mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-07 00:48:01 +01:00
326 lines
11 KiB
Plaintext
326 lines
11 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * edge_computing/ibi-edge-image-based-install.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="ibi-create-config-iso_{context}"]
|
|
= Deploying a managed {sno} cluster using the IBI Operator
|
|
|
|
Create the site-specific configuration resources in the hub cluster to initiate the image-based deployment of a preinstalled host.
|
|
|
|
When you create these configuration resources in the hub cluster, the Image Based Install (IBI) Operator generates a configuration ISO and attaches it to the target host to begin the site-specific configuration process. When the configuration process completes, the {sno} cluster is ready.
|
|
|
|
[NOTE]
|
|
====
|
|
For more information about the configuration resources that you must configure in the hub cluster, see "Cluster configuration resources for deploying a preinstalled host".
|
|
====
|
|
|
|
.Prerequisites
|
|
|
|
* You preinstalled a host with {sno} using an image-based installation.
|
|
* You logged in as a user with `cluster-admin` privileges.
|
|
* You deployed a {rh-rhacm-first} hub cluster or you deployed the multicluster engine for Kubernetes operator (MCE).
|
|
* You installed the IBI Operator on the hub cluster.
|
|
* You created a pull secret to authenticate pull requests. For more information, see "Using image pull secrets".
|
|
|
|
.Procedure
|
|
|
|
. Create the `ibi-ns` namespace by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create namespace ibi-ns
|
|
----
|
|
|
|
. Create the `Secret` resource for your image registry:
|
|
|
|
.. Create a YAML file that defines the `Secret` resource for your image registry:
|
|
+
|
|
.Example `secret-image-registry.yaml` file
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: ibi-image-pull-secret
|
|
namespace: ibi-ns
|
|
stringData:
|
|
.dockerconfigjson: <base64-docker-auth-code> <1>
|
|
type: kubernetes.io/dockerconfigjson
|
|
----
|
|
<1> You must provide base64-encoded credential details. See the "Additional resources" section for more information about using image pull secrets.
|
|
|
|
.. Create the `Secret` resource for your image registry by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create -f secret-image-registry.yaml
|
|
----
|
|
|
|
. Optional: Configure static networking for the host:
|
|
|
|
.. Create a `Secret` resource containing the static network configuration in `nmstate` format:
|
|
+
|
|
.Example `host-network-config-secret.yaml` file
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: host-network-config-secret <1>
|
|
namespace: ibi-ns
|
|
type: Opaque
|
|
stringData:
|
|
nmstate: | <2>
|
|
interfaces:
|
|
- name: ens1f0 <3>
|
|
type: ethernet
|
|
state: up
|
|
ipv4:
|
|
enabled: true
|
|
address:
|
|
- ip: 192.168.200.25
|
|
prefix-length: 24
|
|
dhcp: false <4>
|
|
ipv6:
|
|
enabled: false
|
|
dns-resolver:
|
|
config:
|
|
server:
|
|
- 192.168.15.47 <5>
|
|
- 192.168.15.48
|
|
routes:
|
|
config: <6>
|
|
- destination: 0.0.0.0/0
|
|
metric: 150
|
|
next-hop-address: 192.168.200.254
|
|
next-hop-interface: ens1f0
|
|
table-id: 254
|
|
----
|
|
<1> Specify the name for the `Secret` resource.
|
|
<2> Define the static network configuration in `nmstate` format.
|
|
<3> Specify the name of the interface on the host. The name of the interface must match the actual NIC name as shown in the operating system. To use your MAC address for NIC matching, set the `identifier` field to `mac-address`.
|
|
<4> You must specify `dhcp: false` to ensure `nmstate` assigns the static IP address to the interface.
|
|
<5> Specify one or more DNS servers that the system will use to resolve domain names.
|
|
<6> In this example, the default route is configured through the `ens1f0` interface to the next hop IP address `192.168.200.254`.
|
|
|
|
. Create the `BareMetalHost` and `Secret` resources:
|
|
|
|
.. Create a YAML file that defines the `BareMetalHost` and `Secret` resources:
|
|
+
|
|
.Example `ibi-bmh.yaml` file
|
|
[source,yaml]
|
|
----
|
|
apiVersion: metal3.io/v1alpha1
|
|
kind: BareMetalHost
|
|
metadata:
|
|
name: ibi-bmh <1>
|
|
namespace: ibi-ns
|
|
spec:
|
|
online: false <2>
|
|
bootMACAddress: 00:a5:12:55:62:64 <3>
|
|
bmc:
|
|
address: redfish-virtualmedia+http://192.168.111.1:8000/redfish/v1/Systems/8a5babac-94d0-4c20-b282-50dc3a0a32b5 <4>
|
|
credentialsName: ibi-bmh-bmc-secret <5>
|
|
preprovisioningNetworkDataName: host-network-config-secret <6>
|
|
automatedCleaningMode: disabled <7>
|
|
externallyProvisioned: true <8>
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: ibi-bmh-secret <9>
|
|
namespace: ibi-ns
|
|
type: Opaque
|
|
data:
|
|
username: <user_name> <10>
|
|
password: <password> <11>
|
|
----
|
|
<1> Specify the name for the `BareMetalHost` resource.
|
|
<2> Specify if the host should be online.
|
|
<3> Specify the host boot MAC address.
|
|
<4> Specify the BMC address. You can only use bare-metal host drivers that support virtual media networking booting, for example redfish-virtualmedia and idrac-virtualmedia.
|
|
<5> Specify the name of the bare-metal host `Secret` resource.
|
|
<6> Optional: If you require static network configuration for the host, specify the name of the `Secret` resource containing the configuration.
|
|
<7> You must specify `automatedCleaningMode:disabled` to prevent the provisioning service from deleting all preinstallation artifacts, such as the seed image, during disk inspection.
|
|
<8> You must specify `externallyProvisioned: true` to enable the host to boot from the preinstalled disk, instead of the configuration ISO.
|
|
<9> Specify the name for the `Secret` resource.
|
|
<10> Specify the username.
|
|
<11> Specify the password.
|
|
|
|
.. Create the `BareMetalHost` and `Secret` resources by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create -f ibi-bmh.yaml
|
|
----
|
|
|
|
. Create the `ClusterImageSet` resource:
|
|
|
|
.. Create a YAML file that defines the `ClusterImageSet` resource:
|
|
+
|
|
.Example `ibi-cluster-image-set.yaml` file
|
|
[source,yaml]
|
|
----
|
|
apiVersion: hive.openshift.io/v1
|
|
kind: ClusterImageSet
|
|
metadata:
|
|
name: ibi-img-version-arch <1>
|
|
spec:
|
|
releaseImage: ibi.example.com:path/to/release/images:version-arch <2>
|
|
----
|
|
<1> Specify the name for the `ClusterImageSet` resource.
|
|
<2> Specify the address for the release image to use for the deployment. If you use a different image registry compared to the image registry used during seed image generation, ensure that the {product-title} version for the release image remains the same.
|
|
|
|
.. Create the `ClusterImageSet` resource by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -f ibi-cluster-image-set.yaml
|
|
----
|
|
|
|
. Create the `ImageClusterInstall` resource:
|
|
|
|
.. Create a YAML file that defines the `ImageClusterInstall` resource:
|
|
+
|
|
.Example `ibi-image-cluster-install.yaml` file
|
|
[source,yaml]
|
|
----
|
|
apiVersion: extensions.hive.openshift.io/v1alpha1
|
|
kind: ImageClusterInstall
|
|
metadata:
|
|
name: ibi-image-install <1>
|
|
namespace: ibi-ns
|
|
spec:
|
|
bareMetalHostRef:
|
|
name: ibi-bmh <2>
|
|
namespace: ibi-ns
|
|
clusterDeploymentRef:
|
|
name: ibi-cluster-deployment <3>
|
|
hostname: ibi-host <4>
|
|
imageSetRef:
|
|
name: ibi-img-version-arch <5>
|
|
machineNetwork: 10.0.0.0/24 <6>
|
|
proxy: <7>
|
|
httpProxy: "http://proxy.example.com:8080"
|
|
#httpsProxy: "http://proxy.example.com:8080"
|
|
#noProxy: "no_proxy.example.com"
|
|
----
|
|
<1> Specify the name for the `ImageClusterInstall` resource.
|
|
<2> Specify the `BareMetalHost` resource that you want to target for the image-based installation.
|
|
<3> Specify the name of the `ClusterDeployment` resource that you want to use for the image-based installation of the target host.
|
|
<4> Specify the hostname for the cluster.
|
|
<5> Specify the name of the `ClusterImageSet` resource you used to define the container release images to use for deployment.
|
|
<6> Specify the public CIDR (Classless Inter-Domain Routing) of the external network.
|
|
<7> Optional: Specify a proxy to use for the cluster deployment.
|
|
+
|
|
[IMPORTANT]
|
|
====
|
|
If your cluster deployment requires a proxy configuration, you must do the following:
|
|
|
|
* Create a seed image from a seed cluster featuring a proxy configuration. The proxy configurations do not have to match.
|
|
* Configure the `machineNetwork` field in your installation manifest.
|
|
====
|
|
|
|
.. Create the `ImageClusterInstall` resource by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create -f ibi-image-cluster-install.yaml
|
|
----
|
|
|
|
. Create the `ClusterDeployment` resource:
|
|
|
|
.. Create a YAML file that defines the `ClusterDeployment` resource:
|
|
+
|
|
.Example `ibi-cluster-deployment.yaml` file
|
|
[source,yaml]
|
|
----
|
|
apiVersion: hive.openshift.io/v1
|
|
kind: ClusterDeployment
|
|
metadata:
|
|
name: ibi-cluster-deployment <1>
|
|
namespace: ibi-ns <2>
|
|
spec:
|
|
baseDomain: example.com <3>
|
|
clusterInstallRef:
|
|
group: extensions.hive.openshift.io
|
|
kind: ImageClusterInstall
|
|
name: ibi-image-install <4>
|
|
version: v1alpha1
|
|
clusterName: ibi-cluster <5>
|
|
platform:
|
|
none: {}
|
|
pullSecretRef:
|
|
name: ibi-image-pull-secret <6>
|
|
----
|
|
<1> Specify the name for the `ClusterDeployment` resource.
|
|
<2> Specify the namespace for the `ClusterDeployment` resource.
|
|
<3> Specify the base domain that the cluster should belong to.
|
|
<4> Specify the name of the `ImageClusterInstall` in which you defined the container images to use for the image-based installation of the target host.
|
|
<5> Specify a name for the cluster.
|
|
<6> Specify the secret to use for pulling images from your image registry.
|
|
|
|
.. Create the `ClusterDeployment` resource by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -f ibi-cluster-deployment.yaml
|
|
----
|
|
|
|
. Create the `ManagedCluster` resource:
|
|
|
|
.. Create a YAML file that defines the `ManagedCluster` resource:
|
|
+
|
|
.Example `ibi-managed.yaml` file
|
|
[source,yaml]
|
|
----
|
|
apiVersion: cluster.open-cluster-management.io/v1
|
|
kind: ManagedCluster
|
|
metadata:
|
|
name: sno-ibi <1>
|
|
spec:
|
|
hubAcceptsClient: true <2>
|
|
----
|
|
<1> Specify the name for the `ManagedCluster` resource.
|
|
<2> Specify `true` to enable {rh-rhacm} to manage the cluster.
|
|
|
|
.. Create the `ManagedCluster` resource by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -f ibi-managed.yaml
|
|
----
|
|
|
|
.Verification
|
|
|
|
. Check the status of the `ImageClusterInstall` in the hub cluster to monitor the progress of the target host installation by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get imageclusterinstall
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME REQUIREMENTSMET COMPLETED BAREMETALHOSTREF
|
|
target-0 HostValidationSucceeded ClusterInstallationSucceeded ibi-bmh
|
|
----
|
|
+
|
|
[WARNING]
|
|
====
|
|
If the `ImageClusterInstall` resource is deleted, the IBI Operator reattaches the `BareMetalHost` resource and reboots the machine.
|
|
====
|
|
|
|
. When the installation completes, you can retrieve the `kubeconfig` secret to log in to the managed cluster by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc extract secret/<cluster_name>-admin-kubeconfig -n <cluster_namespace> --to - > <directory>/<cluster_name>-kubeconfig
|
|
----
|
|
+
|
|
* `<cluster_name>` is the name of the cluster.
|
|
* `<cluster_namespace>` is the namespace of the cluster.
|
|
* `<directory>` is the directory in which to create the file.
|