Get started with OpenShift
Make the Shift
If you were looking to place a bet on a piece of software that would still be popular in a few years time, you couldn't go far wrong by choosing Kubernetes [1].
Following the public explosion of interest in containers – courtesy of Docker over the past five years or so – the tool of choice to organize, scale, and add resilience to those containers has been firmly voted as Kubernetes. Along with varying DevOps methodologies, the rapid rise in its adoption has been eye-watering, surpassed only by the interest shown for Docker initially.
Among other contenders in the container orchestrator space, Docker offers "swarm mode" (or Docker Swarm), which enables users to manage the orchestration of containers across a cluster of machines that are running Docker Engine. Red Hat also offer an enterprise solution that has provided some symbiosis with feature developments in Kubernetes, because Red Hat's product OpenShift [2] and its various incarnations are firmly based on it.
OpenShift and its additional features, along with the enterprise-level Red Hat support services, is based on the open source version of Kubernetes. Additionally, a community version, formerly called Origin, which then became OKD [3] in the second half of 2018 [4], is described as "The Origin Community Distribution of Kubernetes that powers Red Hat OpenShift."
An online platform called OpenShift Container Platform [5] allows you to run your applications directly, in a supported manner, in a way that can alleviate much of the overhead of running Kubernetes clusters in-house.
In this article, I install OKD by one of the available methods, namely Minishift [6]. OKD calls Minishift an "all-in-one" virtual machine, which is fully functioning and even boasts its own, private container image registry.
Once you're up and running, you will access the GUI, or console, from a browser followed by the command line with a view to setting up and launching an application. This demonstration should help whet your appetite about what's possible with OpenShift and OKD.
Pick It, Pack It, Fire It Up
To start, I'll be using the well-known KVM [7] Linux virtualization technology to install OKD locally. To use the required virtualization, you will need a compatible machine running the, now relatively standard, CPU extensions called Intel VT or AMD V. If your machine offers one of these features, you need to check that your BIOS has them enabled. The command
$ egrep "(svm|vmx)" /proc/cpuinfo
should return svm or vmx in colored text. On my Ubuntu 18.04 laptop, I see vmx in red text, because Intel VT is available on my machine.
As the root user, you will install KVM:
$ apt install qemu-kvm libvirt-daemon libvirt-daemon-system
In my case, I see about 70MB of files added after running the command. You should really be running many of the OKD commands that follow as the non-root user for extra security. For ease, however, I'll focus on using the root user.
If you want to use another user instead of superuser, you can add your username to the libvirt
group:
$ usermod -a -G libvirt $(whoami)
Having done so, you could then log in to the libvirt
group for this session with:
$ newgrp libvirt
Now back to the installation. For the next task, you need to download a compatible Docker driver for KVM:
$ curl -L https://github.com/dhiltgen/docker-machine-kvm/releases/download/v0.10.0/docker-machine-driver-kvm-ubuntu16.04 -o /usr/local/bin/docker-machine-driver-kvm
The eagle-eyed among you will spot the 16.04 driver being downloaded and not 18.04. For the purposes here, that should be fine, because it's the latest Ubuntu version currently available. However, you should navigate to the GitHub page for the latest release of the KVM driver for docker-machine and the MD5 checksums [8].
For safety, you should not just blindly install the software. The MD5 checksum is shown as abc34ba69fbdc6c6aea3f59d99962310 for docker-machine-driver-kvm-ubuntu16.04 . To check that, enter:
$ md5sum /usr/local/bin/docker-machine-driver-kvm abc34ba69fbdc6c6aea3f59d99962310
That looks like a good match, so you can proceed knowing the file is probably as the publisher intended and hasn't been tampered with during the download.
Next, enter:
$ chmod +x /usr/local/bin/docker-machine-driver-kvm
to make that file executable.
Window Within a Window
Once you have installed the software to run on a virtual machine, you can begin to set it up. To start, make sure KVM is happy by using the concatenated command:
$ systemctl start libvirtd; systemctl enable libvirtd.service; systemctl status libvirtd
Assuming the phrase active (running) is returned by systemd, you are ready to go. Just hit the q key to quit.
One last thing worth checking is that you have a "default" network configured correctly in KVM. To check the configuration, use the virsh
command:
$ virsh net-list --all
Figure 1 shows the output, which in my case, shows that the network exists but is not running – unfortunately.
Potentially, you might have to fix two issues that show in the output of Figure 1. First, make sure that the Autostart column states yes ; if it does not, change it with the command:
$ virsh net-autostart default
Second, make sure the change has taken hold with the net-list
command used earlier.
Third, check that inactive is not visible in the State column. If that's what you see, you can change it with the command:
$ virsh net-start default
If you get a nasty looking error at this stage, fear not. The error I got was:
error: Failed to start network default error: internal error: Failed to initialize a valid firewall backend
Thankfully, this can be fixed by installing and enabling firewalld
. Simply enter the command:
$ apt install firewalld
You can start up and check firewalld
, as you did with libvirt
, by combining some simple commands in one line:
$ systemctl enable firewalld; systemctl start firewalld; systemctl status firewalld
Check that it's running as expected – you should see active (running)
. To keep libvirt
happy, you'll restart its service with the command:
$ systemctl restart libvirtd
If it didn't automatically start up, you can now try to start up the default network as follows:
$ virsh net-start default
At this stage, you should see an error saying something like network is already active , which is good news. Otherwise, you've started the network for this session, which will suffice in the short term; however, do check that you've set Autostart properly, as mentioned above.
To double-check that the networking is functioning as expected, look once more at using the net-list
command:
$ virsh net-list --all
Following your recent efforts, you should see something like Figure 2 if you're up and running.
If you don't have the same output, then rinse and repeat the previous steps or check the KVM documentation to see if you are having issues with your Linux distribution.
Shifting Sands
The next task is to download Minishift from the latest releases page [9]. In my case, I'll choose the minishift-1.33.0-linux-amd64.tgz
tarball, which is compiled for Linux. You can download it with the command:
$ wget -O minishift-1.33.0-linux-amd64.tgz https://github.com/minishift/minishift/releases/download/v1.33.0/minishift-1.33.0-linux-amd64.tgz
At this point, you should make sure the checksum matches the file, but instead of using the MD5 tool as in the previous example, you should use the SHA256 tool:
$ wget https://github.com/minishift/minishift/releases/download/v1.33.0/minishift-1.33.0-linux-amd64.tgz.sha256
You can see the hash inside the downloaded file with the cat
command:
$ cat minishift-1.33.0-linux-amd64.tgz.sha256 e47232e638d66d133d577739cd26b053d0453f5dcf3318dc237b6e792ccd218d
Now look at what sha256sum
offers by running it against the tarball you downloaded:
$ sha256sum minishift-1.33.0-linux-amd64.tgz e47232e638d66d133d577739cd26b053d0453f5dcf3318dc237b6e792ccd218dminishift-1.33.0-linux-amd64.tgz
Excellent. The file is much more likely to be in the state its author intended and have not been tampered with during the download. Next, uncompress the tarball and enter the resulting directory:
$ tar xvfz minishift-1.33.0-linux-amd64.tgz $ cd minishift-1.33.0-linux-amd64
If you run the ls
command, you can see a 27MB binary called minishift
. You'll want to move that file into the /usr/local/bin
directory:
$ mv minishift /usr/local/bin/
Now go back to your home directory (/root
in my case) with the cd
command. You can check that the minishift
binary is available from within your user's path by entering the following command from your home directory:
$ minishift version minishift v1.33.0+ba29431
The results look promising, so you should proceed.
Buy this article as PDF
(incl. VAT)