Add OpenShift deployment documentation

This commit adds documentation on how to install OpenShift
using TripleO and openshift-ansible.

Change-Id: Ia69bdfe7fed606bbd94692737486fa24dde32eeb
Co-Authored-By: Martin Lopes <mlopes@redhat.com>
Co-Authored-By: Martin André <m.andre@redhat.com>
Co-Authored-By: Edu Alcaniz <ealcaniz@redhat.com>
This commit is contained in:
Mike Fedosin 2019-01-21 10:36:15 +01:00 committed by Martin André
parent 786dc8cd86
commit ce33cee964
3 changed files with 448 additions and 1 deletions

View File

@ -0,0 +1,444 @@
Deploying OpenShift
===================
You can use TripleO to deploy OpenShift clusters onto baremetal nodes.
TripleO deploys the operating system onto the nodes and uses
`openshift-ansible` to then configure OpenShift. TripleO can also be used
to manage the baremetal nodes.
Define the OpenShift roles
**************************
TripleO installs OpenShift services using composable roles for
`OpenShiftMaster`, `OpenShiftWorker`, and `OpenShiftInfra`. When you import
a baremetal node using `instackenv.json`, you can tag it to use a certain
composable role. See :doc:`custom_roles` for more information.
1. Generate the OpenShift roles:
.. code-block:: bash
openstack overcloud roles generate -o /home/stack/openshift_roles_data.yaml \
OpenShiftMaster OpenShiftWorker OpenShiftInfra
2. View the OpenShift roles:
.. code-block:: bash
openstack overcloud role list
The result should include entries for `OpenShiftMaster`, `OpenShiftWorker`, and
`OpenShiftInfra`.
3. See more information on the `OpenShiftMaster` role:
.. code-block:: bash
openstack overcloud role show OpenShiftMaster
.. note::
For development or PoC environments that are more resource-constrained, it is
possible to use the `OpenShiftAllInOne` role to collocate the different
OpenShift services on the same node. The all-in-one role is not recommended
for production.
Create the OpenShift profiles
*****************************
This procedure describes how to enroll a physical node as an OpenShift node.
1. Create a flavor for each OpenShift role. You will need to adjust this
values to suit your requirements:
.. code-block:: bash
openstack flavor create --id auto --ram 4096 --disk 40 --vcpus 1 --swap 500 m1.OpenShiftMaster
openstack flavor create --id auto --ram 4096 --disk 40 --vcpus 1 --swap 500 m1.OpenShiftWorker
openstack flavor create --id auto --ram 4096 --disk 40 --vcpus 1 --swap 500 m1.OpenShiftInfra
2. Map the flavors to the required profile:
.. code-block:: bash
openstack flavor set --property "capabilities:profile"="OpenShiftMaster" \
--property "capabilities:boot_option"="local" m1.OpenShiftMaster
openstack flavor set --property "capabilities:profile"="OpenShiftWorker" \
--property "capabilities:boot_option"="local" m1.OpenShiftWorker
openstack flavor set --property "capabilities:profile"="OpenShiftInfra" \
--property "capabilities:boot_option"="local" m1.OpenShiftInfra
3. Add your nodes to `instackenv.json`. You will need to define them to use the
`capabilities` field. For example:
.. code-block:: json
[{
"arch":"x86_64",
"cpu":"4",
"disk":"60",
"mac":[
"00:0c:29:9f:5f:05"
],
"memory":"16384",
"pm_type":"ipmi",
"capabilities":"profile:OpenShiftMaster",
"name": "OpenShiftMaster_1"
},
{
"arch":"x86_64",
"cpu":"4",
"disk":"60",
"mac":[
"00:0c:29:91:b9:2d"
],
"memory":"16384",
"pm_type":"ipmi",
"capabilities":"profile:OpenShiftWorker",
"name": "OpenShiftWorker_1"
},
{
"arch":"x86_64",
"cpu":"4",
"disk":"60",
"mac":[
"00:0c:29:91:b9:6a"
],
"memory":"16384",
"pm_type":"ipmi",
"capabilities":"profile:OpenShiftInfra",
"name": "OpenShiftInfra_1"
}]
4. Import and introspect the TripleO nodes as you :ref:`normally would <node-registration>` for your
deployment. For example:
.. code-block:: bash
openstack overcloud node import ~/instackenv.json
openstack overcloud node introspect --all-manageable --provide
5. Verify the overcloud nodes have assigned the correct profile
.. code-block:: bash
openstack overcloud profiles list
+--------------------------------------+--------------------+-----------------+-----------------+-------------------+
| Node UUID | Node Name | Provision State | Current Profile | Possible Profiles |
+--------------------------------------+--------------------+-----------------+-----------------+-------------------+
| 72b2b1fc-6ba4-4779-aac8-cc47f126424d | openshift-worker01 | available | OpenShiftWorker | |
| d64dc690-a84d-42dd-a88d-2c588d2ee67f | openshift-worker02 | available | OpenShiftWorker | |
| 74d2fd8b-a336-40bb-97a1-adda531286d9 | openshift-worker03 | available | OpenShiftWorker | |
| 0eb17ec6-4e5d-4776-a080-ca2fdcd38e37 | openshift-infra02 | available | OpenShiftInfra | |
| 92603094-ba7c-4294-a6ac-81f8271ce83e | openshift-infra03 | available | OpenShiftInfra | |
| b925469f-72ec-45fb-a403-b7debfcf59d3 | openshift-master01 | available | OpenShiftMaster | |
| 7e9e80f4-ad65-46e1-b6b4-4cbfa2eb7ea7 | openshift-master02 | available | OpenShiftMaster | |
| c2bcdd3f-38c3-491b-b971-134cab9c4171 | openshift-master03 | available | OpenShiftMaster | |
| ece0ef2f-6cc8-4912-bc00-ffb3561e0e00 | openshift-infra01 | available | OpenShiftInfra | |
| d3a17110-88cf-4930-ad9a-2b955477aa6c | openshift-custom01 | available | None | |
| 07041e7f-a101-4edb-bae1-06d9964fc215 | openshift-custom02 | available | None | |
+--------------------------------------+--------------------+-----------------+-----------------+-------------------+
Configure the container registry
********************************
Follow :doc:`container_image_prepare` to configure TripleO for the container
image preparatio.
This generally means generating a `/home/stack/containers-prepare-parameter.yaml` file:
.. code-block:: bash
openstack tripleo container image prepare default \
--local-push-destination \
--output-env-file containers-prepare-parameter.yaml
Define the OpenShift environment
********************************
Create the `openshift_env.yaml` file. This file will define the
OpenShift-related settings that TripleO will later apply as part of the
`openstack overcloud deploy` procedure. You will need to update these values
to suit your deployment:
.. code-block:: yaml
Parameter_defaults:
# by default TripleO assigns the VIP random from the allocation pool
# by using the FixedIPs we can set the VIPs to predictable IPs before starting the deployment
CloudName: public.openshift.localdomain
PublicVirtualFixedIPs: [{'ip_address':'10.0.0.200'}]
CloudNameInternal: internal.openshift.localdomain
InternalApiVirtualFixedIPs: [{'ip_address':'172.17.1.200'}]
CloudDomain: openshift.localdomain
## Required for CNS deployments only
OpenShiftInfraParameters:
OpenShiftGlusterDisks:
- /dev/sdb
## Required for CNS deployments only
OpenShiftWorkerParameters:
OpenShiftGlusterDisks:
- /dev/sdb
- /dev/sdc
ControlPlaneDefaultRoute: 192.168.24.1
EC2MetadataIp: 192.168.24.1
ControlPlaneSubnetCidr: 24
# The DNS server below should have entries for resolving
# {internal,public,apps}.openshift.localdomain names
DnsServers:
- 10.0.0.90
OpenShiftGlobalVariables:
openshift_master_identity_providers:
- name: 'htpasswd_auth'
login: 'true'
challenge: 'true'
kind: 'HTPasswdPasswordIdentityProvider'
openshift_master_htpasswd_users:
sysadmin: '$apr1$jpBOUqeU$X4jUsMyCHOOp8TFYtPq0v1'
#openshift_master_cluster_hostname should match the CloudNameInternal parameter
openshift_master_cluster_hostname: internal.openshift.localdomain
#openshift_master_cluster_public_hostname should match the CloudName parameter
openshift_master_cluster_public_hostname: public.openshift.localdomain
openshift_master_default_subdomain: apps.openshift.localdomain
For custom networks or customer interfaces, it is necessary to use custom
network interface templates:
.. code-block:: yaml
resource_registry:
OS::TripleO::OpenShiftMaster::Net::SoftwareConfig: /home/stack/master-nic.yaml
OS::TripleO::OpenShiftWorker::Net::SoftwareConfig: /home/stack/worker-nic.yaml
OS::TripleO::OpenShiftInfra::Net::SoftwareConfig: /home/stack/infra-nic.yaml
Deploy OpenShift nodes
**********************
As a result of the previous steps, you will have three new YAML files:
* `openshift_env.yaml`
* `openshift_roles_data.yaml`
* `containers-default-parameters.yaml`
For a custom network deployments, maybe it is necessary NICs and network
templates like:
* `master-nic.yaml`
* `infra-nic.yaml`
* `worker-nic.yaml`
* `network_data_openshift.yaml`
Add these YAML files to your `openstack overcloud deploy` command.
An example for CNS deployments:
.. code-block:: bash
openstack overcloud deploy \
--stack openshift \
--templates \
-r /home/stack/openshift_roles_data.yaml \
-n /usr/share/openstack-tripleo-heat-templates/network_data_openshift.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/network-isolation.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/openshift.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/openshift-cns.yaml \
-e /home/stack/openshift_env.yaml \
-e /home/stack/containers-prepare-parameter.yaml
An example for non-CNS deployments:
.. code-block:: bash
openstack overcloud deploy \
--stack openshift \
--templates \
-r /home/stack/openshift_roles_data.yaml \
-n /usr/share/openstack-tripleo-heat-templates/network_data_openshift.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/network-isolation.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/openshift.yaml \
-e /home/stack/openshift_env.yaml \
-e /home/stack/containers-prepare-parameter.yaml
Deployment for custom networks or interfaces, it is necessary to specify them.
For example:
.. code-block:: bash
openstack overcloud deploy \
--stack openshift \
--templates \
-r /home/stack/openshift_roles_data.yaml \
-n /home/stack/network_data_openshift.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/network-isolation.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/openshift.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/openshift-cns.yaml \
-e /home/stack/openshift_env.yaml \
-e /home/stack/containers-prepare-parameter.yaml \
-e /home/stack/custom-nics.yaml
Review the OpenShift deployment
*******************************
Once the overcloud deploy procedure has completed, you can review the state
of your OpenShift nodes.
1. List all your baremetal nodes. You should expect to see your master, infra,
and worker nodes.
.. code-block:: bash
openstack baremetal node list
2. Locate the OpenShift node:
.. code-block:: bash
openstack server list
3. SSH to the OpenShift node. For example:
.. code-block:: bash
ssh heat-admin@192.168.122.43
4. Change to root user:
.. code-block:: bash
sudo -i
5. Review the container orchestration configuration:
.. code-block:: bash
cat .kube/config
6. Login to OpenShift:
.. code-block:: bash
oc login -u admin
7. Review any existing projects:
.. code-block:: bash
oc get projects
8. Review the OpenShift status:
.. code-block:: bash
oc status
9. Logout from OpenShift:
.. code-block:: bash
oc logout
Deploy a test app using OpenShift
*********************************
This procedure describes how to create a test application in your new
OpenShift deployment.
1. Login as a developer:
.. code-block:: bash
$ oc login -u developer
Logged into "https://192.168.64.3:8443" as "developer" using existing credentials.
You have one project on this server: "myproject"
Using project "myproject".
2. Create a new project:
.. code-block:: bash
$ oc new-project test-project
Now using project "test-project" on server "https://192.168.64.3:8443".
You can add applications to this project with the 'new-app' command.
For example, to build a new example application in Ruby try:
.. code-block:: bash
$ oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-ex.git
3. Create a new app. This example creates a CakePHP application:
.. code-block:: bash
$ oc new-app https://github.com/sclorg/cakephp-ex
--> Found image 9dd8c80 (29 hours old) in image stream "openshift/php" under tag "7.1" for "php"
Apache 2.4 with PHP 7.1
-----------------------
PHP 7.1 available as container is a base platform for building and running various PHP 7.1 applications and frameworks. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.
Tags: builder, php, php71, rh-php71
* The source repository appears to match: php
* A source build using source code from https://github.com/sclorg/cakephp-ex will be created
* The resulting image will be pushed to image stream "cakephp-ex:latest"
* Use 'start-build' to trigger a new build
* This image will be deployed in deployment config "cakephp-ex"
* Ports 8080/tcp, 8443/tcp will be load balanced by service "cakephp-ex"
* Other containers can access this service through the hostname "cakephp-ex"
--> Creating resources ...
imagestream "cakephp-ex" created
buildconfig "cakephp-ex" created
deploymentconfig "cakephp-ex" created
service "cakephp-ex" created
--> Success
Build scheduled, use 'oc logs -f bc/cakephp-ex' to track its progress.
Application is not exposed. You can expose services to the outside world by executing one or more of the commands below:
'oc expose svc/cakephp-ex'
Run 'oc status' to view your app.
4. Review the new app:
.. code-block:: bash
$ oc status --suggest
In project test-project on server https://192.168.64.3:8443
svc/cakephp-ex - 172.30.171.214 ports 8080, 8443
dc/cakephp-ex deploys istag/cakephp-ex:latest <-
bc/cakephp-ex source builds https://github.com/sclorg/cakephp-ex on openshift/php:7.1
build #1 running for 52 seconds - e0f0247: Merge pull request #105 from jeffdyoung/ppc64le (Honza Horak <hhorak@redhat.com>)
deployment #1 waiting on image or update
Info:
* dc/cakephp-ex has no readiness probe to verify pods are ready to accept traffic or ensure deployment is successful.
try: oc set probe dc/cakephp-ex --readiness ...
* dc/cakephp-ex has no liveness probe to verify pods are still running.
try: oc set probe dc/cakephp-ex --liveness ...
View details with 'oc describe <resource>/<name>' or list everything with 'oc get all'.
5. Review the pods:
.. code-block:: bash
$ oc get pods
NAME READY STATUS RESTARTS AGE
cakephp-ex-1-build 1/1 Running 0 1m
6. Logout from OpenShift:
.. code-block:: bash
$ oc logout

View File

@ -32,3 +32,4 @@ Documentation on how to enable and configure various features available in
designate
multiple_overclouds
tuned
deploy_openshift

View File

@ -264,7 +264,7 @@ Load the images into the containerized undercloud Glance::
To upload a single image, see :doc:`../post_deployment/upload_single_image`.
If working with multiple atchitectures and/or plaforms with an architecure these
If working with multiple architectures and/or plaforms with an architecure these
attributes can be specified at upload time as in::
openstack overcloud image upload
@ -287,6 +287,8 @@ attributes can be specified at upload time as in::
This will create 3 sets of images with in the undercloud image service for later
use in deployment, see :doc:`../environments/baremetal`
.. _node-registration:
Register Nodes
--------------