OpenShift 3.6 Ingress Guest Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 18: Line 18:
=External Access Configuration=
=External Access Configuration=


Create external accounts to be exposed publicly and configure their ssh access (~/.ssh/authorized_keys).
* Create external accounts to be exposed publicly and configure their ssh access (~/.ssh/authorized_keys).
 
 
 
 
 
 
 
 
 
 
 
 
 
 
===Access/Proxy Host Configuration===
 
====Clone the Template====
 
Clone the template following the procedure described here [[Linux_Virtualization_Cloning_a_KVM_Guest_Virtual_Machine|Cloning a KVM Guest]]. While cloning, consider the following:
* The access host needs two interfaces, one external and one internal. For details see [[Linux_Virtualization_Cloning_a_KVM_Guest_Virtual_Machine#Network|Cloning a KVM Guest - Networking]] and [[KVM Virtualization Attaching a Guest Directly to a Virtualization Host Network Interface|Attaching a Guest Directly to a Virtualization Host Network Interface]].
* The access host needs only one storage device.
 
====Post-Cloning====
 
* Turn off external root access.
* Turn off external root access.
* Add external users.
* Disable and remove Docker.


{{Warn|There is no need to install HAProxy manually to serve as master node load balancer, the OpenShift installation procedure will do it.}}
{{Warn|There is no need to install HAProxy manually to serve as master node load balancer, the OpenShift installation procedure will do it.}}

Revision as of 02:49, 9 November 2017

Internal

Clone the Basic Template

Use the basic template as a base image and clone it, as described below.

While cloning the guest, make sure to:

  • Adjust the memory and the number of virtual CPUs.
  • Provision a directly-mapped network interface.
  • Provision just one storage device - the guest image device.
Cloning a Guest

The process will produce a ocp36.ingress.

External Access Configuration

  • Create external accounts to be exposed publicly and configure their ssh access (~/.ssh/authorized_keys).
  • Turn off external root access.

There is no need to install HAProxy manually to serve as master node load balancer, the OpenShift installation procedure will do it.

  • Add the IP addresses for masters, support and lb (itself) to /etc/hosts, the DNS server may not be operational when we need it.
192.168.122.10 in in.local lb lb.local
192.168.122.12 support support.local
192.168.122.13 master1 master1.local
192.168.122.14 master2 master2.local
192.168.122.16 master3 master3.local