Create OCP Cluster in OpenStack via RHACM

openstack-acm-hive.sh

#!/bin/bash
#
# Refer to the `hiveutil` documenation for a complete argument listing see:
# https://github.com/openshift/hive/blob/master/docs/hiveutil.md
# 
# or, hiveutil -help
#
# here, we're using an example external network, and getting a FIP
EXTERNAL_NETWORK=provider_net_cci_9
FIP=$(openstack floating ip create $EXTERNAL_NETWORK)
#
# if you already have allocated a FIP
# FIP=${FIP:-10.0.106.68)

RELEASEIMAGE=quay.io/openshift-release-dev/ocp-release:4.5.2-x86_64

# unique cluster name, we'll create a namespace with this name.
CLUSTERNAME=acmcdoan1

#
# Use hiveutil to generate the install-config.yaml and clusterdeployment.yaml manifests
#
# NOTE: the basedomain and flavor can be variables as well, and specific to your environment
#
hiveutil create-cluster $CLUSTERNAME \
--namespace=$CLUSTERNAME \
--creds-file=clouds.yaml \
--base-domain=example.com \
--machine-network 192.168.0.0/16 \
--cloud=openstack \
--openstack-api-floating-ip=$FIP \
--openstack-external-network=$EXTERNAL_NETWORK \
--pull-secret-file=pull-secret.json \
--ssh-private-key-file=openstack-sshkey \
--ssh-public-key-file=openstack-sshkey.pub \
--openstack-compute-flavor=ci.m4.xlarge \
--release-image $RELEASEIMAGE -o yaml > $CLUSTERNAME-cluster.yaml

# hiveutil adds an initial line, remove it so we can apply the manifest
sed -i '' '/^time=/d' ./$CLUSTERNAME-cluster.yaml

# append the managedcluster and endpointconfig resources
cat > klusterlet.yaml <<EOF
---
apiVersion: cluster.open-cluster-management.io/v1
kind: ManagedCluster
metadata:
  labels:
    cloud: OpenStack
    name: $CLUSTERNAME
    vendor: OpenShift
  name: $CLUSTERNAME
spec:
  hubAcceptsClient: true
---
apiVersion: agent.open-cluster-management.io/v1
kind: KlusterletAddonConfig
metadata:
  name: $CLUSTERNAME
  namespace: $CLUSTERNAME
spec:
  clusterName: $CLUSTERNAME
  clusterNamespace: $CLUSTERNAME
  clusterLabels:
    cloud: OpenStack
    vendor: OpenShift
    purpose: development
    environment: dev
  applicationManager:
    enabled: true
  policyController:
    enabled: true
  searchCollector:
    enabled: true
  certPolicyController:
    enabled: true
  iamPolicyController:
    enabled: true
  version: "2.0"
EOF

# 3. create the namespace where cluster resources will be created
oc new-project $CLUSTERNAME

# 4. as cluster-admin on the hub, apply the manifests to trigger provisioning
oc apply -f $CLUSTERNAME-cluster.yaml -f klusterlet.yaml

Creating OpenShift Cluster in OpenStack using RHACM

• credentials to the OpenStack environment, in this example, I downloaded the clouds.yaml from the OpenStack console.
• an external network, from which we will need two floating ip address. You can preallocate the two ip addresses.
• DNS server to add the A Records for *.apps.clustername.domain and api.clustername.domain mapping to the two floating ip address.

NOTE: if you want to use /etc/hosts for *.apps.clustername.domain, you can, but I did not test this flow. You can set the A Records up before you provision if you have the FIP.

• hiveutils - I spent alot of time looking up examples of ClusterDeployment.yaml or install-config.yaml for OpenStack, but its just so much easier to use hiveutils to generate all the manifests required to pass to hive.

• The hiveutil will create a clusterdeployment that references the install-config.yaml base64 encoded into a secret. You can modify that secret to change the characteristics of the provisioned cluster.

Sample Output

clusterdeployment.hive.openshift.io/acmcdoan1 created
machinepool.hive.openshift.io/acmcdoan1-worker created
secret/acmcdoan1-install-config created
secret/acmcdoan1-pull-secret created
secret/acmcdoan1-ssh-private-key created
secret/acmcdoan1-openstack-creds created
clusterimageset.hive.openshift.io/acmcdoan1-imageset configured
managedcluster.cluster.open-cluster-management.io/acmcdoan1 created
klusterletaddonconfig.agent.open-cluster-management.io/acmcdoan1 created

+--------------------------------------+------------------------------+--------+-----------------------------------------+-----------------------+----------------+
| ID                                   | Name                         | Status | Networks                                | Image                 | Flavor         |
+--------------------------------------+------------------------------+--------+-----------------------------------------+-----------------------+----------------+
| e715064f-ec23-4115-bc4d-e3b7d4baf099 | acmcdoan1-zxhvf-worker-9mm2m | ACTIVE | acmcdoan1-zxhvf-openshift=192.168.2.136 | acmcdoan1-zxhvf-rhcos | ci.m4.xlarge   |
| 7907003e-2de5-49e8-a7bd-8eb53f88da1d | acmcdoan1-zxhvf-worker-24t87 | ACTIVE | acmcdoan1-zxhvf-openshift=192.168.1.85  | acmcdoan1-zxhvf-rhcos | ci.m4.xlarge   |
| 71d320d7-d815-4254-be1a-5e4a49bc3854 | acmcdoan1-zxhvf-worker-n57qh | ACTIVE | acmcdoan1-zxhvf-openshift=192.168.2.219 | acmcdoan1-zxhvf-rhcos | ci.m4.xlarge   |
| 18cf0c09-db1f-4db6-bb1a-91794b8b837c | acmcdoan1-zxhvf-master-2     | ACTIVE | acmcdoan1-zxhvf-openshift=192.168.3.190 | acmcdoan1-zxhvf-rhcos | ci.m4.xlarge   |
| 426d121d-6d4f-4ef7-bbd0-9c5251121eb9 | acmcdoan1-zxhvf-master-0     | ACTIVE | acmcdoan1-zxhvf-openshift=192.168.1.32  | acmcdoan1-zxhvf-rhcos | ci.m4.xlarge   |
| ccbadbb1-af60-4211-9868-80a29b8b1448 | acmcdoan1-zxhvf-master-1     | ACTIVE | acmcdoan1-zxhvf-openshift=192.168.3.136 | acmcdoan1-zxhvf-rhcos | ci.m4.xlarge   |