup
+metadata:
+  name: {{ .Values.rhoai_OperatorGroup_name}}
+  namespace: {{ .Values.rhoai_namespace}}
+  annotations:
+      argocd.argoproj.io/sync-wave: "126"
+
+---
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+    name: {{ .Values.rhoai_name}}
+    namespace: {{ .Values.rhoai_namespace}}
+    annotations:
+      argocd.argoproj.io/sync-wave: "127"
+spec:
+    channel: {{ .Values.rhoai_channel}}
+    installPlanApproval: {{ .Values.rhoai_installPlanApproval}}
+    name: {{ .Values.rhoai_name}}
+    source: {{ .Values.rhoai_source}}
+    sourceNamespace: {{ .Values.rhoai_sourceNamespace}}
+    startingCSV: {{ .Values.rhoai_operator_version }}
+{{- end }}
diff --git a/instance-applications/116-ibm-rhoai/templates/05-rhoai-namespace.yaml b/instance-applications/116-ibm-rhoai/templates/05-rhoai-namespace.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.cluster_admin_role }}
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: "{{ .Values.aiservice_namespace }}"
+  annotations:
+    argocd.argoproj.io/sync-wave: "128"
+    # Prevent ArgoCD from deleting this namespace during RHOAI uninstall
+    # This namespace is shared with ODH and must persist during migration
+    argocd.argoproj.io/sync-options: Prune=false,Delete=false
+
+{{- end }}
diff --git a/instance-applications/116-ibm-rhoai/templates/06-rhoai-dsc-init.yaml b/instance-applications/116-ibm-rhoai/templates/06-rhoai-dsc-init.yaml
@@ -0,0 +1,39 @@
+{{- if .Values.application_admin_role }}
+---
+apiVersion: dscinitialization.opendatahub.io/v1
+kind: DSCInitialization
+metadata:
+  annotations:
+    argocd.argoproj.io/sync-wave: "130"
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+  finalizers:
+    - dscinitialization.opendatahub.io/finalizer
+  labels:
+    app.kubernetes.io/created-by: rhods-operator
+    app.kubernetes.io/instance: default
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: dscinitialization
+    app.kubernetes.io/part-of: rhods-operator
+  name: default-dsci
+spec:
+  applicationsNamespace: "{{ .Values.rhoai_applications_namespace }}"
+  monitoring:
+    managementState: Managed
+    namespace: "{{ .Values.rhoai_monitoring_namespace }}"
+  serviceMesh:
+    auth:
+      audiences:
+        - 'https://kubernetes.default.svc'
+    controlPlane:
+      metricsCollection: Istio
+      name: data-science-smcp
+      namespace: istio-system
+{{- if eq .Values.aiservice_rhoai_model_deployment_type "raw" }}
+    managementState: Removed
+{{- else }}
+    managementState: Managed
+{{- end }}
+  trustedCABundle:
+    customCABundle: ''
+    managementState: Managed
+{{- end }}
diff --git a/instance-applications/116-ibm-rhoai/templates/07-rhoai-data-science-cluster.yaml b/instance-applications/116-ibm-rhoai/templates/07-rhoai-data-science-cluster.yaml
@@ -0,0 +1,33 @@
+{{- if .Values.application_admin_role }}
+---
+kind: DataScienceCluster
+apiVersion: datasciencecluster.opendatahub.io/v1
+metadata:
+  annotations:
+    argocd.argoproj.io/sync-wave: "131"
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+  labels:
+    app.kubernetes.io/created-by: rhods-operator
+    app.kubernetes.io/instance: default
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: datasciencecluster
+    app.kubernetes.io/part-of: rhods-operator
+  name: default-dsc
+spec:
+  components:
+    datasciencepipelines:
+      managementState: Removed
+    kserve:
+      managementState: Managed
+      serving:
+        name: knative-serving
+        ingressGateway:
+          certificate:
+            type: SelfSigned
+{{- if eq .Values.aiservice_rhoai_model_deployment_type "raw" }}
+        managementState: Removed
+        defaultDeploymentMode: RawDeployment
+{{- else }}
+        managementState: Managed
+{{- end }}
+{{- end }}