- To create ssh secret:
oc create secret generic sshsecret \
--from-file=ssh-privatekey=$HOME/.ssh/id_rsa
To expediate the process of deploying Metering, you can create the requisite OLM custom resources locally, using the openshift client.
CatalogSource
custom resource (e.g. qe-app-registry) that contains the metering-operator's manifest bundle.metering-ocp
packagemanifest. Note: there's some naming collision with the qe-app-registry and redhat-operators packages, but you should be able to tell if there's no populated publisher field for the package.## OpenShift4 pull-secret: | |
1. Download your pull-secret from [openshift.com/try](https://cloud.redhat.com/openshift/install/aws/installer-provisioned) | |
- click on “Download Pull Secret”. Save it somewhere, e.g. ~/some-dir/pull-secret | |
2. Add the apps.ci auth to pull-secret! _internal OpenShift developers only_ | |
- Obtain an API token by visiting https://oauth-openshift.apps.ci.l2s4.p1.openshiftapps.com/oauth/token/request | |
copy the oc login cmd and paste in terminal to login to the ci cluster, then run this: | |
- `$ oc registry login --to ~/some-dir/pull-secret` | |
This will append the auth from registry.ci.openshift.org to your cloud.openshift.com pull-secret but it will also | |
make the pull-secret multi-line. |
In general when things are left over from failed installs or failed destroy cluster, you need to go through resource by resource and look for your partial label (e.g. mffiedler). Oftentimes deleting the VPC will reap child resources, but to be thorough, go through (in this order): | |
S3: S3 bucket - this can be difficult to find. There could be two (one starts terraform and one image-registry) - use install log or cluster creation time to find them | |
EC2: Instances | |
EC2: Load Balancers (also search on the VPC IOD for ELBs that show up - there are sometimes "hidden" ELBs in the same VPC) | |
VPC: NAT Gateways (Delete 1-by-1, they take time to actually delete and can old up subsequent deletes, keep refreshing) | |
VPC: After waiting you can try to delete the VPC itself but it will likely complain about interfaces in use | |
VPC: If the VPC did not delete clean you likely have to go to the security group it complains about, try to delete it and then delete any resources it thinks are in use | |
VPC: Security group - search by la |