https://github.com/rguske/openshift-installer-provisioned-infrastructure

Installing Red Hat OpenShift using the installation method IPI - Installer Provisioned Infrastructure
https://github.com/rguske/openshift-installer-provisioned-infrastructure

kubernetes openshift openshift-container-platform openshift-v4 redhat

Last synced: about 1 year ago
JSON representation

Installing Red Hat OpenShift using the installation method IPI - Installer Provisioned Infrastructure

Host: GitHub
URL: https://github.com/rguske/openshift-installer-provisioned-infrastructure
Owner: rguske
Created: 2025-01-28T07:59:02.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2025-01-28T21:06:50.000Z (over 1 year ago)
Last Synced: 2025-01-28T22:20:45.449Z (over 1 year ago)
Topics: kubernetes, openshift, openshift-container-platform, openshift-v4, redhat
Homepage:
Size: 527 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Red Hat OpenShift Installation - Installer Provisioned Infrastructure (IPI)

⚠️ WIP

You can install OpenShift Container Platform on vSphere by using installer-provisioned infrastructure. Installer-provisioned infrastructure allows the installation program to preconfigure and automate the provisioning of resources required by OpenShift Container Platform. Installer-provisioned infrastructure is useful for installing in environments with disconnected networks, where the installation program provisions the underlying infrastructure for the cluster.

## Preperations

Setup a Bastion Host using e.g RHEL9.

### SSH

`cat ~/.ssh/id_ed25519.pub | ssh rguske@rguske-bastion.rguske....com "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys && chmod 700 ~/.ssh"`

* Generating an SSH key pair on your Bastion-Host. You can use this key pair to authenticate into the OpenShift Container Platform cluster’s nodes after it is deployed.

`ssh-keygen -t ed25519 -N '' -f ~/.ssh/id_ed25519`

### RHEL Subscription Manager

* Register the `subscription-manager`: `sudo subscription-manager register --username --password `

### vCenter Root Certificates

* [Adding your vCenter’s trusted root CA certificates](https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/installing_on_vmware_vsphere/installer-provisioned-infrastructure#installation-adding-vcenter-root-certificates_ipi-vsphere-preparing-to-install) to your system trust.
* Downloading and adding the certificates: `curl -kLO https://vcsa-vsphere1.coe.muc.redhat.com/certs/download.zip`
* Install `unzip` to unpack the zip file: `sudo dnf install unzip -y`.
* Unpack the zip file: `unzip download.zip`.
* Move the certificates to the system trust: `cp certs/lin/* /etc/pki/ca-trust/source/anchors`
* Update your system trust: `update-ca-trust extract`

### Installing necessary CLIs

On the bastion host, download the necessary cli's:

`curl -LO `

* [openshift-install-rhel9](https://mirror.openshift.com/pub/openshift-v4/clients/ocp/4.17.6/openshift-install-rhel9-amd64.tar.gz)
* [openshift-client-linux-amd64](https://mirror.openshift.com/pub/openshift-v4/clients/ocp/4.17.6/openshift-client-linux-amd64-rhel9-4.17.6.tar.gz)

Unpack the `.gz`files and copy them into your path:

If /usr/local/bin isn't included in the $PATH, run
`export PATH=/usr/local/bin:$PATH`

```shell
cp openshift-install /usr/local/bin/
cp oc /usr/local/bin/
cp kubectl /usr/local/bin/
```

### Create local config - IPI

Create the installation configuration for OCP interactively by executing: `openshift-install create install-config --dir .`

```shell
openshift-install create install-config --dir .
? SSH Public Key /home/rguske/.ssh/id_rsa.pub
? Platform vsphere
? vCenter vcsa-....com
? Username administrator@vsphere...
? Password [? for help] ********
INFO Connecting to vCenter vcsa-...com
INFO Defaulting to only available datacenter: coe
INFO Defaulting to only available cluster: /coe/host/cluster
? Default Datastore /coe/datastore/shared-netapp
INFO Defaulting to only available network: VM Network
? Virtual IP Address for API 10.32.96.120
? Virtual IP Address for Ingress 10.32.96.121
? Base Domain rguske......com
? Cluster Name ocp1
? Pull Secret [? for help] ****************************************************************************************************************************************************************************************
INFO Install-Config created in: .
```

Output `install-config.yaml`:

```yaml
additionalTrustBundlePolicy: Proxyonly
apiVersion: v1
baseDomain: rguske....com
compute:
- architecture: amd64
hyperthreading: Enabled
name: worker
platform: {}
replicas: 3
controlPlane:
architecture: amd64
hyperthreading: Enabled
name: master
platform: {}
replicas: 3
metadata:
creationTimestamp: null
name: ocp1
networking:
clusterNetwork:
- cidr: 10.128.0.0/14
hostPrefix: 23
machineNetwork:
- cidr: 10.0.0.0/16
networkType: OVNKubernetes
serviceNetwork:
- 172.30.0.0/16
platform:
vsphere:
apiVIPs:
- 10.32.96.120
failureDomains:
- name: generated-failure-domain
region: generated-region
server: vcsa-vsphere1.coe.muc.redhat.com
topology:
computeCluster: /coe/host/cluster
datacenter: coe
datastore: /coe/datastore/shared-netapp
networks:
- VM Network
resourcePool: /coe/host/cluster/Resources
zone: generated-zone
ingressVIPs:
- 10.32.96.121
vcenters:
- datacenters:
- coe
password: ...
port: 443
server: vcsa-....
user: administrator@vsphere....
publish: External
pullSecret: '{"auths":{"cloud.openshift.com":{"auth":"b3BlbnNoaWZ0LXJlbG...'
sshKey: |
ssh-rsa AAAAB3N...
```

This is pretty similiar to what you've might know from the [Agent-Based-Installer](https://github.com/rguske/openshift-agent-based-installer?tab=readme-ov-file#configurations), except the part `failureDomains`. Furthermore, the output expects a DHCP supported environment. I'd like to configure it with static IPs.

Samle configuration with static IP assignments:

```yaml
cat > install-config.yaml < --log-level=debug`

`openshift-install wait-for install-complete --log-level debug`

```shell
l
total 32
drwxr-x---@ 4 rguske staff 128B Sep 12 08:44 .
drwxr-xr-x@ 9 rguske staff 288B Sep 12 09:29 ..
-rw-r-----@ 1 rguske staff 23B Sep 12 08:44 kubeadmin-password
-rw-r-----@ 1 rguske staff 8.8K Sep 12 08:44 kubeconfig
```

## Troubleshooting

`oc adm node-logs ocp-mk1-nbhk5-master-0 -u crio`

`oc get clusterversion`

`oc describe clusterversion`

`oc adm upgrade`

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/rguske/openshift-installer-provisioned-infrastructure

Awesome Lists containing this project

README