Define and deploy AWS infrastructure; generate OpenShift ansible inventories.
git clone https://github.com/frobware/aws-cluster-up.git
cd aws-cluster-up
./bootstrap.sh
./configure
sudo make install
Three external tools are required:
sudo dnf install -y jqsudo dnf install -y awscli- terraform
Note: terraform - version 0.11.14 last known version to work with the
jq scripts that parse terraform.tfstate.
The general usage pattern is:
- Setup the environment
- Generate and provision a cluster
- Generate an OpenShift Ansible inventory
- Generate ssh/config entries
- Run the OpenShift ansible playbooks
- Destroy the cluster
source /usr/local/share/aws-cluster-up/examples/aws/us-east-1.bashThis defines defaults for the subnet to use, the instance type to provision, the region the instances should run in, et al.
We'll also need AWS credentials and OpenShift registry credentials set in the environment. If you don't already have AWS or OREG credentials defined you can create and store them as follows:
cat <<EOF > ~/.oreg-credentials
export OREG_AUTH_USER=abc
export OREG_AUTH_PASSWORD=def
EOF
cat <<EOF > ~/.aws-credentials
export AWS_ACCESS_KEY_ID=abc
export AWS_SECRET_ACCESS_KEY=def
EOFNow source these into the current environment:
source ~/.aws-credentials
source ~/.oreg-credentialsI have these files GPG encrypted so my usage is as follows:
source <(less ~/.aws-credentials.gpg)
source <(less ~/.oreg-credentials.gpg)All these environment variables are substituted into the terraform definition and the OpenShift ansible inventory file.
acu-launch ~/amcdermo-triage /usr/local/share/aws-cluster-up/examples/aws/ocp-3.10/single-master.tfThe basename of the output directory ~/amcdermo-triage becomes the
name of the cluster when viewed in the EC2 dashboard. In this example
you would have nodes named acmdermo-triage-master,
acmdermo-triage-infra and acmdermo-triage-node.
acu-generate-inventory ~/amcdermo-triage /usr/local/share/aws-cluster-up/examples/aws/ocp-3.10/single-master.inventory > ~/amcdermo-triage/ocp.inimkdir -p $HOME/.ssh/aws-cluster-up/conf.d
acu-generate-ssh-config ~/amcdermo-triage > ~/.ssh/conf.d/aws-cluster-up/amcdermo-triage.conf
chmod 600 ~/.ssh/conf.d/aws-cluster-up/amcdermo-triage.confYou will need the following Include directive at the beginning of
your .ssh/config for tab completion and for running the
anisble-playbook:
Include conf.d/aws-cluster-up/*.conf
Verify that tab completion works for the instances in your cluster:
ssh amcdermo-triage-<TAB><TAB>The generated ssh config entries should allow you to login without requiring a password (assuming you have the correct key).
git clone https://github.com/openshift/openshift-ansible.git
cd ~/openshift-ansible
git checkout openshift-ansible-3.10.0-0.53.0
ansible-playbook -i ~/amcdermo-triage/ocp.ini ~/openshift-ansible/playbooks/prerequisites.yml
ansible-playbook -i ~/amcdermo-triage/ocp.ini ~/openshift-ansible/playbooks/deploy_cluster.ymlacu-destroy ~/amcdermo-triageThis will automatically retag the instance names with -terminate so
they get garbage collected.
The example terraform cluster definitions and inventory files are just examples. You can copy these and modify them to support a different set of configurations.
#
# Take copies
#
cp /usr/local/share/examples/aws/ocp-3.10/single-master.tf ~/autoscale-group.tf
cp /usr/local/share/examples/aws/ocp-3.10/single-master.inventory ~/autoscale-group.inventory
#
# Make modifications, then launch based on the new configuration
#
acu-launch ~/amcdermo-ASG ~/autoscale-group.tf
#
# Make modificiations, then generate the inventory definition
#
acu-generate-inventory ~/amcdermo-ASG ~/autoscale-group.inventory
#
# Run ansible playbooks
#
ansible-playbook -i ~/autoscale-group.inventory ~/openshift-ansible/playbooks/prerequisites.yml
ansible-playbook -i ~/autoscale-group.inventory ~/openshift-ansible/playbooks/deploy_cluster.ymlThe acu-scripts export pertinent information through environment
variables that all begin with ACU_.