OpenShift on Azure
External
Internal
Installation
Prerequisites
- Install Azure CLI, as shown here: Azure CLI | Installation.
- Azure Red Hat OpenShift requires a minimum of 40 cores. May need to increase the quota.
Procedure
Create the Resource Group
The resource group can be created from the console or from command line. The resource group it will encapsulate resources required by, and dedicated to the OpenShift cluster. The name of the resource group should be derived from the name of the cluster by adding the "-rg" postfix. There will be a one-to-one relationship between the resource group, cluster and ancillary resources. Select the appropriate region and set the corresponding LOCATION environment variable.
export CLUSTER=platform-cloud-aro-02
export RESOURCEGROUP="${CLUSTER}-rg"
export LOCATION=eastus2
Register Resource Providers
export SUBSCRIPTION_ID="..."
az account set --subscription ${SUBSCRIPTION_ID}
Register the Microsoft.RedHatOpenShift, Microsoft.Compute and Microsoft.Storage resource providers:
az provider register -n Microsoft.RedHatOpenShift --wait
az provider register -n Microsoft.Compute --wait
az provider register -n Microsoft.Storage --wait
Get a Red Hat Pull Secret
TODO
Prepare a Custom Domain
TODO
Create a Virtual Network and associated Subnets
Azure Red Hat OpenShift clusters require a virtual network with two empty subnets, for the master and worker nodes. The virtual network can be created as such (for more details about networking operations, see Azure Networking Operations):
az network vnet create \
--resource-group $RESOURCEGROUP \
--name ${CLUSTER}-aro-vnet \
--address-prefixes 10.0.0.0/16
az network vnet subnet create \
--resource-group $RESOURCEGROUP \
--vnet-name ${CLUSTER}-aro-vnet \
--name ${CLUSTER}-master-subnet \
--address-prefixes 10.0.0.0/17 \
--service-endpoints Microsoft.ContainerRegistry
az network vnet subnet create \
--resource-group $RESOURCEGROUP \
--vnet-name ${CLUSTER}-aro-vnet \
--name ${CLUSTER}-worker-subnet \
--address-prefixes 10.0.128.0/17 \
--service-endpoints Microsoft.ContainerRegistry
Disable subnet private endpoint policies on the master subnet. This is required for the service to be able to connect to and manage the cluster:
az network vnet subnet update \
--name ${CLUSTER}-master-subnet \
--resource-group $RESOURCEGROUP \
--vnet-name ${CLUSTER}-aro-vnet \
--disable-private-link-service-network-policies true
Create the Cluster
az aro create \
--resource-group $RESOURCEGROUP \
--name $CLUSTER \
--vnet ${CLUSTER}-aro-vnet \
--master-subnet ${CLUSTER}-master-subnet \
--worker-subnet ${CLUSTER}-worker-subnet \
--ingress-visibility Public \
--worker-count 3 \
--worker-vm-disk-size-gb 200
It normally takes about 35 minutes to create a cluster.
TODO:
- Optionally pass Red Hat pull secret by specifying --pull-secret @pull-secret.txt
- Optionally use a custom domain by specifying --domain foo.example.com
Organizatorium
az aro list-credentials --name ${CLUSTER} --resource-group ${RESOURCEGROUP}
CLI Support
Azure CLI has an OpenShift extension, with subcommands aimed at managing Azure Red Hat OpenShift clusters.
az aro create|list|delete|list-credentials|show|update|wait
List OpenShift Clusters
az aro list