Docker/Kubernetes modules
To build the docker images, you will need to have access to a machine running docker which has been configured to have its remote API exposed.
You will need to expose this host by using the environment variable DOCKER_HOST
or by specifing the runtime property -Ddocker.host
You will also need to enable the docker-build
Maven profile.
Example, assuming your docker host is running on your local machine, using the tcp
protocol and listening on port 2375
:
export DOCKER_HOST=tcp://127.0.0.1:2375
mvn clean install -Pdocker-build
or:
mvn clean install -Pdocker-build -Ddocker.host=tcp://127.0.0.1:2375
The container tests are meant to be run on OpenShift v3 1.0.4
wget https://github.com/openshift/origin/releases/download/v1.0.4/openshift-origin-v1.0.4-757efd9-linux-amd64.tar.gz[https://github.com/openshift/origin/releases/download/v1.0.4/openshift-origin-v1.0.4-757efd9-linux-amd64.tar.gz]
tar zxvf openshift-origin-v1.0.4-757efd9-linux-amd64.tar.gz
Warning
|
you cannot use 127.0.0.1 or localhost here as it needs to be an address which is resolvable from within docker containers
|
export BINDING_ADDRESS=<INSERT-YOUR-BINDING-ADDRESS-HERE>
./openshift start --write-config=openshift.local.config --hostname=$BINDING_ADDRESS --public-master=$BINDING_ADDRESS
For 1.0.4 heapster will not function properly due to it requring an non-secured /stats
endpoint
You will need to configure OpenShift to expose the RO endpoint as being unsecured
Edit the openshift.local.config/node-$BINDING_ADDRESS/node-config.yaml
to add the following at the end:
cat >> openshift.local.config/node-$BINDING_ADDRESS/node-config.yaml << DONE
kubeletArguments:
read-only-port:
- "10266"
DONE
Important
|
You must start Openshift as root .
|
openshift start --master-config=openshift.local.config/master/master-config.yaml --node-config=openshift.local.config/node-$BINDING_ADDRESS/node-config.yaml
Note
|
make sure that the logs say that the DNS server has been started properly |
If you see something in the logs like Could not start DNS: listen tcp 0.0.0.0:53: bind: address already in use
you will need to stop OpenShift and resolve the issue before continuing.
You should see something like this instead: OpenShift DNS listening at 0.0.0.0:53
xdg-open https://$BINDING_ADDRESS:8443
Note
|
you may need to explicitly enter the https here, otherwise you might get nonsense bytes returned back |
Note
|
OpenShift is using self signed certificates, so it there will be a warning in your browser about this. |
By default, OpenShift will allow for any username and any password to login. Please see the OpenShift documentation on how to specify a different login mechanism.
By default, the user who logs in will not have any permissions. To give your admin
user cluster admin priviledges, you can use the following command:
oadm --config=`pwd`/openshift.local.config/master/admin.kubeconfig policy add-cluster-role-to-user cluster-admin admin
Make sure your firewall settings let Docker containers reach your host. Also, the Openshift DNS service should be accessible.
If you’re on Fedora, change your firewall, runtime configuration
firewall-cmd --zone=trusted --change-interface=docker0
Also, enable the DNS service in the FedoraWorkstation
zone.
A few steps will need to be followed to deploy Hawkular Metrics on top of OpenShift. To deploy Hawkular Metrics and its components, a deployer pod will be used to faciliate the complex steps requied.
The deployer requires a service account named 'metrics-deployer' to exist. One can be created via the following command:
oc create -f - <<API apiVersion: v1 kind: ServiceAccount metadata: name: metrics-deployer secrets: - name: metrics-deployer API
Once the service account is created, it will need to be granted 'cluster-admin' priviledges so that it is capable of setting up all the accounts, secrets, and components required for metrics.
openshift admin policy add-cluster-role-to-user cluster-admin \ system:serviceaccount:default:metrics-deployer
Note: if you are running this under a different project than 'default' you will need to change the default in the previous command to match your project’s name.
The deployer requires a secret to exist before it can be deployed, even if the secret is empty and uses defaults. To create an empty secret, run the following command
oc secrets new metrics-deployer nothing=/dev/null
The deployer can also take a few other secrets to setup the Hawkular or Cassandra cluster PEM certificate files. To specify the pem file located at location /foo/bar.pem to be used with Hawkular Metrics the following command can be used:
oc secrets new metrics-deployer hawkular-metrics.pem=/foo/bar.pem
Now that the service account and secret have been created, you will need to process and deploy the deployer template. The template for the deployer can be found under containers/container-tests/src/main/resources/deployer.yaml.
To deploy the template you will need to at least specify the HAWKULAR_METRICS_HOSTNAME, this will be used when generating the SSL certificates for the Hawkular Metrics serivce:
oc process -f deployer.yaml -v HAWKULAR_METRICS_HOSTNAME=hawkular-metrics.example.com | oc create -f -
To run the tests, you will need to specify the following environment variables:
export OPENSHIFT_HOME=<DIRECTORY WERE YOU INSTALLED OPENSHIFT>
export KUBERNETES_TRUST_CERT=true
export KUBERNETES_MASTER=https://$BINDING_ADDRESS:8443
export KUBERNETES_CLIENT_CERTIFICATE_FILE=$OPENSHIFT_HOME/openshift.local.config/master/admin.crt
export KUBERNETES_CLIENT_KEY_FILE=$OPENSHIFT_HOME/openshift.local.config/master/admin.key
mvn clean install -Pcontainer-tests