Configuration, Installation, and Use of Red Hat OpenStack Services on OpenShift
Access Your Lab Environment
During this lab you will be instructed to ssh to your hypervisor at IP address {bastion_public_hostname}.
Use username {bastion_ssh_user_name} and password {bastion_ssh_password}.
Once logged in the hypervisor you can access to the bastion at IP address 192.168.123.100 as root using password redhat.
If needed, you can navigate to the OpenShift console URL: {ocp_console_url}[{ocp_console_url}^] using user admin and password {ocp_admin_password}
Prerequisites for Installation
Some prerequisites needed to install Red Hat OpenStack Services on OpenShift (RHOSO) are already included in the lab environment such as:
-
An operational OpenShift cluster which supports Multus CNI
-
oc command line tool on your workstation (bastion host)
-
k9s command line tool on your workstation (bastion host)
-
podman command line tool on your workstation (bastion host)
-
Access to repositories which contain the Dev Preview code
-
Access to an existing registry or create a local Quay registry
-
Example YAML files are available in this repository which can be cloned or copy and pasted for use. For ease of instructions it will be assumed the repo has been cloned
Install the Prerequisite Operators
There are three operators that are required to be installed before you can install the OpenStack Operator, the NMState Operator the MetalLB Operator and the Cert-Manager + Operator
Accessing the Cluster
From the hypervisor, log in to the bastion
sudo -i
ssh root@192.168.123.100Password is redhat.
[root@ocp4-bastion ~]
Make sure you can reach out to the OpenShift cluster, for instance, by listing the nodes in your cluster:
oc get nodesNAME STATUS ROLES AGE VERSION ocp4-master1.aio.example.com Ready control-plane,master 26h v1.25.16+9946c63 ocp4-master2.aio.example.com Ready control-plane,master 26h v1.25.16+9946c63 ocp4-master3.aio.example.com Ready control-plane,master 26h v1.25.16+9946c63 ocp4-worker1.aio.example.com Ready worker 25h v1.25.16+9946c63 ocp4-worker2.aio.example.com Ready worker 25h v1.25.16+9946c63 ocp4-worker3.aio.example.com Ready worker 25h v1.25.16+9946c63
Install Argocd
Create the argocd Operator namespace:
cat << EOF | oc apply -f -
apiVersion: v1
kind: Namespace
metadata:
name: openshift-gitops-operator
labels:
pod-security.kubernetes.io/enforce: privileged
security.openshift.io/scc.podSecurityLabelSync: "false"
EOFCreate the OperatorGroup:
cat << EOF | oc apply -f -
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
generateName: openshift-gitops-operator-
name: openshift-gitops-operator-b8wcv
namespace: openshift-gitops-operator
spec:
upgradeStrategy: Default
EOFConfirm the OperatorGroup is installed in the namespace:
oc get operatorgroup -n openshift-gitops-operatorSubscribe to the argocd Operator:
cat << EOF | oc apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
generation: 1
labels:
operators.coreos.com/openshift-gitops-operator.openshift-gitops-operator: ""
name: openshift-gitops-operator
namespace: openshift-gitops-operator
spec:
channel: latest
installPlanApproval: Automatic
name: openshift-gitops-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
startingCSV: openshift-gitops-operator.v1.12.0
EOFConfirm that argocd operator is running. Execute the following command until you see the Phase Field is succeeded (Press Control+C to exit the command):
oc get clusterserviceversion -n openshift-gitops-operator -o custom-columns=Name:.metadata.name,Phase:.status.phase -wGive the ServiceAccount for ArgoCD the ability to manage the cluster:
oc adm policy add-cluster-role-to-user cluster-admin -z openshift-gitops-argocd-application-controller -n openshift-gitopsConnecting to OpenShift Gitops OpenShift Gitops generates a default admin user, and a random password when first deployed.
Extract the password from the admin user Secret:
argoPass=$(oc get secret/openshift-gitops-cluster -n openshift-gitops -o jsonpath='{.data.admin\.password}' | base64 -d)
echo $argoPassGet the Route for the OpenShift Gitops/OpenShift GitOps server:
argoURL=$(oc get route openshift-gitops-server -n openshift-gitops -o jsonpath='{.spec.host}{"\n"}')
echo $argoURLAccess the OpenShift Gitops console by logging in with the username admin and the password extracted in the previous step.
