Installing the Red Hat OpenShift GCP cluster

About this task

The OpenShift Container Platform (OCP) client is available at the following link: https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/.

Use the following procedure to install the Red Hat OpenShift GCP cluster.

Note: The commands are provided for guidance. Replace the version number in the commands with your Red Hat OpenShift version number.

Procedure

Access the Infrastructure provider page, Red Hat OpenShift cluster manager site. If you do not have a Red Hat account, create one.
Click the GCP infrastructure provider to navigate to the installation type page, and then select either installation type (since you will not actually be downloading the installer from this page, you can select either installation type at this time).
Click Download pull secret

Note:
Do not click Download installer as this downloads the latest version of OCP installer. You must ensure that you download by using the Wget command in the next step.

To create a directory for Red Hat OpenShift installation, issue the following commands.

mkdir gcp
Cd gcp
Wget https://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable-4.6/openshift-install-mac-4.6.48.tar.gz

The expected output is similar to:

tar xvf openshift-install-mac.tar.gz

Then, issue the following command:

wget https://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable-4.6/openshift-client-mac-4.6.48.tar.gz

The expected output is similar to:

tar xvf openshift-client-mac.tar.gz

After you extract both archive files (install-mac and client-mac), use these commands to move the files:

mv oc kubectl /usr/local/bin
        oc version
        ./openshift-install version

The expected output is similar to:

./openshift-install 4.6.48
built from commit 1cfb1b32f5aaf0dfe0fb2ea9da41c710da9b2c76
release image quay.io/openshift-release-dev/ocp-release@sha256:6f03d6ced979d6f6fd10b6a54529c186e3f83c0ecf3e2b910d01505d2f59037a

To create the Install-config file, issue this command:

./openshift-install create install-config –dir=<installation_directory>

Where <installation_directory> is the gcp directory that you created previously.

? SSH Public Key /Users/myUsername/.ssh/ocp4.6gcp.key.pub
? Platform gcp
INFO Credentials loaded from file "/Users/myUsername/.gcp/osServiceAccount.json" 
? Project ID Guardium Images (aesthetic-frame-155821)
? Region us-east1
? Base Domain ibmguardiuminsights.com
? Cluster Name testgcp
? Pull Secret [? for help] ************************************************************************************************************************************************************************************************************

The expected output is similar to:

INFO Install-Config created in: .

Copy and paste the pull secret or download and place it in the installation directory.

Note: The GCP cluster is installed in a single zone and all workers and masters that will run should be run in the same zone. Make changes in the config.yaml file to accommodate the configuration.

Sample config.yaml file:

apiVersion: v1
baseDomain: ibmguardiuminsights.com
compute:
- architecture: amd64
  hyperthreading: Enabled
  name: worker
  platform:
    gcp:
      type: n2d-standard-16
      osDisk:
        diskSizeGB: 128
  replicas: 6
controlPlane:
  architecture: amd64
  hyperthreading: Enabled
  name: master
  platform:
    gcp:
      type: n2d-standard-16
      osDisk:
        diskSizeGB: 1024
  replicas: 3
metadata:
  creationTimestamp: null
  name: gcptest
networking:
  clusterNetwork:
  - cidr: 10.128.0.0/14
    hostPrefix: 23
  machineNetwork:
  - cidr: 10.0.0.0/16
  networkType: OpenShiftSDN
  serviceNetwork:
  - 172.30.0.0/16
platform:
  gcp:
    projectID: aesthetic-frame-155821
    region: us-east1
publish: External
pullSecret: '{"auths":{"cloud.openshift.com":{"auth":"b3BlbnNoaWZ0LXJlbGVhc2UtZGV2K29jbV9hY2Nlc3NfNzAyZWE4NTJjZmQ0NGZjYjg5MjAzNjI4MjEwZjU0MTI6T0tFR1NZNDBPR0cwU09HR1lVWUc3MTI1NkRQR0JJWlZRUVRPSEtKNlNLRzRPNkpWUzUySU1FUkgwUzNFRzM0WQ==","email":"MyUsername@ibm.com"},"quay.io":{"auth":"b3BlbnNoaWZ0LXJlbGVhc2UtZGV2K29jbV9hY2Nlc3NfNzAyZWE4NTJjZmQ0NGZjYjg5MjAzNjI4MjEwZjU0MTI6T0tFR1NZNDBPR0cwU09HR1lVWUc3MTI1NkRQR0JJWlZRUVRPSEtKNlNLRzRPNkpWUzUySU1FUkgwUzNFRzM0WQ==","email":"MyUsername@ibm.com"},"registry.connect.redhat.com":{"auth":"fHVoYy1wb29sLWM4ODgyZWZlLWNlNTYtNGQ0OC04MjcxLTcxZjUxOGFhYTgyZDpleUpoYkdjaU9pSlNVelV4TWlKOS5leUp6ZFdJaU9pSTBObVF3WldVNE1EWXhZV00wT0RNNFltTmxPVFptWlRVNE5HUTFPR0l6TkNKOS5tZG02ZElKTS02NTJ3c003ZUpQMjRtNnJDV0VEcjJIWC1GbjlBaXFtTUZmbi15eXpzMTZjeUVhVWNVODFYckxSOW9NZlVFVkN1MFBUajZISDJoWTVNd1NDTkRRb3pzZ0k1LV9mZ2ptWXM4ZkwyT09ZSlVfdUlpdUdSRDNZb25ZYVROSHN6X1Z5dUdjS2lBRDdwY2VUNUE3SWFpblpEbmF4UHJ1aVBENFNjM0hUT2Z3OWFYZUkyelEzU25IaXZUak01a3VoVFBtcE05eFoyWnFrLTBGWmFCWF9pY0gxMDc1WHptV1BZcG1SN2ZkejBWZ1FtT2t1ZDZEUlZjTkVfRUNnalNGWXZPWEZKak94cEtrLVY2aHkwY3hudVI4Tk5hMWJ3WkhKejdWYld4aG5XUGtFNWV0OWZjRjFDVWJiOWxiZGVzQUxELTJtOUE5dEp6Tm00ZkN2cTE0clpTXzVhWXJVX3dOa21BdTNMV0MxbjgxSVRXOHNoYVQ3c0dCU2pfUVROZUZZb0tHZlV4cU1Tb0pHWjhIVlpKSVI0OWJ2eWx5eUNpNG1vQTNvcnpQUDhRQ0VPOXR6Y2dXMnd5elZhUmFwTHZaUmg3ZXhHZXdUZ01ocHdFZXB0djJCeldGOWtoLVF4cDdOVjlOQWRLS0prbW0wX0dnR2xYSGlSbEVqYmZJcTNtVzgwZXlPdHEtVmFMMVFuYnFWaFUyTWRwYXUzd1AydGxTWjU1VHRwODUzZVlEU3owTzA4NGk0UWp3NjZHYUhpbGktV1p0WmV5OHQzZXlpRVZhQ1hVX1lNNGtmclUzVmt1MVo1SElnMnR4ZERJNFNoaUlNYVhnNjVOLTBkX0x0QTdfbG5zSFFoT05pTmIxSGRYeGYzWFZnOC0tc05mSFhFbVh6bW1TR3ZQbw==","email":"MyUsername@ibm.com"},"registry.redhat.io":{"auth":"fHVoYy1wb29sLWM4ODgyZWZlLWNlNTYtNGQ0OC04MjcxLTcxZjUxOGFhYTgyZDpleUpoYkdjaU9pSlNVelV4TWlKOS5leUp6ZFdJaU9pSTBObVF3WldVNE1EWXhZV00wT0RNNFltTmxPVFptWlRVNE5HUTFPR0l6TkNKOS5tZG02ZElKTS02NTJ3c003ZUpQMjRtNnJDV0VEcjJIWC1GbjlBaXFtTUZmbi15eXpzMTZjeUVhVWNVODFYckxSOW9NZlVFVkN1MFBUajZISDJoWTVNd1NDTkRRb3pzZ0k1LV9mZ2ptWXM4ZkwyT09ZSlVfdUlpdUdSRDNZb25ZYVROSHN6X1Z5dUdjS2lBRDdwY2VUNUE3SWFpblpEbmF4UHJ1aVBENFNjM0hUT2Z3OWFYZUkyelEzU25IaXZUak01a3VoVFBtcE05eFoyWnFrLTBGWmFCWF9pY0gxMDc1WHptV1BZcG1SN2ZkejBWZ1FtT2t1ZDZEUlZjTkVfRUNnalNGWXZPWEZKak94cEtrLVY2aHkwY3hudVI4Tk5hMWJ3WkhKejdWYld4aG5XUGtFNWV0OWZjRjFDVWJiOWxiZGVzQUxELTJtOUE5dEp6Tm00ZkN2cTE0clpTXzVhWXJVX3dOa21BdTNMV0MxbjgxSVRXOHNoYVQ3c0dCU2pfUVROZUZZb0tHZlV4cU1Tb0pHWjhIVlpKSVI0OWJ2eWx5eUNpNG1vQTNvcnpQUDhRQ0VPOXR6Y2dXMnd5elZhUmFwTHZaUmg3ZXhHZXdUZ01ocHdFZXB0djJCeldGOWtoLVF4cDdOVjlOQWRLS0prbW0wX0dnR2xYSGlSbEVqYmZJcTNtVzgwZXlPdHEtVmFMMVFuYnFWaFUyTWRwYXUzd1AydGxTWjU1VHRwODUzZVlEU3owTzA4NGk0UWp3NjZHYUhpbGktV1p0WmV5OHQzZXlpRVZhQ1hVX1lNNGtmclUzVmt1MVo1SElnMnR4ZERJNFNoaUlNYVhnNjVOLTBkX0x0QTdfbG5zSFFoT05pTmIxSGRYeGYzWFZnOC0tc05mSFhFbVh6bW1TR3ZQbw==","email":"MyUsername@ibm.com"}}}'
sshKey: |
  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8FluS/ZGyWJtC/jFGwyFHWXxYLQFNlcKguuYxYrokQMg4SJe8Ou95g1R+LRFgLWHKkAREQ+O+ix83DU1FMdN48ZM43jBJ4QYjymh1Qy17XfT9+ZLaL4ySbhixg3e7hSKVaosEBmkiojTXfccXEbtA08lm8OfV6AGhf5PYOvHqw0Y9Xlb/9BponrORDeiTG61ievgyOVvVcRANdnutSyLCa13VyX2JElCYgSegEmIjX+1+PJQGpUxdIrC72Pn2/JCPmQcBo2FUKZ3jnCrOD968ILXUp9qpEqwpzzT75tw3oK1mU7hlbZU0Wmvo3ouXhkO9StMDPO0R6TWl36JukI9pYcduOIT+6CcB+L6YqFhUSDQuf+qnCs9kSJxmw7K5zIeOciK9lqwJZb4zcK5JeoS0keVnuQtKMpavTGBHsPb6XoDnZI3J7ZTxZZ+T7pJ3d4r9ddf+lcDNtg7QNOR22PUGznXMQ6Q9cJnLQzQL6dslA6RaTAUFuzwscg6Vi6lwo20= myUsername@LP-C02DRE3QMD6M.local

Issue the following command to install the GCP cluster.

/openshift-install create cluster --dir=/<OpenShift-installation-directory.

If you prefer to debug the installation, issue this command instead.

./openshift-install create cluster --dir=/<OpenShift-installation-directory>--log-level=debug

Note: If only master nodes are provisioned, but worker nodes cannot be provisioned, then enable the network security API.

The expected output is similar to:

INFO Install complete!                            
INFO To access the cluster as the system:admin user when using 'oc', run 'export KUBECONFIG=/Users/myUsername/gcp/auth/kubeconfig' 
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.testgcp.ibmguardiuminsights.com 
INFO Login to the console with user: "kubeadmin", and password: "nsMSI-Ym3se-juwXG-BRHsS" 
INFO Time elapsed: 47m9s

Issue the following command.

'export KUBECONFIG=/Users/myUsername/gcp/auth/kubeconfig'