Skip to content

Instantly share code, notes, and snippets.

@jparrill

jparrill/a_release.md

Forked from jcpowermac/a_release.md
Last active September 4, 2018 09:32
Show Gist options
  • Save jparrill/01fde57b8586321d021002273505c672 to your computer and use it in GitHub Desktop.
Save jparrill/01fde57b8586321d021002273505c672 to your computer and use it in GitHub Desktop.
Download ZIP
release
Raw
a_release.md

Using OpenShift Release with alternative GCP account

There are a few preq to be done before running make:

  • Clone openshift/release and openshift/shared-secrets
  • Create a new service account
  • Create a new subdomain that GCE will manage
  • Modify gcp-dev/vars.yml

Git Clone

git clone https://github.com/openshift/release
git clone https://github.com/openshift/shared-secrets

Create a new service account

  • Navigate to IAM & admin
  • Create Service Account
    • Provide service account name
    • Check furnish a new private key
    • Role: Project - Editor

Download and save service-account json file. This will be used later.

Cloud DNS

To create a CloudDNS:

  • Navigate to CloudDNS: Network services -> CloudDNS
  • Click "Create Zone"
  • Provide appropriate values

The next screen will provide the name servers that should be used in your existing DNS configuration for the subdomain.

Results using the gcloud cli

jcallen@cnvlab-209908:~$ gcloud dns managed-zones list
NAME                      DNS_NAME                   DESCRIPTION
virtomation-com           gce.virtomation.com.

Create a subdomain

Create a subdomain for GCE in your DNS. For this example I used a domain that I own.

$ host -t NS gce.virtomation.com
gce.virtomation.com name server ns-cloud-b4.googledomains.com.
gce.virtomation.com name server ns-cloud-b1.googledomains.com.
gce.virtomation.com name server ns-cloud-b2.googledomains.com.
gce.virtomation.com name server ns-cloud-b3.googledomains.com.

Changes to configurations

Change directory to release.

cd ./release/cluster/test-deploy/gcp-dev

Modify vars.yaml and the following variables should be changed based on your configuration.

openshift_gcp_project: cnvlab-209908 
# The subdomain that we just created
public_hosted_zone: gce.virtomation.com  
# The name GCE name of the CloudDNS
dns_managed_zone: virtomation-com

Create ./release/cluster/test-deploy/gcp-dev/kubevirt.yaml

# This option is only available in openshift-ansible master (08-16-2018)
openshift_gcp_licenses: https://www.googleapis.com/compute/v1/projects/vm-options/global/licenses/enable-vmx

# openshift_release is required for 3.10 until the origin-ansible:3.10 container image is updated with changes
# to support gcp licenses.
#openshift_release: "3.10"

# We are not upgrading and these packages are always missing.
openshift_enable_excluders: False

Copy required files to gcp-dev

# Copy service account json to gce.json
cp ~/Downloads/<sa>.json ./release/cluster/test-deploy/gcp-dev/gce.json

See Configure a profile for the additional files required - excluding the gce.json.

Deploy OKD Cluster

Cluster managment

See test-deploy README for additional information

Current make options:

  • WHAT: Base name of the cluster
  • PROFILE: Which deployment profile that will be run. Currently only use gcp-dev.
  • REF: branch or tag of the cluster that should be deployed.

Installing 3.10

NOTE: Set openshift_release to 3.10 (or just uncomment within kubevirt.yaml)

sudo make WHAT=jparrill PROFILE=gcp-dev REF=release-3.10 up

Installing Master (3.11)

sudo OPENSHIFT_ANSIBLE_IMAGE=quay.io/openshift/origin-ansible:latest make WHAT=jparrill PROFILE=gcp-crio-dev REF=master up

Use a container image cli

Instead of installing the openshift client let's use a existing container with the client already installed. NOTE: docker can be replaced with podman if not available on your operating system.

Example:

sudo podman run -it --rm \
    -v ${PWD}/gcp-dev/:/gcp-dev:Z \
    -e KUBECONFIG=/gcp-dev/admin.kubeconfig quay.io/openshift/origin-cli:v3.10.0 oc get nodes

Build KubeVirt

See build.sh

Raw
build.sh
#!/bin/bash
set -x
PROFILE="gcp-dev"
# Using the kube-system namespace to avoid modifying service accounts to allow
# pulling images from a kubevirt project if that was used instead.
NAMESPACE="kube-system"
VERSION="v3.10.0"
RELEASE_TOOL_PATH="/home/jlcallen/Development/release"
KUBEVIRT_PATH="/home/jlcallen/Development/kubevirt"
PROFILE_PATH="${RELEASE_TOOL_PATH}/cluster/test-deploy/${PROFILE}"
MANIFEST_PATH="${KUBEVIRT_PATH}/_out/manifests/dev"
# If you don't have podman you should be able to replace this with docker
RUNTIME="podman"
# Why? I am running silverblue and the origin clients are not install by default in the ostree.
# You could easily replace this with just the oc path if installed
CLI_CONTAINER="quay.io/openshift/origin-cli:${VERSION}"
OC="sudo ${RUNTIME} run -it --rm -v ${PROFILE_PATH}:/profile:Z -e KUBECONFIG=/profile/admin.kubeconfig ${CLI_CONTAINER} oc"
OC_MANIFEST="sudo ${RUNTIME} run -it --rm -v ${MANIFEST_PATH}:/manifest:Z -v ${PROFILE_PATH}:/profile:Z -e KUBECONFIG=/profile/admin.kubeconfig ${CLI_CONTAINER} oc"
# Need the kube-system bulder token to be able to login to the OpenShift registry
TOKEN=`${OC} sa get-token -n ${NAMESPACE} builder | tr -d '\r'`
# Get the URL to the registry
REGISTRY=`${OC} get route docker-registry -n default --template '{{ .spec.host }}'`
# Login to the registry
# Yes you will need to configure insecure registries in /etc/containers/registries.conf
sudo docker login -u builder -p ${TOKEN} ${REGISTRY}
# Change the kubevirt development directory
cd ${KUBEVIRT_PATH}
# build and create kubevirt container images
sudo DOCKER_PREFIX=${REGISTRY}/${NAMESPACE} make docker
# Push to the registry
sudo DOCKER_PREFIX=${REGISTRY}/${NAMESPACE} make push
# Now that the images are in the openshift registry there is no
# reason to the use the registry "route" just use the service url
# The tag when pushed to the registry is latest
sudo DOCKER_PREFIX=docker-registry.default.svc:5000/${NAMESPACE} DOCKER_TAG=latest make manifests
eval ${OC_MANIFEST} create -f /manifest
Raw
chrono_release.md

gcp-crio-dev 3.11: 0:37:29.343

PLAY RECAP *********************************************************************
35.231.13.4                : ok=176  changed=96   unreachable=0    failed=0   
jparrill-ig-m-5drj         : ok=423  changed=187  unreachable=0    failed=0   
jparrill-ig-n-2wzl         : ok=1    changed=0    unreachable=0    failed=0   
jparrill-ig-n-6n79         : ok=0    changed=0    unreachable=0    failed=0   
jparrill-ig-n-tbbw         : ok=0    changed=0    unreachable=0    failed=0   
localhost                  : ok=36   changed=16   unreachable=0    failed=0   


INSTALLER STATUS ***************************************************************
Initialization               : Complete (0:00:23)
Health Check                 : Complete (0:00:07)
Node Bootstrap Preparation   : Complete (0:00:00)
etcd Install                 : Complete (0:01:52)
Master Install               : Complete (0:08:34)
Master Additional Install    : Complete (0:01:34)
Hosted Install               : Complete (0:01:46)
Cluster Monitoring Operator  : Complete (0:01:42)
Web Console Install          : Complete (0:00:47)
Console Install              : Complete (0:00:35)
metrics-server Install       : Complete (0:00:01)
Monday 03 September 2018  09:23:43 +0000 (0:00:01.361)       0:37:29.343 ****** 
=============================================================================== 
openshift_gcp : Provision GCP resources ------------------------------- 262.56s
openshift_control_plane : Wait for control plane pods to appear -------- 97.31s
openshift_node : install needed rpm(s) --------------------------------- 96.18s
Save the new image ----------------------------------------------------- 76.02s
openshift_cluster_monitoring_operator : Wait for the ServiceMonitor CRD to be created -- 66.40s
Ensure openshift-ansible installer package deps are installed ---------- 59.06s
openshift_gcp : install haproxy ---------------------------------------- 49.57s
openshift_control_plane : Wait for all control plane pods to become ready -- 47.73s
container_runtime : Install Docker ------------------------------------- 46.58s
openshift_node_group : Wait for the sync daemonset to become ready and available -- 33.68s
openshift_gcp : Approve node certificates when bootstrapping ----------- 31.59s
openshift_node : Install node, clients, and conntrack packages --------- 30.89s
Terminate the image build instance ------------------------------------- 26.10s
openshift_bootstrap_autoapprover : Copy templates to temp directory ---- 24.08s
openshift_web_console : Verify that the console is running ------------- 23.85s
Wait for instance to respond to SSH ------------------------------------ 19.61s
openshift_manageiq : Configure role/user permissions ------------------- 19.46s
openshift_sdn : Copy templates to temp directory ----------------------- 17.83s
container_runtime : Install cri-o -------------------------------------- 17.62s
openshift_ca : Install the base package for admin tooling -------------- 17.39s

PLAY RECAP *********************************************************************
localhost                  : ok=6    changed=5    unreachable=0    failed=0   

Monday 03 September 2018  09:30:01 +0000 (0:03:59.841)       0:04:07.051 ****** 
=============================================================================== 
openshift_gcp : De-provision GCP resources ---------------------------- 239.84s
Gathering Facts --------------------------------------------------------- 5.33s
openshift_gcp : Templatize DNS script ----------------------------------- 0.54s
openshift_gcp : Templatize provision script ----------------------------- 0.33s
openshift_gcp : Templatize de-provision script -------------------------- 0.32s
openshift_gcp : Templatize SSH key provision script --------------------- 0.29s
include_role : openshift_gcp -------------------------------------------- 0.13s
openshift_gcp : Provision GCP DNS domain -------------------------------- 0.04s
openshift_gcp : Provision GCP resources --------------------------------- 0.04s
openshift_gcp : Provision GCP SSH key resources ------------------------- 0.04s
openshift_gcp : Ensure that DNS resolves to the hosted zone ------------- 0.04s

gcp-crio-dev 3.10: Doesn't work

PLAY RECAP *********************************************************************
35.231.184.6               : ok=71   changed=6    unreachable=0    failed=1   
localhost                  : ok=10   changed=3    unreachable=0    failed=0   


INSTALLER STATUS ***************************************************************
Initialization  : Complete (0:01:11)
Monday 03 September 2018  09:42:03 +0000 (0:00:52.001)       0:02:47.603 ****** 
=============================================================================== 
container_runtime : Install cri-o -------------------------------------- 52.00s
Ensure openshift-ansible installer package deps are installed ---------- 45.65s
Launch the image build instance ----------------------------------------- 3.06s
container_runtime : Configure Docker Network OPTIONS -------------------- 2.94s
container_runtime : Start the Docker service ---------------------------- 2.72s
wait_for_connection ----------------------------------------------------- 2.61s
openshift_gcp : Provision GCP SSH key resources ------------------------- 2.56s
os_firewall : Install iptables packages --------------------------------- 2.53s
container_runtime : Configure Docker service unit file ------------------ 2.36s
container_runtime : Setup the docker-storage for overlay ---------------- 2.34s
Gather Cluster facts ---------------------------------------------------- 2.29s
openshift_repos : Configure correct origin release repository ----------- 2.11s
openshift_repos : Configure origin gpg keys ----------------------------- 1.99s
get openshift_current_version ------------------------------------------- 1.94s
Gathering Facts --------------------------------------------------------- 1.78s
Create the image instance disk ------------------------------------------ 1.65s
openshift_repos : Create any additional repos that are defined ---------- 1.53s
Wait for instance to respond to SSH ------------------------------------- 1.47s
Initialize openshift.node.sdn_mtu --------------------------------------- 1.35s
openshift_repos : Ensure libselinux-python is installed ----------------- 1.34s


Failure summary:


  1. Hosts:    35.231.184.6
     Play:     oo_nodes_to_config
     Task:     Install cri-o
     Message:  No package matching 'cri-o' found available, installed or updated
make: *** [Makefile:13: up] Error 2

gcp-dev 3.10: 0:34:03.108 (1M/3N)

PLAY RECAP *********************************************************************
35.229.63.211              : ok=162  changed=77   unreachable=0    failed=0   
jparrill-ig-m-g9pf         : ok=402  changed=174  unreachable=0    failed=0   
jparrill-ig-n-3hmm         : ok=0    changed=0    unreachable=0    failed=0   
jparrill-ig-n-450x         : ok=0    changed=0    unreachable=0    failed=0   
jparrill-ig-n-kbd3         : ok=0    changed=0    unreachable=0    failed=0   
localhost                  : ok=36   changed=16   unreachable=0    failed=0   


INSTALLER STATUS ***************************************************************
Initialization               : Complete (0:00:21)
Health Check                 : Complete (0:00:06)
Node Bootstrap Preparation   : Complete (0:00:00)
etcd Install                 : Complete (0:01:53)
Master Install               : Complete (0:07:05)
Master Additional Install    : Complete (0:01:34)
Hosted Install               : Complete (0:01:23)
Cluster Monitoring Operator  : Complete (0:00:54)
Web Console Install          : Complete (0:00:47)
Monday 03 September 2018  10:21:05 +0000 (0:00:01.223)       0:34:03.108 ****** 
=============================================================================== 
openshift_gcp : Provision GCP resources ------------------------------- 265.17s
openshift_node : install needed rpm(s) -------------------------------- 112.25s
Save the new image ----------------------------------------------------- 92.36s
openshift_control_plane : Wait for all control plane pods to become ready -- 74.44s
Ensure openshift-ansible installer package deps are installed ---------- 61.46s
openshift_gcp : install haproxy ---------------------------------------- 51.21s
openshift_gcp : Approve node certificates when bootstrapping ----------- 43.95s
openshift_node : Install node, clients, and conntrack packages --------- 43.08s
container_runtime : Install Docker ------------------------------------- 41.83s
Terminate the image build instance ------------------------------------- 39.20s
openshift_cluster_monitoring_operator : Wait for the ServiceMonitor CRD to be created -- 35.87s
openshift_control_plane : Wait for control plane pods to appear -------- 27.19s
openshift_web_console : Verify that the console is running ------------- 25.64s
openshift_bootstrap_autoapprover : Copy templates to temp directory ---- 23.41s
Wait for instance to respond to SSH ------------------------------------ 22.49s
openshift_sdn : Copy templates to temp directory ----------------------- 18.09s
openshift_manageiq : Configure role/user permissions ------------------- 17.83s
tuned : Ensure files are populated from templates ---------------------- 17.37s
Launch the image build instance ---------------------------------------- 14.91s
openshift_control_plane : Copy static master scripts ------------------- 14.61s

PLAY RECAP *********************************************************************
localhost                  : ok=6    changed=5    unreachable=0    failed=0   

Monday 03 September 2018  10:48:25 +0000 (0:04:18.842)       0:04:25.751 ****** 
=============================================================================== 
openshift_gcp : De-provision GCP resources ---------------------------- 258.84s
Gathering Facts --------------------------------------------------------- 5.01s
openshift_gcp : Templatize DNS script ----------------------------------- 0.60s
openshift_gcp : Templatize provision script ----------------------------- 0.34s
openshift_gcp : Templatize de-provision script -------------------------- 0.31s
openshift_gcp : Templatize SSH key provision script --------------------- 0.27s
include_role : openshift_gcp -------------------------------------------- 0.15s
openshift_gcp : Ensure that DNS resolves to the hosted zone ------------- 0.04s
openshift_gcp : Provision GCP resources --------------------------------- 0.04s
openshift_gcp : Provision GCP SSH key resources ------------------------- 0.04s
openshift_gcp : Provision GCP DNS domain -------------------------------- 0.04s

gcp-dev 3.10: 0:33:06.706 (1M/1N)

PLAY RECAP *********************************************************************
35.237.160.197             : ok=162  changed=77   unreachable=0    failed=0   
jparrill-ig-m-sds8         : ok=402  changed=174  unreachable=0    failed=0   
jparrill-ig-n-622m         : ok=0    changed=0    unreachable=0    failed=0   
localhost                  : ok=36   changed=16   unreachable=0    failed=0   


INSTALLER STATUS ***************************************************************
Initialization               : Complete (0:00:22)
Health Check                 : Complete (0:00:07)
Node Bootstrap Preparation   : Complete (0:00:00)
etcd Install                 : Complete (0:01:52)
Master Install               : Complete (0:06:55)
Master Additional Install    : Complete (0:01:28)
Hosted Install               : Complete (0:01:30)
Cluster Monitoring Operator  : Complete (0:00:49)
Web Console Install          : Complete (0:00:47)
Tuesday 04 September 2018  09:19:04 +0000 (0:00:01.228)       0:33:06.706 ***** 
=============================================================================== 
openshift_gcp : Provision GCP resources ------------------------------- 217.22s
openshift_node : install needed rpm(s) -------------------------------- 109.19s
Save the new image ----------------------------------------------------- 86.55s
openshift_control_plane : Wait for all control plane pods to become ready -- 62.85s
Ensure openshift-ansible installer package deps are installed ---------- 59.44s
openshift_gcp : install haproxy ---------------------------------------- 54.08s
openshift_gcp : Approve node certificates when bootstrapping ----------- 50.12s
openshift_node : Install node, clients, and conntrack packages --------- 48.18s
container_runtime : Install Docker ------------------------------------- 40.45s
Terminate the image build instance ------------------------------------- 33.74s
openshift_cluster_monitoring_operator : Wait for the ServiceMonitor CRD to be created -- 32.71s
openshift_control_plane : Wait for control plane pods to appear -------- 30.31s
openshift_web_console : Verify that the console is running ------------- 24.42s
openshift_bootstrap_autoapprover : Copy templates to temp directory ---- 24.05s
openshift_manageiq : Configure role/user permissions ------------------- 19.08s
openshift_sdn : Copy templates to temp directory ----------------------- 17.92s
tuned : Ensure files are populated from templates ---------------------- 17.62s
Wait for instance to respond to SSH ------------------------------------ 16.64s
openshift_gcp : Provision GCP DNS domain ------------------------------- 15.20s
openshift_node_group : Copy templates to temp directory ---------------- 14.55s

PLAY RECAP *********************************************************************
localhost                  : ok=6    changed=5    unreachable=0    failed=0   

Tuesday 04 September 2018  09:32:24 +0000 (0:04:31.713)       0:04:38.581 ***** 
=============================================================================== 
openshift_gcp : De-provision GCP resources ---------------------------- 271.71s
Gathering Facts --------------------------------------------------------- 5.01s
openshift_gcp : Templatize DNS script ----------------------------------- 0.54s
openshift_gcp : Templatize provision script ----------------------------- 0.34s
openshift_gcp : Templatize de-provision script -------------------------- 0.32s
openshift_gcp : Templatize SSH key provision script --------------------- 0.29s
include_role : openshift_gcp -------------------------------------------- 0.12s
openshift_gcp : Ensure that DNS resolves to the hosted zone ------------- 0.05s
openshift_gcp : Provision GCP DNS domain -------------------------------- 0.04s
openshift_gcp : Provision GCP SSH key resources ------------------------- 0.04s
openshift_gcp : Provision GCP resources --------------------------------- 0.04s

gcp-dev 3.11: 0:34:24.419

PLAY RECAP *********************************************************************
104.196.169.107            : ok=155  changed=80   unreachable=0    failed=0   
jparrill-ig-m-j16r         : ok=418  changed=182  unreachable=0    failed=0   
jparrill-ig-n-6rpp         : ok=0    changed=0    unreachable=0    failed=0   
jparrill-ig-n-8xg0         : ok=0    changed=0    unreachable=0    failed=0   
jparrill-ig-n-9bj2         : ok=0    changed=0    unreachable=0    failed=0   
localhost                  : ok=36   changed=16   unreachable=0    failed=0   


INSTALLER STATUS ***************************************************************
Initialization               : Complete (0:00:20)
Health Check                 : Complete (0:00:07)
etcd Install                 : Complete (0:01:38)
Node Bootstrap Preparation   : Complete (0:00:00)
Master Install               : Complete (0:07:26)
Master Additional Install    : Complete (0:01:19)
Hosted Install               : Complete (0:01:27)
Cluster Monitoring Operator  : Complete (0:01:10)
Web Console Install          : Complete (0:00:38)
Console Install              : Complete (0:00:34)
metrics-server Install       : Complete (0:00:00)
Monday 03 September 2018  11:25:22 +0000 (0:00:01.290)       0:34:24.419 ****** 
=============================================================================== 
openshift_gcp : Provision GCP resources ------------------------------- 253.80s
openshift_node : install needed rpm(s) --------------------------------- 96.43s
Save the new image ----------------------------------------------------- 94.16s
openshift_control_plane : Wait for all control plane pods to become ready -- 63.23s
openshift_control_plane : Wait for control plane pods to appear -------- 60.54s
Ensure openshift-ansible installer package deps are installed ---------- 60.50s
openshift_gcp : Approve node certificates when bootstrapping ----------- 52.98s
openshift_gcp : install haproxy ---------------------------------------- 52.86s
Terminate the image build instance ------------------------------------- 50.97s
container_runtime : Install Docker ------------------------------------- 48.18s
openshift_cluster_monitoring_operator : Wait for the ServiceMonitor CRD to be created -- 33.85s
openshift_node : Install node, clients, and conntrack packages --------- 32.28s
openshift_bootstrap_autoapprover : Copy templates to temp directory ---- 19.67s
openshift_control_plane : Pre-pull Origin image ------------------------ 19.16s
openshift_ca : Install the base package for admin tooling -------------- 17.73s
tuned : Ensure files are populated from templates ---------------------- 16.29s
openshift_sdn : Copy templates to temp directory ----------------------- 16.21s
Wait for instance to respond to SSH ------------------------------------ 14.52s
openshift_manageiq : Configure role/user permissions ------------------- 14.43s
openshift_node : Install iSCSI storage plugin dependencies ------------- 13.02s

PLAY RECAP *********************************************************************
localhost                  : ok=6    changed=5    unreachable=0    failed=0   

Monday 03 September 2018  11:32:50 +0000 (0:04:44.231)       0:04:53.146 ****** 
=============================================================================== 
openshift_gcp : De-provision GCP resources ---------------------------- 284.23s
Gathering Facts --------------------------------------------------------- 6.27s
openshift_gcp : Templatize DNS script ----------------------------------- 0.76s
openshift_gcp : Templatize provision script ----------------------------- 0.48s
openshift_gcp : Templatize de-provision script -------------------------- 0.47s
openshift_gcp : Templatize SSH key provision script --------------------- 0.41s
include_role : openshift_gcp -------------------------------------------- 0.18s
openshift_gcp : Provision GCP resources --------------------------------- 0.09s
openshift_gcp : Provision GCP DNS domain -------------------------------- 0.06s
openshift_gcp : Ensure that DNS resolves to the hosted zone ------------- 0.06s
openshift_gcp : Provision GCP SSH key resources ------------------------- 0.06s
Raw
kubevirt.yaml
# This option is only available in openshift-ansible master (08-16-2018)
openshift_gcp_licenses: https://www.googleapis.com/compute/v1/projects/vm-options/global/licenses/enable-vmx
# openshift_release may be required for 3.10 until the origin-ansible:3.10 is updated with the nested virtualization
# additions
#openshift_release: "3.11"
# We are not upgrading and these packages are always missing.
openshift_enable_excluders: False
Raw
z_oc.sh
#!/bin/bash
PROFILE=gcp-dev
VERSION="v3.10.0"
RELEASE_TOOL_PATH=/home/jlcallen/Development/release
PROFILE_PATH=${RELEASE_TOOL_PATH}/cluster/test-deploy/${PROFILE}
# If you don't have podman you should be able to replace this with docker
RUNTIME="podman"
# Why? I am running silverblue and the origin clients are not install by default in the ostree.
# You could easily replace this with just the oc path if installed
CLI_CONTAINER="quay.io/openshift/origin-cli:${VERSION}"
OC="sudo ${RUNTIME} run -it --rm -v ${PROFILE_PATH}:/profile:Z -e KUBECONFIG=/profile/admin.kubeconfig ${CLI_CONTAINER} oc"
eval ${OC} $@
Raw
z_old.md

old stuff ignore - notes

NOTE: below is out-of-date...

Create kubevirt project

sudo podman run -it --rm \
	-v ${PWD}/gcp-dev/:/gcp-dev:Z \
	-e KUBECONFIG=/gcp-dev/admin.kubeconfig \
	quay.io/openshift/origin-cli:v3.10.0 \
	oc new-project kubevirt

Get the builder token

TOKEN=`sudo podman run -it --rm -v ${PWD}/gcp-dev/:/gcp-dev:Z -e KUBECONFIG=/gcp-dev/admin.kubeconfig quay.io/openshift/origin-cli:v3.10.0 oc sa get-token -n kubevirt builder | tr -d '\r'`

Get the registry URL

REGISTRY=`sudo podman run -it --rm -v ${PWD}/gcp-dev/:/gcp-dev:Z -e KUBECONFIG=/gcp-dev/admin.kubeconfig quay.io/openshift/origin-cli:v3.10.0 oc get route docker-registry -n default --template '{{ .spec.host }}'`

Login to the registry

sudo docker login -u builder -p ${TOKEN} ${REGISTRY}

Kubevirt stuff

sudo DOCKER_PREFIX=${REGISTRY}/kubevirt make docker
sudo DOCKER_PREFIX=${REGISTRY}/kubevirt make push

# Use the internal service instead

sudo DOCKER_PREFIX=docker-registry.default.svc:5000/kubevirt DOCKER_TAG=latest make manifests

Deploy kubevirt

sudo podman run -it --rm \
    -v ${PWD}/gcp-dev/:/gcp-dev:Z \
    -v /home/jlcallen/Development/kubevirt/_out/manifests/dev:/tmp/manifests:Z \
    -e KUBECONFIG=/gcp-dev/admin.kubeconfig quay.io/openshift/origin-cli:v3.10.0 \
    oc create -f /tmp/manifests/

Permissions for kubevirt image pull

To pull images from the kubevirt project allow the service accounts access via system:image-puller

sudo podman run -it --rm -v ${PWD}/gcp-dev/:/gcp-dev:Z -e KUBECONFIG=/gcp-dev/admin.kubeconfig quay.io/openshift/origin-cli:v3.10.0 \
	oc policy add-role-to-user system:image-puller system:serviceaccount:kube-system:kubevirt-controller -n kubevirt


sudo podman run -it --rm -v ${PWD}/gcp-dev/:/gcp-dev:Z -e KUBECONFIG=/gcp-dev/admin.kubeconfig quay.io/openshift/origin-cli:v3.10.0 \
	oc policy adm add-role-to-user system:image-puller system:serviceaccount:kube-system:kubevirt-apiserver -n kubevirt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment