feat!: add NVIDIA H100 confidential GPU support for bare metal

Enables NVIDIA confidential GPU (H100/H200) on bare metal deployments
with full CoCo integration. Addresses three documented gaps in the
Red Hat OSC 1.12 documentation:

- Gap 1: Pin GPU Operator to v26.3.0 (v26.3.1 breaks kata state machine)
- Gap 2: Include kataSandboxDevicePlugin in ClusterPolicy (required for
  nvidia.com/pgpu resource advertisement)
- Gap 3: Add imperative job to re-reconcile KataConfig after GPU Operator
  labels nodes (kata-cc-nvidia-gpu RuntimeClass creation)

New charts:
- charts/all/nvidia-gpu: ClusterPolicy CR and IOMMU MachineConfig
- charts/coco-supported/gpu-workload: CUDA vectorAdd sample deployment

Also extends Kyverno initdata injection to support kata-cc-nvidia-gpu
runtime class and propagate initdata to gpu-workload namespace.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: butler54

ansible/reconcile-kataconfig-gpu.yaml

@@ -0,0 +1,42 @@
+---
+- name: Reconcile KataConfig for GPU RuntimeClass
+  hosts: localhost
+  connection: local
+  become: false
+  gather_facts: false
+  tasks:
+    - name: Check for nodes with NVIDIA GPU labels
+      kubernetes.core.k8s_info:
+        api_version: v1
+        kind: Node
+        label_selectors:
+          - "nvidia.com/gpu.present=true"
+      register: gpu_nodes
+
+    - name: Check if kata-cc-nvidia-gpu RuntimeClass exists
+      kubernetes.core.k8s_info:
+        api_version: node.k8s.io/v1
+        kind: RuntimeClass
+        name: kata-cc-nvidia-gpu
+      register: gpu_runtimeclass
+
+    - name: Trigger KataConfig re-reconciliation
+      kubernetes.core.k8s:
+        state: patched
+        api_version: kataconfiguration.openshift.io/v1
+        kind: KataConfig
+        name: default-kata-config
+        definition:
+          metadata:
+            annotations:
+              kata-reconcile: "{{ ansible_date_time.epoch }}"
+      when:
+        - gpu_nodes.resources | length > 0
+        - gpu_runtimeclass.resources | length == 0
+
+    - name: Report status
+      ansible.builtin.debug:
+        msg: >-
+          GPU nodes: {{ gpu_nodes.resources | length }},
+          RuntimeClass exists: {{ gpu_runtimeclass.resources | length > 0 }},
+          Action: {{ 'triggered re-reconciliation' if (gpu_nodes.resources | length > 0 and gpu_runtimeclass.resources | length == 0) else 'no action needed' }}

charts/all/coco-kyverno-policies/templates/inject-coco-initdata.yaml

@@ -28,7 +28,7 @@ spec:
         all:
           - key: "{{ "{{" }}request.object.spec.runtimeClassName || '' {{ "}}" }}"
             operator: AnyIn
-            value: ["kata", "kata-cc", "kata-remote"]
+            value: ["kata", "kata-cc", "kata-remote", "kata-cc-nvidia-gpu"]
           - key: "{{ "{{" }}request.object.metadata.annotations.\"coco.io/initdata-configmap\" || '' {{ "}}" }}"
             operator: NotEquals
             value: ""

charts/all/coco-kyverno-policies/values.yaml

@@ -1,5 +1,6 @@
 workloadNamespaces:
   - hello-openshift
   - kbs-access
+  - gpu-workload
 
 initdataSourceNamespace: imperative

charts/all/nvidia-gpu/Chart.yaml

@@ -0,0 +1,9 @@
+apiVersion: v2
+description: NVIDIA GPU Operator configuration for confidential containers (ClusterPolicy, IOMMU MachineConfig).
+keywords:
+- pattern
+- nvidia
+- gpu
+- confidential
+name: nvidia-gpu
+version: 0.0.1

charts/all/nvidia-gpu/templates/cluster-policy.yaml

@@ -0,0 +1,53 @@
+{{- if .Values.enabled }}
+apiVersion: nvidia.com/v1
+kind: ClusterPolicy
+metadata:
+  name: gpu-cluster-policy
+  annotations:
+    argocd.argoproj.io/sync-wave: "110"
+spec:
+  operator:
+    defaultRuntime: crio
+
+  sandboxWorkloads:
+    enabled: true
+    mode: kata
+    defaultWorkload: vm-passthrough
+
+  kataManager:
+    enabled: false
+
+  ccManager:
+    enabled: {{ .Values.ccManager.enabled }}
+    defaultMode: {{ .Values.ccManager.defaultMode | quote }}
+    repository: nvcr.io/nvidia/cloud-native
+    image: k8s-cc-manager
+    version: v0.1.0
+    env:
+      - name: CC_CAPABLE_DEVICE_IDS
+        value: {{ .Values.ccManager.deviceIDs | quote }}
+
+  kataSandboxDevicePlugin:
+    enabled: {{ .Values.kataSandboxDevicePlugin.enabled }}
+    repository: {{ .Values.kataSandboxDevicePlugin.repository }}
+    image: {{ .Values.kataSandboxDevicePlugin.image }}
+    version: {{ .Values.kataSandboxDevicePlugin.version | quote }}
+
+  sandboxDevicePlugin:
+    enabled: true
+
+  driver:
+    enabled: true
+
+  devicePlugin:
+    enabled: false
+
+  vfioManager:
+    enabled: true
+
+  gfd:
+    enabled: true
+
+  nfd:
+    nodefeaturerules: true
+{{- end }}

charts/all/nvidia-gpu/templates/iommu-mco.yaml

@@ -0,0 +1,15 @@
+{{- if .Values.iommu.enabled }}
+{{- range list "master" "worker" }}
+---
+apiVersion: machineconfiguration.openshift.io/v1
+kind: MachineConfig
+metadata:
+  labels:
+    machineconfiguration.openshift.io/role: {{ . }}
+  name: 100-iommu-{{ . }}
+spec:
+  kernelArguments:
+  - intel_iommu=on
+  - iommu=pt
+{{- end }}
+{{- end }}

charts/all/nvidia-gpu/values.yaml

@@ -0,0 +1,15 @@
+enabled: true
+
+ccManager:
+  enabled: true
+  defaultMode: "on"
+  deviceIDs: "0x2331,0x2322"
+
+kataSandboxDevicePlugin:
+  enabled: true
+  repository: nvcr.io/nvidia/cloud-native
+  image: nvidia-sandbox-device-plugin
+  version: "v0.0.2"
+
+iommu:
+  enabled: true

charts/coco-supported/gpu-workload/Chart.yaml

@@ -0,0 +1,10 @@
+apiVersion: v2
+description: Sample CUDA workload for NVIDIA confidential GPU verification.
+keywords:
+- pattern
+- nvidia
+- gpu
+- workload
+- confidential
+name: gpu-workload
+version: 0.0.1

charts/coco-supported/gpu-workload/templates/gpu-vectoradd-deployment.yaml

@@ -0,0 +1,37 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gpu-vectoradd
+  labels:
+    app: gpu-vectoradd
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: gpu-vectoradd
+  template:
+    metadata:
+      labels:
+        app: gpu-vectoradd
+      annotations:
+        coco.io/initdata-configmap: initdata
+        {{- if .Values.defaultMemory }}
+        io.katacontainers.config.hypervisor.default_memory: {{ .Values.defaultMemory | quote }}
+        {{- end }}
+    spec:
+      runtimeClassName: {{ .Values.runtimeClassName }}
+      containers:
+        - name: cuda-vectoradd
+          image: nvcr.io/nvidia/k8s/cuda-sample:vectoradd-cuda11.7.1-ubuntu20.04
+          resources:
+            limits:
+              nvidia.com/pgpu: 1
+          securityContext:
+            privileged: false
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault

charts/coco-supported/gpu-workload/values.yaml

@@ -0,0 +1,6 @@
+runtimeClassName: "kata-cc-nvidia-gpu"
+
+defaultMemory: "32768"
+
+global:
+  clusterPlatform: ""