OKD 4.4 beta5 installation on AWS
This post briefly describes the installation process of OKD 4.4-beta5 on AWS.
Prerequisites
AWS account has to be configured before the actual installation. The process is described in the official docs.
Once the IAM user is configured, create aws.credentials
file and source it.
Replace the values accordingly.
$ cat << EOF > aws.credentials
#!/bin/bash
export AWS_ACCESS_KEY_ID=REPLACE_AWSACCESSKEYID
export AWS_SECRET_ACCESS_KEY=REPLACE_AWSSECRETACCESSKEY
EOF
$ source aws.credentials
$
Download and extract the installer and cli
I am using mac, that is the reason for downloading mac binaries. Make sure to download correct tarballs for your OS.
Downloads are available at https://github.com/openshift/okd/releases.
$ mkdir -p ~/bin
$ export PATH=${PATH}:~/bin
$ wget https://github.com/openshift/okd/releases/download/4.4.0-0.okd-2020-05-23-055148-beta5/openshift-install-mac-4.4.0-0.okd-2020-05-23-055148-beta5.tar.gz
...snip...
2020-06-15 11:01:03 (912 KB/s) - ‘openshift-install-mac-4.4.0-0.okd-2020-05-23-055148-beta5.tar.gz’ saved [95107052/95107052]
$ tar -C ~/bin -xf openshift-install-mac-4.4.0-0.okd-2020-05-23-055148-beta5.tar.gz openshift-install
$ wget https://github.com/openshift/okd/releases/download/4.4.0-0.okd-2020-05-23-055148-beta5/openshift-client-mac-4.4.0-0.okd-2020-05-23-055148-beta5.tar.gz
...snip...
2020-06-15 11:07:20 (571 KB/s) - ‘openshift-client-mac-4.4.0-0.okd-2020-05-23-055148-beta5.tar.gz’ saved [25487408/25487408]
$ tar -C ~/bin -xf openshift-client-mac-4.4.0-0.okd-2020-05-23-055148-beta5.tar.gz oc kubectl
$ which oc kubectl openshift-install
~/bin/oc
~/bin/kubectl
~/bin/openshift-install
$
Optionally remove downloaded tarballs.
$ rm -f openshift-install-mac-4.4.0-0.okd-2020-05-23-055148-beta5.tar.gz \
openshift-client-mac-4.4.0-0.okd-2020-05-23-055148-beta5.tar.gz
Enable autocompletion
$ source <(openshift-install completion bash)
$ source <(oc completion bash)
$
Deploy the cluster
The installer generates opinionated default configuration, so in order to make some modifications, we have to split the installation into two steps.
Generate and modify install-config.yaml
To be able to change the instance type and zone, install-config.yaml
has to be
generated first. Follow the prompts to set up your values. Pull Secret can be
empty.
$ openshift-install create install-config --dir=config
? SSH Public Key ~/.ssh/ocp-cluster.pub
? Platform aws
INFO Credentials loaded from default AWS environment variables
? Region eu-west-1
? Base Domain okd.agolis.xyz
? Cluster Name demo
? Pull Secret [? for help]
$
The install-config.yaml
file will be generated in the config
directory.
My modification was to specify t3a
instance type instead of the default m4
and set the zone. Here’s the diff:
--- install-config.yaml-generated 2020-06-15 11:54:33.000000000 +0200
+++ install-config.yaml-modified 2020-06-15 11:54:39.000000000 +0200
@@ -4,13 +4,21 @@
- architecture: amd64
hyperthreading: Enabled
name: worker
- platform: {}
+ platform:
+ aws:
+ zones:
+ - eu-west-1a
+ type: t3a.large
replicas: 3
controlPlane:
architecture: amd64
hyperthreading: Enabled
name: master
- platform: {}
+ platform:
+ aws:
+ zones:
+ - eu-west-1a
+ type: t3a.xlarge
replicas: 3
metadata:
creationTimestamp: null
Deploy the cluster
Run the installer with our modified install-config.yaml
file.
$ openshift-install create cluster --dir=config --log-level=debug
DEBUG OpenShift Installer 4.4.0-0.okd-2020-05-23-055148-beta5
DEBUG Built from commit 0f0142e7261349b93c3dd3dd02a9ce164dfd2d4f
...snip...
INFO Install complete!
INFO To access the cluster as the system:admin user when using 'oc', run 'export KUBECONFIG=${PWD}/config/auth/kubeconfig'
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.demo.okd.agolis.xyz
INFO Login to the console with user: kubeadmin, password: 12345-324Z4-Vasdr-5ihkL
openshift-install create cluster --dir=config --log-level=debug 35.15s user 6.41s system 2% cpu 27:46.27 total
$
Installer will output access information. The installation took around half an hour.
Accessing the cluster
Use instructions from the installer.
$ export KUBECONFIG=${PWD}/config/auth/kubeconfig
$ oc get node
NAME STATUS ROLES AGE VERSION
ip-10-0-128-29.eu-west-1.compute.internal Ready worker 68m v1.17.1
ip-10-0-140-213.eu-west-1.compute.internal Ready master 78m v1.17.1
ip-10-0-149-203.eu-west-1.compute.internal Ready master 77m v1.17.1
ip-10-0-150-180.eu-west-1.compute.internal Ready worker 68m v1.17.1
ip-10-0-169-24.eu-west-1.compute.internal Ready worker 68m v1.17.1
ip-10-0-175-121.eu-west-1.compute.internal Ready master 78m v1.17.1
$ oc whoami
system:admin
$
After deployment configuration
After the installation was complete, I installed custom SSL certificates issued by Letsencrypt, installed and configured Keycloak as identity provider, and installed Syndesis. Refer to the following articles: