Skip to content

ncolon/terraform-openshift4-ibmcloud

BranchesTags

Repository files navigation

OpenShift 4 UPI on IBM Cloud

This terraform implementation will deploy OpenShift 4.10 and later cluster into an IBM Cloud gen2 VPC, with subnets for controlplane and worker nodes. Traffic to the master nodes is handled via a pair of loadbalancers, one for internal traffic and another for external API traffic. Application loadbalancing is handled by a third loadbalancer that talks to the router pods on the infra nodes. Worker, Infra and Master nodes are deployed across 3 Availability Zones

Topology

Prerequisites

  1. Configure IBM CIS

  2. Create an IAM Account

  3. OpenShift Pull Secret

Minimal TFVARS file

ibmcloud_region = "us-east"
openshift_cluster_name = "ocp410"

# From Prereq. Step #1
ibmcloud_cis_crn = "crn:v1:bluemix:public:internet-svcs:global:a/xxxxxxxx:xxxxxxxxxx::"

# From Prereq. Step #2
ibmcloud_api_key = "xxxxxxxxxxx

# From Prereq. Step #3
openshift_pull_secret = "~/Downloads/pull-secret.json"

Customizable Variables

Variable Description Default Type
ibmcloud_api_key Your IBM Cloud IAM API Key. From Prereq. #2 The IAM API key for authenticating with IBM Cloud APIs. - string
ibmcloud_bootstrap_instance_type Instance type for the bootstrap node. bx2-4x16 string
ibmcloud_cis_crn The CRN of CIS instance to use. From Prereq. #1 - string
ibmcloud_region The target IBM Cloud region for the cluster. - string
ibmcloud_master_instance_type Instance type for the master node(s). bx2-4x16 string
ibmcloud_master_dedicated_hosts The list of dedicated hosts in which to create the control plane nodes. - list(map(string))
ibmcloud_worker_dedicated_hosts The list of dedicated hosts in which to create the compute nodes. - list(map(string))
ibmcloud_extra_tags Extra IBM Cloud tags to be applied to created resources. [] list(string)
ibmcloud_publish_strategy The cluster publishing strategy, either Internal or External External string
ibmcloud_resource_group_name The name of the resource group for the cluster. If this is set, the cluster is installed to that existing resource group
otherwise a new resource group will be created using cluster id. - string
openshift_cluster_name The name of the OpenShift cluster - string
openshift_version Version of OpenShift to install. Can be stable-4.x or 4.x.y stable-4.10 string
openshift_base_domain Base domain for the OpenShift cluster - string
openshift_pull_secret Path to the pull secret for the OpenShift cluster. From prereq. #3 string
public_ssh_key Path to the public SSH key for the OpenShift cluster. Default is to generate a new public/private keypair under ./installer/<cluster_name>/openshift_rsa "" string
airgap_config_path AirGap Configuration for the OpenShift cluster disabled map(string)
proxy_config_path Proxy Configuration for the OpenShift cluster disabled map(string)
openshift_cluster_network_cidr Cluster Network CIDR 10.128.0.0/14 string
openshift_service_network_cidr Service Network CIDR 172.30.0.0/16 string
openshift_cluster_network_host_prefix OpenShift Cluster Network Host Prefix 23 number
openshift_machine_cidr OpenShift Machine CIDR ["10.0.0.0/16"] list(string)
openshift_master_count OpenShift Master Node Count. Must be set to 3 at this time. 3 number
openshift_node_count OpenShift Worker Node Count 3 number
ibmcloud_worker_instance_type Instance type for the worker nodes. bx2-4x16 string
openshift_trust_bundle Path to file containing PEM-encoded additional Trust Bundle "" string
network_resource_group_name preexisting IBM Cloud resrouce group name for network resources (future release feature) string
destroy_bootstrap Destroy the bootstrap node after cluster deployment false bool
rhcos_image_url URL of RHCOS image. Use only for development purposes. "" string
deploy_infra_nodes Inject Machine Config yamls for Infrastructure Nodes into OpenShift Manifests false bool
deploy_storage_nodes Inject Machine Config yamls for Storage Nodes into OpenShift Manifests false bool
infra_vm_type Instance type for the infrastructure node(s). bx2-4x16 string
storage_vm_type Instance type for the storage node(s). bx2-16x64 string

BOLD = required

Deploy with Terraform

  1. Clone github repository

    git clone https://github.com/ibm-cloud-architecture/terraform-openshift4-ibmcloud.git

  2. Create your terraform.tfvars file

  3. Deploy with terraform

    terraform init
terraform plan
terraform apply

  4. Destroy bootstrap node

    TF_VAR_destroy_bootstrap=true terraform apply

  5. To access your cluster

    $ export KUBECONFIG=$PWD/installer/cluster_name/auth/kubeconfig
$ oc get nodes
NAME                           STATUS   ROLES            AGE     VERSION
ocp410-rlt8u-infra-1-d2hdf     Ready    worker   5m38s   v1.23.3+b63be7f
ocp410-rlt8u-infra-2-64khz     Ready    worker   7m32s   v1.23.3+b63be7f
ocp410-rlt8u-infra-3-dcghh     Ready    worker   6m47s   v1.23.3+b63be7f
ocp410-rlt8u-master-0          Ready    master   20m     v1.23.3+b63be7f
ocp410-rlt8u-master-1          Ready    master   17m     v1.23.3+b63be7f
ocp410-rlt8u-master-2          Ready    master   17m     v1.23.3+b63be7f
ocp410-rlt8u-storage-1-plz68   Ready    worker   7m46s   v1.23.3+b63be7f
ocp410-rlt8u-storage-2-cmzbk   Ready    worker   6m24s   v1.23.3+b63be7f
ocp410-rlt8u-storage-3-jvxgj   Ready    worker   5m38s   v1.23.3+b63be7f
ocp410-rlt8u-worker-1-x4rcl    Ready    worker   7m36s   v1.23.3+b63be7f
ocp410-rlt8u-worker-2-tpj7j    Ready    worker   5m35s   v1.23.3+b63be7f
ocp410-rlt8u-worker-3-crphf    Ready    worker   7m46s   v1.23.3+b63be7f

Infra and Worker Node Deployment

Deployment of Openshift Worker, Infra and Storage nodes is handled by the Machine Config cluster operator.

$ oc get machineset -n openshift-machine-api
NAME                     DESIRED   CURRENT   READY   AVAILABLE   AGE
ocp410-rlt8u-infra-1     1         1         1       1           22m
ocp410-rlt8u-infra-2     1         1         1       1           22m
ocp410-rlt8u-infra-3     1         1         1       1           22m
ocp410-rlt8u-storage-1   1         1         1       1           22m
ocp410-rlt8u-storage-2   1         1         1       1           22m
ocp410-rlt8u-storage-3   1         1         1       1           22m
ocp410-rlt8u-worker-1    1         1         1       1           22m
ocp410-rlt8u-worker-2    1         1         1       1           22m
ocp410-rlt8u-worker-3    1         1         1       1           22m

$ oc get machines -n openshift-machine-api
NAME                           PHASE     TYPE        REGION    ZONE        AGE
ocp410-rlt8u-infra-1-d2hdf     Running   bx2-4x16    us-east   us-east-1   15m
ocp410-rlt8u-infra-2-64khz     Running   bx2-4x16    us-east   us-east-2   15m
ocp410-rlt8u-infra-3-dcghh     Running   bx2-4x16    us-east   us-east-3   15m
ocp410-rlt8u-master-0          Running   bx2-4x16    us-east   us-east-1   21m
ocp410-rlt8u-master-1          Running   bx2-4x16    us-east   us-east-2   21m
ocp410-rlt8u-master-2          Running   bx2-4x16    us-east   us-east-3   21m
ocp410-rlt8u-storage-1-plz68   Running   bx2-16x64   us-east   us-east-1   15m
ocp410-rlt8u-storage-2-cmzbk   Running   bx2-16x64   us-east   us-east-2   15m
ocp410-rlt8u-storage-3-jvxgj   Running   bx2-16x64   us-east   us-east-3   15m
ocp410-rlt8u-worker-1-x4rcl    Running   bx2-4x16    us-east   us-east-1   15m
ocp410-rlt8u-worker-2-tpj7j    Running   bx2-4x16    us-east   us-east-2   15m
ocp410-rlt8u-worker-3-crphf    Running   bx2-4x16    us-east   us-east-3   15m

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages