A Hands-On With OpenShift 3.6 RC
A Hands-On With OpenShift 3.6 RC
OpenShift 3.6's release candidate is out! Check out the new Service Catalog and how OpenShift has incorporated some Ansible services via the new Service Broker.
Join the DZone community and get the full member experience.Join For Free
Today I want to introduce you to some features of OpenShift 3.6 while giving you the chance to have a hands-on experience with the Release Candidate.
First of all:
- It’s a Release Candidate and the features I’ll show you are marked as Tech Preview, so use them for testing purposes ONLY!
- We cannot use Minishift because there is no Minishift updated yet. Anyway, I’ll show how you could use its base ISO image.
- I don’t want to use ‘oc cluster up’ in a virtual machine just because setting up a virtual machine, to run it, would be a waste of time.
This is our grocery list. You’ll find below all the software needed for accomplishing our goal: test OpenShift 3.6 RC.
- Latest oc binary available on GitHub.
- Docker-Machine: A virtual machine with Docker installed! – “Docker Machine is a tool that lets you install Docker Engine on virtual hosts, and manage the hosts with docker-machine commands. You can use Machine to create Docker hosts on your local Mac or Windows box, on your company network, in your data center, or on cloud providers” – https://docs.docker.com/machine/install-machine/.
- Virtualization software (VirtualBox/Libvirt/KVM/Xhyve).
- Enough RAM for running a 4GB (or any other Minishift-like) virtual machine.
- If you didn’t use OpenShift Clients (oc) binary before, it’s not so hard: just unpack it, place it somewhere, and run it.
- If you didn’t install Docker-Machine before, just follow the how-to provided in the link before: It will be easy!
- Depending on the virtualization layer you’ll use, you may need to configure/install an appropriate driver to let Docker-Machine work with it. These are some examples:
- In the following steps, I’ll use commands for my Libvirt/KVM driver: Sorry Mac/Win users! But you will easily adapt commands to your driver, so don’t worry! Just be aware of editing commands when you see “-kvm-” options!
- All the commands can run as a standard user: we don’t need super powers!
Let’s Start: The Brand New Service Catalog
If you’re here, I suppose you’ve already configured your Docker-Machine, didn’t you? Read the previous paragraph!
As I mentioned earlier, we cannot use the Minishift binary to build our Openshift VM, but we can ISO image as a source for creating our docker-machine:
$ docker-machine create -d "kvm" --kvm-boot2docker-url https://github.com/minishift/minishift-b2d-iso/releases/download/v1.0.2/minishift-b2d.iso --kvm-cpu-count 4 --kvm-memory 4096 --engine-insecure-registry 172.30.0.0/16 openshift
In the previous command, we’re creating an “OpenShift” named virtual machine, starting from the Minishift boot2docker image, with some infrastructural configuration (CPU/RAM), and, most importantly, with the OpenShift’s insecure registry subnet configuration (172.30.0.0/16).
You can check the result of the previous command also by running:
$ docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS openshift - kvm Running tcp://192.168.42.53:2376 v1.12.3
Now we’re ready to launch our very useful “oc cluster up” command full of options for better interacting with the Docker-Machine we’ve just prepared:
$ oc cluster up --docker-machine=openshift --service-catalog=true --public-hostname="$(docker-machine ip openshift).nip.io" --routing-suffix="apps.$(docker-machine ip openshift).nip.io" --use-existing-config=true --host-data-dir='/var/lib/origin/openshift.local.data'
In the previous command, we just set the public-hostname for our OpenShift’s platform, its wildcard DNS for routing apps, some options for letting it being persistent, and the option for setting up the new brand new Service Catalog.
Once the OpenShift platform starts, we need to log in as system:admin and then grant unauthenticated access to the template service broker API for using it with the Service Catalog:
$ oc login -u system:admin $ oc adm policy add-cluster-role-to-group system:openshift:templateservicebroker-client system:unauthenticated system:authenticated
Now we can test the new Service Catalog interface by going to the OpenShift main page! (You should find it at the end of the previous “oc cluster up”command).
One Step Forward: Ansible Service Broker
At this point, we’re ready to deploy one of the latest features: Ansible Service Broker.
First, we have to clone its GitHub’s repository:
$ git clone https://github.com/openshift/ansible-service-broker
Then we have to create a brand new a project for deploying Ansible Service Broker’s template:
$ oc new-project ansible-service-broke $ oc process -f ansible-service-broker/templates/deploy-ansible-service-broker.template.yaml -p BROKER_IMAGE=ansibleplaybookbundle/ansible-service-broker:latest | oc create -f -
Then we should see some new pods running in our project!
$ oc get pods NAME READY STATUS RESTARTS AGE asb-2357364550-4jmcj 1/1 Running 0 1m etcd-2338997634-05nz5 1/1 Running 0 1m
Here we are: Ansible Service Broker and its etcd database are running!
We’re really close to the goal; we need to create the missing connection between ASB (Ansible Service Broker) and OpenShift:
$ cat << EOF > broker.yaml apiVersion: servicecatalog.k8s.io/v1alpha1 kind: Broker metadata: name: ansible-service-broker spec: url: https://asb.ansible-service-broker.svc:1338 EOF $ oc create -f broker.yaml
If you now log into the interface, you should see a bunch of brand new templates available!
The ones ending with “(APB)” are the Ansible Playbook Bundle'‘s template!
PLEASE READ: One more step is required, just because some of the containers used by APB templates require “root” permissions. We need to enable the ANYUID Security Context for every authenticated user (eventually you may restrict it to the user ‘developer’):
$ oc adm policy add-scc-to-group anyuid system:authenticated
That’s all folks! Enjoy your OpenShift 3.6 RC and don’t forget about using it ONLY for testing purposes!
Published at DZone with permission of Alessandro Arrichiello , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.