Skip to content

Latest commit

 

History

History
241 lines (185 loc) · 10.9 KB

ocp_prereqs_powervs.md

File metadata and controls

241 lines (185 loc) · 10.9 KB

PowerVS Prerequisites


Create an IBM Cloud account.

If you don’t already have one, you need a paid IBM Cloud account to create your Power Systems Virtual Server instance. To create an account, go to: cloud.ibm.com.

Create an IBM Cloud account API key

Please refer to the following documentation to create an API key.

Create Power Systems Virtual Server Service Instance

After you have an active IBM Cloud account, you can create a Power Systems Virtual Server service. To do so, perform the following steps:

  1. Log in to the IBM Cloud dashboard and search for Power in the catalog.   Search for Power  
  2. Select Power Systems Virtual Server   Select Power Systems Virtual Server  
  3. Fill required details   Fill Details   Provide a meaningful name for your instance in the Service name field and select the proper resource group. More details on resource groups is available from the following link   Provide service name  
  4. Create Service Click on "Create" to create the service instance.   Create service  

Create Private Network

A private network is required for your OpenShift cluster. Perform the following steps to create a private network for the Power Systems Virtual Server service instance created in the previous step.

  1. Select the previously created "Service Instance" and create a private subnet by clicking "Subnets" and providing the required inputs.   Note: If you see a screen displaying CRN and GUID, then click "View full details" to access the "Subnet" creation page.   Select subnet  
  2. Provide the network details and click "Create subnet"   Provide Input   On successful network creation, the following output will be displayed in the dashboard.   Create subnet

Enable communication over the private network

Two options are available to enable communication over the private network.

Option 1

Now, the automation can create a Cloud Connection for you. IBM Cloud connection creates a Direct Link (2.0) Connect instance to connect your Power Virtual Server instances to the IBM Cloud resources within your account.

You can now use IBM Cloud Transit Gateway to manage the connection of your Power Virtual Server instances to the IBM Cloud resources. This feature is available when you set use_ibm_cloud_services = true. Skip the steps given below and please refer to var.tfvars for more details.

Use the IBM Cloud CLI with the latest power-iaas plug-in (version 0.3.4 or later) to enable a private network communication. This requires attaching the private network to an IBM Cloud Direct Link Connect 2.0 connection. Perform the following steps to enable private network communication by attaching to the Direct Link Connect 2.0 connection.

  • Select a specific service instance You’ll need the CRN of the service instance created earlier (for example, ocp-powervs-test-1).
ibmcloud pi service-target crn:v1:bluemix:public:power-iaas:tok04:a/65b64c1f1c29460e8c2e4bbfbd893c2c:e4bb3d9d-a37c-4b1f-a923-4537c0c8beb3::
  • Get the ID of the private network
ibmcloud pi nets | grep -w ocp-net


ID           93cc386a-53c5-4aef-9882-4294025c5e1f
Name         ocp-net
Type         vlan
VLAN         413
CIDR Block   192.168.201.0/24
IP Range     [192.168.201.2  192.168.201.254]
Gateway      192.168.201.1
DNS          127.0.0.1

You’ll need the ID in subsequent steps.

  • Get the Direct Link Connect connection ID
ibmcloud pi cons

ID                                     Name             Link Status   Speed
89fcfd7c-ec74-473b-ba09-4cd95fa47e2e   ocp-powervs-dl   idle          10000

Get the ID of the connection.

If you don’t have an existing Direct Link Connect 2.0 connection provisioned under your account, then you can create a new connection using the IBM Cloud CLI. A highly available Direct Link Connect 2.0 connection between the Power Virtual Server and IBM Cloud comes free of cost. Refer: https://cloud.ibm.com/docs/power-iaas?topic=power-iaas-ordering-direct-link-connect

ibmcloud pi conc ocp-powervs-dl --speed 10000
  • Attach the private network to Direct Link Connect 2.0 (connection)
ibmcloud pi conan 89fcfd7c-ec74-473b-ba09-4cd95fa47e2e --network e1b90247-a504-4468-8662-8f785533067d

This can take 3 to 5 minutes to become active.

  • Verify the status of the attachment
ibmcloud pi con 89fcfd7c-ec74-473b-ba09-4cd95fa47e2e

ID               89fcfd7c-ec74-473b-ba09-4cd95fa47e2e
Name             ocp-powervs-dl
Link Status      idle
Speed            10000
Creation Date    2021-05-13T13:17:08.093Z
Global Routing   false
IBM IPAddress    169.254.0.1/30
User IPAddress   169.254.0.2/30
Metered          false
Classic          false
Networks         ID: e1b90247-a504-4468-8662-8f785533067d       Name: ocp-net  VlanID: 392

The output shows that the ocp-net private network is attached to Direct Link Connect 2.0. This enables inter VM communication on the private network as well as communication with IBM Cloud over Direct Link.

Option 2

If you don’t want to use Direct Link, then you’ll need to raise a service request to enable private network communication.

Perform the following steps to raise the service request.

Click on Support in the top bar of the dashboard and scroll down to Contact Support, then select "Create a case"   Create a case   Select "Power Systems Virtual Server" tile   Create a case Page   Complete the details as shown using the following template:  

  • [Subject:] Enable communication between PowerVS instances on private network
  • [Body:]
      Please enable IP communication between PowerVS instances for the following private network:
      Name: <your-subnet-name-from-above>
      Type: Private
      CIDR: <your ip subnet-from-above>
      VLAN ID: <your-vlan-id> (listed in your subnet details post-creation)
      Location: <your-location> (listed in your subnet details post-creation)
      Service Instance: <your-service-name>
    

  Following is a complete example of the support case content.

  Please enable IP communication between PowerVS instances for the following private network:
  Name: ocp-net
  Type: Private
  CIDR: 192.168.25.0/24
  VLAN ID: 293
  Location: eu-de-2
  Service Instance: ocp-powervs-frankfurt-2

  Sample support request   Click "Continue" to accept agreements, and then Click "Submit case".   Submit Case  

This usually takes a day to get enabled.

RHCOS and RHEL/CentOS Images for OpenShift

RHEL/CentOS (8.X or 9.X) image is used for bastion and RHCOS is used for the OpenShift cluster nodes.

You can now use stock images for the bastion node. The automation will copy it to your PowerVS service instance if not already available.

For RHCOS (OpenShift cluster nodes) you can let the automation import it for you from public COS bucket by setting the variable rhcos_import_image = true. Skip the steps given below for RHCOS and please refer to var.tfvars for more details. Value of rhcos_import_image_filename can be refered from rhcos-table.md specific to the required OpenShit version.

You'll need to create OVA formatted images for RHEL and RHCOS, upload them to IBM Cloud Object storage and then import these images as boot images in your PowerVS service instance.

Further, the image disk should be minimum of 120 GB in size.

Creating OVA images

  • If you have PowerVC then you can follow the instructions provided in the link to export an existing PowerVC image to OVA image.
  • You can also use the following tool to convert Qcow2 image to OVA.
  • Qcow2 Image Links
    • RHEL 8.3 Qcow2 image is available from the following link
    • CentOS 8.3 Wcow2 image is available from the following link
    • RHCOS Qcow2 image is available at latest stable OR pre-release

Note: RHCOS image version is tied to the specific OCP release. For example RHCOS-4.6 image needs to be used for OCP 4.6 release.

Uploading to IBM Cloud Object Storage

  • Create IBM Cloud Object Storage service and bucket Please refer to the following link for instructions to create IBM Cloud Object Storage service and required storage bucket to upload the OVA images.  
  • Create secret and access keys with Hash-based Message Authentication Code (HMAC) Please refer to the following link for instructions to create the keys required for importing the images into your PowerVS service instance.  
  • Upload the OVA image to Cloud Object storage bucket Please refer to the following link for uploading the OVA image to the respective bucket. Alternatively you can also use the following tool.

Importing the images in PowerVS

Choose the previously created PowerVS "Service Instance", click "View full details" and select "Boot images". Click the "Import image" option and fill the requisite details like image name, storage type and cloud object storage details.

Example screenshot showing import of RHEL image that is used for bastion   Image Import-RHEL   Example screenshot showing import of RHCOS image used for OCP   Image Import-RHCOS  

Your PowerVS service instance is now ready for OpenShift clusters.