1
0
mirror of https://github.com/tektoncd/catalog.git synced 2024-11-22 06:02:51 +00:00
catalog/task/openshift-install/0.1
PuneetPunamiya 40393cd4cc Modifies directory names based on the proposal
- sample --> samples
  - example --> samples
  - test --> tests

Signed-off-by: Puneet Punamiya <ppunamiy@redhat.com>
2020-07-14 19:01:58 +01:00
..
samples Modifies directory names based on the proposal 2020-07-14 19:01:58 +01:00
openshift-install.yaml This patch splits the openshift-install task from the openshift-provision directory 2020-07-13 13:41:58 +01:00
README.md This patch splits the openshift-install task from the openshift-provision directory 2020-07-13 13:41:58 +01:00

OpenShift Provisioning

The following task helps you to provision the Openshift cluster using the Installer Provided Infrastructure on the desired cloud platform. Supported cloud platforms are :-

  • AWS
  • GCP

Guide to provision a cluster on AWS can be found here and for GCP can be found here

OpenShift-Create

The following task is used to create the cluster.

Install the Task

kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/task/openshift-install/0.1/openshift-install.yaml

Parameters

  • PLATFORM: The cloud platform where you want to create your openshift cluster (accepted values are aws and gcp).
  • BASE_DOMAIN: The base domain of the cloud provider.
  • CLUSTER_NAME: The desired name of the cluster.
  • REPLICAS: Required replicas for the cluster.
  • REGION: The region to deploy your cluster in.
  • PROJECT_ID: The project id is required in case of deploying at google cloud platform (gcp).
  • OPENSHIFT_INSTALLER_IMAGE: OpenShift installer base image for UPI installation (default: quay.io/openshift/origin-upi-installer:4.4)

Workspaces

  • secrets: A workspace that consists of credentials required by the cloud provider as a service account which needs to be mounted to their default path as required by the cluster.

  • install-dir: The PersistentVolume workspace which will contain all the files generated by the openshift-install which later can be used at the time of destroying the cluster.

Secrets

  • The pull secret is obtained from the Pull Secret page on the Red Hat OpenShift Cluster Manager site by selecting the appropriate Infrastructure Cloud Provider and installation type as Installer-provisioned infrastructure. You can use this pull secret to authenticate with the services that are provided by the included authorities.

  • The public ssh key used for password-less authentication. The public ssh key can be generated by:

    ssh-keygen -y -f ~/.ssh/openshift-dev.pem > ~/.ssh/openshift-dev.pub
    

    or

    ssh-keygen -t rsa -b 4096 -C "<email id>"
    

    and then the public key can be obtained by

    cat ~/.ssh/openshift-dev.pub
    

Usage

Taking example of AWS :-

  1. Create the PVC
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: install-dir
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 2Gi
  1. Create the secrets (taking an example of mouting AWS credentials and config)
apiVersion: v1
kind: Secret
metadata:
  name: openshift-install
type: Opaque
stringData:
  pull-secret: $(pull-secret)
  public-ssh-key: $(public-ssh-key)

The secrets for the respected cloud platform can be mounted as (taking aws as an example):-

apiVersion: v1
kind: Secret
metadata:
  name: aws-credentials
type: Opaque
stringData:
  credentials: |-
    [profile-name]
    aws_access_key_id     = $(access-key-id)
    aws_secret_access_key = $(secret-access-key)
    [default]
    aws_access_key_id     = $(access-key-id)
    aws_secret_access_key = $(secret-access-key)
  config: |-
    [profile profile-name]
    region = $(region)
    output = json
  1. Creating TaskRun for the OpenShift Create:
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  name: install-run
spec:
  taskRef:
    name: openshift-install
  params:
    - name: PLATFORM
      value: aws
    - name: CLUSTER_NAME
      value: test-cluster
    - name: BASE_DOMAIN
      value: devcluster.openshift.com
    - name: REPLICAS
      value: 3
    - name: REGION
      value: us-east-2
  workspaces:
    - name: install-dir
      persistentvolumeclaim:
        claimName: install-dir
    - name: secrets
      secret:
        secretName: aws-credentials

NOTE

  • To access the cluster created in other tasks we need to use the same Workspace and keep the workingDir: $(workspaces.workspaces-name.path) and to login into the cluster in the next Tekton Task do the following :-
    export KUBECONFIG=auth/kubeconfig
    
    and to get the URL for OpenShift webconsole do the following :-
    cat auth/webaccess