Easy OKD 3.11 Install on Fedora 29
Basic setup of a one VM Openshift (OKD) environment.
Environment
- Host - Fedora 29
- 1 VM using Fedora 29 Cloud Image
- 2 vCPU, 4GB RAM, 50GB primary disk
Wildcard Domain
Host based routing requires a wildcard domain. If you're using dnsmasq do the following.
As root on your host
echo "192.168.122.101 okd01 okd01.local" >> /etc/hosts
echo "address=/.apps.local/192.168.122.101" >> /etc/dnsmasq.conf
systemctl restart dnsmasq.service
systemctl restart libvirtd.service
Create the VM
Download Fedora 29 VM image
curl -O http://mirrors.oit.uci.edu/fedora/linux/releases/29/Cloud/x86_64/images/Fedora-Cloud-Base-29-1.2.x86_64.qcow2
Resize the VM images
qemu-img create -f qcow2 okd01.qcow2 50G
virt-resize --expand /dev/sda1 Fedora-Cloud-Base-29-1.2.x86_64.qcow2 okd01.qcow2
Create cloud-init iso
Change the hostnames, password and ssh public key to match your environment.
cat > meta-data <<'_EOF'
instance-id: okd01
local-hostname: okd01.local
_EOF
cat > user-data <<'_EOF'
#cloud-config
password: fedora
chpasswd: {expire: False}
ssh_pwauth: True
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQAB......
_EOF
genisoimage -output okd01.iso -volid cidata -joliet -rock user-data meta-data
Create virtual machine
virt-install -n okd01 --cpu default --vcpus 2 --memory 4096 --os-type=linux --os-variant=fedora29 --disk $PWD/okd01.qcow2 --disk $PWD/okd01.iso,device=cdrom --network network=default --import
Set a static address
Using the console, login and set a static address
sudo nmcli con mod "System eth0" ipv4.method manual ipv4.dns "192.168.122.1" ipv4.dns-search local ipv4.addresses "192.168.122.101/24" ipv4.gateway "192.168.122.1"
sudo nmcli con down "System eth0" ; nmcli con up "System eth0"
Install OKD
Create an nfsnobody group and user because the installer doesn't use nobody
sudo groupadd -g 65533 nfsnobody
sudo useradd nfsnobody -u 65533 -g 65533 -d /
Make an exports directory for the NFS service
sudo mkdir /exports
Update and install requirements
sudo dnf -y --refresh update
sudo dnf -y install git ansible
sudo systemctl reboot
Git clone the openshift-ansible playbooks
git clone https://github.com/openshift/openshift-ansible.git
cd openshift-ansible/
git checkout release-3.11
Create an inventory file for ansible
Change "openshift_master_default_subdomain" if you used a different domain
[OSEv3:children]
masters
nodes
etcd
nfs
[OSEv3:vars]
# enable cri-o
openshift_use_crio=true
openshift_use_crio_only=false
openshift_crio_enable_docker_gc=true
# fedora uses python3
ansible_python_interpreter=/usr/bin/python3
# generic deployment config
openshift_deployment_type=origin
openshift_release=v3.11
openshift_portal_net=172.30.0.0/16
openshift_disable_check=disk_availability,memory_availability
# your wildcard domain
openshift_master_default_subdomain="apps.local"
# use htpasswd for auth
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
# use NFS for the registry
openshift_hosted_registry_storage_kind=nfs
openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
openshift_hosted_registry_storage_nfs_directory=/exports
openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)'
openshift_hosted_registry_storage_volume_name=registry
openshift_hosted_registry_storage_volume_size=10Gi
[masters]
localhost ansible_connection=local
[nfs]
localhost ansible_connection=local
[etcd]
localhost ansible_connection=local
[nodes]
# openshift_node_group_name should refer to a dictionary with matching key of name in list openshift_node_groups.
localhost ansible_connection=local openshift_node_group_name="node-config-all-in-one-crio"
Run the installer
sudo ansible-playbook -i hosts.localhost playbooks/prerequisites.yml
sudo ansible-playbook -i hosts.localhost playbooks/deploy_cluster.yml
Once complete check the running pods
sudo su -
oc get pods --all-namespaces
The output should look like this
NAMESPACE NAME READY STATUS RESTARTS AGE
default docker-registry-1-85rlw 1/1 Running 0 19m
default dockergc-lh867 1/1 Running 0 19m
default registry-console-1-fsw6g 1/1 Running 0 19m
default router-1-9gj5h 1/1 Running 0 19m
kube-service-catalog apiserver-gnjrv 1/1 Running 3 5m
kube-service-catalog controller-manager-rqpwn 1/1 Running 0 2m
kube-system master-api-okd01.local 1/1 Running 0 21m
kube-system master-controllers-okd01.local 1/1 Running 0 21m
kube-system master-etcd-okd01.local 1/1 Running 0 21m
openshift-ansible-service-broker asb-1-tb2dw 1/1 Running 0 1m
openshift-console console-54fb4dd947-t5zc9 1/1 Running 0 14m
openshift-monitoring alertmanager-main-0 3/3 Running 0 12m
openshift-monitoring alertmanager-main-1 3/3 Running 0 12m
openshift-monitoring alertmanager-main-2 3/3 Running 0 12m
openshift-monitoring cluster-monitoring-operator-6465f8fbc7-x7g7m 1/1 Running 0 19m
openshift-monitoring grafana-6b9f85786f-5mvs7 2/2 Running 0 15m
openshift-monitoring kube-state-metrics-7449d589bc-nzl76 3/3 Running 0 11m
openshift-monitoring node-exporter-gmh47 2/2 Running 0 12m
openshift-monitoring prometheus-k8s-0 4/4 Running 1 14m
openshift-monitoring prometheus-k8s-1 4/4 Running 1 13m
openshift-monitoring prometheus-operator-6644b8cd54-7zdcw 1/1 Running 0 16m
openshift-node sync-6vc7c 1/1 Running 0 20m
openshift-sdn ovs-q4pkw 1/1 Running 0 20m
openshift-sdn sdn-725q2 1/1 Running 0 20m
openshift-template-service-broker apiserver-49q6p 1/1 Running 0 1m
openshift-web-console webconsole-7df4f9f689-dl464 1/1 Running 0 15m
Create users
Make a regular user
sudo htpasswd /etc/origin/master/htpasswd user
Make an admin user
sudo htpasswd /etc/origin/master/htpasswd admin
sudo oc adm policy add-cluster-role-to-user cluster-admin admin
Point your web browser to https://okd01.local:8443 and login
Profit!