In this chapter, we will learn about the OpenShift Environment Setup
System Requirement
In order to set up enterprise OpenShift, one needs to have an active Red Hat account. As OpenShift works on Kubernetes master and node architecture, we need to set up both of them on separate machines, wherein one machine acts as a master and the other works on the node. In order to set up both, there are minimum system requirements.
Master Machine Configuration
Following are the minimum system requirements for master machine configuration.
- A base machine hosted either on physical, virtual, or on any of the cloud environment.
- At least Linux 7 with the required packages on that instance.
- 2 CPU core.
- At least 8 GB RAM.
- 30 GB of internal hard disk memory.
Node Machine Configuration
- Physical or virtual base image as given for the master machine.
- At least Linux 7 on the machine.
- Docker installed with not below than 1.6 version.
- 1 CPU core.
- 8 GB RAM.
- 15 GB hard disk for hosting images and 15 GB for storing images.
Step by Step Guide to OpenShift Environment Setup
In the following description, we are going to set up an OpenShift lab environment, which can be later extended to a bigger cluster. As OpenShift requires to master and node setup, we would need at least two machines hosted on either cloud, physical, or virtual machines.
OpenShift Environment Steps –
Step 1 − First install Linux on both the machines, where Linux 7 should be the last version. This can be done using the following commands if one has an active Red Hat subscription.
# subscription-manager repos --disable = "*"
# subscription-manager repos --enable = "rhel-7-server-rpms"
# subscription-manager repos --enable = "rhel-7-server-extras-rpms"
# subscription-manager repos --enable = "rhel-7-server-optional-rpms"
# subscription-manager repos --enable = "rhel-7-server-ose-3.0-rpms"
# yum install wget git net-tools bind-utils iptables-services bridge-utils
# yum install wget git net-tools bind-utils iptables-services bridge-utils
# yum install python-virtualenv
# yum install gcc
# yum install httpd-tools
# yum install docker
# yum update
Once we have all the above base packages installed in both of the machines, the next step would be to set up Docker on the respective machines.
Step 2 − Configure Docker so that it should allow insecure communication on the local network only. For this, edit the Docker file inside /etc/sys config. If the file is not present then you need to create it manually.
# vi /etc/sysconfig/docker OPTIONS = --selinux-enabled --insecure-registry 192.168.122.0/24
After configuring the Docker on the master machine, we need to set up password-less communication between both machines. For this, we will use public and private key authentication.
Step 3 − Generate keys on the master machine and then copy the id_rsa.pub key to the authorized key file of the node machine, which can be done using the following command.
# ssh-keygen
# ssh-copy-id -i .ssh/id_rsa.pub root@ose3-node.test.com
Once you have all of the above setups in place, the next is to set up OpenShift version 3 on the master machine.
Step 4 − From the master machine, run the following curl command.
# sh <(curl -s https://install.openshift.com/ose)
The above command will put the setup in place for OSV3. The next step would be to configure OpenShift V3 on the machine.
If you cannot download from the Internet directly, then it could be downloaded from https://install.openshift.com/portable/oo-install-ose.tgz as a tar package from which the installer can run on the local master machine.
Once we have the setup ready, then we need to start with the actual configuration of OSV3 on the machines. This setup is very specific to test the environment for actual production, we have LDAP and other things in place.
Step 5 − On the master machine, configure the following code located under /etc/openshift/master/master-config.yaml
# vi /etc/openshift/master/master-config.yaml identityProviders: - name: my_htpasswd_provider challenge: true login: true provider: apiVersion: v1 kind: HTPasswdPasswordIdentityProvider file: /root/users.htpasswd routingConfig: subdomain: testing.com
Next, create a standard user for default administration.
# htpasswd -c /root/users.htpasswd admin
Step 6 − As OpenShift uses the Docker registry for configuring images, we need to configure the Docker registry. This is used for creating and storing the Docker images after the build.
Create a directory on the OpenShift node machine using the following command.
# mkdir /images
Next, log in to the master machine using the default admin credentials, which get created while setting up the registry.
# oc login Username: system:admin
Switch to the default created project.
# oc project default
Step 7 − Create a Docker Registry.
#echo '{"kind":"ServiceAccount","apiVersion":"v1","metadata":{"name":"registry"}}' | oc create -f -
Edit the user privileges.
#oc edit scc privileged users: - system:serviceaccount:openshift-infra:build-controller - system:serviceaccount:default:registry
Create and edit the image registry.
#oadm registry --service-account = registry -- config = /etc/openshift/master/admin.kubeconfig -- credentials = /etc/openshift/master/openshift-registry.kubeconfig -- images = 'registry.access.redhat.com/openshift3/ose-${component}:${version}' -- mount-host = /images
Step 8 − Create a default routing.
By default, OpenShift uses OpenVswitch as a software network. Use the following command to create a default routing. This is used for load balancing and proxy routing. The router is similar to the Docker registry and also runs in a registry.
# echo '{"kind":"ServiceAccount","apiVersion":"v1","metadata":{"name":"router"}}' | oc create -f -
Next, edit the privileges of the user.
#oc edit scc privileged users: - system:serviceaccount:openshift-infra:build-controller - system:serviceaccount:default:registry - system:serviceaccount:default:router #oadm router router-1 --replicas = 1 -- credentials = '/etc/openshift/master/openshift-router.kubeconfig' -- images = 'registry.access.redhat.com/openshift3/ose-${component}:${version}'
Step 9 − Configure the DNS.
In order to handle URL requests, OpenShift needs a working DNS environment. This DNS configuration is required to create a wild card, which is required to create DNS wild card that points to a router.
# yum install bind-utils bind
# systemctl start named
# systemctl enable named
vi /etc/named.conf options {listen-on port 53 { 10.123.55.111; }; forwarders { 10.38.55.13; ; }; zone "lab.com" IN { type master; file "/var/named/dynamic/test.com.zone"; allow-update { none; }; };
Step 10 − The final step would be to set up a GitHub server on the OpenShift V3 master machine, which is optional. This can be done easily using the following sequence of commands.
#yum install curl openssh-server
#systemctl enable sshd
# systemctl start sshd
# firewall-cmd --permanent --add-service = http
# systemctl reload firewalld
#curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-
#yum install gitlab-ce
# gitlab-ctl reconfigure
Once the above setup is complete, you can verify by test and deploy applications, which we will know more about in the subsequent chapters.
Next Topic – Click Here
Pingback: OpenShift - Architecture - Adglob Infosystem Pvt Ltd