Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs for deploy to OpenShift #355

Closed
wants to merge 3 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
192 changes: 192 additions & 0 deletions content/docs/using-appsody/building-and-deploying.md
Original file line number Diff line number Diff line change
Expand Up @@ -224,6 +224,198 @@ This command completes the following actions:
- If you specified the `--knative` flag, or if Knative is the only deployment option for your stack, the command tags the image with the special prefix `dev.local`, making it accessible to your Kubernetes cluster (assuming you followed [these directions](/content/docs/using-appsody/installing-knative-locally.md))
- Creates a deployment manifest file named `app-deploy.yaml`, in the project directory. This yaml file is used to issue a `kubectl apply -f` command against the target Kubernetes cluster. The format of this yaml file depends on whether or not the stack you are using is enabled for the Appsody operator.

### Deploying your application to a local Open Shift cluster using Red Hat CodeReady Containers
Instructions for installing Red Hat CodeReady Containers can be found [here](/content/docs/using-appsody/installing-openshift-locally.md).

To deploy your application follow these steps:
1. Check cluster status:
```
crc status
```
If the cluster is not running:
```
crc start
```
Note the provided user names and passwords
1. Log into the cluster:
```
oc login -u <userid> -p <password> https://api.crc.testing:6443
```
Use the developer id and password
1. Create a project:
```
oc new-project test
```
1. Log into the web console:
```
crc console
```
The web console will open in a web browser. Use the kubeadmin id and password to log in
1. Find the `image-registry` address:
- Navigate to Workloads-> Pods
- Select `all projects` at the top 'Project' pull-down
- Click on the main `image-registry` pod (Example: `image-registry-6984bcdf68-vpfjt`)
- Click on the `Environment` tab and scroll down to `REGISTRY_OPENSHIFT_SERVER_ADDR` and note the value (Example: `image-registry.openshift-image-registry.svc:5000`)
This value will be used for `--pull-url` for `appsody deploy`
1. Find the `default-route` location:
- Navigate to Networking-> Routes
- Note the `Location` for the `default-route` but remove the `https://` (Example: `default-route-openshift-image-registry.apps-crc.testing`)
This value will be used for `--push-url` for `appsody deploy`
1. Create the certificate (Red Hat Linux example):
- Get the certificate:
```
openssl s_client -connect default-route-openshift-image-registry.apps-crc.testing:443
```
Copy the `Server certificate` which starts with header: `-----BEGIN CERTIFICATE-----` and ends with header: `-----END CERTIFICATE-----` You must include the headers.
- Create the certificate directory:
```
sudo mkdir -p /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing
```
- Create the certificate:
```
sudo vi /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing/ca.crt
```
- Insert the copied certificate using `i` to get into insert mode and then paste the copied certificate and then press `Esc` then `:wq` `<enter>` to save the file
1. Log out oc developer:
```
oc logout
```
1. Log in oc kubeadmin:
```
oc login -u <userid> -p <password> https://api.crc.testing:6443
```
Use the kubeadmin id and password
1. Create and apply Role yaml file:
- Create the file:
```
vi ~/Role.yaml
```
- Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `<enter>` to save the file
```
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: test-user-full-access
namespace: test
rules:
- apiGroups: ["", "extensions", "apps", "autoscaling", "appsody.dev", "rbac.authorization.k8s.io"]
resources: ["*"]
verbs: ["*"]
- apiGroups: ["batch"]
resources:
- jobs
- cronjobs
verbs: ["*"]
```
- Apply the role:
```
kubectl apply -f ~/Role.yaml
```
1. Create and apply the ClusterRole yaml file:
- Create the file:
```
vi ~/ClusterRole.yaml
```
- Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `<enter>` to save the file
```
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: test-user-node-readonly-access
rules:
- apiGroups: ["", "apps", "autoscaling", "extensions"]
resources: ["*"]
verbs: ["get", "watch", "list"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["*"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["rolebindings"]
verbs: ["get", "watch", "list"]
```
- Apply the role:
```
kubectl apply -f ClusterRole.yaml
```
1. Create and apply the RoleBinding yaml file:
- Create the file:
````
vi ~/RoleBinding.yaml
````
- Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `<enter>` to save the file
```
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: read-pods
namespace: test
subjects:
- kind: User
name: developer
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: Role
name: test-user-full-access
apiGroup: rbac.authorization.k8s.io
```
- Apply the role:
```
kubectl apply -f RoleBinding.yaml
```
1. Create and apply the ClusterRoleBinding yaml file:
- Create the file:
```
vi ~/ClusterRoleBinding.yaml
```
- Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `<enter>` to save the file
```
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: read-pods-global
subjects:
- kind: User
name: developer
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: ClusterRole
name: test-user-node-readonly-access
apiGroup: rbac.authorization.k8s.io
```
- Apply the role:
```
kubectl apply -f ClusterRoleBinding.yaml
```
1. Log out oc kubeadmin:
```
oc logout
```
1. Log in oc developer
```
oc login -u <userid> -p <password> https://api.crc.testing:6443
```
Use the developer id and password
1. Log into docker:
```
docker login -u $(oc whoami) -p $(oc whoami -t) https://default-route-openshift-image-registry.apps-crc.testing
```
1. Perform the deploy:
```
appsody deploy --tag <tag> --pull-url <pull-url> --push-url <push-url> --push --namespace <namespace> -v
```
Example tag: `test/node:v1`

Example pull-url: `image-registry.openshift-image-registry.svc:5000`

Example push-url: `default-route-openshift-image-registry.apps-crc.testing`

Example namespace: `test`

Example deploy command:
```
appsody deploy --tag test/node:v1 --pull-url image-registry.openshift-image-registry.svc:5000 --push-url default-route-openshift-image-registry.apps-crc.testing --push --namespace test -v
```

### Deploying your application through Docker Hub

If your cluster is configured to pull images from Docker Hub, use the following command to deploy your application:
Expand Down
59 changes: 59 additions & 0 deletions content/docs/using-appsody/installing-openshift-locally.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
---
title: Installing OpenShift locally using Red Had CodeReadyContainers
---

# Installing OpenShift locally using Red Hat CodeReady Containers

Red Hat CodeReady Containers provides a minimum OpenShift cluster for your local workstation. Supported operating systems are Windows, macOS and Linux. The Red Hat install instructions can be found [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned). The Red Hat "Getting Started" instructions can be found [here](https://access.redhat.com/documentation/en-us/red_hat_codeready_containers/1.0/html/getting_started_guide/getting-started-with-codeready-containers_gsg).

## Installing Red Hat CodeReady on Red Hat Enterprise Linux 7.7
### Assumptions:
1. User must have permission to use `sudo` command.
1. Minimum hardware and required software requirements are fulfilled. See the sections [here](https://access.redhat.com/documentation/en-us/red_hat_codeready_containers/1.0/html/getting_started_guide/getting-started-with-codeready-containers_gsg).
### Steps:
1. Navigate [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned) and click on the link `Linux: Download (Libvirt)` to download the crc tar file.
1. Extract:
```
tar -xvf crc-linux-amd.tar.xz
```
1. Move the binary to your `$PATH`. Example:
```
sudo mv crc-linux-1.0.0-amd64/crc /usr/local/bin/
```
1. Setup crc:
```
crc setup
```
1. Copy pull secret by clicking `Copy Pull Secret` [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned).
1. Start crc and paste in secret when prompted:
```
crc start
```
Note the provided user names and passwords
1. Get the command needed to add the cached `oc` binary to your `$PATH`:
```
crc oc-env
```
Insert the command into /etc/profile. Example: `export PATH="$HOME/.crc.bin:$PATH"`
### kubectl
kubectl is required for deploying Appsody applications to OpenShift. To see if you have kubectl installed run `kubectl version`

To install kubectl follow these steps:
1. Get the code:
```
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
```
```
curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.16.0/bin/linux/amd64/kubectl
```
1. Make the binary executable:
```
chmod +x ./kubectl
```
1. Move the binary to your `$PATH`
```
sudo mv ./kubectl /usr/local/bin/kubectl
```