├── _config.yml
├── provisioning
    ├── install_prerequisites.sh
    ├── settings.sh
    ├── install_master.sh
    └── inventory.download
└── README.md


/_config.yml:
--------------------------------------------------------------------------------
1 | theme: jekyll-theme-cayman


--------------------------------------------------------------------------------
/provisioning/install_prerequisites.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | source settings.sh
 4 | 
 5 | cat >>/etc/hosts<<EOF
 6 | ${OKD_MASTER_IP} ${OKD_MASTER_HOSTNAME} console console.${DOMAIN}
 7 | ${OKD_WORKER_NODE_1_IP} ${OKD_WORKER_NODE_1_HOSTNAME}
 8 | ${OKD_WORKER_NODE_2_IP} ${OKD_WORKER_NODE_2_HOSTNAME}
 9 | ${OKD_WORKER_NODE_3_IP} ${OKD_WORKER_NODE_3_HOSTNAME}
10 | ${OKD_INFRA_NODE_1_IP} ${OKD_INFRA_NODE_1_HOSTNAME}
11 | EOF
12 | 
13 | # install the following base packages
14 | yum install -y wget
15 | yum install -y envsubst
16 | yum install -y figlet
17 | yum install -y git
18 | yum install -y zile
19 | yum install -y nano
20 | yum install -y net-tools
21 | yum install -y docker-1.13.1
22 | yum install -y bind-utils iptables-services
23 | yum install -y bridge-utils bash-completion
24 | yum install -y kexec-tools
25 | yum install -y sos
26 | yum install -y psacct
27 | yum install -y openssl-devel
28 | yum install -y httpd-tools
29 | yum install -y NetworkManager
30 | yum install -y python-cryptography
31 | yum install -y python2-pip
32 | yum install -y python-devel
33 | yum install -y python-passlib
34 | yum install -y java-1.8.0-openjdk-headless "@Development Tools"
35 | yum install -y epel-release
36 | 
37 | # Disable the EPEL repository globally so that is not accidentally used during later steps of the installation
38 | sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
39 | 
40 | systemctl | grep "NetworkManager.*running"
41 | if [ $? -eq 1 ]; then
42 |         systemctl start NetworkManager
43 |         systemctl enable NetworkManager
44 | fi
45 | 
46 | systemctl restart docker
47 | systemctl enable docker


--------------------------------------------------------------------------------
/provisioning/settings.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | #The below configuration can be edited up on your needs and and please note the it's just an example configuration.
 3 | #We are going to create an OKD cluster with one master and 3 worker nodes.
 4 | 
 5 | #OKD Version
 6 | export OKD_VERSION=3.11
 7 | 
 8 | #OKD Master Node Configuration
 9 | export OKD_MASTER_IP=100.10.10.100
10 | export OKD_MASTER_HOSTNAME=okd-master-node
11 | 
12 | #OKD Worker Node 1 Configuration
13 | export OKD_WORKER_NODE_1_IP=100.10.10.101
14 | export OKD_WORKER_NODE_1_HOSTNAME=okd-worker-node-1
15 | 
16 | #OKD Worker Node 2 Configuration
17 | export OKD_WORKER_NODE_2_IP=100.10.10.102
18 | export OKD_WORKER_NODE_2_HOSTNAME=okd-worker-node-2
19 | 
20 | #OKD Worker Node 3 Configuration
21 | export OKD_WORKER_NODE_3_IP=100.10.10.103
22 | export OKD_WORKER_NODE_3_HOSTNAME=okd-worker-node-3
23 | 
24 | #OKD Infra Node 1 Configuration
25 | export OKD_INFRA_NODE_1_IP=100.10.10.104
26 | export OKD_INFRA_NODE_1_HOSTNAME=okd-infra-node-1
27 | 
28 | #The  below setting will be used to access OKD console https://console.$DOMAIN:$API_PORT"
29 | #By default we can login using the URL https://console.okd.nip.io:8443
30 | #To access URL from your local system we need to configure master host in C:\Windows\System32\drivers\etc\hosts file as below
31 | #100.10.10.100  console.okd.nip.io
32 | export DOMAIN=okd.nip.io
33 | export API_PORT=8443
34 | 
35 | #OKD Login Credentials
36 | #By default admin/admin operator will be created and can be used to login to OKD console.
37 | export OKD_USERNAME=admin
38 | export OKD_PASSWORD=admin
39 | 
40 | #OKD Add-Ons
41 | #Enable "True"  only if one of the VM has 4GB memory.
42 | export INSTALL_METRICS=False
43 | 
44 | # Enable "True"  only one of the VM 16GB memory. 
45 | export INSTALL_LOGGING=False


--------------------------------------------------------------------------------
/provisioning/install_master.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | source settings.sh
 4 | 
 5 | envsubst < inventory.download > inventory.ini
 6 | 
 7 | # install the packages for Ansible
 8 | yum -y --enablerepo=epel install ansible pyOpenSSL
 9 | curl -o ansible.rpm https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.6.5-1.el7.ans.noarch.rpm
10 | yum -y --enablerepo=epel install ansible.rpm
11 | 
12 | # checkout openshift-ansible repository
13 | [ ! -d openshift-ansible ] && git clone https://github.com/openshift/openshift-ansible.git
14 | cd openshift-ansible && git fetch && git checkout release-${OKD_VERSION} && cd ..
15 | 
16 | mkdir -p /etc/origin/master/
17 | touch /etc/origin/master/htpasswd
18 | 
19 | # check pre-requisites
20 | ansible-playbook -i inventory.ini openshift-ansible/playbooks/prerequisites.yml
21 | 
22 | # deploy cluster
23 | ansible-playbook -i inventory.ini openshift-ansible/playbooks/deploy_cluster.yml
24 | 
25 | htpasswd -b /etc/origin/master/htpasswd $OKD_USERNAME ${OKD_PASSWORD}
26 | oc adm policy add-cluster-role-to-user cluster-admin $OKD_USERNAME
27 | 
28 | 
29 | curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh
30 | chmod +x get_helm.sh
31 | ./get_helm.sh
32 | 
33 | 
34 | kubectl --namespace kube-system create serviceaccount tiller
35 | kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
36 | helm init --service-account tiller --upgrade
37 | 
38 | 
39 | echo "#####################################################################"
40 | echo "* Your console is https://console.$DOMAIN:$API_PORT"
41 | echo "* Your username is $OKD_USERNAME "
42 | echo "* Your password is $OKD_PASSWORD "
43 | echo "*"
44 | echo "* Login using:"
45 | echo "*"
46 | echo "$ oc login -u ${OKD_USERNAME} -p ${OKD_PASSWORD} https://console.$DOMAIN:$API_PORT/"
47 | echo "#####################################################################"
48 | 
49 | oc login -u ${OKD_USERNAME} -p ${OKD_PASSWORD} https://console.$DOMAIN:$API_PORT/


--------------------------------------------------------------------------------
/provisioning/inventory.download:
--------------------------------------------------------------------------------
 1 | [OSEv3:children]
 2 | masters
 3 | nodes
 4 | etcd
 5 | 
 6 | [masters]
 7 | ${OKD_MASTER_IP} openshift_ip=${OKD_MASTER_IP} openshift_schedulable=true 
 8 | 
 9 | [etcd]
10 | ${OKD_MASTER_IP} openshift_ip=${OKD_MASTER_IP}
11 | 
12 | [nodes]
13 | ${OKD_MASTER_IP} openshift_ip=${OKD_MASTER_IP} openshift_node_group_name='node-config-master'
14 | ${OKD_WORKER_NODE_1_IP} openshift_ip=${OKD_WORKER_NODE_1_IP} openshift_node_group_name='node-config-compute'
15 | ${OKD_WORKER_NODE_2_IP} openshift_ip=${OKD_WORKER_NODE_2_IP} openshift_node_group_name='node-config-compute'
16 | ${OKD_WORKER_NODE_3_IP} openshift_ip=${OKD_WORKER_NODE_3_IP} openshift_node_group_name='node-config-compute'
17 | ${OKD_INFRA_NODE_1_IP} openshift_ip=${OKD_INFRA_NODE_1_IP} openshift_node_group_name='node-config-infra'
18 | 
19 | [OSEv3:vars]
20 | openshift_additional_repos=[{'id': 'centos-paas', 'name': 'centos-paas', 'baseurl' :'https://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311', 'gpgcheck' :'0', 'enabled' :'1'}]
21 | 
22 | ansible_ssh_user=root
23 | enable_excluders=False
24 | enable_docker_excluder=False
25 | ansible_service_broker_install=False
26 | 
27 | containerized=True
28 | os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
29 | openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability
30 | 
31 | deployment_type=origin
32 | openshift_deployment_type=origin
33 | 
34 | template_service_broker_selector={"region":"infra"}
35 | openshift_metrics_image_version="v${OKD_VERSION}"
36 | openshift_logging_image_version="v${OKD_VERSION}"
37 | openshift_logging_elasticsearch_proxy_image_version="v1.0.0"
38 | openshift_logging_es_nodeselector={"node-role.kubernetes.io/infra":"true"}
39 | logging_elasticsearch_rollout_override=false
40 | osm_use_cockpit=true
41 | 
42 | openshift_metrics_install_metrics=${INSTALL_METRICS} 
43 | openshift_logging_install_logging=${INSTALL_LOGGING} 
44 | 
45 | openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
46 | openshift_master_htpasswd_file='/etc/origin/master/htpasswd'
47 | 
48 | openshift_public_hostname=console.${DOMAIN}
49 | openshift_master_default_subdomain=apps.${DOMAIN}
50 | 
51 | openshift_master_api_port=${API_PORT}
52 | openshift_master_console_port=${API_PORT}


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | 
  2 | 
  3 | 
  4 | # okd-installation-centos
  5 | 
  6 | ![enter image description here](https://lh3.googleusercontent.com/OBGT85EIBjT43vxUsI0Pmhl68NmYxqOUbBuTjRivjP24t5r38ft0ioTNuEV0IAyV3izoadJsdYIlnw)
  7 | 
  8 | # About...
  9 | 
 10 |   
 11 | 
 12 | *This repository is used to create ***OKD 3.11 Cluster*** with **9** simple steps on ***Bare VM's****
 13 |  
 14 |   
 15 | 
 16 | # Table of Contents
 17 | 
 18 | * [What are the pre-requisites ?](#prerequisites)
 19 | * [What are the VM's provisioned ?](#configuration)
 20 | * [How to deploy okd cluster ?](#deploy)
 21 | * [How to access okd Console ?](#console)
 22 | * [What are the addons provided ?](#addons)
 23 | 
 24 |   
 25 |   
 26 | 
 27 | <a id="prerequisites"></a>
 28 | 
 29 | # What are the prerequisites ?
 30 | * [Git](https://git-scm.com/downloads "Git")
 31 | 
 32 |    
 33 | <a id="configuration"></a>
 34 | 
 35 | # What are the VM's provisioned ?
 36 | 
 37 | ***Note: We are not going to create any VM's during this process. User is expected to have VM's before proceeding with this repository***
 38 | 
 39 | *Below is the ***example configuration*** that we are going to refer ***through out this repository***.*
 40 | 
 41 | *Name*|*IP*|*OS*|*RAM*|*CPU*|
 42 | |----|----|----|----|----|
 43 | *okd-master-node*    |*100.10.10.100*|*CentOS7*|*16GB*|*4*|
 44 | *okd-worker-node-1* |*100.10.10.101*|*CentOS7*|*16GB*|*4*|
 45 | *okd-worker-node-2* |*100.10.10.102*|*CentOS7*|*16GB*|*4*|
 46 | *okd-worker-node-3* |*100.10.10.103*|*CentOS7*|*16GB*|*4*|
 47 | *okd-infra-node-1*     |*100.10.10.104*|*CentOS7*|*16GB*|*4*|
 48 | 
 49 |   
 50 |   
 51 | 
 52 | <a id="deploy"></a>
 53 | 
 54 | # How to deploy openshift cluster ?
 55 | 
 56 | 
 57 | ## ***Step 1***
 58 |  
 59 | ***Update the system and host names for all nodes***
 60 | 
 61 | * `100.10.10.100 (okd-master-node)`
 62 | * `100.10.10.101 (okd-worker-node-1)`
 63 | * `100.10.10.102 (okd-worker-node-2)`
 64 | * `100.10.10.103 (okd-worker-node-3)`
 65 | * `100.10.10.104 (okd-infra-node-1)`
 66 |   
 67 | ***Unix Command!!!***
 68 | 
 69 | `$ yum update -y`
 70 | 
 71 | `$ nano /etc/hostname`  ***(OR)***   `$ nmtui`
 72 | 
 73 | ## ***Step 2***
 74 | 
 75 |   ***Enable SELINUX=enforcing on all master/worker/infra nodes***
 76 |   
 77 | * `100.10.10.100 (okd-master-node)`
 78 | * `100.10.10.101 (okd-worker-node-1)`
 79 | * `100.10.10.102 (okd-worker-node-2)`
 80 | * `100.10.10.103 (okd-worker-node-3)`
 81 | * `100.10.10.104 (okd-infra-node-1)`
 82 | 
 83 | ***Unix Command!!!***
 84 | 
 85 | `$ nano /etc/selinux/config`
 86 | 
 87 | ***We can verify the status by running the below command. The correct status will not reflect once we changed until we reboot the machines***
 88 | 
 89 | `$ sestatus`
 90 | 
 91 | 
 92 | ## ***Step 3***
 93 | 
 94 |   ***Reboot all master/worker/infra nodes***
 95 |  
 96 | * `100.10.10.100 (okd-master-node)`
 97 | * `100.10.10.101 (okd-worker-node-1)`
 98 | * `100.10.10.102 (okd-worker-node-2)`
 99 | * `100.10.10.103 (okd-worker-node-3)`
100 | * `100.10.10.104 (okd-infra-node-1)`
101 |  
102 | ***Unix Command!!!***
103 | 
104 | `$ reboot`
105 | 
106 |      
107 | ## ***Step 4***  
108 | 
109 | *Checkout the code (git clone https://github.com/SubhakarKotta/okd-installation-centos.git)*
110 | 
111 | ***Configure okd-installation-centos/provisioning/settings.sh file***
112 |   ![enter image description here](https://lh3.googleusercontent.com/zbeRg_vHfpg0iG0w70E0u6T-PEfK8czIN7FywGoaTOyo-giHgYI8ABg7s8WQOINds4sFNDbvkWqyZQ)
113 | ## ***Step 5***  
114 | 
115 | ***Copy "okd-installation-centos" folder to all master/worker nodes***
116 | 
117 |   
118 | * `100.10.10.100 (okd-master-node)`
119 | * `100.10.10.101 (okd-worker-node-1)`
120 | * `100.10.10.102 (okd-worker-node-2)`
121 | * `100.10.10.103 (okd-worker-node-3)`
122 | * `100.10.10.104 (okd-infra-node-1)`
123 | 
124 | *Example copy to root folder and execution permissions can be applied by executing the below command.*
125 |  
126 | 
127 | ***Unix Command!!!***
128 | 
129 | `$ chmod +x -R okd-installation-centos`
130 | 
131 | 
132 | ## ***Step 6***
133 | 
134 | ***Execute the below script on all master/worker/infra nodes***
135 | 
136 | * `100.10.10.100 (okd-master-node)`
137 | * `100.10.10.101 (okd-worker-node-1)`
138 | * `100.10.10.102 (okd-worker-node-2)`
139 | * `100.10.10.103 (okd-worker-node-3)`
140 | * `100.10.10.104 (okd-infra-node-1)`
141 | 
142 | ***Unix Command!!!***
143 | 
144 | `$ okd-installation-centos/provisioning/install_prerequisites.sh`
145 | 
146 |   
147 | ## ***Step 7***
148 | 
149 | ***Enable SSH to communicate all the other "worker/infra nodes" from "master" with out "password". All the below commands needs to be executed on "master" node only***
150 | 
151 | * `100.10.10.101 (okd-master-node)`
152 |   
153 | ***Unix Command!!!***
154 | 
155 | `$ ssh-keygen -t rsa`
156 | 
157 | ***okd-master-node***
158 | 
159 | `$ cat ~/.ssh/id_rsa.pub | ssh   root@100.10.10.100  "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"`
160 | 
161 | ***okd-worker-node-1***
162 | 
163 | `$ cat ~/.ssh/id_rsa.pub | ssh   root@100.10.10.101  "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"`
164 | 
165 | ***okd-worker-node-2***
166 | 
167 | `$ cat ~/.ssh/id_rsa.pub | ssh   root@100.10.10.102  "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"`
168 | 
169 | ***okd-worker-node-3***
170 | 
171 | `$ cat ~/.ssh/id_rsa.pub | ssh   root@100.10.10.103  "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"`
172 | 
173 | ***okd-infra-node-4***
174 | 
175 | `$ cat ~/.ssh/id_rsa.pub | ssh   root@100.10.10.104  "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"`
176 | 
177 | ## ***Step 8***
178 | 
179 | ***Execute the below script only on master node***
180 | 
181 | * `100.10.10.101 (okd-master-node)`
182 |   
183 | ***Unix Command!!!***
184 | 
185 | `$ okd-installation-centos/provisioning/install_master.sh`
186 |   
187 | 
188 | ## ***Step 9***
189 | 
190 | ***Verify okd installation is success by executing below two commands to see all the nodes and pods.***
191 | 
192 | ***Unix Command!!!***
193 |   
194 | `$ oc login -u admin -p admin https://console.okd.nip.io:8443`
195 | 
196 | `$ oc get projects`
197 | 
198 |   
199 |   <a id="console"></a>
200 | 
201 | # How to access okd Console ?
202 | 
203 | The ***okd Console*** can be accessed via the below URL from your local machine   
204 | 
205 | [https://console.okd.nip.io:8443](https://console.okd.nip.io:8443)
206 | 
207 | 
208 | <a id="addons"></a>
209 | # What are the addons provided ?
210 | 
211 | * `helm`
212 | 


--------------------------------------------------------------------------------