mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
232 lines
6.1 KiB
Plaintext
232 lines
6.1 KiB
Plaintext
:_mod-docs-content-type: ASSEMBLY
|
|
[id="rosa-mobb-prerequisites-tutorial"]
|
|
= Tutorial: {product-title} prerequisites
|
|
include::_attributes/attributes-openshift-dedicated.adoc[]
|
|
:context: rosa-mobb-prerequisites-tutorial
|
|
|
|
toc::[]
|
|
|
|
//Mobb content metadata
|
|
//Brought into ROSA product docs 2023-09-18
|
|
//---
|
|
//date: '2021-06-10'
|
|
//title: ROSA Prerequisites
|
|
//weight: 1
|
|
//tags: ["AWS", "ROSA", "Quickstarts"]
|
|
//authors:
|
|
// - Steve Mirman
|
|
// - Paul Czarkowski
|
|
//---
|
|
//This file is not being built as of 2023-09-22 based on a conversation with Michael McNeill.
|
|
|
|
This document contains a set of prerequisites that must be run once before you can create your first {product-title} cluster.
|
|
|
|
== AWS
|
|
|
|
An AWS account with the link:https://console.aws.amazon.com/rosa/home?#/get-started[AWS {product-title} prerequisites] met.
|
|
|
|
|
|
image::rosa-aws-pre.png[AWS console {product-title} prerequisites]
|
|
|
|
== AWS CLI
|
|
|
|
.MacOS
|
|
|
|
* Install AWS CLI using the MacOS command line:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
|
|
$ sudo installer -pkg AWSCLIV2.pkg -target /
|
|
----
|
|
+
|
|
[NOTE]
|
|
====
|
|
See link:https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html[AWS Documentation] for alternative install options.
|
|
====
|
|
|
|
.Linux
|
|
|
|
* Install AWS CLI using the Linux command line:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
|
|
$ unzip awscliv2.zip
|
|
$ sudo ./aws/install
|
|
----
|
|
+
|
|
[NOTE]
|
|
====
|
|
See link:https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html[AWS Documentation] for alternative install options.
|
|
====
|
|
|
|
.Windows
|
|
|
|
* Install AWS CLI using the Windows command line:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ C:\> msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi
|
|
----
|
|
+
|
|
[NOTE]
|
|
====
|
|
See link:https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-windows.html[AWS Documentation] for alternative install options.
|
|
====
|
|
|
|
////
|
|
.Docker
|
|
|
|
* To run the AWS CLI version 2 Docker image, use the docker run command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ docker run --rm -it amazon/aws-cli command
|
|
----
|
|
+
|
|
[NOTE]
|
|
====
|
|
See link:https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-docker.html[AWS Documentation] for alternative install options.
|
|
====
|
|
////
|
|
|
|
== Prepare AWS Account for OpenShift
|
|
|
|
. Configure the AWS CLI by running:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ aws configure
|
|
----
|
|
+
|
|
. You will be required to enter an `AWS Access Key ID` and an `AWS Secret Access Key` along with a default region name and output format:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ aws configure
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
AWS Access Key ID []:
|
|
AWS Secret Access Key []:
|
|
Default region name [us-east-2]:
|
|
Default output format [json]:
|
|
----
|
|
+
|
|
The `AWS Access Key ID` and `AWS Secret Access Key` values can be obtained by logging in to the AWS console and creating an *Access Key* in the *Security Credentials* section of the IAM dashboard for your user.
|
|
+
|
|
. Validate your credentials:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ aws sts get-caller-identity
|
|
----
|
|
+
|
|
You should receive output similar to the following:
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
{
|
|
"UserId": <your ID>,
|
|
"Account": <your account>,
|
|
"Arn": <your arn>
|
|
}
|
|
----
|
|
+
|
|
. If this is a new AWS account that has never had a AWS Load Balancer (ALB) installed in it, run the following:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ aws iam create-service-linked-role --aws-service-name \
|
|
"elasticloadbalancing.amazonaws.com"
|
|
----
|
|
|
|
== Get a Red Hat Offline Access Token
|
|
|
|
. Log into {cluster-manager-url}.
|
|
. Navigate to link:https://cloud.redhat.com/openshift/token/rosa[OpenShift Cluster Manager API Token].
|
|
. Copy the *Offline Access Token* and save it for the next step.
|
|
|
|
|
|
== Set up the OpenShift CLI (oc)
|
|
|
|
. Download the operating system specific OpenShift CLI from link:https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/[Red Hat].
|
|
. Extract the downloaded file on your local machine.
|
|
. Place the extracted `oc` executable in your operating system path or local directory.
|
|
|
|
== Set up the ROSA CLI (rosa)
|
|
|
|
. Download the operating system specific ROSA CLI from link:https://www.openshift.com/products/amazon-openshift/download[Red Hat].
|
|
. Extract the downloaded file on your local machine.
|
|
. Place the extracted `rosa` and `kubectl` executables in your operating system path or local directory.
|
|
. Log in to {product-title}:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ rosa login
|
|
----
|
|
+
|
|
You will be prompted to enter in the *Red Hat Offline Access Token* you retrieved earlier and should receive the following message:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
Logged in as <email address> on 'https://api.openshift.com'
|
|
----
|
|
+
|
|
. Verify that {product-title} has the minimal quota:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ rosa verify quota
|
|
----
|
|
+
|
|
Expected output:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
AWS quota ok
|
|
----
|
|
|
|
== Associate your AWS account with your Red Hat account
|
|
|
|
To perform {product-title} cluster provisioning tasks, you must create `ocm-role` and `user-role` IAM resources in your AWS account and link them to your Red Hat organization.
|
|
|
|
. Create the `ocm-role` which the OpenShift Cluster Manager will use to be able to administer and create {product-title} clusters. If this has already been done for your OpenShift Cluster Manager Organization, you can skip to creating the user-role:
|
|
+
|
|
[TIP]
|
|
====
|
|
If you have multiple AWS accounts that you want to associate with your Red Hat Organization, you can use the `--profile` option to specify the AWS profile you want to associate.
|
|
====
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ rosa create ocm-role --mode auto --yes
|
|
----
|
|
+
|
|
. Create the User Role that allows OpenShift Cluster Manager to verify that users creating a cluster have access to the current AWS account:
|
|
+
|
|
[TIP]
|
|
====
|
|
If you have multiple AWS accounts that you want to associate with your Red Hat Organization, you can use the `--profile` option to specify the AWS profile you want to associate.
|
|
====
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ rosa create user-role --mode auto --yes
|
|
----
|
|
+
|
|
. Create the {product-title} Account Roles which give the {product-title} installer and machines permission to perform actions in your account:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ rosa create account-roles --mode auto --yes
|
|
----
|
|
|
|
== Conclusion
|
|
|
|
You are now ready to create your first cluster.
|