Last active
June 19, 2019 02:24
-
-
Save yoeluk/b9c5ecd50b4a31ca6dd956bf39da620d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# PLEASE DON'T RUN THIS AS SCRIPT AS SOME STEPS NEED MANUAL INTERVENTION | |
# start minishift with a reasonable resources for your system but large enough | |
# the lower values that I test it were --cpus 4 --memory 18GB | |
minishift start --cpus 6 --memory 20GB --disk-size 80GB --openshift-version v3.11.0 --profile sample | |
# login as the system's admin and create a user | |
oc login -u system:admin -n default | |
oc create sa pipeline | |
# we are going to use this sa for administrating the cluster so we need those priviledges | |
oc adm policy add-cluster-role-to-user cluster-admin pipeline | |
oc describe sa pipeline # note the `tokens` name in the output | |
oc describe secret pipeline-token-xljpn # pipeline-token-xljpn is one of the token's name from the previous output | |
# copy this rather log token and login in the minishift console | |
# https://192.168.42.106:8443/console (the correct url would be the one in the output of the minishift start command) | |
# or run `oc project` to take a look at the service url and project | |
# In the UI look for the user icon on the right tagged pipeline, click on it and copy the login command | |
# go back to the terminal, paste and run the command | |
# you should now be logged in as the service account pipeline | |
oc whoami # pipeline | |
# expose the docker-registry with a router | |
minishift addon enable registry-route | |
minishift addon apply registry-route | |
# if all when acording to the plan after a few moments you can confirm that tls is enable | |
oc logs dc/docker-registry | grep tls | |
# add the registry-console template to minishift | |
oc create -f https://raw.githubusercontent.com/openshift/openshift-ansible/release-3.9/roles/openshift_hosted_templates/files/v3.9/origin/registry-console.yaml | |
# create a passthrough router for the registry-console | |
oc create route passthrough --service registry-console \ | |
--port registry-console \ | |
-n default | |
# deploy the registry-console | |
oc new-app -n default --template=registry-console \ | |
-p OPENSHIFT_OAUTH_PROVIDER_URL="https://192.168.42.106:8443" \ | |
-p REGISTRY_HOST=$(oc get route docker-registry -n default --template='{{ .spec.host }}') \ | |
-p COCKPIT_KUBE_URL=$(oc get route registry-console -n default --template='https://{{ .spec.host }}') | |
# you should be able to login on the registry console here with the user pipeline | |
# https://registry-console-default.192.168.42.106.nip.io/ | |
# login to the minishift VM | |
minishift ssh | |
# copy the following file /var/lib/minishift/base/openshift-apiserver/ca.crt | |
# to your host /etc/docker/certs.d/docker-registry-default.192.168.42.106.nip.io | |
# back in your host | |
docker login -u $(oc whoami) -p $(oc whoami -t) docker-registry-default.192.168.42.106.nip.io |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment