Installing OpenShift Container Platform (OCP) in and of itself can often be a challenging thing. Taking the process a step further and installing OCP in a disconnected environment where your OCP nodes may not even have internet access further complicates the matter. In the following article, the process for installing OCP utilizing a Satellite6 server will be discussed in full.
The Satellite server will sync the OCP containers needed for the installation and the OCP inventory will be modified to point to the Satellite server location. Lastly, the default image stream names will be updated to point towards the Satellite 6 server for future application deployments.
Before the disconnected installation can be deployed the Red Hat Satellite Server will need the OpenShift repos synced and configured from the Red Hat (CDN) content delivery network.
The following article describes how to install and configure Satellite 6 server for installing OpenShift Container Platform:
https://access.redhat.com/blogs/1169563/posts/2721001
Using Satellite 6 Server for OpenShift Container Platform Node Preparation
In both the reference architecture for VMware vSphere and Red Hat Virtualization (RHV), the Red Hat Subscription Management (RHSM) module is used for registering nodes to either Red Hat's Content Delivery Network (CDN) or an internal Satellite server.
The following vars are used for either installation:
Connected Install |
Disconnected Install |
rhel_subscription_user |
rhel_subscription_server |
rhel_subscription_pass |
rhsm_katello_url |
rhsm_activation_key |
|
rhsm_org_id |
OpenShift Required Containers for Installation
OpenShift uses the following containers for its base installation:
Container |
Description |
openshift3/ose-haproxy-router |
Default router implementation for OpenShift Container Platform environment. Supports HTTP, HTTPS (with SNI), WebSockets, and TLS with SNI. |
openshift3/registry-console |
Web console for the Atomic Registry, an open source enterprise container image registry based on the OpenShift and Cockpit projects. |
openshift3/ose-deployer |
Default deployer pod for OpenShift. Handles scaling down the old replication controller, scaling up the new one, running hooks, as well as capturing logs from the deployment process. |
openshift3/ose-pod |
Infrastructure pod used to reserve resources in a Kubernetes cluster |
openshift3/ose-docker-registry |
Supports the V2 Docker Registry API. Includes authentication and authorization support for OpenShift Container Platform. |
There containers must be located on the internal Satellite Server that the disconnected installation will be based off of. Also, the ose repos must be available on the Satellite 6 Server as well:
[root@master-0 ~]# yum repoinfo rhel-7-server-ose-3.6-rpms
Loaded plugins: enabled_repos_upload, package_upload, product-id, search-disabled-repos, subscription-manager
Repo-id : rhel-7-server-ose-3.6-rpms/x86_64
Repo-name : Red Hat OpenShift Container Platform 3.6 (RPMs)
Repo-status : enabled
Repo-revision: 1506113587
Repo-updated : Fri Sep 22 20:53:07 2017
Repo-pkgs : 503
Repo-size : 622 M
Repo-baseurl : https://sat6.e2e.bos.redhat.com/pulp/repos/Default_Organization/Library/Dev/content/dist/rhel/server/7/7Server/x86_64/ose/3.6/os
Repo-expire : 1 second(s) (last: Thu Nov 2 14:54:41 2017)
Filter : read-only:present
Repo-excluded: 20
Repo-filename: /etc/yum.repos.d/redhat.repo
repolist: 503
Uploading Enabled Repositories Report
Loaded plugins: product-id
Preparing Satellite 6 for a disconnected installation
To prepare the Satellite 6.2 installation for deploying OpenShift packages and OpenShift container images start by runningthe following Python script:
https://github.com/openshift/openshift-ansible-contrib/blob/master/reference-architecture/day2ops/scripts/ocp36-sat6.py
This script is to be executed on the Satellite Server to be used for the disconnected installation.
Note: The Satellite 6 server should be able to reach access.redhat.com to pull from its registry.
./ocp36-sat6.py --password admin_pass
First, this will query the Red Hat container registry for all openshift3 images then create a product and then repositories for the images.
[root@master-0 ~]# curl -s https://registry.access.redhat.com/v1/search?q="openshift3" | python -mjson.tool | grep ".name.:" | cut -d: -f2 | sed -e "s/ "//g"" -e "s/,"//g""
"openshift3/jenkins-slave-nodejs-rhel7"
"openshift3/node"
"openshift3/efs-provisioner"
... content abbreviated ...
Next, the script will supply the appropriate installation vars to insert into the OCP install playbooks:
oreg_url: sat6.e2e.bos.redhat.com:5000/default_organization-ocp36-openshift3_ose-${component}:${version}
openshift_disable_check: "docker_image_availability"
openshift_docker_insecure_registries: "sat6.e2e.bos.redhat.com:5000"
openshift_docker_additional_registries: "sat6.e2e.bos.redhat.com:5000"
openshift_examples_modify_imagestreams: True
Note the installation vars also bypass the image check availability. At the time of this writing, the skopeo check is appending the registry name twice.
Please see this bugzilla for details:
https://bugzilla.redhat.com/show_bug.cgi?id=1506267
Lastly, the script synchronizes the repos with the content imported from registry.access.redhat.com. This step can be time consuming.
Verifying the installation was successful
Verify the default image stream location has been modified:
[root@master-0 ~]# oc get is -n openshift
NAME DOCKER REPO TAGS UPDATED
dotnet docker-registry.default.svc:5000/openshift/dotnet 2.0,1.1,1.0
dotnet-runtime docker-registry.default.svc:5000/openshift/dotnet-runtime 2.0
fis-java-openshift sat6.e2e.bos.redhat.com:5000/jboss-fuse-6/fis-java-openshift
fis-karaf-openshift sat6.e2e.bos.redhat.com:5000/jboss-fuse-6/fis-karaf-openshift
... content abbreviated ...
On the cluster's infra or app nodes, query the Docker-formatted container images to see the image tags pointing to the Satellite 6 registry:
[root@infra-0 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sat6.e2e.bos.redhat.com:5000/default_organization-ocp36-openshift3_ose-haproxy-router v3.6.173.0.21 00e38cdddcde 8 weeks ago 988.8 MB
sat6.e2e.bos.redhat.com:5000/default_organization-ocp36-openshift3_ose-deployer v3.6.173.0.21 89fd398a337d 8 weeks ago 970.2 MB
sat6.e2e.bos.redhat.com:5000/default_organization-ocp36-openshift3_ose-docker-registry v3.6.173.0.21 6a83937f497f 8 weeks ago 1.058 GB
sat6.e2e.bos.redhat.com:5000/default_organization-ocp36-openshift3_ose-pod v3.6.173.0.21 63accd48a0d7 8 weeks ago 208.6 MB
Lastly, verify the installation took place properly by deploying a new application with the new image streams. Make sure the application deployed has had the applicable repositories set up inside Satellite server.
Troubleshooting a Failed Installation
If the deployment is having issues, manually pull the Docker-formatted container images to test:
If the Docker-formatted container images pull successfully, connectivity to Satellite should be fine.
docker pull sat6.e2e.bos.redhat.com:5000/default_organization-ocp3_disconnected-openshift3_ose-deployer:v3.6.173.0.21
Summary
In summary, the installation of OpenShift via Satellite 6 with a disconnected installation was greatly simplified with some automation work done ahead of time. The ocp36-sat6.py script will do the bulk of the work on the Satellite deployment and provide the required variables for installing OCP in a disconnected environment.
Manual Steps to Perform
The following steps can be issued manually to skip usage of the ocp36-sat6.py script:
- Create the product.
- Create the repositories and assign them to the product.
- Synchronize the product to pull down the images.
hammer product create --name "ocp36" --organization "e2e"
hammer repository create --name "openshift3/ose-haproxy-router" --content-type "docker" --url "http://registry.access.redhat.com/" --docker-upstream-name "openshift3/ose-haproxy-router" --product "ocp36" --organization "e2e"
hammer repository create --name "openshift3/registry-console" --content-type "docker" --url "http://registry.access.redhat.com/" --docker-upstream-name "openshift3/registry-console" --product "ocp36" --organization "e2e"
hammer repository create --name "openshift3/ose-deployer" --content-type "docker" --url "http://registry.access.redhat.com/" --docker-upstream-name "openshift3/ose-deployer" --product "ocp36" --organization "e2e"
hammer repository create --name "openshift3/ose-pod" --content-type "docker" --url "http://registry.access.redhat.com/" --docker-upstream-name "openshift3/ose-pod" --product "ocp36" --organization "e2e"
hammer repository create --name "openshift3/ose-docker-registry" --content-type "docker" --url "http://registry.access.redhat.com/" --docker-upstream-name "openshift3/ose-docker-registry" --product "ocp36" --organization "e2e"
hammer product synchronize --name "ocp36" --organization "e2e"
執筆者紹介
チャンネル別に見る
自動化
テクノロジー、チームおよび環境に関する IT 自動化の最新情報
AI (人工知能)
お客様が AI ワークロードをどこでも自由に実行することを可能にするプラットフォームについてのアップデート
オープン・ハイブリッドクラウド
ハイブリッドクラウドで柔軟に未来を築く方法をご確認ください。
セキュリティ
環境やテクノロジー全体に及ぶリスクを軽減する方法に関する最新情報
エッジコンピューティング
エッジでの運用を単純化するプラットフォームのアップデート
インフラストラクチャ
世界有数のエンタープライズ向け Linux プラットフォームの最新情報
アプリケーション
アプリケーションの最も困難な課題に対する Red Hat ソリューションの詳細
オリジナル番組
エンタープライズ向けテクノロジーのメーカーやリーダーによるストーリー
製品
ツール
試用、購入、販売
コミュニケーション
Red Hat について
エンタープライズ・オープンソース・ソリューションのプロバイダーとして世界をリードする Red Hat は、Linux、クラウド、コンテナ、Kubernetes などのテクノロジーを提供しています。Red Hat は強化されたソリューションを提供し、コアデータセンターからネットワークエッジまで、企業が複数のプラットフォームおよび環境間で容易に運用できるようにしています。
言語を選択してください
Red Hat legal and privacy links
- Red Hat について
- 採用情報
- イベント
- 各国のオフィス
- Red Hat へのお問い合わせ
- Red Hat ブログ
- ダイバーシティ、エクイティ、およびインクルージョン
- Cool Stuff Store
- Red Hat Summit