Installing the Red Hat OpenShift GCP cluster

About this task

The OpenShift® Container Platform (OCP) client is available at https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/ .

Use the following procedure to install the Red Hat® OpenShift GCP cluster.

Important: The commands are provided for guidance. Replace the version number in the commands with your Red Hat OpenShift version number.

Procedure

Access the Infrastructure provider page, Red Hat OpenShift cluster manager site. If you do not have a Red Hat account, create one.
Click the GCP infrastructure provider to go to the Installation type page, and then select an installation type. Since you are not downloading the installer from this page, you can select either installation type.
Click Download pull secret.

Important:
Do not click Download installer as this downloads the latest version of OCP installer. Use the Wget command to download the installer in the next step.

Create a directory for Red Hat OpenShift installation, run the following commands.

Run the following commands.

mkdir gcp
Cd gcp
Wget https://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable-4.6/openshift-install-mac-4.6.48.tar.gz

The expected output is similar to:

tar xvf openshift-install-mac.tar.gz

Run the following command.

wget https://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable-4.6/openshift-client-mac-4.6.48.tar.gz

The expected output is similar to:

tar xvf openshift-client-mac.tar.gz

After you extract both archive files (install-mac and client-mac), use the following commands to move the files.

mv oc kubectl /usr/local/bin
        oc version
        ./openshift-install version

The expected output is similar to:

./openshift-install 4.6.48
built from commit 1cfb1b32f5aaf0dfe0fb2ea9da41c710da9b2c76
release image quay.io/openshift-release-dev/ocp-release@sha256:6f03d6ced979d6f6fd10b6a54529c186e3f83c0ecf3e2b910d01505d2f59037a

To create the Install-config file, run the following command.

./openshift-install create install-config –dir=<installation_directory>

Where <installation_directory> is the gcp directory that you created previously.

? SSH Public Key /Users/myUsername/.ssh/ocp4.6gcp.key.pub
? Platform gcp
INFO Credentials loaded from file "/Users/myUsername/.gcp/osServiceAccount.json" 
? Project ID Guardium Images (aesthetic-frame-155821)
? Region us-east1
? Base Domain ibmguardiuminsights.com
? Cluster Name testgcp
? Pull Secret [? for help] ************************************************************************************************************************************************************************************************************

The expected output is similar to:

INFO Install-Config created in: .

Copy and paste the pull secret or download and place it in the installation directory.

Important: The GCP cluster is installed in a single zone and all workers and masters must run in the same zone. Update the config.yaml file to accommodate the configuration.

Sample config.yaml file:

apiVersion: v1
baseDomain: ibmguardiuminsights.com
compute:
- architecture: amd64
  hyperthreading: Enabled
  name: worker
  platform:
    gcp:
      type: n2d-standard-16
      osDisk:
        diskSizeGB: 128
  replicas: 6
controlPlane:
  architecture: amd64
  hyperthreading: Enabled
  name: master
  platform:
    gcp:
      type: n2d-standard-16
      osDisk:
        diskSizeGB: 1024
  replicas: 3
metadata:
  creationTimestamp: null
  name: gcptest
networking:
  clusterNetwork:
  - cidr: 10.128.0.0/14
    hostPrefix: 23
  machineNetwork:
  - cidr: 10.0.0.0/16
  networkType: OpenShiftSDN
  serviceNetwork:
  - 172.30.0.0/16
platform:
  gcp:
    projectID: aesthetic-frame-155821
    region: us-east1
publish: External
pullSecret: '{"auths":{"cloud.openshift.com":{"auth":"b3BlbnNoaWZ0LXJlbGVhc2UtZGV2K29jbV9hY2Nlc3NfNzAyZWE4NTJjZmQ0NGZjYjg5MjAzNjI4MjEwZjU0MTI6T0tFR1NZNDBPR0cwU09HR1lVWUc3MTI1NkRQR0JJWlZRUVRPSEtKNlNLRzRPNkpWUzUySU1FUkgwUzNFRzM0WQ==","email":"MyUsername@ibm.com"},"quay.io":{"auth":"b3BlbnNoaWZ0LXJlbGVhc2UtZGV2K29jbV9hY2Nlc3NfNzAyZWE4NTJjZmQ0NGZjYjg5MjAzNjI4MjEwZjU0MTI6T0tFR1NZNDBPR0cwU09HR1lVWUc3MTI1NkRQR0JJWlZRUVRPSEtKNlNLRzRPNkpWUzUySU1FUkgwUzNFRzM0WQ==","email":"MyUsername@ibm.com"},"registry.connect.redhat.com":{"auth":"fHVoYy1wb29sLWM4ODgyZWZlLWNlNTYtNGQ0OC04MjcxLTcxZjUxOGFhYTgyZDpleUpoYkdjaU9pSlNVelV4TWlKOS5leUp6ZFdJaU9pSTBObVF3WldVNE1EWXhZV00wT0RNNFltTmxPVFptWlRVNE5HUTFPR0l6TkNKOS5tZG02ZElKTS02NTJ3c003ZUpQMjRtNnJDV0VEcjJIWC1GbjlBaXFtTUZmbi15eXpzMTZjeUVhVWNVODFYckxSOW9NZlVFVkN1MFBUajZISDJoWTVNd1NDTkRRb3pzZ0k1LV9mZ2ptWXM4ZkwyT09ZSlVfdUlpdUdSRDNZb25ZYVROSHN6X1Z5dUdjS2lBRDdwY2VUNUE3SWFpblpEbmF4UHJ1aVBENFNjM0hUT2Z3OWFYZUkyelEzU25IaXZUak01a3VoVFBtcE05eFoyWnFrLTBGWmFCWF9pY0gxMDc1WHptV1BZcG1SN2ZkejBWZ1FtT2t1ZDZEUlZjTkVfRUNnalNGWXZPWEZKak94cEtrLVY2aHkwY3hudVI4Tk5hMWJ3WkhKejdWYld4aG5XUGtFNWV0OWZjRjFDVWJiOWxiZGVzQUxELTJtOUE5dEp6Tm00ZkN2cTE0clpTXzVhWXJVX3dOa21BdTNMV0MxbjgxSVRXOHNoYVQ3c0dCU2pfUVROZUZZb0tHZlV4cU1Tb0pHWjhIVlpKSVI0OWJ2eWx5eUNpNG1vQTNvcnpQUDhRQ0VPOXR6Y2dXMnd5elZhUmFwTHZaUmg3ZXhHZXdUZ01ocHdFZXB0djJCeldGOWtoLVF4cDdOVjlOQWRLS0prbW0wX0dnR2xYSGlSbEVqYmZJcTNtVzgwZXlPdHEtVmFMMVFuYnFWaFUyTWRwYXUzd1AydGxTWjU1VHRwODUzZVlEU3owTzA4NGk0UWp3NjZHYUhpbGktV1p0WmV5OHQzZXlpRVZhQ1hVX1lNNGtmclUzVmt1MVo1SElnMnR4ZERJNFNoaUlNYVhnNjVOLTBkX0x0QTdfbG5zSFFoT05pTmIxSGRYeGYzWFZnOC0tc05mSFhFbVh6bW1TR3ZQbw==","email":"MyUsername@ibm.com"},"registry.redhat.io":{"auth":"fHVoYy1wb29sLWM4ODgyZWZlLWNlNTYtNGQ0OC04MjcxLTcxZjUxOGFhYTgyZDpleUpoYkdjaU9pSlNVelV4TWlKOS5leUp6ZFdJaU9pSTBObVF3WldVNE1EWXhZV00wT0RNNFltTmxPVFptWlRVNE5HUTFPR0l6TkNKOS5tZG02ZElKTS02NTJ3c003ZUpQMjRtNnJDV0VEcjJIWC1GbjlBaXFtTUZmbi15eXpzMTZjeUVhVWNVODFYckxSOW9NZlVFVkN1MFBUajZISDJoWTVNd1NDTkRRb3pzZ0k1LV9mZ2ptWXM4ZkwyT09ZSlVfdUlpdUdSRDNZb25ZYVROSHN6X1Z5dUdjS2lBRDdwY2VUNUE3SWFpblpEbmF4UHJ1aVBENFNjM0hUT2Z3OWFYZUkyelEzU25IaXZUak01a3VoVFBtcE05eFoyWnFrLTBGWmFCWF9pY0gxMDc1WHptV1BZcG1SN2ZkejBWZ1FtT2t1ZDZEUlZjTkVfRUNnalNGWXZPWEZKak94cEtrLVY2aHkwY3hudVI4Tk5hMWJ3WkhKejdWYld4aG5XUGtFNWV0OWZjRjFDVWJiOWxiZGVzQUxELTJtOUE5dEp6Tm00ZkN2cTE0clpTXzVhWXJVX3dOa21BdTNMV0MxbjgxSVRXOHNoYVQ3c0dCU2pfUVROZUZZb0tHZlV4cU1Tb0pHWjhIVlpKSVI0OWJ2eWx5eUNpNG1vQTNvcnpQUDhRQ0VPOXR6Y2dXMnd5elZhUmFwTHZaUmg3ZXhHZXdUZ01ocHdFZXB0djJCeldGOWtoLVF4cDdOVjlOQWRLS0prbW0wX0dnR2xYSGlSbEVqYmZJcTNtVzgwZXlPdHEtVmFMMVFuYnFWaFUyTWRwYXUzd1AydGxTWjU1VHRwODUzZVlEU3owTzA4NGk0UWp3NjZHYUhpbGktV1p0WmV5OHQzZXlpRVZhQ1hVX1lNNGtmclUzVmt1MVo1SElnMnR4ZERJNFNoaUlNYVhnNjVOLTBkX0x0QTdfbG5zSFFoT05pTmIxSGRYeGYzWFZnOC0tc05mSFhFbVh6bW1TR3ZQbw==","email":"MyUsername@ibm.com"}}}'
sshKey: |
  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8FluS/ZGyWJtC/jFGwyFHWXxYLQFNlcKguuYxYrokQMg4SJe8Ou95g1R+LRFgLWHKkAREQ+O+ix83DU1FMdN48ZM43jBJ4QYjymh1Qy17XfT9+ZLaL4ySbhixg3e7hSKVaosEBmkiojTXfccXEbtA08lm8OfV6AGhf5PYOvHqw0Y9Xlb/9BponrORDeiTG61ievgyOVvVcRANdnutSyLCa13VyX2JElCYgSegEmIjX+1+PJQGpUxdIrC72Pn2/JCPmQcBo2FUKZ3jnCrOD968ILXUp9qpEqwpzzT75tw3oK1mU7hlbZU0Wmvo3ouXhkO9StMDPO0R6TWl36JukI9pYcduOIT+6CcB+L6YqFhUSDQuf+qnCs9kSJxmw7K5zIeOciK9lqwJZb4zcK5JeoS0keVnuQtKMpavTGBHsPb6XoDnZI3J7ZTxZZ+T7pJ3d4r9ddf+lcDNtg7QNOR22PUGznXMQ6Q9cJnLQzQL6dslA6RaTAUFuzwscg6Vi6lwo20= myUsername@LP-C02DRE3QMD6M.local

Run the following command to install the GCP cluster.

/openshift-install create cluster --dir=/<OpenShift-installation-directory.

If you want to debug the installation, run the following command instead.

./openshift-install create cluster --dir=/<OpenShift-installation-directory>--log-level=debug

Important: If only master nodes are provisioned, but worker nodes cannot be provisioned, then enable the network security API.

The expected output is similar to:

INFO Install complete!                            
INFO To access the cluster as the system:admin user when using 'oc', run 'export KUBECONFIG=/Users/myUsername/gcp/auth/kubeconfig' 
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.testgcp.ibmguardiuminsights.com 
INFO Login to the console with user: "kubeadmin", and password: "nsMSI-Ym3se-juwXG-BRHsS" 
INFO Time elapsed: 47m9s

Run the following command.

'export KUBECONFIG=/Users/myUsername/gcp/auth/kubeconfig'