Disclaimer: In this demo setup, DevOps Loop is deployed on a
RHEL-based system with minimum hardware and software specifications. This demo setup is
intended solely for evaluation purposes and might not accurately represent the
performance, reliability, or feature set of the full production environment. The demo
setup might not include enhanced security configurations typical of production systems.
No warranty is implied regarding uptime, support, or continuity of access.
You can find information about the tasks that you can perform to install IBM® DevOps Loop on a Red Hat Enterprise
Linux (RHEL) system for a demo setup.
You must have completed the following tasks before running the infrastructure setup
script:
- Verifed that the RHEL system on which you are deploying DevOps Loop meets the
following minimum requirements:
- Operating system: RHEL 9.4 or later
- Disk space: 300 GB
- RAM: 64 GB
- CPU: 16 Core
- Registered your RHEL system by using the subscription
manager.
subscription-manager register
- (Recommended) Created a snapshot of your VM before running the infrastructure
setup script.
- Obtained the user credentials of the licensed Docker account.
Note: If you do not provide the licensed Docker account
credentials, the system might take approximately 6 hours to become
operational.
- Optional: If the internal DNS provided by your VM
environment (for example, VMware) is unreliable or external name resolution
fails within Kubernetes, or you needed to override the DNS settings provided by
DHCP, then you must have configured a public DNS server inside the VM before
starting the installation. See Setting a public DNS server inside the VM.
-
Run the following command to download and extract the DevOps Loop Helm chart and
scripts:
helm repo add ibm-helm https://raw.githubusercontent.com/IBM/charts/master/repo/ibm-helm --force-update
helm pull ibm-helm/ibm-devops-loop --version 2.0.200 --untar
-
Set the following environment variables:
export USERNAME=<docker_username>
export PASSWORD=<docker_password>
Note: The <docker_username> and
<docker_password> are your Docker Hub credentials.
If these values are not set, you are prompted to log in during script
execution.
-
Run the following RHEL9-K8S-Infra-Setup.sh script:
ibm-devops-loop/scripts/demo/RHEL9-K8S-Infra-Setup.sh 2>&1 | tee infra-setup.log
-
Run the following command to create a namespace:
kubectl create namespace devops-loop
-
Perform the following steps to access the IBM Entitled
Registry:
- Log in to My IBM Container
Software Library using the IBM ID and
password associated with your entitled software.
- Copy the entitlement key by selecting Copy key in
the Entitlement keys section.
- Create an
imagePullSecret to
authenticate and pull images from the IBM Entitled Registry.Note: Secrets are namespace specific, so create them
in each namespace where you install DevOps Loop.
kubectl create secret docker-registry ibm-entitlement-key \
--namespace devops-loop \
--docker-username=cp \
--docker-password=<password> \
--docker-server=cp.icr.io
For
example:
kubectl create secret docker-registry ibm-entitlement-key \
--namespace devops-loop \
--docker-username=cp \
--docker-password=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJJQk0gTWFya2V0cGxhY2UiLCJp \
--docker-server=cp.icr.io
-
Update the following values in the ibm-devops-loop/scripts/demo/IBM-devops-Install.sh script:
LICENSE_SERVER=<port>@<hostname_or_IP>
EMAIL_SERVER_HOST=<smtp_host>
EMAIL_SERVER_PORT=<smtp_port>
EMAIL_FROM_ADDRESS=<sender_email>
EMAIL_SERVER_USERNAME="<smtp_username>
EMAIL_SERVER_PASSWORD="<smtp_password>
-
Run the installation script:
ibm-devops-loop/scripts/demo/IBM-devops-Install.sh script
After the successful installation, the following URLs are
displayed:
Application URL: https://<system_IP_address>.nip.io
Keycloak URL to add users: https://<system_IP_address>.nip.io/auth
Note: If you are installing DevOps Loop on a computer
that is newly set up, then the installation might fail sometimes. If the
installation fails, to resolve the issue, you must uninstall the application
by running the uninstall.sh script and then reinstall
it.
Note: If the installation fails due to a timeout, you must
run the installation script again.
- Optional:
Run the following command to check whether all the pods are running:
kubectl get pods -n devops-loop
-
Open a browser and enter the application URL to get started with DevOps Loop.
-
Run the following command to log out of Docker to remove any cached
authentication tokens, after completing the DevOps Loop
installation:
This command removes the login credentials for
https://index.docker.io/v1/ and cleans up Docker
credentials stored in the cache (for example,
/root/.docker/config.json). Logging out is recommended for
security, as Docker authentication tokens are otherwise retained on the
system.
Note:
- When you run DevOps Loop on a
RHEL-based system for an extended period (approximately 30 days),
you might need to restart the Calico DaemonSet to ensure continued
creation of new loops and Kubernetes pods (for example, when running
tests in Test Hub).
This behaviour is due to Kubernetes security
tokens used by the Calico networking component are rotated
periodically. In some RHEL demo environments, the updated token
is not automatically picked up, and a restart ensures the
networking components recognize the refreshed
credentials.
To perform this maintenance step, you must
run the following command:
kubectl rollout restart daemonset calico-node -n kube-system
Restarting the Calico DaemonSet is safe and ensures normal
system operation during extended demo periods.
- Use the following script to recover a Kubernetes node that is
experiencing full disk usage:
-
Locate the recovery script in the repository:
ibm-devops-loop/scripts/demo/Recover-K8s-Node.sh
-
Run the script on the affected Kubernetes node.
This script cleans logs, caches, and unused containers to free up disk
space and restore node functionality.
You have installed DevOps Loop on a RHEL system for a
demo setup.
You can onboard users to DevOps Loop. See User access and administration using Keycloak. After the user is onboarded, you can add the user
to teamspaces and loops.