Skip to content

Latest commit

 

History

History
127 lines (97 loc) · 4.66 KB

README.md

File metadata and controls

127 lines (97 loc) · 4.66 KB
Raw

openshift-azure

Coverage Status Go Report Card GoDoc

Prerequisites

Note that this README is targeted at AOS-Azure contributors. If you are not a member of this team, these instructions may not work as they will assume you have permissions that you may not have.

  1. Utilities. Install the following:

    1. Golang 1.11.6 (can also use package manager)
    2. Latest Azure CLI
    3. OpenShift Origin 3.11 client tools (can also use package manager)
    4. Latest Glide. Note: Glide 0.13.1 is known to be broken.
    5. jq (can also use package manager)

    Development helper scripts assume an up-to-date GNU tools environment. Recent Linux distros should work out-of-the-box.

    macOS ships with outdated BSD-based tools. We recommend installing macOS GNU tools.

  2. Environment variables. Ensure that $GOPATH/bin is in your path:

    export PATH=$PATH:${GOPATH:-$HOME/go}/bin.

  3. Azure CLI access. Log into Azure using the CLI using az login and your credentials.

  4. OpenShift CI cluster access. Log in to the CI cluster using oc login and a token from the CI cluster web interface. You can copy the required command by clicking on your username and the "Copy Login Command" option in the web portal.

  5. Codebase. Check out the codebase:

    go get github.com/openshift/openshift-azure/...

  6. Secrets. Retrieve cluster creation secrets from the vault:

    export VAULT_ADDR=https://vault.ci.openshift.org
./vault login $TOKEN_FROM_THE_VAULT
./vault kv get -format=json "kv/selfservice/azure/cluster-secrets-azure/" | jq ".data.data"  > vault-secrets.json
python3 vault-secrets.py

  7. Environment file. Create an environment file:

    cp env.example env.

  8. AAD Application / Service principal. Create a personal AAD Application:

    1. hack/aad.sh app-create user-$USER-aad aro-team-shared
    2. Update env to include the AZURE_AAD_CLIENT_ID and AZURE_AAD_CLIENT_SECRET values output by aad.sh.
    3. Ask an AAD administrator to grant permissions to your application.

Deploy an OpenShift cluster

  1. Source the env file: . ./env.

  2. Determine an appropriate resource group name for your cluster (e.g. for a test cluster, you could call it $USER-test). Then export RESOURCEGROUP and run ./hack/create.sh $RESOURCEGROUP to deploy a cluster.

  3. Access the web console via the link printed by create.sh, logging in with your Azure credentials.

  4. To inspect pods running on the OpenShift cluster, run KUBECONFIG=_data/_out/admin.kubeconfig oc get pods.

  5. To ssh into any OpenShift master node, run ./hack/ssh.sh. You can directly ssh to any other host from the master. sudo -i will give root.

  6. Run ./hack/delete.sh to delete the deployed cluster.

Examples

Basic OpenShift configuration (also see test/manifests/fakerp/create.yaml):

name: openshift
location: $AZURE_REGION
properties:
  openShiftVersion: v3.11
  authProfile:
    identityProviders:
    - name: Azure AD
      provider:
        kind: AADIdentityProvider
        clientId: $AZURE_AAD_CLIENT_ID
        secret: $AZURE_AAD_CLIENT_SECRET
        tenantId: $AZURE_TENANT_ID
  networkProfile:
    vnetCidr: 10.0.0.0/8
  masterPoolProfile:
    count: 3
    vmSize: Standard_D2s_v3
    subnetCidr: 10.0.0.0/24
  agentPoolProfiles:
  - name: infra
    role: infra
    count: 3
    vmSize: Standard_D2s_v3
    subnetCidr: 10.0.0.0/24
    osType: Linux
  - name: compute
    role: compute
    count: 1
    vmSize: Standard_D2s_v3
    subnetCidr: 10.0.0.0/24
    osType: Linux

CI infrastructure

Read more about how to work with our CI system here.

For any infrastructure-related issues, make sure to contact the Developer Productivity team who is responsible for managing the OpenShift CI Infrastructure at #forum-testplatform in Slack.