Scripted Installation of OpenShift on OpenStack.
The scripts presented here match those in Red Hat OpenShift Container Platform 3 on Red Hat OpenStack Platform 8 reference architecture document. These script fragments are intended to demonstrate the steps needed to deploy OCP on OSP, but they are not the recommended method for doing so. Production deployment should be done using the OpenShift on OpenStack Heat templates and the OpenShift Ansible playbooks.
The documentation here does not provide comprehensive usage instructions for these script fragments. The scripts are meant to be used in conjunction with the reference architecture document above.
These scripts are offered as-is, and no warranty is implied or offered.
To use these scripts require a DNS server running BIND.
It must have a delegated sub-domain for the OpenShift service. In
these examples that subdomain is
osp3.example.com. Adjust this for
the target environment. The subdomain must allow dynamic updates using
nsupdate. The process requires a copy of the
from the BIND server to allow updates.
The scripts expect a pre-existing
haproxy proxy server. The user
must have a key-based SSH passwordless access to the proxy server.
The user account on the proxy server must have the ability to execute
commands as root via
APPS_DNS_SUFFIX values below must each be
a domain name that refers to the IP address of the haproxy server.
APP_DNS_SUFFIX domain name is a wildcard record. The hostname
portion is an asterisk (*). This will match any name in that
proxy.ocp3.example.com. 300 IN A 10.19.XX.XX devs.ocp3.example.com. 300 IN A 10.19.XX.XX *.apps.ocp3.example.com. 300 IN A 10.19.XX.XX
A RHEL 7 image must be provisioned into Glance. Note the
GLANCE_IMAGE name below.
There must be an LDAP or Active Directory server available. There must be a user and password that can bind to the LDAP server to enable authentication.
These scripts make use of a set of enviroment variables to control the
deployment process. The values listed below must be set in the
caller’s environment before invoking the first script. You can write
them into a file and then
source them into the environment.
export MASTER_COUNT=3 export INFRA_NODE_COUNT=3 export APP_NODE_COUNT=2 # Software Version Override export GLANCE_IMAGE=rhel7 export OCP3_VERSION=3.4 export OSP_VERSION=10 # Instance Specification export IMAGE_NAME=rhel7 export FLAVOR=m1.small export OCP3_KEY_NAME=ocp3 export OCP3_KEY_FILE=~/keys/ocp3_rsa export PUBLIC_NETWORK=public_network # Naming and DNS export OCP3_DOMAIN=ocp3.example.com export OCP3_DNS_SERVER=10.19.X.X export OCP3_DNS_UPDATE_KEY=~/keys/dns-update.key export MASTER_DNS_NAME=devs.ocp3.example.com export APPS_DNS_SUFFIX=apps.ocp3.example.com # User Access Control - LDAP server (optional) export LDAP_BIND_DN=cn=openshift,cn=users,dc=example,dc=com export LDAP_BIND_PASSWORD=password export LDAP_URL=ldap://ad1.example.com:389/cn=users,dc=example,dc=com?sAMAccountName
Red Hat Software Credentials
This procedure requires a valid set of Red Hat Access credentials and a subscription pool which contains the OCP and OSP repositories for the selected versions.
Each host must be registered to receive software from the Red Hat RPM repositories.
export RHN_USERNAME=<username> export RHN_PASSWORD=<password> export RHN_POOL_ID=<pool id>
Creating the Infrastructure
The first script creates the network and VMs that will make up the OpenShift cluster.
This creates the bastion host, master, infrastructure node and app node VMs. This includes updating the DNS and haproxy configurations.
Populate DNS service
generate_dns_updates script can automatically populate the DNS server if the proper variables have been set:
Load Balancer Configuration
The DNS records for the master and app load balancers must exist:
devs.ocp3.example.com → loadbalancer IP address
*.apps.ocp3.example.com → loadbalancer IP address
The loadbalancer must be configured to forward ports 80 and 443 to the infra-node floating IP addresses and port 8443 must forward to the master floating IP addresses.
Prepare the host instances
This step initializes and customizes the instances for OpenShift installation via Ansible.
First it configures the bastion host; registering for software repos, installing Ansible and other tools. Then it repeats the process with all of the OpenShift VMs from the bastion host.
sh ./prepare_bastion.sh sh ./prepare_osp_instances_ansible.sh
The final step is to run the OpenShift Ansible installer. This script generates the Ansible input files, pushes them to the bastion host and executes the installation process.
When this is complete and sucessful users will be able to browse to the OpenShift service masters through the load balancer.