From f837e9c1dc2440f68f6f90defd6cf903a025d386 Mon Sep 17 00:00:00 2001 From: Terrence Nixa Date: Thu, 7 Nov 2019 16:23:51 -0600 Subject: [PATCH 1/3] docs for deploy to OpenShift --- .../using-appsody/building-and-deploying.md | 182 ++++++++++++++++++ .../installing-openshift-locally.md | 59 ++++++ 2 files changed, 241 insertions(+) create mode 100644 content/docs/using-appsody/installing-openshift-locally.md diff --git a/content/docs/using-appsody/building-and-deploying.md b/content/docs/using-appsody/building-and-deploying.md index c620a1ae9..c958268c6 100644 --- a/content/docs/using-appsody/building-and-deploying.md +++ b/content/docs/using-appsody/building-and-deploying.md @@ -224,6 +224,188 @@ This command completes the following actions: - If you specified the `--knative` flag, or if Knative is the only deployment option for your stack, the command tags the image with the special prefix `dev.local`, making it accessible to your Kubernetes cluster (assuming you followed [these directions](/content/docs/using-appsody/installing-knative-locally.md)) - Creates a deployment manifest file named `app-deploy.yaml`, in the project directory. This yaml file is used to issue a `kubectl apply -f` command against the target Kubernetes cluster. The format of this yaml file depends on whether or not the stack you are using is enabled for the Appsody operator. +### Deploying your application to a local Open Shift cluster using Red Hat CodeReady Containers +Instructions for installing Red Hat CodeReady Containers can be found [here](/content/docs/using-appsody/installing-openshift-locally.md). + +To deploy your application follow these steps: +1. Log into the cluster: + ``` + oc login -u -p https://api.crc.testing:6443 + ``` + Use the developer id and password +1. Create a project: + ``` + oc new-project test + ``` +1. Log into the web console: + ``` + crc console + ``` + The web console will open in a web browser. Use the kubeadmin id and password to log in +1. Find the `image-registry` address: + - Navigate to Workloads-> Pods + - Click on the main `image-registry` pod (Example: `image-registry-6984bcdf68-vpfjt`) + - Click on the `Environment` tab and scroll down to `REGISTRY_OPENSHIFT_SERVER_ADDR` and note the value (Example: `image-registry.openshift-image-registry.svc:5000`) + This value will be used for `--pull-url` for `appsody deploy` +1. Find the `default-route` location: + - Navigate to Networking-> Routes + - Note the `Location` for the `default-route` (Example: `https://default-route-openshift-image-registry.apps-crc.testing`) + This value will be used for `--push-url` for `appsody deploy` +1. Create the certificate (Red Ha Linux example): + - Get the certificate: + ``` + openssl s_client -connect default-route-openshift-image-registry.apps-crc.testing:443 + ``` + Copy the `Server certificate` which starts with header: `-----BEGIN CERTIFICATE-----` and ends with header: `-----END CERTIFICATE-----` You must include the headers. + - Create the certificate directory: + ``` + sudo mkdir /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing + ``` + - Create the certificate: + ``` + vi /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing/ca.crt + ``` + - Insert the copied certificate using `i` to get into insert mode and then paste the copied certificate and then press `esc` then `:wq` `` to save the file +1. Log out oc developer: + ``` + oc logout + ``` +1. Log in oc kubeadmin: + ``` + oc login -u -p https://api.crc.testing:6443 + ``` + Use the kubeadmin id and password +1. Create and apply Role yaml file: + - Create the file: + ``` + vi ~/Role.yaml + ``` + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `esc` then `:wq` `` to save the file + ``` + kind: Role + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: test-user-full-access + namespace: test + rules: + - apiGroups: ["", "extensions", "apps", "autoscaling", "appsody.dev", "rbac.authorization.k8s.io"] + resources: ["*"] + verbs: ["*"] + - apiGroups: ["batch"] + resources: + - jobs + - cronjobs + verbs: ["*"] + ``` + - Apply the role: + ``` + kubectl apply -f Role.yaml + ``` +1. Create and apply the ClusterRole yaml file: + - Create the file: + ``` + vi ~/ClusterRole.yaml + ``` + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `esc` then `:wq` `` to save the file + ``` + kind: ClusterRole + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: test-user-node-readonly-access + rules: + - apiGroups: ["", "apps", "autoscaling", "extensions"] + resources: ["*"] + verbs: ["get", "watch", "list"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["*"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["rolebindings"] + verbs: ["get", "watch", "list"] + ``` + - Apply the role: + ``` + kubectl apply -f ClusterRole.yaml + ``` +1. Create and apply the RoleBinding yaml file: + - Create the file: + ```` + vi ~/RoleBinding.yaml + ```` + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `esc` then `:wq` `` to save the file + ``` + apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: read-pods + namespace: test + subjects: + - kind: User + name: developer + apiGroup: rbac.authorization.k8s.io + roleRef: + kind: Role + name: test-user-full-access + apiGroup: rbac.authorization.k8s.io + ``` + - Apply the role: + ``` + kubectl apply -f RoleBinding.yaml + ``` +1. Create and apply the ClusterRoleBinding yaml file: + - Create the file: + ``` + vi ~/ClusterRoleBinding.yaml + ``` + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `esc` then `:wq` `` to save the file + ``` + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: read-pods-global + subjects: + - kind: User + name: developer + apiGroup: rbac.authorization.k8s.io + roleRef: + kind: ClusterRole + name: test-user-node-readonly-access + apiGroup: rbac.authorization.k8s.io + ``` + - Apply the role: + ``` + kubectl apply -f ClusterRoleBinding.yaml + ``` +1. Log out oc kubeadmin: + ``` + oc logout + ``` +1. Log in oc developer + ``` + oc login -u -p https://api.crc.testing:6443 + ``` + Use the developer id and password +1. Log into docker: + ``` + docker login -u $(oc whoami) -p $(oc whoami -t) https://default-route-openshift-image-registry.apps-crc.testing + ``` +1. Perform the deploy: + ``` + appsody deploy --tag --pull-url --push-url --push --namespace -v + ``` + Example tag: `test/node:v1` + + Example pull-url: `image-registry.openshift-image-registry.svc:5000` + + Example push-url: `https://default-route-openshift-image-registry.apps-crc.testing` + + Example namespace: `test` + + Example deploy command: + ``` + appsody deploy --tag test/node:v1 --pull-url image-registry.openshift-image-registry.svc:5000 --push-url https://default-route-openshift-image-registry.apps-crc.testing --push --namespace test -v + ``` + ### Deploying your application through Docker Hub If your cluster is configured to pull images from Docker Hub, use the following command to deploy your application: diff --git a/content/docs/using-appsody/installing-openshift-locally.md b/content/docs/using-appsody/installing-openshift-locally.md new file mode 100644 index 000000000..ae21d0e4b --- /dev/null +++ b/content/docs/using-appsody/installing-openshift-locally.md @@ -0,0 +1,59 @@ +--- +title: Installing OpenShift locally using Red Had CodeReadyContainers +--- + +# Installing OpenShift locally using Red Hat CodeReady Containers + +Red Hat CodeReady Containers provides a minimum OpenShift cluster for your local workstation. Supported operating systems are Windows, macOS and Linux. The Red Hat install instructions can be found [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned). The Red Hat "Getting Started" instructions can be found [here](https://access.redhat.com/documentation/en-us/red_hat_codeready_containers/1.0/html/getting_started_guide/getting-started-with-codeready-containers_gsg). + +## Installing Red Hat CodeReady on Red Hat Enterprise Linux 7.7 +### Assumptions: +1. User must have permission to use `sudo` command. +1. Minimum hardware and required software requirements are fulfilled. See the sections [here](https://access.redhat.com/documentation/en-us/red_hat_codeready_containers/1.0/html/getting_started_guide/getting-started-with-codeready-containers_gsg). +### Steps: +1. Navigate [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned) and click on the link `Linux: Download (Libvirt)` to download the crc tar file. +1. Extract: + ``` + tar -xvf crc-linux-amd.tar.xz + ``` +1. Move the binary to your `$PATH`. Example: + ``` + sudo mv crc-linux-1.0.0-amd64/crc /usr/local/bin/ + ``` +1. Setup crc: + ``` + crc setup + ``` +1. Copy pull secret by clicking `Copy Pull Secret` [here](https://cloud.redhat.com/openshift/install/crc/installer-provisioned). +1. Start crc and paste in secret when prompted: + ``` + crc start + ``` + Note the provided user names and passwords +1. Get the command needed to add the cached `oc` binary to your `$PATH`: + ``` + crc oc-env + ``` + Run the printed command +### kubectl +kubectl is required for deploying Appsody applications to OpenShift. To see if you have kubectl installed run `kubectl version` + +To install kubectl follow these steps: +1. Get the code: + ``` + curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl + ``` + ``` + curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.16.0/bin/linux/amd64/kubectl + ``` +1. Make the binary executable: + ``` + chmod +x ./kubectl + ``` +1. Move the binary to your `$PATH` + ``` + sudo mv ./kubectl /usr/local/bin/kubectl + ``` + + + From 99dc8697534ef5886156e29fee3a20ab54d6a2b9 Mon Sep 17 00:00:00 2001 From: Terrence Nixa Date: Mon, 11 Nov 2019 10:06:20 -0600 Subject: [PATCH 2/3] fixed typeos --- content/docs/using-appsody/building-and-deploying.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/content/docs/using-appsody/building-and-deploying.md b/content/docs/using-appsody/building-and-deploying.md index c958268c6..2d6e64df2 100644 --- a/content/docs/using-appsody/building-and-deploying.md +++ b/content/docs/using-appsody/building-and-deploying.md @@ -251,7 +251,7 @@ To deploy your application follow these steps: - Navigate to Networking-> Routes - Note the `Location` for the `default-route` (Example: `https://default-route-openshift-image-registry.apps-crc.testing`) This value will be used for `--push-url` for `appsody deploy` -1. Create the certificate (Red Ha Linux example): +1. Create the certificate (Red Hat Linux example): - Get the certificate: ``` openssl s_client -connect default-route-openshift-image-registry.apps-crc.testing:443 @@ -265,7 +265,7 @@ To deploy your application follow these steps: ``` vi /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing/ca.crt ``` - - Insert the copied certificate using `i` to get into insert mode and then paste the copied certificate and then press `esc` then `:wq` `` to save the file + - Insert the copied certificate using `i` to get into insert mode and then paste the copied certificate and then press `Esc` then `:wq` `` to save the file 1. Log out oc developer: ``` oc logout @@ -280,7 +280,7 @@ To deploy your application follow these steps: ``` vi ~/Role.yaml ``` - - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `esc` then `:wq` `` to save the file + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `` to save the file ``` kind: Role apiVersion: rbac.authorization.k8s.io/v1 @@ -306,7 +306,7 @@ To deploy your application follow these steps: ``` vi ~/ClusterRole.yaml ``` - - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `esc` then `:wq` `` to save the file + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `` to save the file ``` kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -332,7 +332,7 @@ To deploy your application follow these steps: ```` vi ~/RoleBinding.yaml ```` - - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `esc` then `:wq` `` to save the file + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `` to save the file ``` apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -357,7 +357,7 @@ To deploy your application follow these steps: ``` vi ~/ClusterRoleBinding.yaml ``` - - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `esc` then `:wq` `` to save the file + - Copy and paste the following into the file using `i` to get into insert mode and then paste and then press `Esc` then `:wq` `` to save the file ``` apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding From 7972c4fb7c6c63be4496e3f17d6d221f9052f109 Mon Sep 17 00:00:00 2001 From: Terrence Nixa Date: Fri, 6 Dec 2019 15:23:20 -0600 Subject: [PATCH 3/3] updated instructions --- .../using-appsody/building-and-deploying.md | 22 ++++++++++++++----- .../installing-openshift-locally.md | 2 +- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/content/docs/using-appsody/building-and-deploying.md b/content/docs/using-appsody/building-and-deploying.md index 2d6e64df2..a4d0986bb 100644 --- a/content/docs/using-appsody/building-and-deploying.md +++ b/content/docs/using-appsody/building-and-deploying.md @@ -228,6 +228,15 @@ This command completes the following actions: Instructions for installing Red Hat CodeReady Containers can be found [here](/content/docs/using-appsody/installing-openshift-locally.md). To deploy your application follow these steps: +1. Check cluster status: + ``` + crc status + ``` + If the cluster is not running: + ``` + crc start + ``` + Note the provided user names and passwords 1. Log into the cluster: ``` oc login -u -p https://api.crc.testing:6443 @@ -244,12 +253,13 @@ To deploy your application follow these steps: The web console will open in a web browser. Use the kubeadmin id and password to log in 1. Find the `image-registry` address: - Navigate to Workloads-> Pods + - Select `all projects` at the top 'Project' pull-down - Click on the main `image-registry` pod (Example: `image-registry-6984bcdf68-vpfjt`) - Click on the `Environment` tab and scroll down to `REGISTRY_OPENSHIFT_SERVER_ADDR` and note the value (Example: `image-registry.openshift-image-registry.svc:5000`) This value will be used for `--pull-url` for `appsody deploy` 1. Find the `default-route` location: - Navigate to Networking-> Routes - - Note the `Location` for the `default-route` (Example: `https://default-route-openshift-image-registry.apps-crc.testing`) + - Note the `Location` for the `default-route` but remove the `https://` (Example: `default-route-openshift-image-registry.apps-crc.testing`) This value will be used for `--push-url` for `appsody deploy` 1. Create the certificate (Red Hat Linux example): - Get the certificate: @@ -259,11 +269,11 @@ To deploy your application follow these steps: Copy the `Server certificate` which starts with header: `-----BEGIN CERTIFICATE-----` and ends with header: `-----END CERTIFICATE-----` You must include the headers. - Create the certificate directory: ``` - sudo mkdir /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing + sudo mkdir -p /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing ``` - Create the certificate: ``` - vi /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing/ca.crt + sudo vi /etc/docker/certs.d/default-route-openshift-image-registry.apps-crc.testing/ca.crt ``` - Insert the copied certificate using `i` to get into insert mode and then paste the copied certificate and then press `Esc` then `:wq` `` to save the file 1. Log out oc developer: @@ -299,7 +309,7 @@ To deploy your application follow these steps: ``` - Apply the role: ``` - kubectl apply -f Role.yaml + kubectl apply -f ~/Role.yaml ``` 1. Create and apply the ClusterRole yaml file: - Create the file: @@ -397,13 +407,13 @@ To deploy your application follow these steps: Example pull-url: `image-registry.openshift-image-registry.svc:5000` - Example push-url: `https://default-route-openshift-image-registry.apps-crc.testing` + Example push-url: `default-route-openshift-image-registry.apps-crc.testing` Example namespace: `test` Example deploy command: ``` - appsody deploy --tag test/node:v1 --pull-url image-registry.openshift-image-registry.svc:5000 --push-url https://default-route-openshift-image-registry.apps-crc.testing --push --namespace test -v + appsody deploy --tag test/node:v1 --pull-url image-registry.openshift-image-registry.svc:5000 --push-url default-route-openshift-image-registry.apps-crc.testing --push --namespace test -v ``` ### Deploying your application through Docker Hub diff --git a/content/docs/using-appsody/installing-openshift-locally.md b/content/docs/using-appsody/installing-openshift-locally.md index ae21d0e4b..02284c4e3 100644 --- a/content/docs/using-appsody/installing-openshift-locally.md +++ b/content/docs/using-appsody/installing-openshift-locally.md @@ -34,7 +34,7 @@ Red Hat CodeReady Containers provides a minimum OpenShift cluster for your local ``` crc oc-env ``` - Run the printed command + Insert the command into /etc/profile. Example: `export PATH="$HOME/.crc.bin:$PATH"` ### kubectl kubectl is required for deploying Appsody applications to OpenShift. To see if you have kubectl installed run `kubectl version`