You are not logged in. Click here to log in.

codeBeamer ALM

Search In Project

Search inClear

Tags:  not added yet

How to setup an OpenShift cluster in AWS

AWS server

Launch the following server, please use the centos7 AMI

  • 1 server for running Ansible
  • 1 server for master
  • 2 server for nodes

Register the following domains

  • console-openshift.<your domain>.com points to master
  • master-openshift.<your domain>.com points to master
  • node01-openshift.<your domain>.com points to node1
  • node02-openshift.<your domain>.com points to node2


Add kubernetes.io/cluster/codeBeamer, Value=owned tag to all EC2s


Prerequisites

All server

  1. yum update
  2. yum install -y wget git zile nano net-tools docker-1.13.1.bind-utils iptables-services bridge-utils bash-completion .kexec-tools sos psacct openssl-devel httpd-tools NetworkManager python-cryptography python2-pip python-devel python-passlib java-1.8.0-openjdk-headless "@Development Tools"
  3. yum -y install epel-release
  4. sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
  5. systemctl start NetworkManager
  6. systemctl enable NetworkManager
  7. Add kubernetes.io/cluster/codeBeamer, Value=owned tag to all EC2s


Ansible server

  1. yum -y install httpd-tools java-1.8.0-openjdk-headless
  2. yum -y --enablerepo=epel install pyOpenSSL
  3. curl -o ansible.rpm https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.6.5-1.el7.ans.noarch.rpm
  4. yum -y --enablerepo=epel install ansible.rpm
  5. git clone https://github.com/openshift/openshift-ansible.git
  6. cd openshift-ansible
  7. git checkout origin/release-3.11
  8. cd playbooks/
  9. nano key.pem (move the private key of servers to the ansible server)
  10. chmod 400 key.pem
  11. Copy the SSL certificates into /home/centos/cert/
  12. cat /home/centos/cert/trustCA.crt > allCA.crt
  13. cat /home/centos/cert/serverCA.crt >> allCA.crt
  14. cat /home/centos/cert/CARoot.crt >> allCA.crt
  15. nano /etc/ansible/hosts (see content below)
  16. sudo ansible-playbook /home/centos/openshift-ansible/playbooks/prerequisites.yml --key-file /home/centos/openshift-ansible/playbooks/key.pem
  17. sudo ansible-playbook /home/centos/openshift-ansible/playbooks/deploy_cluster.yml --key-file /home/centos/openshift-ansible/playbooks/key.pem


Master server

  1. sudo su
  2. oc login -u system:admin
  3. oc adm policy add-cluster-role-to-user cluster-admin admin
  4. oc new-project codebeamer --description="codeBeamer project" --display-name="codeBeamer"


[OSEv3:children]
masters
nodes
etcd


[masters]
master-openshift.<your domain>.com openshift_schedulable=true containerized=false

[etcd]
master-openshift.<your domain>.com


[nodes]
master-openshift.<your domain>.com openshift_node_group_name="node-config-master-infra"
node01-openshift.<your domain>.com openshift_node_group_name="node-config-compute"
node02-openshift.<your domain>.com openshift_node_group_name="node-config-compute"


[OSEv3:vars]
openshift_additional_repos=[{'id': 'centos-paas', 'name': 'centos-paas', 'baseurl' :'https://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311', 'gpgcheck' :'0', 'enabled' :'1'}]


ansible_ssh_user=centos
ansible_become=true


os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability


openshift_deployment_type=origin
openshift_docker_insecure_registries=172.30.0.0/16


openshift_enable_service_catalog=true

template_service_broker_install=true
template_service_broker_selector={"role":"infra"}

openshift_cluster_monitoring_operator_install=false
openshift_metrics_install_metrics=false
openshift_metrics_server_install=false
openshift_logging_install_logging=false

openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
# Password: WSXdr56789
openshift_master_htpasswd_users={'admin': '$apr1$ytiFEhwn$BI353x9tDTxfPqV7y5BCl0'}

openshift_public_hostname=console-openshift.<your domain>.com
openshift_master_default_subdomain=app-openshift.<your domain>.com
openshift_master_api_port=8443
openshift_master_console_port=8443

openshift_master_overwrite_named_certificates=true
openshift_master_named_certificates=[{"certfile": "/home/centos/cert/<star>.crt", "keyfile": "/home/centos/cert/<private>.key", "cafile": "/home/centos/cert/<allCA>.crt", "names": ["console-openshift.<your domain>.com", "master-openshift.<your domain>.com"]}]

openshift_hosted_router_certificate={"certfile": "/home/centos/cert/<star>.crt", "keyfile": "/home/centos/cert/<private>.key", "cafile": "/home/centos/cert/<allCA>.crt"}

openshift_clusterid=codeBeamer
openshift_cloudprovider_kind=aws
openshift_cloudprovider_aws_access_key=<access_key>
openshift_cloudprovider_aws_secret_key=<secret_key>