Configuration, Installation, and Use of Red Hat OpenStack Services on OpenShift
Access Your Lab Environment
During this lab you will be instructed to ssh to your hypervisor at IP address {bastion_public_hostname}.
Use username {bastion_ssh_user_name}
and password {bastion_ssh_password}
.
Once logged in the hypervisor you can access to the bastion at IP address 192.168.123.100
as root
using password redhat
.
If needed, you can navigate to the OpenShift console URL: {ocp_console_url}[{ocp_console_url}^] using user admin
and password {ocp_admin_password}
Prerequisites for Installation
Some prerequisites needed to install Red Hat OpenStack Services on OpenShift (RHOSO) are already included in the lab environment such as:
-
An operational OpenShift cluster which supports Multus CNI
-
oc command line tool on your workstation (bastion host)
-
k9s command line tool on your workstation (bastion host)
-
podman command line tool on your workstation (bastion host)
-
Access to repositories which contain the Dev Preview code
-
Access to an existing registry or create a local Quay registry
-
Example YAML files are available in this repository which can be cloned or copy and pasted for use. For ease of instructions it will be assumed the repo has been cloned
Install the Prerequisite Operators
There are three operators that are required to be installed before you can install the OpenStack Operator, the NMState Operator the MetalLB Operator and the Cert-Manager + Operator
Accessing the Cluster
From the hypervisor, log in to the bastion
sudo -i
ssh root@192.168.123.100
Password is redhat
.
[root@ocp4-bastion ~]
Make sure you can reach out to the OpenShift cluster, for instance, by listing the nodes in your cluster:
oc get nodes
NAME STATUS ROLES AGE VERSION ocp4-master1.aio.example.com Ready control-plane,master 26h v1.25.16+9946c63 ocp4-master2.aio.example.com Ready control-plane,master 26h v1.25.16+9946c63 ocp4-master3.aio.example.com Ready control-plane,master 26h v1.25.16+9946c63 ocp4-worker1.aio.example.com Ready worker 25h v1.25.16+9946c63 ocp4-worker2.aio.example.com Ready worker 25h v1.25.16+9946c63 ocp4-worker3.aio.example.com Ready worker 25h v1.25.16+9946c63
Install Argocd
Create the argocd Operator namespace:
cat << EOF | oc apply -f -
apiVersion: v1
kind: Namespace
metadata:
name: openshift-gitops-operator
labels:
pod-security.kubernetes.io/enforce: privileged
security.openshift.io/scc.podSecurityLabelSync: "false"
EOF
Create the OperatorGroup:
cat << EOF | oc apply -f -
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
generateName: openshift-gitops-operator-
name: openshift-gitops-operator-b8wcv
namespace: openshift-gitops-operator
spec:
upgradeStrategy: Default
EOF
Confirm the OperatorGroup is installed in the namespace:
oc get operatorgroup -n openshift-gitops-operator
Subscribe to the argocd Operator:
cat << EOF | oc apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
generation: 1
labels:
operators.coreos.com/openshift-gitops-operator.openshift-gitops-operator: ""
name: openshift-gitops-operator
namespace: openshift-gitops-operator
spec:
channel: latest
installPlanApproval: Automatic
name: openshift-gitops-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
startingCSV: openshift-gitops-operator.v1.12.0
EOF
Confirm that argocd operator is running. Execute the following command until you see the Phase Field is succeeded (Press Control+C to exit the command):
oc get clusterserviceversion -n openshift-gitops-operator -o custom-columns=Name:.metadata.name,Phase:.status.phase -w
Give the ServiceAccount for ArgoCD the ability to manage the cluster:
oc adm policy add-cluster-role-to-user cluster-admin -z openshift-gitops-argocd-application-controller -n openshift-gitops
Connecting to OpenShift Gitops OpenShift Gitops generates a default admin user, and a random password when first deployed.
Extract the password from the admin user Secret:
argoPass=$(oc get secret/openshift-gitops-cluster -n openshift-gitops -o jsonpath='{.data.admin\.password}' | base64 -d)
echo $argoPass
Get the Route for the OpenShift Gitops/OpenShift GitOps server:
argoURL=$(oc get route openshift-gitops-server -n openshift-gitops -o jsonpath='{.spec.host}{"\n"}')
echo $argoURL
Access the OpenShift Gitops console by logging in with the username admin and the password extracted in the previous step.
Fork the lab repo
Fork the github repo https://github.com/rh-osp-demo/showroom_osp-on-ocp-break-fix-using-gitops into your github personal space.
In the next chapter we will refer to this repo as the variable: $YOUR_REPO_URL
Example:
Replace $YOUR_REPO_URL by 'https://github.com/$your_github_id/showroom_osp-on-ocp.git'
Clone your your own forked repo in the bastion:
git clone $YOUR_REPO_URL labrepo
cd labrepo