{"id":18291191,"url":"https://github.com/rhecosystemappeng/ocp_labs_provisioner","last_synced_at":"2026-01-20T22:35:16.363Z","repository":{"id":37852893,"uuid":"503033032","full_name":"RHEcosystemAppEng/ocp_labs_provisioner","owner":"RHEcosystemAppEng","description":"Provisioner tool to deploy and configure Openshift labs","archived":false,"fork":false,"pushed_at":"2023-06-19T09:31:50.000Z","size":23,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-04-09T07:49:32.981Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RHEcosystemAppEng.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-06-13T16:27:41.000Z","updated_at":"2022-06-15T17:36:59.000Z","dependencies_parsed_at":"2024-12-22T23:33:28.531Z","dependency_job_id":null,"html_url":"https://github.com/RHEcosystemAppEng/ocp_labs_provisioner","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/RHEcosystemAppEng/ocp_labs_provisioner","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RHEcosystemAppEng%2Focp_labs_provisioner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RHEcosystemAppEng%2Focp_labs_provisioner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RHEcosystemAppEng%2Focp_labs_provisioner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RHEcosystemAppEng%2Focp_labs_provisioner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RHEcosystemAppEng","download_url":"https://codeload.github.com/RHEcosystemAppEng/ocp_labs_provisioner/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RHEcosystemAppEng%2Focp_labs_provisioner/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28616991,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-20T22:24:05.405Z","status":"ssl_error","status_checked_at":"2026-01-20T22:20:31.342Z","response_time":117,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-05T14:13:28.381Z","updated_at":"2026-01-20T22:35:16.339Z","avatar_url":"https://github.com/RHEcosystemAppEng.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Openshift laboratory provisioner tool\nThis tool was designed to provision and configure Openshift Container Platform\nto being used as labs or for testing purposes automatically and fast using\ncloud-provided infrastructure.\n\n## Setting up environment\nBefore to use this repo, some configurations should be prepared. Check the\ncurrent cloud compatibility to ensure yourself your cloud provider it's\nsupported by this tool.\n\n### Check Cloud provider compatibility\nThis table represents the feature compatibility with each cloud provider\n| Cloud Provider / Feature | Install | Config | Multi-Credential management | Bastionning |\n|--------------------------|---------|--------|-----------------------------|-------------|\n| AWS                      | Yes     | Yes    | Yes                         | No          |\n| GCP                      | No      | No     | No                          | No          |\n| Azure                    | No      | No     | No                          | No          |\n| Bare Metal               | No      | No     | No                          | No          |\n\n\n## Configuring\n### AWS\nFor AWS it's needed to create an `Ansible Vault` secret which contains the\ncredentials of a nominal user or a service account which has enough permissions\nto deploy `EC2`, `VPC`, `S3 Buckets` and `Route53` entries. The file must contain the following parameters:\n```yaml\naws_public_domain: \u003cPUBLIC_DOMAIN_ROUTE53_SERVICE\u003e\naws_account_name: \u003cACCOUNT_NAME\u003e\naws_access_key_id: \u003cSA_ACCESS_KEY\u003e\naws_secret_access_key: \u003cSA_SECRET_ACCESS_KEY\u003e\n```\n\nTo easily decrypt the secrets, you could create a plain text file with the\npassword of the `Ansible Vault` file. In this case, remember to not push the\npassword file!\n\n**NOTE:** Store those credential files in the `secrets` folder on this\nrepository (Files in that folder will not be pushed).\n\n## Configure Cluster Deployment\nTo provision and configure the cluster, it's needed to fill a YAML file which\ncontains every required parameter. The following example shows how to configure\nit:\n```yaml\n## Red Hat Intel Openshift Lab config tool\n#################################################################################\n## vim: noai:ts=2:sw=2\n\n---\ncluster:\n  name: \u003cCLUSTER_NAME\u003e         # DNS compatible\n  version: \u003cCLUSTER_VERSION\u003e   # X.Y.Z\n\n  # Cloud provider config\n  cloud:\n    aws:\n      profile: # Values defined in ansible vault secret (MANDATORY)\n        aws_account_name: \"{{ aws_account_name }}\"\n        aws_access_key_id: \"{{ aws_access_key_id }}\"\n        aws_secret_access_key: \"{{ aws_secret_access_key }}\"\n\n\n  # config_template.yaml inception\n  config:\n    name: laboratory-test\n    #kubeconfig: \"./auth/kubeconfig\"    # Optional\n\n    ## Openshift Image Registry Configuration\n    registry:\n      expose: true\n      hostname: \"openshift-registry\" # Only type route prefix for *.apps domain. Cluster domain will be added automatically\n\n    auth:\n      provider:\n        htpasswd:\n          name: \"htpasswd\"\n      users:\n        - name: admin\n          pass: admin\n          group: admins\n        - name: dev\n          pass: dev\n          group: developers\n      groups:\n        - name: admins\n          clusterRole: cluster-admin\n        - name: developers\n          clusterRole: basic-user\n\n\n  # install-config.yaml inception\n  spec:\n    apiVersion: v1\n    baseDomain: \"{{ aws_public_domain }}\"\n\n    metadata:\n      name: \u003cCLUSTER_NAME\u003e # DNS compatible\n\n    controlPlane:\n      name: master\n      replicas: 3\n      platform:\n        aws:\n          type: \u003cMASTER_VM_FLAVOUR\u003e\n          zones:\n            - \u003cAVAILABILITY_ZONE\u003e\n\n    compute:\n      - name: worker\n        replicas: \u003cNUMBER_OF_WORKERS\u003e\n        platform:\n          aws:\n            type: \u003cWORKER_VM_FLAVOUR\u003e\n            zones:\n              - \u003cAVAILABILITY_ZONE\u003e\n\n    networking:\n      clusterNetwork:\n      - cidr: 10.128.0.0/14\n        hostPrefix: 23\n      machineNetwork:\n      - cidr: 10.0.0.0/16\n      networkType: OpenShiftSDN\n      serviceNetwork:\n      - 172.30.0.0/16\n\n    platform:\n      aws:\n        region: \u003cREGION\u003e\n\n    sshKey: '...'\n    pullSecret: '...'\n```\n\n\n\n## Create Environments\nOne you had configured your environment and your cloud provider credentials, run\nthe following command to start the provisioning process.\n```sh\nansible-playbook site.yaml \\\n  --vault-password-file=\u003cVAULT_PASSWORD_FILE\u003e \\\n  -e@secrets/\u003cCLOUD_CREDENTIALS_FILE\u003e \\\n  --extra-vars=\"deployment=\u003cLAB_CONFIG_FILE\u003e\"\n```\n**WARNING:** Don't forget to backup `build` dir to keep environments tracked.\n\n## Destroy Environments\n```sh\nansible-playbook clean.yaml \\\n  --vault-password-file=\u003cVAULT_PASSWORD_FILE\u003e \\\n  -e@secrets/\u003cCLOUD_CREDENTIALS_FILE\u003e \\\n  --extra-vars=\"deployment=\u003cLAB_CONFIG_FILE\u003e.yaml\"\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhecosystemappeng%2Focp_labs_provisioner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frhecosystemappeng%2Focp_labs_provisioner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhecosystemappeng%2Focp_labs_provisioner/lists"}