This guide introduces you to the basic concepts of {product-title}, and helps you install a basic application. This guide is not suitable for deploying or installing a production environment of {product-title}.
To install {product-title}, you will need:
-
At least two physical or virtual RHEL 7+ machines, with fully qualified domain names (either real world or within a network) and password-less SSH access to each other. This guide uses
master.openshift.example.comandnode.openshift.example.com. These machines must be able to ping each other using these domain names. -
A valid Red Hat subscription.
-
Wildcard DNS resolution that resolves your domain to the IP of the node. So, an entry like the following in your DNS server:
master.openshift.example.com. 300 IN A <master_ip> node.openshift.example.com. 300 IN A <node_ip> *.apps.openshift.example.com. 300 IN A <node_ip>
|
Note
|
Why the apps in your domain name for the wildcard entry?
When using {product-title} to deploy applications, an internal router needs to proxy incoming requests to the corresponding application pod. By using apps as part of the application domains, the application traffic is accurately marked to the right pod. You can use anything other than apps. *.cloudapps.openshift.example.com. 300 IN A <node_ip> |
Once these are configured, use the following steps to set up a two-machine {product-title} install.
-
As root on the target machines (both master and node), use
subscription-managerto register the systems with Red Hat.$ subscription-manager register
-
Pull the latest subscription data from RHSM:
$ subscription-manager refresh
-
List the available subscriptions.
$ subscription-manager list --available
-
Find the pool ID that provides {product-title} subscription and attach it.
$ subscription-manager attach --pool=<pool_id>
-
Replace the string
<pool_id>with the pool ID of the pool that provides {product-title}. The pool ID is a long alphanumeric string.
These RHEL systems are now authorized to install {product-title}. Now you need to tell the systems from where to get {product-title}.
On both master and node, use subscription-manager to enable the repositories
that are necessary in order to install {product-title}. You may have already enabled
the first two repositories in this example.
$ subscription-manager repos --enable="rhel-7-server-rpms" \
--enable="rhel-7-server-extras-rpms" \
--enable="rhel-7-server-ose-3.9-rpms" \
--enable="rhel-7-fast-datapath-rpms" \
--enable="rhel-7-server-ansible-2.4-rpms"
This command tells your RHEL system that the tools required to install {product-title} will be available from these repositories. Now we need the {product-title} installer that is based on Ansible.
The installer for {product-title} is provided by the
atomic-openshift-utils package. Install it using yum on both the master and
the node, after running yum update.
$ yum -y install wget git net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct $ yum -y update $ yum -y install atomic-openshift-utils $ yum -y install docker
Before running the installer on the master, set up password-less SSH access as this is required by the installer to gain access to the machines. On the master, run the following command.
$ ssh-keygen
Follow the prompts and just hit enter when asked for pass phrase.
An easy way to distribute your SSH keys is by using a bash loop:
$ for host in master.openshift.example.com \
node.openshift.example.com; \
do ssh-copy-id -i ~/.ssh/id_rsa.pub $host; \
done
Run the installer on the master.
$ atomic-openshift-installer install
This is an interactive install process that guides you through the various
steps. In most cases, you want the default options. When it starts, select the
option for {product-title}.
You are installing one master and one node and the domain name is the FQDN
as mentioned at the start of this section, master.openshift.example.com and
node.openshift.example.com.
|
Important
|
At the step where the installer asks you for the FQDN for the routes,
you must use apps.openshift.example.com, or
cloudapps.openshift.example.com as discussed earlier, and NOT
openshift.example.com. If you make an error, you can edit the
/etc/origin/master/master-config.yaml at the end of the install process and
make this change yourself by looking for the subdomain entry.
|
This install process takes approximately 5-10 minutes.
After a successful install, use the following command to start {product-title}.
# systemctl restart atomic-openshift-master-api atomic-openshift-master-controllers
Once installed and started, before you add a new project, you need to set up basic authentication, user access, and routes.
{product-title} provides two command line utilities to interact with it.
-
oc: for normal project and application management -
oc admoroadm: for administrative tasks
Use oc --help and oadm --help to view all available options.
In addition, you can use the web console to manage projects and applications.
The web console is available at https://<master_fqdn>:8443/console. In the
next section, you will see how to create user accounts for accessing the
console.
|
Note
|
You can interact with your {product-title} instance from a remote system as well, using these command line utilities. Bundled as the OpenShift CLI, you can download these utilities for Windows, Mac, or Linux environments here. |
By default, when installed for the first time, there are no roles or user accounts created in {product-title}, so you need to create them. You have the option to either create new roles or define a policy that allows anyone to log in (to start you off).
Before you do anything else, log in at least one time with the default system:admin user, on the master run the following command.
$ oc login -u system:admin
|
Note
|
All commands from now on should be executed on the master, unless otherwise indicated. |
By logging in at least one time with this account, you will create the system:admin user’s configuration file, which will allow you to log in subsequently.
There is no password for this system account.
Run the following command to verify that {product-title} was installed and
started successfully. You will get a listing of the master and node, in the
Ready status.
$ oc get nodes
To continue configuring your basic {product-title} environment, follow the steps outlined in Configure {product-title}.