Giter VIP home page Giter VIP logo

ocp4-deploy's Introduction

Repo for deploying OCP to AWS

Note
 Please fork or clone this repository so that you can use your own GitHub Secrets and workflow.

Overview

This repository provides the necessary scripts and instructions for deploying OpenShift clusters on AWS. It is designed for system administrators and DevOps engineers who are familiar with AWS and OpenShift environments.

Deployment Workflow

Deploying OpenShift 4.x

  1. Prerequisites:

    1. Ensure that all GitHub Repository Secrets are created and up-to-date (repository secrets only, no environment secrets required).

    2. Review and understand each secret required for deployment listed in the Configuration Secrets section.

  2. Deployment Steps:

    1. Click the 'Deploy' button below to initiate the deployment workflow.

    2. Monitor the workflow progress and verify deployment via the AWS and OpenShift consoles.

badge

Prerequisites and Requirements

Ensure you have the following before starting the deployment:

  • Access to an AWS account with administrative privileges.

  • A GitHub account for fork or clone operations.

  • Basic understanding of YAML and shell scripting.

Configuration Secrets

Here’s a list of all required GitHub secrets for the deployment:

  • OCP_ADMIN_USER: Cluster admin username.

  • OCP_ADMIN_PASS: Cluster admin password.

  • OCP_DEV_USER: Development user username.

  • OCP_DEV_PASS: Development user password.

  • OCP_BASE_DOMAIN: Top-level domain for Route53, does not require a leading dot.

  • OCP_CLUSTER_NAME: Name of the OpenShift cluster.

  • OCP_CLIENT_VERSION: OpenShift client version, e.g., "4", "4.7", or "4.9.9".

  • RED_HAT_PULLSECRET: Red Hat credentials for accessing Red Hat repositories.

  • AWS_ACCESS_KEY_ID: AWS Access Key.

  • AWS_SECRET_ACCESS_KEY: AWS Secret Access Key.

  • AWS_REGION: AWS Region where the cluster will be deployed.

Actions

Running Deploy workflow will automatically kick off.

  1. Perform AWS IPI

  2. Creates an Artifact for Destroy

    1. You can download artifact if needed from GitHub Actions > Runs

    2. Double check your retention period for Artifacts

  3. Setup HTPasswd IDP

    1. Uses CLUSTER_ADMIN and ADMIN_PASS

    2. Uses DEV_PASS for andrew the developer

  4. Install GitOps Operator

    1. Sets admin password for console to ADMIN_PASS

  5. Adds MachineSet

    1. labels infra nodes

    2. labels control worker node for Automation Controller

  6. Enables cluster and machine autoscaling

    1. Creates cluster autoscaling config

    2. Creates autoscaling groups from workers and infra machines

  7. Creates an S3 bucket for AAP and the namespace for the operator

On completion of Deploy workflow, the GitOps-Tasks workflow will automatically start.

  1. Update with Day2 and Applications appset pointing to examples

Important

  • During the deploy workflow the artifacts describing the AWS resources that are deployed are needed for the destroy workflow.

  • The artifacts are uploaded for only 90 days and will need to be manually downloaded if it’s not planned to destroy the cluster within that retention period.

To destroy OCP4.x

  1. Click below Destroy button to use last saved artifact to destroy Openshift cluster and infra resources.

badge

This will kick off the destroy workflow, pulling the artifact from deploy workflow automatically and destroying the AWS resources.

Troubleshooting Common Issues

This section provides guidance on common issues that you might encounter during the deployment process, along with recommended solutions.

How to Contribute

We welcome contributions! Please submit issues, enhancements, and pull requests through GitHub. For major changes, please open an issue first to discuss what you would like to change.

Ensure to update tests as appropriate and maintain the quality of the deployment scripts.

TODO

  • Add node sizing templates

  • cost management operator

Note
 GitHub IDP is disabled currently

GitHub IDP

  • GitHub IDP is used in this deploy, so a GitHub organization should be created

  • Add the clientSecret to GitHub Secrets as CLIENT_SECRET

  • Update the GitHub Organization name and clientID in idp-oauth.yaml file

ocp4-deploy's People

Contributors

r3dact3d avatar luiscachog avatar cpeters avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.