Red Hat SummitOpenShift can be installed on multiple platforms and offer the openshift-install installer to help to create all the resources necessary to deploy a successful cluster installation. We use the openshift-install to create the resources for a UPI installation: manifests and ignition files. When we create a UPI cluster. There are some extra steps to do, and some of them require a manual process to type commands or copy information according the documentation.
The follow procedure is intended to simplify the manual process to install a UPI cluster to avoid human errors
Download the Terraform and other scripts from github.
OpenShift terraform UPI OCP >= 4.6
The follow procedure assume you have installed terraform and you have an install-config.yaml
The repository contains a bash script, install.sh, to generate the ignition files required by the openshift-install, or you can generate it on your own and copy it to the web server /var/www/html. Terraform expect read ithe ignition files from there.
Requirements
- OCP >= 4.6
- Understanding of the syntax of the openshift-install.yaml
- install-config.yaml with the OpenShift configurations and vcenter configurations
- Web server (httpd) to serve the ignition files
- Terraform
- Internet connection
- DNS configured
- Loadbalacner configured (haproxy or other)
Modify the template of the install-config.yaml
You can use the intall-config.yaml and change any configuration required.
Adapt the bash script changing the values of your pullsecret and SSH key
#!/bin/bash
set -xe
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
rm -fr deployment
mkdir deployment
cp install-config.yaml deployment/
PULL_SECRET=$(cat ../.pull-secret | tr -d '\n\r\t ')
sed -i "s/PULL_SECRET/${PULL_SECRET}/" deployment/install-config.yaml
SSH_KEY=$(cat ~/.ssh/id_rsa.pub | tr -d '\n\r\t' | sed -r 's/\//\\\//g')
sed -i "s/SSH_KEY/${SSH_KEY}/" deployment/install-config.yaml
openshift-install create manifests --dir=deployment
sed -i 's/true/false/g' deployment/manifests/cluster-scheduler-02-config.yml
rm -f deployment/openshift/99_openshift-cluster-api_master-machines-*.yaml deployment/openshift/99_openshift-cluster-api_worker-machineset-*.yaml
openshift-install create ignition-configs --dir=deployment
sudo cp -f deployment/*.ign /var/www/html/
sudo chmod 755 /var/www/html/*
sudo chcon -R -t httpd_sys_content_t /var/www/html
sudo restorecon -R -v /var/www/html
export KUBECONFIG="${DIR}/deployment/auth/kubeconfig"
Terraform
Change the Terraform directory.
The directory vars contain the file common.tfvars. This file you can provide the vcenter configuration, and the node values for CPU, memory and networking values. The variable file contains a dictionary with the nested values of your VMs. You can add many workers, infrastructure and other kind of nodes. The ip list (array) must be the same length as the hostname value. The example shows 3 workers, but there can be 2 or 4 or more in the same infrastructure. The example shows the sotorage.ip and storage.hostname empty. This is made when you run the plan in one step, the storage VMs skip the loop.
## NODE INFORMATIOM
node_configs = {
bootstrap = {
ip = "192.168.0.30"
hostname = "bootstrap"
cpu = 4
memory = 16384
disk = 120
}
master = {
ip = ["192.168.0.31", "192.168.0.32", "192.168.0.33"]
hostname = ["master01", "master02", "master03"]
cpu = 4
memory = 16384
disk = 120
}
worker = {
ip = ["192.168.0.34", "192.168.0.35", "192.168.0.36"]
hostname = ["worker01", "worker02", "worker03"]
cpu = 8
memory = 16384
disk = 120
}
infra = {
ip = ["192.168.0.37", "192.168.0.38", "192.168.0.39"]
hostname = ["infra01", "infra02", "infra03"]
cpu = 4
memory = 16384
disk = 120
}
storage = {
ip = []
hostname = []
cpu = 4
memory = 16384
disk = 120
}
}
Deploy the VMs
The Terraform directory contain 3 bash scripts: plan, apply, destroy. You can use to deploy the infrastructure in one step.
$ ./plan
Will execute the plan you can visualize the resources to be created.
$ ./apply
Will deploy the cluster.
$ ./destroy
Will delete all the VM, and folders created by terraform. It won't destroy none of the volumes, CSI volumes created by the cluster. just the original VMs, disks and folders
To destroy the bootstrap once the process is finish see the section Destroy the bootstrap node after the API is finish
Deploy in many steps
If you want to deploy partially the cluster you can add the -target flag with plan and destroy
$ ./plan -target=module.bootstrap
Initializing modules...
Initializing the backend...
Initializing provider plugins...
- Reusing previous version of hashicorp/template from the dependency lock file
.
.
.
Plan: 2 to add, 0 to change, 0 to destroy.
╷
│ Warning: Resource targeting is in effect
│
Will create only the bootstrap node.
$ ./plan -target=module.master
Will create only the master nodes.
$ ./plan -target=module.worker
Will create only the worker nodes.
$ ./plan -target=module.infra
Will create only the infra nodes.
$ ./plan -target=module.storage
Will create only the storage nodes.
After run the plan with the tag is just needed to apply to deploy the -target plan.
$ ./apply
Initializing modules...
Initializing the backend...
Initializing provider plugins...
- Reusing previous version of hashicorp/vsphere from the dependency lock file
- Reusing previous version of hashicorp/template from the dependency lock file
- Using previously-installed hashicorp/vsphere v2.2.0
- Using previously-installed hashicorp/template v2.2.0
.
.
.
vsphere_folder.cluster: Creating...
vsphere_folder.cluster: Creation complete after 1s [id=group-v4044]
.
.
.
module.bootstrap.vsphere_virtual_machine.openshift: Still creating... [40s elapsed]
│ Warning: Applied changes may be incomplete
│
│ The plan was created with the -target option in effect, so some changes requested in the
│ configuration may have been ignored and the output values may not be fully updated. Run the
│ following command to verify that no other changes are pending:
│ terraform plan
│
│ Note that the -target option is not suitable for routine use, and is provided only for exceptional
│ situations such as recovering from errors or mistakes, or when Terraform specifically suggests to
│ use it as part of an error message.
╵
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
Once we deploy the VMs with Terraform we can follow the installation.
Don't forget to approve the certificates
oc get csr -o go-template='{{range .items}}{{if not .status}}{{.metadata.name}}{{"\n"}}{{end}}{{end}}' | xargs --no-run-if-empty oc adm certificate approve
Destroy the bootstrap node after the API is finish
Use destroy script with the -target=module.bootstrap to destroy the bootstrap node when the openshift-install show is safe to delete.
./destroy -target=module.bootstrap
data.vsphere_datacenter.dc: Reading...
data.vsphere_datacenter.dc: Read complete after 0s [id=datacenter-3]
.
.
.
Plan: 0 to add, 0 to change, 1 to destroy.
╷
│ Warning: Resource targeting is in effect
│
│ You are creating a plan with the -target option, which means that the result of this plan may not
│ represent all of the changes requested by the current configuration.
│
│ The -target option is not for routine use, and is provided only for exceptional situations such as
│ recovering from errors or mistakes, or when Terraform specifically suggests to use it as part of an
│ error message.
╵
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value:
Type yes and the bootstrap will be deleted
Terraform structure
.
├── apply
├── destroy
├── main.tf
├── modules
│ ├── bootstrap
│ │ ├── main.tf
│ │ ├── outputs.tf
│ │ ├── templates
│ │ │ └── merge-bootstrap.tpl
│ │ └── vars.tf
│ ├── nodes
│ │ ├── main.tf
│ │ ├── outputs.tf
│ │ └── vars.tf
│ ├── nodes-master
│ │ ├── main.tf
│ │ ├── outputs.tf
│ │ └── vars.tf
│ └── nodes-storage
│ ├── main.tf
│ ├── outputs.tf
│ └── vars.tf
├── plan
└── vars
└── common.tfvars
저자 소개
채널별 검색
오토메이션
기술, 팀, 인프라를 위한 IT 자동화 최신 동향
인공지능
고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트
오픈 하이브리드 클라우드
하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요
보안
환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보
엣지 컴퓨팅
엣지에서의 운영을 단순화하는 플랫폼 업데이트
인프라
세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보
애플리케이션
복잡한 애플리케이션에 대한 솔루션 더 보기
오리지널 쇼
엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리
제품
- Red Hat Enterprise Linux
- Red Hat OpenShift Enterprise
- Red Hat Ansible Automation Platform
- 클라우드 서비스
- 모든 제품 보기
툴
체험, 구매 & 영업
커뮤니케이션
Red Hat 소개
Red Hat은 Linux, 클라우드, 컨테이너, 쿠버네티스 등을 포함한 글로벌 엔터프라이즈 오픈소스 솔루션 공급업체입니다. Red Hat은 코어 데이터센터에서 네트워크 엣지에 이르기까지 다양한 플랫폼과 환경에서 기업의 업무 편의성을 높여 주는 강화된 기능의 솔루션을 제공합니다.