Skip to content

Latest commit

 

History

History
297 lines (249 loc) · 9.33 KB

Setup AgnosticD on Mac.adoc

File metadata and controls

297 lines (249 loc) · 9.33 KB
Raw

Setup AgnosticD on macOS for OpenShift development (non Execution Environment version)

This documents walks through how to set up AgnosticD development on macOS (with M1 or Intel chip) for OpenShift development.

  1. Make sure you have Homebrew installed (https://brew.sh)

  2. Install prerequisites

    brew install python3 virtualenv jq openssl@3 rust

  3. Set up directory structure:

    mkdir -p ~/Development/agnosticd-vars
mkdir -p ~/Development/agnosticd-output
mkdir -p ~/Development/virtualenvs

  4. Clone the AgnosticD repo:

    cd ~/Development

# Use SSH clone, you can not push back to the repo using https
git clone [email protected]:redhat-cop/agnosticd

  5. Install XCode from the Mac App Store

  6. Launch XCode and make sure that MacOS development is selected and installed

  7. Install XCode command line tools

    xcode-select --install

  8. Set up Virtualenv

    1. Create requirements file for Python Modules (need to remove one dependency for macOS)

      cat ~/Development/agnosticd/tools/virtualenvs/ansible2.9-python3.6-2022-07-27.txt | grep -v pyinotify > ~/Development/virtualenvs/agnosticd.txt

    2. Create the virtualenv

      virtualenv -p $(which python3) ~/Development/virtualenvs/agnosticd
source ~/Development/virtualenvs/agnosticd/bin/activate

    3. Install requirements and collections

      export LDFLAGS="-L$(brew --prefix openssl@3)/lib"
export CFLAGS="-Wno-error=implicit-function-declaration -I$(brew --prefix openssl@3)/include"

pip install -r ~/Development/virtualenvs/agnosticd.txt
ansible-galaxy install -r ~/Development/agnosticd/ansible/configs/ocp4-cluster/requirements.yml

  9. Link the deployer scripts to you ~/bin directory (make sure ~/bin is in your PATH in either .bashrc or .zshrc):

    mkdir ~/bin
ln -s ~/Development/agnosticd/tools/deployer_scripts/* ~/bin

Deploy a new OpenShift Cluster

Create a Key Pair

In order to access the bastion VM of your cluster you need an ssh key pair. The easiest way to manage that is to store your public key on Github.

  1. Create a new key pair (hit enter twice for no passphrase)

    # XXXXXX is your redhat ID
ssh-keygen -f ~/.ssh/XXXXXXXXX-github

  2. Upload your public key to Github

    1. Navigate to https://github.com/settings/keys

    2. Click New SSH Key

    3. Use a Title for you to remember what this is for e.g. agnosticd-key and paste your public key from ~/.ssh/XXXXXXXXX-github.pub

Set up secrets

  1. Create a secrets file for generic secret information (RHN subscription, Pull Secret, …​)

    ~/Development/agnosticd-vars/secrets.yaml
    # Satellite
repo_method: satellite
set_repositories_satellite_ha: true
set_repositories_satellite_url: "<< ASK >>"
set_repositories_satellite_org: "<< ASK >>"
set_repositories_satellite_activationkey: "<< ASK >>"

# Or Employee Subscription
# repo_method: rhn
# rhel_subscription_user: "<< rhel subscription user >>"
# rhel_subscription_pass: "<< rhel subscription password >>"
# rhsm_pool_ids: []

# Pull secret from https://console.redhat.com
ocp4_pull_secret: "<< Your OCP Pull Secret >>"

email: "<< Your Red Hat e-mail>>"

# Your public key for the bastion VM needs to be in Github
ssh_authorized_keys:
- key: https://github.com/xxxxxxx.keys

  2. Create a second secrets file for your cloud environment. E.g. for an AWS Open Environment (from https://demo.redhat.com)

    ~/Development/agnosticd-vars/secrets-sandbox.yaml
    # Get these values from the Open Environment
# Or if you have your own AWS account use those
aws_access_key_id: "<< ACCESS KEY ID >>"
aws_secret_access_key: "<< SECRET ACCESS KEY >>"
subdomain_base_suffix: .sandboxXXXX.opentlc.com

agnosticd_aws_capacity_reservation_enable: false

Deploying a base cluster

To start development on a workload you want to have a base OpenShift cluster available. The following variable file sets up an OpenShift cluster with Let’s Encrypt certificates and HTPasswd authentication.

  1. Create a variable file for your cluster:

    ~/Development/agnosticd-vars/ocp-cluster.yaml

---
# -------------------------------------------------------------------
# Mandatory Variables
# -------------------------------------------------------------------
cloud_provider: ec2
env_type: ocp4-cluster
software_to_deploy: openshift4
# -------------------------------------------------------------------
# End Mandatory Variables
# -------------------------------------------------------------------

# -------------------------------------------------------------------
# Platform
# -------------------------------------------------------------------
platform: labs
purpose: development

# -------------------------------------------------------------------
# Cloud config
# -------------------------------------------------------------------
aws_region: us-east-2
# aws_zones:
# - us-east-2a
# - us-east-2b

cloud_tags:
- owner: "<< YOUR REDHAT EMAIL >>"
- Purpose: development
- env_type: "{{ env_type }}"
- guid: "{{ guid }}"

# -------------------------------------------------------------------
# VM configuration
# -------------------------------------------------------------------
master_instance_type: m5.xlarge
master_instance_count: 3
worker_instance_type: m5a.2xlarge
worker_instance_count: 2
bastion_instance_type: t3a.medium
bastion_instance_image: RHEL84GOLD-latest

# -------------------------------------------------------------------
# Install Student User on bastion VM
# -------------------------------------------------------------------
install_student_user: true
student_name: lab-user

# -------------------------------------------------------------------
# OpenShift Installer Version
# -------------------------------------------------------------------
# Latest stable 4.11 release (in quotes!)
ocp4_installer_version: "4.11"
ocp4_installer_root_url: http://mirror.openshift.com/pub/openshift-v4/clients

# -------------------------------------------------------------------
# Other Variables
# -------------------------------------------------------------------
ocp4_network_type: OVNKubernetes

# Update RHEL to the latest packages (and reboot)
update_packages: true

# -------------------------------------------------------------------
# Workloads
# -------------------------------------------------------------------
# --- Infra Workloads (YAML List)
infra_workloads:
- ocp4_workload_authentication
- ocp4_workload_le_certificates

# -------------------------------------------------------------------
# Workload variables
# -------------------------------------------------------------------

# -------------------------------------------------------------------
# Workload: ocp4_workload_authentication
# -------------------------------------------------------------------
ocp4_workload_authentication_idm_type: htpasswd
ocp4_workload_authentication_admin_user: admin
ocp4_workload_authentication_htpasswd_admin_password: r3dh4t1!
ocp4_workload_authentication_htpasswd_user_base: user
ocp4_workload_authentication_htpasswd_user_password: openshift
ocp4_workload_authentication_htpasswd_user_count: 5
ocp4_workload_authentication_remove_kubeadmin: true

  1. Run the script to deploy your cluster (using the YAML files you created previously)

    # Script   GUID   CLUSTER     CLOUD-CREDENTIALS
aad_create myguid ocp-cluster sandbox

  2. If you need to delete the cluster you can either delete the Open Environment (which will clean everything up) or just run destroy:

    # Script    GUID   CLUSTER     CLOUD-CREDENTIALS
aad_destroy myguid ocp-cluster sandbox

Connecting to your cluster

Once your cluster has been created you can use either the ssh key you specified in the configuration or the ssh key that got generated during the deploy to access the bastion VM.

  1. SSH to your bastion VM:

    # Your Key (private key matching your public key in Github)
# (replace GUID with your guid and XXXX with your sandbox number)
ssh -i ~/.ssh/xxxxxxxxx-github [email protected]

# or using the key the deployer created
# (replace GUID with your guid and XXXX with your sandbox number)
ssh -i ~/Development/agnosticd-output/GUID/ssh_provision_GUID [email protected]

Deploying a workload on a cluster

  1. To deploy a workload on an already provisioned base cluster create a vars file for your workload. The name of the vars file must be the same as the name of the workload role.

    This example will deploy the Pipelines operator workload using a catalog snapshot.

    ~/Development/agnosticd-vars/ocp4_workload_pipelines.yaml

# ---------------------------------------------------------
# OpenShift Pipelines
# ---------------------------------------------------------
ocp4_workload_pipelines_channel: pipelines-1.8
ocp4_workload_pipelines_use_catalog_snapshot: true
ocp4_workload_pipelines_catalog_snapshot_image: quay.io/gpte-devops-automation/olm_snapshot_redhat_catalog
ocp4_workload_pipelines_catalog_snapshot_image_tag: v4.11_2022_11_07

  1. Install the workload on your cluster:

    aad_workload create myguid sandboxXXXX.opentlc.com ocp4_workload_pipelines

  2. If the workload supports uninstall (it should…​.) uninstall from your cluster:

    aad_workload remove myguid sandboxXXXX.opentlc.com ocp4_workload_pipelines