diff --git a/content/docs/using-appsody/building-and-deploying.md b/content/docs/using-appsody/building-and-deploying.md index c620a1ae9..a4d0986bb 100644 --- a/content/docs/using-appsody/building-and-deploying.md +++ b/content/docs/using-appsody/building-and-deploying.md @@ -224,6 +224,198 @@ This command completes the following actions: - If you specified the `--knative` flag, or if Knative is the only deployment option for your stack, the command tags the image with the special prefix `dev.local`, making it accessible to your Kubernetes cluster (assuming you followed [these directions](/content/docs/using-appsody/installing-knative-locally.md)) - Creates a deployment manifest file named `app-deploy.yaml`, in the project directory. This yaml file is used to issue a `kubectl apply -f` command against the target Kubernetes cluster. The format of this yaml file depends on whether or not the stack you are using is enabled for the Appsody operator. +### Deploying your application to a local Open Shift cluster using Red Hat CodeReady Containers +Instructions for installing Red Hat CodeReady Containers can be found [here](/content/docs/using-appsody/installing-openshift-locally.md). + +To deploy your application follow these steps: +1. Check cluster status: + ``` + crc status + ``` + If the cluster is not running: + ``` + crc start + ``` + Note the provided user names and passwords +1. Log into the cluster: + ``` + oc login -u -p https://api.crc.testing:6443 + ``` + Use the developer id and password +1. Create a project: + ``` + oc new-project test + ``` +1. Log into the web console: + ``` + crc console + ``` + The web console will open in a web browser. Use the kubeadmin id and password to log in +1. Find the `image-registry` address: + - Navigate to Workloads-> Pods + - Select `all projects` at the top 'Project' pull-down + - Click on the main `image-registry` pod (Example: `image-registry-6984bcdf68-vpfjt`) + - Click on the `Environment` tab and scroll down to `REGISTRY_OPENSHIFT_SERVER_ADDR` and note the value (Example: `image-registry.openshift-image-registry.svc:5000`) + This value will be used for `--pull-url` for `appsody deploy` +1. Find the `default-route` location: + - Navigate to Networking-> Routes + - Note the `Location` for the `default-route` but remove the `https://` (Example: `default-route-openshift-image-registry.apps-crc.testing`) + This value will be used for `--push-url` for `appsody deploy` +1. Create the certificate (Red Hat Linux example): + - Get the certificate: + ``` + openssl s_client -connect default-route-openshift-image-registry.apps-crc.testing:443 + ``` + Copy the `Server certificate` which starts with header: `-----BEGIN CERTIFICATE-----` and ends with header: `-----END CERTIFICATE-----` You must include the headers. + - Create the certificate directory: + ``` + sudo mkdir -p /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing + ``` + - Create the certificate: + ``` + sudo vi /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing/ca.crt + ``` + - Insert the copied certificate using `i` to get into insert mode and then paste the copied certificate and then press `Esc` then `:wq` `` to save the file +1. Log out oc developer: + ``` + oc logout + ``` +1. Log in oc kubeadmin: + ``` + oc login -u -p https://api.crc.testing:6443 + ``` + Use the kubeadmin id and password +1. Create and apply Role yaml file: + - Create the file: + ``` + vi ~/Role.yaml + ``` + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `` to save the file + ``` + kind: Role + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: test-user-full-access + namespace: test + rules: + - apiGroups: ["", "extensions", "apps", "autoscaling", "appsody.dev", "rbac.authorization.k8s.io"] + resources: ["*"] + verbs: ["*"] + - apiGroups: ["batch"] + resources: + - jobs + - cronjobs + verbs: ["*"] + ``` + - Apply the role: + ``` + kubectl apply -f ~/Role.yaml + ``` +1. Create and apply the ClusterRole yaml file: + - Create the file: + ``` + vi ~/ClusterRole.yaml + ``` + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `` to save the file + ``` + kind: ClusterRole + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: test-user-node-readonly-access + rules: + - apiGroups: ["", "apps", "autoscaling", "extensions"] + resources: ["*"] + verbs: ["get", "watch", "list"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["*"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["rolebindings"] + verbs: ["get", "watch", "list"] + ``` + - Apply the role: + ``` + kubectl apply -f ClusterRole.yaml + ``` +1. Create and apply the RoleBinding yaml file: + - Create the file: + ```` + vi ~/RoleBinding.yaml + ```` + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `` to save the file + ``` + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: read-pods + namespace: test + subjects: + - kind: User + name: developer + apiGroup: rbac.authorization.k8s.io + roleRef: + kind: Role + name: test-user-full-access + apiGroup: rbac.authorization.k8s.io + ``` + - Apply the role: + ``` + kubectl apply -f RoleBinding.yaml + ``` +1. Create and apply the ClusterRoleBinding yaml file: + - Create the file: + ``` + vi ~/ClusterRoleBinding.yaml + ``` + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `` to save the file + ``` + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: read-pods-global + subjects: + - kind: User + name: developer + apiGroup: rbac.authorization.k8s.io + roleRef: + kind: ClusterRole + name: test-user-node-readonly-access + apiGroup: rbac.authorization.k8s.io + ``` + - Apply the role: + ``` + kubectl apply -f ClusterRoleBinding.yaml + ``` +1. Log out oc kubeadmin: + ``` + oc logout + ``` +1. Log in oc developer + ``` + oc login -u -p https://api.crc.testing:6443 + ``` + Use the developer id and password +1. Log into docker: + ``` + docker login -u $(oc whoami) -p $(oc whoami -t) https://default-route-openshift-image-registry.apps-crc.testing + ``` +1. Perform the deploy: + ``` + appsody deploy --tag --pull-url --push-url --push --namespace -v + ``` + Example tag: `test/node:v1` + + Example pull-url: `image-registry.openshift-image-registry.svc:5000` + + Example push-url: `default-route-openshift-image-registry.apps-crc.testing` + + Example namespace: `test` + + Example deploy command: + ``` + appsody deploy --tag test/node:v1 --pull-url image-registry.openshift-image-registry.svc:5000 --push-url default-route-openshift-image-registry.apps-crc.testing --push --namespace test -v + ``` + ### Deploying your application through Docker Hub If your cluster is configured to pull images from Docker Hub, use the following command to deploy your application: diff --git a/content/docs/using-appsody/installing-openshift-locally.md b/content/docs/using-appsody/installing-openshift-locally.md new file mode 100644 index 000000000..02284c4e3 --- /dev/null +++ b/content/docs/using-appsody/installing-openshift-locally.md @@ -0,0 +1,59 @@ +--- +title: Installing OpenShift locally using Red Had CodeReadyContainers +--- + +# Installing OpenShift locally using Red Hat CodeReady Containers + +Red Hat CodeReady Containers provides a minimum OpenShift cluster for your local workstation. Supported operating systems are Windows, macOS and Linux. The Red Hat install instructions can be found [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned). The Red Hat "Getting Started" instructions can be found [here](https://access.redhat.com/documentation/en-us/red_hat_codeready_containers/1.0/html/getting_started_guide/getting-started-with-codeready-containers_gsg). + +## Installing Red Hat CodeReady on Red Hat Enterprise Linux 7.7 +### Assumptions: +1. User must have permission to use `sudo` command. +1. Minimum hardware and required software requirements are fulfilled. See the sections [here](https://access.redhat.com/documentation/en-us/red_hat_codeready_containers/1.0/html/getting_started_guide/getting-started-with-codeready-containers_gsg). +### Steps: +1. Navigate [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned) and click on the link `Linux: Download (Libvirt)` to download the crc tar file. +1. Extract: + ``` + tar -xvf crc-linux-amd.tar.xz + ``` +1. Move the binary to your `$PATH`. Example: + ``` + sudo mv crc-linux-1.0.0-amd64/crc /usr/local/bin/ + ``` +1. Setup crc: + ``` + crc setup + ``` +1. Copy pull secret by clicking `Copy Pull Secret` [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned). +1. Start crc and paste in secret when prompted: + ``` + crc start + ``` + Note the provided user names and passwords +1. Get the command needed to add the cached `oc` binary to your `$PATH`: + ``` + crc oc-env + ``` + Insert the command into /etc/profile. Example: `export PATH="$HOME/.crc.bin:$PATH"` +### kubectl +kubectl is required for deploying Appsody applications to OpenShift. To see if you have kubectl installed run `kubectl version` + +To install kubectl follow these steps: +1. Get the code: + ``` + curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl + ``` + ``` + curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.16.0/bin/linux/amd64/kubectl + ``` +1. Make the binary executable: + ``` + chmod +x ./kubectl + ``` +1. Move the binary to your `$PATH` + ``` + sudo mv ./kubectl /usr/local/bin/kubectl + ``` + + +