Note that this README is targeted at AOS-Azure contributors. If you are not a member of this team, these instructions may not work as they will assume you have permissions that you may not have.
-
Utilities. Install the following:
- Golang 1.11.6 (can also use package manager)
- Latest Azure CLI
- OpenShift Origin 3.11 client tools (can also use package manager)
- Latest Glide. Note: Glide 0.13.1 is known to be broken.
- jq (can also use package manager)
Development helper scripts assume an up-to-date GNU tools environment. Recent Linux distros should work out-of-the-box.
macOS ships with outdated BSD-based tools. We recommend installing macOS GNU tools.
-
Environment variables. Ensure that $GOPATH/bin is in your path:
export PATH=$PATH:${GOPATH:-$HOME/go}/bin. -
Azure CLI access. Log into Azure using the CLI using
az loginand your credentials. -
OpenShift CI cluster access. Log in to the CI cluster using
oc loginand a token from the CI cluster web interface. You can copy the required command by clicking on your username and the "Copy Login Command" option in the web portal. -
Codebase. Check out the codebase:
go get github.com/openshift/openshift-azure/... -
Secrets. Retrieve cluster creation secrets from the vault:
export VAULT_ADDR=https://vault.ci.openshift.org ./vault login $TOKEN_FROM_THE_VAULT ./vault kv get -format=json "kv/selfservice/azure/cluster-secrets-azure/" | jq ".data.data" > vault-secrets.json python3 vault-secrets.py -
Environment file. Create an environment file:
cp env.example env. -
AAD Application / Service principal. Create a personal AAD Application:
hack/aad.sh app-create user-$USER-aad aro-team-shared- Update env to include the AZURE_AAD_CLIENT_ID and AZURE_AAD_CLIENT_SECRET values output by aad.sh.
- Ask an AAD administrator to grant permissions to your application.
-
Source the
envfile:. ./env. -
Determine an appropriate resource group name for your cluster (e.g. for a test cluster, you could call it
$USER-test). Thenexport RESOURCEGROUPand run./hack/create.sh $RESOURCEGROUPto deploy a cluster. -
Access the web console via the link printed by create.sh, logging in with your Azure credentials.
-
To inspect pods running on the OpenShift cluster, run
KUBECONFIG=_data/_out/admin.kubeconfig oc get pods. -
To ssh into any OpenShift master node, run
./hack/ssh.sh. You can directly ssh to any other host from the master.sudo -iwill give root. -
Run
./hack/delete.shto delete the deployed cluster.
Basic OpenShift configuration (also see test/manifests/fakerp/create.yaml):
name: openshift
location: $AZURE_REGION
properties:
openShiftVersion: v3.11
authProfile:
identityProviders:
- name: Azure AD
provider:
kind: AADIdentityProvider
clientId: $AZURE_AAD_CLIENT_ID
secret: $AZURE_AAD_CLIENT_SECRET
tenantId: $AZURE_TENANT_ID
networkProfile:
vnetCidr: 10.0.0.0/8
masterPoolProfile:
count: 3
vmSize: Standard_D2s_v3
subnetCidr: 10.0.0.0/24
agentPoolProfiles:
- name: infra
role: infra
count: 3
vmSize: Standard_D2s_v3
subnetCidr: 10.0.0.0/24
osType: Linux
- name: compute
role: compute
count: 1
vmSize: Standard_D2s_v3
subnetCidr: 10.0.0.0/24
osType: LinuxRead more about how to work with our CI system here.
For any infrastructure-related issues, make sure to contact the Developer Productivity team who is responsible for managing the OpenShift CI Infrastructure at #forum-testplatform in Slack.