{"id":17143111,"url":"https://github.com/debianmaster/openshift-the-hard-way","last_synced_at":"2025-04-10T10:41:08.781Z","repository":{"id":150499268,"uuid":"85524164","full_name":"debianmaster/openshift-the-hard-way","owner":"debianmaster","description":"Build openshift the hardway to understand deeper (mimic of kelsey's  k8s hardway)","archived":false,"fork":false,"pushed_at":"2018-05-15T06:10:25.000Z","size":55,"stargazers_count":14,"open_issues_count":1,"forks_count":21,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-24T09:28:32.265Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/debianmaster.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-03-20T01:50:44.000Z","updated_at":"2023-12-23T14:18:28.000Z","dependencies_parsed_at":null,"dependency_job_id":"aa01d497-78fe-4897-88de-ed0dd19e92ac","html_url":"https://github.com/debianmaster/openshift-the-hard-way","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/debianmaster%2Fopenshift-the-hard-way","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/debianmaster%2Fopenshift-the-hard-way/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/debianmaster%2Fopenshift-the-hard-way/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/debianmaster%2Fopenshift-the-hard-way/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/debianmaster","download_url":"https://codeload.github.com/debianmaster/openshift-the-hard-way/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248199290,"owners_count":21063652,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-14T20:33:46.152Z","updated_at":"2025-04-10T10:41:08.762Z","avatar_url":"https://github.com/debianmaster.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"#  CAUTION ------WORK IN PROGRES------     \n\n# openshift-the-hard-way\n\n## On all nodes/master instances\n```sh\nsudo yum install -y centos-release-openshift-origin\nsudo yum install -y origin-clients\nsudo yum install -y origin\nsudo yum install -y docker\nsudo yum install atomic-openshift-utils -y\nsudo yum install -y origin-docker-excluder.noarch\n\nsudo sed -i '/OPTIONS=.*/c\\OPTIONS=\"--selinux-enabled --insecure-registry 172.30.0.0/16\"' \\\n/etc/sysconfig/docker\nsudo systemctl is-active docker\nsudo systemctl enable docker\nsudo systemctl restart docker\n```\n\n## On Master let's say 10.128.0.2\n\n```sh\nmkdir -p ocp/master\n\nopenshift start master --dns='tcp://0.0.0.0:8053' --public-master='https://10.128.0.2:8443' \\\n--listen='https://0.0.0.0:8443' \\\n--master='https://10.128.0.2:8443' \\\n--write-config='ocp/master'\nopenshift start master --config=ocp/master/master-config.yaml\nexport KUBECONFIG=$(pwd)/ocp/master/admin.kubeconfig\noc get nodes\nscp -r ocp node1:/tmp\n```\n\n## On nodes  let's say 10.128.0.3\n```sh\noc adm create-node-config \\\n    --master='https://10.128.0.2:8443' \\\n    --node-dir=ocp/node1 \\\n    --node=node1 \\\n    --hostnames=node1,10.128.0.3 \\\n    --certificate-authority=\"ocp/master/ca.crt\" \\\n    --signer-cert=\"ocp/master/ca.crt\" \\\n    --signer-key=\"ocp/master/ca.key\" \\\n    --signer-serial=\"ocp/master/ca.serial.txt\" \\\n    --node-client-certificate-authority=\"ocp/master/ca.crt\"\n\nopenshift start node --config=node-config.yaml\nexport KUBECONFIG=$(pwd)/ocp/master/admin.kubeconfig\noc get nodes \noc adm policy add-scc-to-user hostnetwork -z router\noc adm router\noc new-app debianmaster/go-welcome\noc expose svc go-welcome --hostname=go-welcome.tmp.xfc.io\n```\n\n\n\n\n# Gcloud\n```sh\ngcloud compute instances list \n\ngcloud config set compute/region asia-east1\n\ngcloud config set compute/zone asia-east1-a\n\ngcloud compute networks create openshift --subnet-mode=custom\n\ngcloud compute networks subnets create openshift-subnet \\\n  --network openshift \\\n  --range 10.240.0.0/24\n  \n\ngcloud compute firewall-rules create allow-internal \\\n  --allow tcp,udp,icmp \\\n  --network openshift \\\n  --source-ranges 10.240.0.0/24,10.200.0.0/16\n  \n \ngcloud compute firewall-rules create allow-external \\\n  --allow tcp:22,tcp:3389,tcp:443,tcp:80,tcp:6443,tcp:8443,icmp \\\n  --network openshift \\\n  --source-ranges 0.0.0.0/0  \n  \n  \ngcloud compute firewall-rules create allow-healthz \\\n  --allow tcp:8080 \\\n  --network openshift \\\n  --source-ranges 130.211.0.0/22 \n  \n\ngcloud compute firewall-rules create allow-http-https   --allow tcp:8080,tcp:443,tcp:80   --network openshift   --source-ranges 0.0.0.0/0\n\ngcloud compute firewall-rules list --filter \"network=openshift\"\n\ngcloud compute addresses create openshift --region=asia-east1\n\ngcloud compute addresses list openshift\n\ngcloud compute instances create \"master1\" --zone \"asia-east1-a\" --machine-type f1-micro \\\n  --image \"centos-7-v20180510\" --image-project \"centos-cloud\" --boot-disk-size \"20\" \\\n  --boot-disk-type \"pd-ssd\" --boot-disk-device-name \"master1\"  \\\n  --private-network-ip 10.240.0.10  --subnet openshift-subnet\n  \n\ngcloud compute instances create \"master2\" --zone \"asia-east1-b\" --machine-type f1-micro \\\n  --image \"centos-7-v20180510\" --image-project \"centos-cloud\" --boot-disk-size \"20\" \\\n  --boot-disk-type \"pd-ssd\" --boot-disk-device-name \"master2\"  \\\n  --private-network-ip 10.240.0.11  --subnet openshift-subnet\n  \n  \ngcloud compute instances create \"master3\" --zone \"asia-east1-c\" --machine-type f1-micro \\\n  --image \"centos-7-v20180510\" --image-project \"centos-cloud\" --boot-disk-size \"20\" \\\n  --boot-disk-type \"pd-ssd\" --boot-disk-device-name \"master3\"  \\\n  --private-network-ip 10.240.0.12  --subnet openshift-subnet  \n\n gcloud compute instances create \"infra1\" --zone \"asia-east1-a\" --machine-type n1-standard-1  \\\n  --image \"centos-7-v20180510\" --image-project \"centos-cloud\" --boot-disk-size \"20\" \\\n  --boot-disk-type \"pd-ssd\" --boot-disk-device-name \"infra1\"  \\\n  --private-network-ip 10.240.0.51  --subnet openshift-subnet   \n  \n\n gcloud compute instances create \"infra2\" --zone \"asia-east1-b\" --machine-type n1-standard-1  \\\n  --image \"centos-7-v20180510\" --image-project \"centos-cloud\" --boot-disk-size \"20\" \\\n  --boot-disk-type \"pd-ssd\" --boot-disk-device-name \"infra2\"  \\\n  --private-network-ip 10.240.0.52  --subnet openshift-subnet  \n  \n  \ngcloud compute instances create \"node1\" --zone \"asia-east1-a\" --machine-type n1-standard-1  \\\n  --image \"centos-7-v20180510\" --image-project \"centos-cloud\" --boot-disk-size \"20\" \\\n  --boot-disk-type \"pd-standard\" --boot-disk-device-name \"node1\"  \\\n  --private-network-ip 10.240.0.75  --subnet openshift-subnet  \n\ngcloud compute instances create \"node2\" --zone \"asia-east1-b\" --machine-type n1-standard-1  \\\n  --image \"centos-7-v20180510\" --image-project \"centos-cloud\" --boot-disk-size \"20\" \\\n  --boot-disk-type \"pd-standard\" --boot-disk-device-name \"node1\"  \\\n  --private-network-ip 10.240.0.76  --subnet openshift-subnet \n  \n  \n\n\u003e Copy cat ~/.ssh/id_rsa.pub   to metadata\ngcloud compute copy-files ~/.ssh/id_rsa master1:~/\ngcloud compute ssh master1\nsudo sed -i 's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config\nsudo systemctl restart sshd\nsudo yum install -y centos-release-openshift-origin\nsudo yum install -y origin-clients\nsudo yum install -y origin\nsudo yum install -y atomic-openshift-utils.noarch\nssh-agent $SHELL\nssh-add ~/id_rsa\n``` \n\n\n`vi /usr/lib/systemd/system/xfc-master-api.service`\n```sh\n[Unit]\nDescription=API Server\n\n[Service]\nType=notify\nWorkingDirectory=/opt/ocp\nExecStart=/opt/ocp/openshift start master api --config=master/master-config.yaml\nRestart=on-failure\n\n[Install]\nWantedBy=multi-user.target\n```\n`vi /usr/lib/systemd/system/xfc-master-controller.service` \n\n```sh\nUnit]\nDescription=API Controllers\n\n[Service]\nType=notify\nWorkingDirectory=/opt/ocp\n# set GOMAXPROCS to number of processors\nExecStart=/opt/ocp/openshift start master controllers --config=master/master-config.yaml\nRestart=on-failure\n\n[Install]\nWantedBy=multi-user.target\n```\n\n`vi /usr/lib/systemd/system/xfc-node.service`  \n\n```sh\n[Unit]\nDescription=Node\n\n[Service]\nType=notify\nWorkingDirectory=/opt/ocp\n# set GOMAXPROCS to number of processors\nExecStart=/opt/ocp/openshift start node --config=node1/node-config.yaml\nRestart=on-failure\n\n[Install]\nWantedBy=multi-user.target\n```\n\n\n\n```sh\naws ec2 describe-instances \\\n  --filters \"Name=tag:cluster,Values=chak\" | \\\n  jq -j '.Reservations[].Instances[] | .InstanceId, \"  \", .Placement.AvailabilityZone, \"  \", .PrivateIpAddress, \"  \", .PublicIpAddress, \"\\n\"'\n  \naws ec2 describe-instances   --filters \"Name=tag:cluster,Values=chak\" |   jq -j '.Reservations[].Instances[] | .PrivateIpAddress, \"  \", .PublicIpAddress, \"\\n\"'  \n  ```\n\n\n```sh\nmaster_routingconfig_subdomain: apps.ck.osecloud.com\n  openshift_master_cluster_hostname: ck.osecloud.com\n  openshift_master_cluster_public_hostname: ck.osecloud.com\n  openshift_master_api_port: 443\n  openshift_master_console_port: 443\n  openshift_hosted_manage_router: true\n  openshift_hosted_manage_registry: true\n  openshift_hosted_router_selector: 'region=infra'\n  openshift_hosted_registry_selector: 'region=infra'\n  openshift_hosted_metrics_deploy: true\n  openshift_master_logging_public_url: https://kibana.apps.ck.osecloud.com\n  openshift_hosted_logging_deploy: true\n  openshift_master_identity_providers: [{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}]\n  ```\n\n\n### Additional notes\n#### For route53 updates\n\n```sh\n\nexport record_name=apps.ck.osecloud.com\nexport record_value=13.59.37.234\nexport ttl=60\nexport action=UPSERT\nexport record_type=A\n\nexpport zone_id=$(aws route53 list-hosted-zones | jq -r \".HostedZones[] | select(.Name == \\\"ck.osecloud.com.\\\") | .Id\" | cut -d'/' -f3)\n\n\nfunction change_batch() {\n\tjq -c -n \"{\\\"Changes\\\": [{\\\"Action\\\": \\\"$action\\\", \\\"ResourceRecordSet\\\": {\\\"Name\\\": \\\"$record_name\\\", \\\"Type\\\": \\\"$record_type\\\", \\\"TTL\\\": $ttl, \\\"ResourceRecords\\\": [{\\\"Value\\\": \\\"$record_value\\\"} ] } } ] }\"\n}\n\naws route53 change-resource-record-sets --hosted-zone-id ${zone_id} --change-batch $(change_batch) | jq -r '.ChangeInfo.Id' | cut -d'/' -f3\n```\n\n\n```sh\ngcloud compute disks create infra1-disk --size 200GB --type pd-standard --zone=asia-east1-b\ngcloud compute disks create infra2-disk --size 200GB --type pd-standard --zone=asia-east1-b\n\ngcloud compute instances attach-disk infra1 --disk infra1-disk --zone=asia-east1-a\ngcloud compute instances attach-disk infra2 --disk infra2-disk --zone=asia-east1-b\n\ngcloud compute target-pools create openshift-tp\n\ngcloud compute target-pools add-instances openshift-tp   --instances master1 --instances-zone=asia-east1-a\ngcloud compute target-pools add-instances openshift-tp   --instances master2 --instances-zone=asia-east1-b\ngcloud compute target-pools add-instances openshift-tp   --instances master3 --instances-zone=asia-east1-c\n\n\nexport openshift_master=$(gcloud compute addresses describe openshift --region asia-east1 --format 'value(address)')\n\n\ngcloud compute forwarding-rules create openshift-forwarding-rule \\\n  --address ${openshift_master} \\\n  --ports 443 \\\n  --region $(gcloud config get-value compute/region) \\\n  --target-pool openshift-tp\n\n\ngcloud compute forwarding-rules create openshift-forwarding-rule   --address ${openshift_master}   --ports 443,80   --region asia-east1   --target-pool openshift-tp\n\n\ngcloud dns record-sets transaction start --zone=create9\n\ngcloud dns record-sets transaction add 104.155.237.36 --name=cloud.create9.io. --ttl=300 --type=A --zone=create9\n\ngcloud dns record-sets transaction execute --zone=create9\n\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdebianmaster%2Fopenshift-the-hard-way","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdebianmaster%2Fopenshift-the-hard-way","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdebianmaster%2Fopenshift-the-hard-way/lists"}