Note that this README is targeted at AOS-Azure contributors. If you are not a member of this team, these instructions may not work as they will assume you have permissions that you may not have.
Utilities. Install the following:
- Golang 1.11.6 (can also use package manager)
- Latest Azure CLI
- OpenShift Origin 3.11 client tools (can also use package manager)
- Latest Glide. Note: Glide 0.13.1 is known to be broken.
- jq (can also use package manager)
Development helper scripts assume an up-to-date GNU tools environment. Recent Linux distros should work out-of-the-box.
macOS ships with outdated BSD-based tools. We recommend installing macOS GNU tools.
Environment variables. Ensure that $GOPATH/bin is in your path:
Azure CLI access. Log into Azure using the CLI using
az loginand your credentials.
OpenShift CI cluster access. Log in to the CI cluster using
oc loginand a token from the CI cluster web interface. You can copy the required command by clicking on your username and the "Copy Login Command" option in the web portal.
Codebase. Check out the codebase:
go get github.com/openshift/openshift-azure/...
Secrets. Retrieve cluster creation secrets from the vault:
export VAULT_ADDR=https://vault.ci.openshift.org ./vault login $TOKEN_FROM_THE_VAULT ./vault kv get -format=json "kv/selfservice/azure/cluster-secrets-azure/" | jq ".data.data" > vault-secrets.json python3 vault-secrets.py
Environment file. Create an environment file:
cp env.example env.
AAD Application / Service principal. Create a personal AAD Application:
hack/aad.sh app-create user-$USER-aad aro-team-shared
- Update env to include the AZURE_AAD_CLIENT_ID and AZURE_AAD_CLIENT_SECRET values output by aad.sh.
- Ask an AAD administrator to grant permissions to your application.
Deploy an OpenShift cluster
Determine an appropriate resource group name for your cluster (e.g. for a test cluster, you could call it
export RESOURCEGROUPand run
./hack/create.sh $RESOURCEGROUPto deploy a cluster.
Access the web console via the link printed by create.sh, logging in with your Azure credentials.
To inspect pods running on the OpenShift cluster, run
KUBECONFIG=_data/_out/admin.kubeconfig oc get pods.
To ssh into any OpenShift master node, run
./hack/ssh.sh. You can directly ssh to any other host from the master.
sudo -iwill give root.
./hack/delete.shto delete the deployed cluster.
Basic OpenShift configuration (also see test/manifests/fakerp/create.yaml):
name: openshift location: $AZURE_REGION properties: openShiftVersion: v3.11 authProfile: identityProviders: - name: Azure AD provider: kind: AADIdentityProvider clientId: $AZURE_AAD_CLIENT_ID secret: $AZURE_AAD_CLIENT_SECRET tenantId: $AZURE_TENANT_ID networkProfile: vnetCidr: 10.0.0.0/8 masterPoolProfile: count: 3 vmSize: Standard_D2s_v3 subnetCidr: 10.0.0.0/24 agentPoolProfiles: - name: infra role: infra count: 3 vmSize: Standard_D2s_v3 subnetCidr: 10.0.0.0/24 osType: Linux - name: compute role: compute count: 1 vmSize: Standard_D2s_v3 subnetCidr: 10.0.0.0/24 osType: Linux
Read more about how to work with our CI system here.
For any infrastructure-related issues, make sure to contact the Developer Productivity team who is responsible for managing the OpenShift CI Infrastructure at #forum-testplatform in Slack.