├── .gitignore ├── README.md ├── Vagrantfile ├── ansible ├── playbooks │ ├── installer.yml │ ├── main.yml │ ├── requirements.yml │ ├── storage.yml │ └── subscribe.yml └── templates │ └── all-in-one.ini └── scripts ├── load-container-images.sh └── save-container-images.sh /.gitignore: -------------------------------------------------------------------------------- 1 | .vagrant 2 | .vault 3 | credentials.yml 4 | *.retry 5 | images -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # vagrant-openshift-aio 2 | 3 | This project aims to provision a RHEL 7.5 virtual machine with OpenShift Enterprise or CentOS 7 with OKD, both all-in-one, using `openshift-ansible` with container storage, router, registry, metrics, logging and no APB by default. 4 | 5 | You can change `OPENSHIFT_DEPLOYMENT_TYPE` and `OPENSHIFT_RELEASE` and `MACHINE_IP` in `Vagrantfile` file or use environment varibles. It defaults to `origin`, `v3.10` and `10.20.30.40` respectively, but can be set to `openshift-enterprise`, `v3.11` and any other private IP of your preference that does not conflict with your network. 6 | 7 | After `vagrant up` you'll be able to access your OpenShift instance at: `https://master.ocp.10.20.30.40.nip.io:8443` or `https://master.okd.10.20.30.40.nip.io:8443` with `developer:developer`. 8 | 9 | > **NOTE:** You can configure your inventory in `ansible/templates/all-in-one.ini` file. 10 | 11 | # Steps 12 | 13 | 1. Set Environment Variables (Optional): 14 | 15 | ```shell 16 | export OPENSHIFT_DEPLOYMENT_TYPE=openshift-enterprise 17 | export OPENSHIFT_RELEASE=v3.11 18 | export MACHINE_IP=10.10.10.10 19 | ``` 20 | 21 | For **openshift-enterprise**, a few additional steps are required: 22 | 23 | 2. Build RHEL 7.5 image using packer: 24 | 25 | ```shell 26 | git clone https://github.com/jairojunior/packer-rhel 27 | cd packer-rhel 28 | # Download rhel-server-7.5-x86_64-dvd.iso 29 | packer build x86_64-vagrant-ocp.qemu.json -var 'rhn_username=user' -var 'rhn_password=password' -var 'pool_id=abcdefgh' 30 | vagrant box add --name rhel-7.5-ocp rhel-7.5-ocp.box 31 | ``` 32 | 33 | 3. Set RHN Credentials: 34 | 35 | - Create `ansible/vars/credentials.yml` with `ansible-vault` and the following content: 36 | 37 | ```yaml 38 | rhn_username: user 39 | rhn_password: p@ss 40 | pool_id: pool-id-with-ocp 41 | ``` 42 | 43 | - Create `.vault` with your vault password. 44 | 45 | 4. `vagrant up` 46 | 47 | ## Limitations 48 | 49 | - Only tested with libvirt. 50 | - A valid subscription is required (for openshift-enterprise). 51 | 52 | ## TODO 53 | 54 | - VirtualBox for OSX users. 55 | - Fully automate image build. -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | OPENSHIFT_DEPLOYMENT_TYPE = ENV['OPENSHIFT_DEPLOYMENT_TYPE'] || 'origin' 5 | OPENSHIFT_RELEASE = ENV['OPENSHIFT_RELEASE'] || 'v3.11' 6 | MACHINE_IP = ENV['OPENSHIFT_MACHINE_IP'] || '10.20.30.40' 7 | 8 | Vagrant.configure("2") do |config| 9 | 10 | config.vm.provider :libvirt do |domain| 11 | domain.memory = 16384 12 | domain.cpus = 2 13 | end 14 | 15 | config.vm.provider :libvirt do |libvirt| 16 | libvirt.storage :file, :size => '40G' 17 | end 18 | 19 | config.vm.define :ocp_aio do |ocp_aio| 20 | ocp_aio.vm.network :private_network, :ip => MACHINE_IP 21 | end 22 | 23 | config.vm.synced_folder ".", "/vagrant", type: "nfs", 24 | nfs_version: 4, 25 | nfs_udp: false 26 | 27 | if Vagrant.has_plugin?("vagrant-cachier") 28 | config.cache.scope = :box 29 | 30 | config.cache.synced_folder_opts = { 31 | type: "nfs", 32 | nfs_version: 4, 33 | nfs_udp: false 34 | } 35 | end 36 | 37 | if OPENSHIFT_DEPLOYMENT_TYPE == 'openshift-enterprise' 38 | config.vm.box = "rhel-7.5-ocp" 39 | hostname = "master-ocp" 40 | config.vm.hostname = hostname 41 | 42 | 43 | else 44 | config.vm.box = "centos/7" 45 | hostname = "master-okd" 46 | config.vm.hostname = hostname 47 | end 48 | 49 | config.vm.provision "ansible" do |ansible| 50 | ansible.playbook = "ansible/playbooks/main.yml" 51 | 52 | ansible.extra_vars = { 53 | deployment_type: OPENSHIFT_DEPLOYMENT_TYPE, 54 | release: OPENSHIFT_RELEASE, 55 | machine_ip: MACHINE_IP, 56 | master_route: hostname.gsub('-', '.') 57 | } 58 | 59 | unless OPENSHIFT_DEPLOYMENT_TYPE == "origin" then ansible.vault_password_file = '.vault' end 60 | end 61 | 62 | config.vm.provision "shell", path: "scripts/load-container-images.sh", args: [OPENSHIFT_DEPLOYMENT_TYPE, OPENSHIFT_RELEASE] 63 | 64 | config.vm.provision "ansible_local" do |prerequisites| 65 | prerequisites.provisioning_path = "/usr/share/ansible/openshift-ansible/playbooks/" 66 | prerequisites.verbose = true 67 | prerequisites.raw_arguments = ['--limit=""'] 68 | prerequisites.inventory_path = "/etc/ansible/hosts" 69 | prerequisites.playbook_command = "sudo ANSIBLE_FORCE_COLOR=true ansible-playbook" 70 | prerequisites.playbook = "prerequisites.yml" 71 | end 72 | 73 | config.vm.provision "ansible_local" do |deploy_cluster| 74 | deploy_cluster.provisioning_path = "/usr/share/ansible/openshift-ansible/playbooks/" 75 | deploy_cluster.verbose = true 76 | deploy_cluster.raw_arguments = ['--limit=""'] 77 | deploy_cluster.inventory_path = "/etc/ansible/hosts" 78 | deploy_cluster.playbook_command = "sudo ANSIBLE_FORCE_COLOR=true ansible-playbook" 79 | deploy_cluster.playbook = "deploy_cluster.yml" 80 | end 81 | 82 | config.trigger.after :up do |trigger| 83 | trigger.info = "OpenShift is ready!" 84 | trigger.run_remote = { 85 | inline: 'echo "Openshift is available at: https://$1.$2.nip.io:8443" with developer:developer', 86 | args: [hostname.gsub('-', '.'), MACHINE_IP] 87 | } 88 | end 89 | 90 | config.trigger.before :destroy do |trigger| 91 | trigger.warn = "Saving container images..." 92 | trigger.run_remote = { 93 | path: "scripts/save-container-images.sh", 94 | args: [OPENSHIFT_DEPLOYMENT_TYPE, OPENSHIFT_RELEASE] 95 | } 96 | end 97 | 98 | end 99 | -------------------------------------------------------------------------------- /ansible/playbooks/installer.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: yes 4 | 5 | vars: 6 | package_version: "{{ release | replace('v', '') }}" 7 | package: openshift-ansible 8 | package_with_version: "{{ 'openshift-ansible-' ~ package_version ~ '*' }}" 9 | 10 | tasks: 11 | 12 | - name: Openshift Ansible installer 13 | yum: 14 | name: "{{ package if deployment_type == 'openshift-enterprise' 15 | else package_with_version }}" 16 | state: present 17 | 18 | - name: Inventory 19 | template: 20 | src: "../templates/all-in-one.ini" 21 | dest: /etc/ansible/hosts 22 | 23 | - name: hosts 24 | copy: 25 | content: | 26 | {{ machine_ip }} {{ ansible_fqdn }} 27 | 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 28 | ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 29 | dest: /etc/hosts -------------------------------------------------------------------------------- /ansible/playbooks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | 4 | - name: Subcribe 5 | import_playbook: subscribe.yml 6 | when: deployment_type == 'openshift-enterprise' 7 | 8 | - name: Requirements 9 | import_playbook: requirements.yml 10 | when: deployment_type == 'origin' 11 | 12 | - name: Openshift Installer 13 | import_playbook: installer.yml 14 | 15 | - name: Docker storage 16 | import_playbook: storage.yml -------------------------------------------------------------------------------- /ansible/playbooks/requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: yes 4 | 5 | vars: 6 | requirements: 7 | - wget 8 | - git 9 | - net-tools 10 | - bind-utils 11 | - yum-utils 12 | - iptables-services 13 | - bridge-utils 14 | - bash-completion 15 | - kexec-tools 16 | - sos 17 | - psacct 18 | - docker-1.13.1 19 | 20 | tasks: 21 | 22 | - name: Requirements 23 | yum: 24 | name: "{{ requirements | join(',') }}" 25 | state: present 26 | 27 | - name: Ansible package 28 | yum: 29 | name: centos-release-ansible26 30 | state: present 31 | 32 | - name: OpenShift Origin package 33 | yum: 34 | name: centos-release-openshift-origin 35 | state: present 36 | 37 | - name: Openshift installer 38 | yum: 39 | name: openshift-ansible 40 | state: present 41 | 42 | - name: System upgrade 43 | yum: name=* state=latest update_cache=yes -------------------------------------------------------------------------------- /ansible/playbooks/storage.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: yes 4 | 5 | tasks: 6 | 7 | - name: docker-storage 8 | copy: 9 | content: | 10 | DEVS=/dev/vdb 11 | VG=docker-vg 12 | dest: /etc/sysconfig/docker-storage-setup 13 | 14 | - name: check docker-vg 15 | command: vgs docker-vg 16 | register: result 17 | changed_when: false 18 | failed_when: false 19 | 20 | - name: Docker storage setup 21 | command: docker-storage-setup 22 | when: result.rc != 0 -------------------------------------------------------------------------------- /ansible/playbooks/subscribe.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: yes 4 | 5 | vars: 6 | repository_version: "{{ release | replace('v', '') }}" 7 | 8 | enabled_repos: 9 | - rhel-7-server-rpms 10 | - rhel-7-server-extras-rpms 11 | - "rhel-7-server-ose-{{ repository_version }}-rpms" 12 | 13 | tasks: 14 | 15 | - name: Load credentials 16 | include_vars: "../vars/credentials.yml" 17 | 18 | - name: Subscribe RHN 19 | redhat_subscription: 20 | state: present 21 | username: "{{ rhn_username }}" 22 | password: "{{ rhn_password }}" 23 | pool_ids: "{{ pool_id }}" 24 | 25 | - name: Disable HTB repository 26 | rhsm_repository: 27 | name: rhel-7-server-htb-rpms 28 | state: disabled 29 | 30 | - name: Enable repos 31 | rhsm_repository: 32 | name: "{{ item }}" 33 | state: enabled 34 | with_items: "{{ enabled_repos }}" 35 | 36 | - name: Ansible repository 2.6 37 | rhsm_repository: 38 | name: rhel-7-server-ansible-2.6-rpms 39 | state: enabled 40 | when: repository_version == '3.11' 41 | 42 | - name: Ansible repository 2.4 43 | rhsm_repository: 44 | name: rhel-7-server-ansible-2.4-rpms 45 | state: enabled 46 | when: repository_version == '3.10' or repository_version == '3.9' 47 | -------------------------------------------------------------------------------- /ansible/templates/all-in-one.ini: -------------------------------------------------------------------------------- 1 | [OSEv3:children] 2 | masters 3 | nodes 4 | etcd 5 | 6 | [OSEv3:vars] 7 | ansible_connection=local 8 | 9 | openshift_release={{ release }} 10 | openshift_deployment_type={{ deployment_type }} 11 | 12 | {% if deployment_type == "openshift-enterprise" %} 13 | oreg_auth_user="{{ rhn_username }}" 14 | oreg_auth_password="{{ rhn_password }}" 15 | {% endif %} 16 | 17 | openshift_ip={{ machine_ip }} 18 | openshift_public_ip={{ machine_ip }} 19 | openshift_master_default_subdomain=apps.{{ machine_ip }}.nip.io 20 | 21 | os_sdn_network_plugin_name='redhat/openshift-ovs-networkpolicy' 22 | 23 | openshift_master_public_api_url=https://{{ master_route }}.{{ machine_ip }}.nip.io:8443 24 | openshift_master_public_console_url=https://{{ master_route }}.{{ machine_ip }}.nip.io:8443/console 25 | openshift_master_cluster_public_hostname={{ master_route }}.{{ machine_ip }}.nip.io 26 | 27 | openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}] 28 | # developer:developer 29 | openshift_master_htpasswd_users={'developer': '$apr1$jxbHFja8$IZPCqw1BSsezaIJ1rA9pV0'} 30 | 31 | openshift_hosted_manage_router=true 32 | openshift_hosted_manage_registry=true 33 | openshift_metrics_install_logging=true 34 | 35 | openshift_metrics_install_metrics=False 36 | openshift_install_examples=true 37 | openshift_enable_service_catalog=False 38 | template_service_broker_install=False 39 | osm_use_cockpit=False 40 | openshift_hosted_manage_registry_console=False 41 | osn_storage_plugin_deps=[] 42 | openshift_use_manageiq=False 43 | 44 | [etcd] 45 | {{ ansible_fqdn }} 46 | 47 | [masters] 48 | {{ ansible_fqdn }} openshift_schedulable=true 49 | 50 | [nodes] 51 | {{ ansible_fqdn }} openshift_node_group_name=node-config-all-in-one -------------------------------------------------------------------------------- /scripts/load-container-images.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | set -o nounset 5 | 6 | systemctl start docker 7 | 8 | cd /vagrant/images 9 | 10 | IMAGES_TARBALL="$1-$2.tar" 11 | 12 | if [ -e "$IMAGES_TARBALL" ]; then 13 | docker load -i $IMAGES_TARBALL 14 | fi -------------------------------------------------------------------------------- /scripts/save-container-images.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | set -o pipefail 5 | set -o nounset 6 | 7 | if [ -x "$(command -v docker)" ]; then 8 | 9 | IMAGES=$(docker images | awk '{ print $ 1}' | tail -n +2 | tr '\n' ' ') 10 | 11 | if [ ! -z "$IMAGES" ]; then 12 | cd /vagrant/images 13 | docker save -o $1-$2.tar $IMAGES 14 | fi 15 | fi 16 | --------------------------------------------------------------------------------