OpenShift on CentOS 7 – Quick Installation

openshift-origin-logoThis is a quick guide to installing OpenShift Origin on a Cloud-A CentOS 7 instance. For the purposes of this tutorial, we are going to be using a single instance to perform an all-in-one installation. More advanced, clustered setup instructions can be found in the OpenShift Origin documentation.

What is OpenShift?

OpenShift is a Platform-as-a-Service (PaaS) developed by Redhat. PaaS augments your existing Cloud-A Infrastructure-as-a-Service (IaaS) by providing automated tools that assist developers in running an environment to host their applications on. In OpenShift’s case, this is provided by leveraging Docker and Kubernetes, giving you the ability to have custom, reusable application images. OpenShift also allows you to have highly available, self-healing, and auto-scaling applications without any of the manual setup that would typically need to be done in a traditional environment. 

Prerequisites

This guide assumes that you have setup a CentOS 7 instance on Cloud-A and have associated a public IP address with it. In our tutorial, we are using a 4GB General Purpose instance.

Once you have your instance up and running, Docker will need to be installed along with a few requirements. Feel free to replace vim with your favourite text editor.

$ sudo yum install docker wget vim

We will then need to tell Docker to trust the registry that we are going to be using for OpenShift images. In the /etc/sysconfig/docker file we will need to change the following line:

# INSECURE_REGISTRY='--insecure-registry'

to

INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16'

Once complete, save your changes and restart the docker service:

$ sudo systemctl restart docker

OpenShift will also require that our instance’s hostname can be resolved. Adding an entry to /etc/hosts will take care of this for us. If you don’t know your instance’s hostname, you can simply run the hostname command.

Old /etc/hosts:

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

New /etc/hosts:

127.0.0.1   <HOSTNAME> localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

Running OpenShift

For simplicity’s sake, we’re going to setup OpenShift to run as a standalone process managed by systemd.

openshift-on-ca-1First, we’ll need to download the OpenShift binaries from GitHub:

$ cd /tmp
$ sudo wget https://github.com/openshift/origin/releases/download/v1.3.0/openshift-origin-server-v1.3.0-3ab7af3d097b57f933eccef684a714f2368804e7-linux-64bit.tar.gz 
$ sudo tar xf openshift-origin-server-*.tar.gz
$ cd openshift-origin-server-*
$ sudo mv k* o* /usr/local/sbin/

Now that we have all of the binaries installed, we need to create our startup script and systemd unit file. Please fill in the private and public IP address of your instance where appropriate.

/usr/local/bin/start_openshift.sh:

#!/bin/bash
cd /opt/openshift/
openshift start --public-master='https://<PUBLIC_IP>:8443' --master='https://<PRIVATE_IP>:8443'

/etc/systemd/system/openshift.service:

[Unit]
Description=OpenShift Origin Server

[Service]
Type=simple
ExecStart=/usr/local/bin/start_openshift.sh

In order for the systemd service to work, we need to make our startup script executable and load our new unit file.

$ chmod u+x /usr/local/bin/start_openshift.sh
$ mkdir /opt/openshift/
$ systemctl daemon-reload
$ systemctl start openshift

In order to manage our OpenShift installation remotely and access our applications, TCP ports 80, 443, and 8443 need to be opened in your Cloud-A security groups. For more information on managing security groups, check out our documentation.

Adding a Router and Registry

In order to serve apps over your Public IP address, you’ll need to install an OpenShift router. The router listens on TCP ports 80 and 443 and routes requests to specific apps based on their domain names. OpenShift uses a Docker registry to store Docker images for easier management of your application lifecycle.

In order to authenticate to our new OpenShift cluster to add these services, we’ll first need to tell the CLI tools where our settings and CA certificate are. For convenience, we’re going to add the following lines to /root/.bashrc so that they will load when we switch to the root user:

export KUBECONFIG=/opt/openshift/openshift.local.config/master/admin.kubeconfig
export CURL_CA_BUNDLE=/opt/openshift/openshift.local.config/master/ca.crt

Next, reload .bashrc to make the settings take effect and login to our cluster:

$ source /root/.bashrc
$ oc login -u system:admin

Adding a router and a registry is as simple as:

$ oadm policy add-scc-to-user hostnetwork -z router
$ oadm router
$ oadm registry

Now we’re ready to run apps!

Running a Test App

Browse to https://<PUBLIC_IP>:8443 in your web browser. You will be prompted with an OpenShift login screen. By default, OpenShift allows you to login with any username and password combination and automatically creates an account for you. You will then have access to create projects and apps. Locking this down can be done (and is recommended for production), but won’t be covered in this tutorial. We’re going to create an account with the username test.

openshift-login-screen

Once logged in, you will be prompted to create a new project. Projects contain one or more apps that are related. Let’s create a test project so that we can deploy our first app.

openshift-new-project

After creating our project, we will be brought to the “Add to Project” screen. This is where we can add our application image(s) to OpenShift to get them ready for deployment. In this case, we’re going to deploy an existing image by clicking on the “Deploy Image” tab. Since OpenShift uses Docker, this will allow us to pull an image directly from Docker Hub (or any other registry). To test, we’re going to use the openshift/hello-openshift image by entering it into the “Image Name” field. You can find additional supported Docker images on OpenShift’s Docker Hub.
openshift-search-image

Click on the search button to the right of the field and a few new options should appear below. Since this is just a basic image without any extra configuration required, we’re going to just click on “Create.”

openshift-post-create

Now let’s go back to our project overview to check on the status of our application. It shouldn’t take long to complete its deployment.

openshift-deployed

All that’s left to do is to make our application accessible through our OpenShift router that we had previously created. To do so, click on the “Applications” menu on the left and then go to Routes.

openshift-routes-empty

Let’s create our first route by clicking on the “Create Route” button to the right. The settings below should suffice.

openshift-create-route

Once created, OpenShift will generate a hostname to be used to access our application. When setting this up in production, you will want to create a wildcard A record in your DNS to allow for automatic routing of all apps to your OpenShift cluster. It would look something like:

*.openshift.mydomain.com   A   <PUBLIC_IP>

For the purposes of this tutorial, we’re going to simply add the generated hostname to our local hosts file  (/etc/hosts on Linux/OSX, C:\WINDOWS\system32\drivers\etc\hosts on Windows). The line will look like this:

<PUBLIC_IP> <OPENSHIFT_GENERATED_HOSTNAME>

Once completed, you should be able to view your test application:

openshift-browser-app

 

We’ve successfully deployed an application on our first OpenShift installation! We will be following up with some additional OpenShift tutorials in the future. For now, please review the OpenShift Origin documentation for more information.