Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
tower-on-openshift
#!/bin/bash
yum -y install centos-release-openshift-origin epel-release
yum -y install wget git net-tools bind-utils iptables-services bridge-utils bash-completion origin-clients docker ansible htop
sed -i '/OPTIONS=.*/c\OPTIONS="--selinux-enabled --insecure-registry 172.30.0.0/16"' /etc/sysconfig/docker
# Fix shenanigans between subscription-manager-rhsm-certificates and python-rhsm-certificates:
# - https://github.com/openshift/openshift-ansible/issues/6222
# - https://github.com/minishift/minishift/issues/2194
# - https://github.com/minishift/minishift-centos-iso/issues/251
# - https://github.com/openshift/os/issues/179
# etc
# Manually set up certificate from https://github.com/candlepin/python-rhsm/blob/master/etc-conf/ca/redhat-uep.pem
wget -P /etc/rhsm/ca https://raw.githubusercontent.com/candlepin/python-rhsm/master/etc-conf/ca/redhat-uep.pem
systemctl enable docker
systemctl start docker
# Stand up a test OpenShift cluster with the "public" IP of my test node
# This is important because you'll be reaching Tower through a route
oc cluster up --public-hostname=192.168.0.108
# TODO: Figure out exactly which privileges Tower needs...
# - Error from server (Forbidden): securitycontextconstraints.security.openshift.io "privileged" is forbidden: User "developer" cannot get securitycontextconstraints.security.openshift.io at the cluster scope: User "developer" cannot get securitycontextconstraints.security.openshift.io at the cluster scope
oc login -u system:admin
oadm policy add-cluster-role-to-user cluster-admin developer
cat <<EOF > /tmp/extra-vars.yaml
create_preload_data: false
admin_username: admin
admin_password: password
nginx_http_port: "80"
nginx_https_port: "443"
# pg_host: "127.0.0.1"
pg_port: "5432"
pg_database: tower
pg_username: tower
pg_password: password
rabbitmq_port: "5672"
rabbitmq_vhost: tower
rabbitmq_username: tower
rabbitmq_password: password
rabbitmq_erlang_cookie: cookie
# Needs to be true for fqdns and ip addresses
rabbitmq_use_long_name: false
openshift_pg_emptydir: true
openshift_host: "192.168.0.108:8443"
openshift_project: tower
openshift_user: developer
openshift_password: developer
openshift_skip_tls_verify: true
secret_key: secret_key
EOF
wget https://releases.ansible.com/ansible-tower/setup_openshift/ansible-tower-openshift-setup-3.3.0.tar.gz
tar -xzvf ansible-tower-openshift-setup-3.3.0.tar.gz
pushd ansible-tower-openshift-setup-3.3.0
./setup_openshift.sh -e "@/tmp/extra-vars.yaml"
popd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.