|
Note
|
Please fork or clone this repository so that you can use your own GitHub Secrets and workflow. |
This repository provides the necessary scripts and instructions for deploying OpenShift clusters on AWS. It is designed for system administrators and DevOps engineers who are familiar with AWS and OpenShift environments.
-
Prerequisites:
-
Ensure that all GitHub Repository Secrets are created and up-to-date (repository secrets only, no environment secrets required).
-
Review and understand each secret required for deployment listed in the Configuration Secrets section.
-
-
Deployment Steps:
-
Click the 'Deploy' button below to initiate the deployment workflow.
-
Monitor the workflow progress and verify deployment via the AWS and OpenShift consoles.
-
Ensure you have the following before starting the deployment:
-
Access to an AWS account with administrative privileges.
-
A GitHub account for fork or clone operations.
-
Basic understanding of YAML and shell scripting.
Here’s a list of all required GitHub secrets for the deployment:
|
Note
|
There are multiple places to create secrets in GitHub, be sure to the Actions and Repository Secrets like this path link: OCP4-Deploy/settings/secrets/actions |
-
OCP_ADMIN_USER: Cluster admin username. -
OCP_ADMIN_PASS: Cluster admin password. -
OCP_DEV_USER: Development user username. -
OCP_DEV_PASS: Development user password. -
OCP_BASE_DOMAIN: Top-level domain for Route53, does not require a leading dot. -
OCP_CLUSTER_NAME: Name of the OpenShift cluster. -
OCP_CLIENT_VERSION: OpenShift client version, e.g., "4", "4.7", or "4.9.9". -
RED_HAT_PULLSECRET: Red Hat credentials for accessing Red Hat repositories. link: Pull Secret -
AWS_ACCESS_KEY_ID: AWS Access Key. -
AWS_SECRET_ACCESS_KEY: AWS Secret Access Key. -
AWS_REGION: AWS Region where the cluster will be deployed.
Running Deploy workflow will automatically kick off.
-
Perform AWS IPI
-
Creates an Artifact for Destroy
-
You can download artifact if needed from GitHub Actions > Runs
-
Double check your retention period for Artifacts
-
-
Setup HTPasswd IDP
-
Uses CLUSTER_ADMIN and ADMIN_PASS
-
Uses DEV_PASS for andrew the developer
-
-
Install GitOps Operator
-
Sets admin password for console to ADMIN_PASS
-
-
Adds MachineSet
-
labels infra nodes
-
labels control worker node for Automation Controller
-
-
Enables cluster and machine autoscaling
-
Creates cluster autoscaling config
-
Creates autoscaling groups from workers and infra machines
-
-
Creates an S3 bucket for AAP and the namespace for the operator
On completion of Deploy workflow, the GitOps-Tasks workflow will automatically start.
-
Update with Day2 and Applications appset pointing to examples
-
During the deploy workflow the artifacts describing the AWS resources that are deployed are needed for the destroy workflow.
-
The artifacts are uploaded for only 90 days and will need to be manually downloaded if it’s not planned to destroy the cluster within that retention period.
This section provides guidance on common issues that you might encounter during the deployment process, along with recommended solutions.
We welcome contributions! Please submit issues, enhancements, and pull requests through GitHub. For major changes, please open an issue first to discuss what you would like to change.
Ensure to update tests as appropriate and maintain the quality of the deployment scripts.
-
Add node sizing templates
-
cost management operator
|
Note
|
GitHub IDP is disabled currently |