Red Hat OpenShift automated deployment

MetalSoft provides a series of “application extensions” that allow 3rd party applications to be deployed via the UI, Terraform or API.

To create an OpenShift extension follow the instructions below.

Prerequisites

  1. The Ansible Runner capability must be enabled on the site controller in order for this task type to be supported. See Enabling the Ansible Runner Capability for more details.

  2. The DNS workflow extension must be installed and active as the OpenShift extension uses it to create DNS records for the nodes that it deploys. Note, that both forward and a reverse DNS must function correctly. Follow External DNS integration guide for more details.

  3. Local Registry (only needed in air-gapped or disconnected environments). In certain cases, it is necessary to have a local registry with the necessary images as the extension does not provide the images.

Mirroring Red Hat’s Openshift Docker images from quay.io (for an air-gapped environment)

In certain circumstances (such as in air-gapped environments) it is necessary to have a local mirror of the Openshift Docker images and host them in a local registry like Artifactory, Harbor, etc. Here are the steps to achieve it:

  1. Open a terminal session into a machine that can reach both quay.io and your local registry.

  2. Log into quay.io and your local registry, ex.

docker login quay.io
docker login registry.metalsoft.dev

  • Note: if you are on a Mac, your creds are being stored into the keychain, which Openshift’s oc command does not (currently) read. This means that you will need to generate base64 encoded version of your user/pass and add them to the config file (~/.docker/config.json) manually.

  1. Clone the images on your local repository.

oc adm release mirror \
  --from=http://quay.io/openshift-release-dev/ocp-release:4.19.0-x86_64 \
  --to=registry.metalsoft.dev/ocp4/openshift4 \
  --to-release-image=registry.metalsoft.dev/ocp4/openshift4:4.19.0

Update image:  registry.metalsoft.dev/ocp4/openshift4:4.19.0
Mirror prefix: registry.metalsoft.dev/ocp4/openshift4
Mirror prefix: registry.metalsoft.dev/ocp4/openshift4:4.19.0

  • Note: The project (ocp4 in registry.metalsoft.dev/ocp4) must exist (be pre-created)

Add/Update the Openshift binaries on Site Controller

Currently, the Openshift-enabled ansible-runner container on the Site Controller (SC) already contain a version of the Openshift client and installed. If you want to update to a newer version, or if in the future those are not included in ansible-runner image, you will need to put them there. Here’s how to do it

  1. From https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/, download the client and openshift-install binaries for the version of Openshift you want to install, ex. https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/4.19.0/openshift-client-linux-4.19.0.tar.gz https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/4.19.0/openshift-install-linux-4.19.0.tar.gz

  2. Create a directory /opt/metalsoft/openshift on the Site Controller.

mkdir -p /opt/metalsoft/openshift

  1. Extract the archives in /opt/metalsoft/openshift.

  2. Add the following lines to the volumes section of the ansible-runner container definition in /opt/metalsoft/agents/docker-compose.yaml:

      - /opt/metalsoft/openshift/oc:/usr/local/bin/oc
      - /opt/metalsoft/openshift/openshift-install:/usr/local/bin/openshift-install

  1. Restart the ansible-runner container:

cd /opt/metalsoft/agents/
docker compose up -d ansible-runner

Creating the OpenShift Application extension

  1. Clone the repository with sample Openshift extension definition.

git clone https://github.com/metalsoft-io/metalsoft-extensions

  1. Archive the two Ansible playbooks needed for the Openshift installation.

(cd metalsoft-extensions/openshift/openshift-imagebuild && zip -r ../openshift-imagebuild.zip .)
(cd metalsoft-extensions/openshift/openshift-monitor && zip -r ../openshift-monito.zip .)

  1. Upload the resulting archives to a repository (web hosting) reachable from the Site Controller.

  2. Modify the extension.json file with the URLs for the two playbooks. Ex.

...
  "assets": [
    {
      "label": "install-openshift",
      "name": "Install OpenShift",
      "assetType": "Bundle",
      "url": "https://repo.metalsoft.io/.extensions_ms/openshift/openshift-abi-imagebuild-multi-host-v1.3.zip"
    },
    {
      "label": "monitor-installation",
      "name": "Monitor OpenShift installation",
      "assetType": "Bundle",
      "url": "https://repo.metalsoft.io/.extensions_ms/openshift/openshift-abi-monitor-v1.0.zip"
    }
  ],
...

  1. Create the extension definition draft in Metalsoft.

metalcloud-cli extension create openshift application "Openshift Multi-Host" --definition-source openshift-multi-host/extension.json

  1. Activate the extension and optionally publish it so it can be used by other users.

metalcloud-cli extension publish <id-of-created-extension>
metalcloud-cli extension make-public <id-of-created-extension>

You should now be ready to deploy the OpenShift application from the Infrastructure Designer