ibm-cloud / terraform-ibm-openshift Goto Github PK

View Code? Open in Web Editor NEW

15.0 17.0 41.0 875 KB

Provision IBM Cloud infrastructure with Terraform, and install Red Hat® OpenShift Container Platform 3.

HCL 84.66% Makefile 3.97% Shell 6.31% Smarty 5.06%

terraform-ibm-openshift's Introduction

terraform-ibm-openshift

Use this project to set up Red Hat® OpenShift Container Platform 3.11 on IBM Cloud, using Terraform.

Overview

Deployment of 'OpenShift Container Platform on IBM Cloud' is divided into separate steps.

Step 1: Provision the infrastructure on IBM Cloud
Use Terraform to provision the compute, storage, network, load balancers & IAM resources on IBM Cloud Infrastructure
Step 2: Deploy OpenShift Container Platform on IBM Cloud
Install OpenShift Container Platform which is done using the Ansible playbooks - available in the https://github.com/openshift/openshift-ansible project. During this phase the router and registry are deployed.
Step 3: Post deployment activities
Validate the deployment

The following figure illustrates the deployment architecture for the 'OpenShift Container Platform on IBM Cloud'.

Prerequisite

Docker image for the Terraform & IBM Cloud Provider
IBM Cloud account (used to provision resources on IBM Cloud Infrastructure or SoftLayer)
RedHat Account with openshift subscription.

Steps to bringup the docker container with IBMCloud Terraform Provider

Get the latest ibmcloud terraform provider image using the following command:

# Pull the docker image
$ docker pull ibmterraform/terraform-provider-ibm-docker

Bring up the container using the docker image using the following command:

# Run the container
$ docker run -it ibmterraform/terraform-provider-ibm-docker:latest

Steps to execute inside the docker container

1. Setup the IBM Terraform Openshift Project

Install ssh package

  # Install ssh package
  $ apk add --no-cache openssh

Clone the repo IBM Terraform Openshift

  # Clone the repo
  $ git clone https://github.com/IBM-Cloud/terraform-ibm-openshift.git
  $ cd terraform-ibm-openshift/

Generate the private and public key pair which is required to provision the virtual machines in softlayer.(Put the private key inside ~/.ssh/id_rsa).Follow the instruction here to generate ssh key pair

2. Provision the IBM Cloud Infrastructure for Red Hat® OpenShift

Update variables.tf file

Provision the infrastructure using the following command

 $ make rhn_username=<rhn_username> rhn_password=<rhn_password> infrastructure

Please provide softlayer username , password and ssh public key to proceed.

In this version, the following infrastructure elements are provisioned for OpenShift (as illustrated in the picture)

Bastion node
Master node
Infra node
App node
Storage node (if enabled for glusterfs configuration)
Security groups for these nodes

On successful completion, you will see the following message

...

Apply complete! Resources: 63 added, 0 changed, 0 destroyed.

3. Setup Red Hat® Repositories and images

Install the repos and images by running :

  $ make rhn_username=<rhn_username> rhn_password=<rhn_password> pool_id=<pool_id> rhnregister

This step includes the following:

4. Deploy OpenShift Container Platform on IBM Cloud Infrastructure

To install OpenShift on the cluster, just run:

 $ make openshift

This step includes the following:

Prepare the Master, Infra and App nodes before installing OpenShift
Finally, install OpenShift Container Platform v3.

using installation procedure described here.

Once the setup is complete, just run:

 $ open https://$(terraform output master_public_ip):8443/console

Note: Add IP and Host Entry in /etc/hosts

This figure illustrates the 'Red Hat Openshift Console'

To open a browser to admin console, use the following credentials to login:

 Username: admin
 Password: test123

Work with OpenShift

Login to the master node
```
 $ ssh -t -A root@$(terraform output master_public_ip)
```
Default project is in use and the core infrastructure components (router etc) are available.
Login to openshift client by running
```
  $ oc login https://$(terraform output master_public_ip):8443
```
Provide username as admin and password as test123 to login to the openshift client.
Create new project
```
 $ oc new-project test
```

Deploy the app

 $ oc new-app --name=nginx --docker-image=bitnami/nginx

Expose the service
```
 $ oc expose svc/nginx
```

Edit the service to use nodePort by changing type as NodePort

 $ oc edit svc/nginx

Access the deployed application at

 $ oc get routes

{HOST/PORT} get the value from above command
Access the deployed application at http${HOST/PORT}

Optional Commands

Run make nodeprivate to block all incoming traffic on public interface, to the infra nodes and app nodes

Run make nodepublic to allow all incoming traffic on public interface, to the infra nodes and app nodes

Destroy the OpenShift cluster

Bring down the openshift cluster by running following

 $ make destroy

Troubleshooting

[Work in Progress]

References

https://github.com/dwmkerr/terraform-aws-openshift - Inspiration for this project
https://github.com/ibm-cloud/terraform-provider-ibm - Terraform Provider for IBM Cloud
Deploying OpenShift Container Platform 3.11
To create more users and provide admin privilege
Accessing openshift registry
Refer Openshift Router

terraform-ibm-openshift's People

Contributors

Stargazers

Watchers

terraform-ibm-openshift's Issues

Install cockpit-ws time-out

During the "make openshift" last step to install OpenShift 3.11 on IBM Cloud with Terraform, I got a timeout after 10 minutes trying to install cockpit-ws with the following message : * module.openshift.null_resource.deploy_cluster: error executing "/tmp/terraform_944468402.sh": wait: remote command exited without exit status or exit signal. So then I tried to install cockpit-ws myself on the master node and re-launched the "make openshift" without success (same error). Find attached the stdout that I got. Any idea to solve that issue ?
make openshift.txt
Regards.

Upgrade the architecture to use gateway and loadbalancer.

Use the reference deployment model (as described in the https://github.com/IBMTerraform/terraform-ibm-openshift/blob/master/docs/01-Provision-Infra.md) for deploying openshift.

Add support for OpenShift 3.9

Currently, installation supports openshift v3.6. We need to add support for version 3.9

Terrform script to deploy OCP 3.11

Currently these scripts deploy Openshift container platform 3.10. Do you have the updated version of it to deploy 3.11 instead? If not, will the update to inventory.cfg be sufficient to deploy 3.11 or we need more changes? Alternatively, is there a terraform script to upgrade from 3.10 to 3.11?

iSCSI disks used at all?

Hi,
This gave me a great starting point for building out OpenShift cluster on SoftLayer, and I got the stuff mostly working for my purpose, but I can't seem to figure out how (or if at all) the iSCSI storages that are provisioned and authorized for hosts (ie. master, infra, app) are used at all. Are they used? If yes, great, can I have some pointers as to how I can "see" it used? Or, is a "fix" coming soon to mount/use them as originally intended?

thanks, - Hiro

Support for install on OCP 4.2

Any plan to update this repo to support OpenShift 4.2 and VPC Infrastructure?

make Openshift fails - TASK [openshift_node : Create credentials for registry auth]

Hi, I'm getting this error:
fatal: [ETH-OCP-52b7657653-app-0.IBM-OpenShift.cloud]: FAILED! => {"attempts": 3, "changed": false, "msg": "timeout: failed to run command ‘skopeo’: No such file or directory\n", "state": "unknown"}
module.openshift.null_resource.deploy_cluster (remote-exec): fatal: [ETH-OCP-52b7657653-infra-0.IBM-OpenShift.cloud]: FAILED! => {"attempts": 3, "changed": false, "msg": "timeout: failed to run command ‘skopeo’: No such file or directory\n", "state": "unknown"}
module.openshift.null_resource.deploy_cluster (remote-exec): fatal: [ETH-OCP-52b7657653-master-0.IBM-OpenShift.cloud]: FAILED! => {"attempts": 3, "changed": false, "msg": "timeout: failed to run command ‘skopeo’: No such file or directory\n", "state": "unknown"}
module.openshift.null_resource.deploy_cluster (remote-exec): to retry, use: --limit @/usr/share/ansible/openshift-ansible/playbooks/deploy_cluster.retry

any tips ?

Failing during 'make openshift' stage of install

I get the following error during make openshift. It appears that the /usr/share/ansible directory on the bastion is not getting populated with the openshift-ansible directory or the associated playbooks.

# Install openshift
scp -o StrictHostKeyChecking=no ./templates/inventory.cfg root@$(terraform output bastion_public_ip):/root/
[email protected]'s password: 
inventory.cfg                                                                                                                 100% 2428    14.0KB/s   00:00    
ssh -o TCPKeepAlive=yes -o ServerAliveInterval=50 -o StrictHostKeyChecking=no root@$(terraform output bastion_public_ip) 'ansible-playbook -i /root/inventory.cfg /usr/share/ansible/openshift-ansible/playbooks/prerequisites.yml'
[email protected]'s password: 
ERROR! the playbook: /usr/share/ansible/openshift-ansible/playbooks/prerequisites.yml could not be found
make: *** [openshift] Error 1

[Question] Master node in public VLAN

Hi,

I was wondering why the implemented architecture places the master node in a public VLAN and not in a private VLAN only (as is the case with the app and infra nodes)? Are there specific reasons to do so?

Best regards,
Bart

Error when trying to provision OpenShift in IBM Cloud

I've opened this issue as directed by @Nadine2016. Please refer to the Issue I reported in the another github repository: https://github.com/IBM-Bluemix-Docs/terraform/issues/5#issuecomment-460704601

I'm trying to provision a new OpenShift environment on IBM Cloud infrastructure using the tutorial that may be found at https://github.com/IBM-Bluemix-Docs/terraform/blob/master/tutorials/install_redhat_openshift.md

I receive the following errors when I run the make infrastructure command:
Error: Error running plan: 6 error(s) occurred:

module.bastion.output.bastion_domain: Resource 'ibm_compute_vm_instance.bastion' not found for variable 'ibm_compute_vm_instance.bastion.domain'
module.bastion.output.bastion_hostname: Resource 'ibm_compute_vm_instance.bastion' not found for variable 'ibm_compute_vm_instance.bastion.hostname'
module.infranode.output.infra_subnet_id: Resource 'ibm_compute_vm_instance.infranode' not found for variable 'ibm_compute_vm_instance.infranode.0.private_subnet_id'
module.appnode.output.app_subnet_id: Resource 'ibm_compute_vm_instance.appnode' not found for variable 'ibm_compute_vm_instance.appnode.0.private_subnet_id'
module.bastion.output.bastion_private_ip: Resource 'ibm_compute_vm_instance.bastion' not found for variable 'ibm_compute_vm_instance.bastion.ipv4_address_private'
module.bastion.output.bastion_ip_address: Resource 'ibm_compute_vm_instance.bastion' not found for variable 'ibm_compute_vm_instance.bastion.ipv4_address'

make: *** [makefile:3: infrastructure] Error 1
Attached is a screen shot of the errors.

A copy of the variables.tf file is included as well.

variables.tf.txt

@Nadine2016 had asked for the console messages that were displayed when the error occured. Here is a copy of the messages:
TutorialErrors.txt

@Nadine2016 had also asked for the cluster id. I'm not sure what she is referencing. The IBM Cloud servers that I'm trying to provision?