... | ... |
@@ -13,12 +13,10 @@ To get started you can either: |
13 | 13 |
|
14 | 14 |
Or if you are interested in development, start with: |
15 | 15 |
|
16 |
-* <<openshift-development>> |
|
16 |
+* <<openshift-development>> and choose between: |
|
17 | 17 |
|
18 |
-And choose between: |
|
19 |
- |
|
20 |
-* <<develop-locally-on-your-host>> |
|
21 |
-* <<develop-on-virtual-machine-using-vagrant>> |
|
18 |
+ ** <<develop-locally-on-your-host>> |
|
19 |
+ ** <<develop-on-virtual-machine-using-vagrant>> |
|
22 | 20 |
|
23 | 21 |
== Download from GitHub |
24 | 22 |
|
... | ... |
@@ -27,7 +25,7 @@ The OpenShift team periodically publishes binaries to GitHub on https://github.c |
27 | 27 |
The tar file for each platform contains a single binary `openshift` which is the all-in-one OpenShift installation. |
28 | 28 |
|
29 | 29 |
* Use `sudo openshift start` to launch the server. Root access is required to create services due to the need to modify IPTables. See issue: https://github.com/GoogleCloudPlatform/kubernetes/issues/1859. |
30 |
-* Use `oc -h <server> ...` to connect to an OpenShift server |
|
30 |
+* Use `oc login <server> ...` to connect to an OpenShift server |
|
31 | 31 |
* Use `openshift help` to see more about the commands in the binary |
32 | 32 |
|
33 | 33 |
|
... | ... |
@@ -76,17 +74,18 @@ To facilitate rapid development we've put together a Vagrantfile you can use to |
76 | 76 |
|
77 | 77 |
1. http://www.vagrantup.com/downloads[Install Vagrant] |
78 | 78 |
|
79 |
-2. https://www.virtualbox.org/wiki/Downloads[Install VirtualBox] (Ex: `yum install VirtualBox`) |
|
79 |
+2. https://www.virtualbox.org/wiki/Downloads[Install VirtualBox] (Ex: `yum install VirtualBox` from the RPM Fusion repository) |
|
80 | 80 |
|
81 | 81 |
3. Clone the project and change into the directory: |
82 | 82 |
|
83 | 83 |
$ mkdir -p $GOPATH/src/github.com/openshift |
84 | 84 |
$ cd $GOPATH/src/github.com/openshift |
85 | 85 |
$ git clone git://github.com/<forkid>/origin # Replace <forkid> with the your github id |
86 |
- $ git remote add upstream git://github.com/openshift/origin |
|
87 | 86 |
$ cd origin |
87 |
+ $ git remote add upstream git://github.com/openshift/origin |
|
88 |
+ |
|
88 | 89 |
|
89 |
-4. Bring up the VM: |
|
90 |
+4. Bring up the VM (If you are new to Vagrant, consider http://docs.vagrantup.com[Vagrant Docs] for help on items like provider selection. Also consider the enablement of your hardware's virtualization extensions, such as https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization_Administration_Guide/sect-Virtualization-Troubleshooting-Enabling_Intel_VT_and_AMD_V_virtualization_hardware_extensions_in_BIOS.html[RHEL] for example.): |
|
90 | 91 |
|
91 | 92 |
$ vagrant up |
92 | 93 |
|
... | ... |
@@ -51,6 +51,9 @@ This will set up a go workspace locally and will build all go components. It is |
51 | 51 |
|
52 | 52 |
### Docker Changes ### |
53 | 53 |
|
54 |
+**VAGRANT USERS**: |
|
55 |
+If you are using the OpenShift Vagrant image you can skip this step. |
|
56 |
+ |
|
54 | 57 |
First, you'll need to configure the Docker daemon on your host to trust the Docker registry service you'll be starting. |
55 | 58 |
|
56 | 59 |
To do this, you need to add "--insecure-registry 172.30.0.0/16" to the Docker daemon invocation, eg: |
... | ... |
@@ -68,6 +71,9 @@ These instructions assume you have not changed the kubernetes/openshift service |
68 | 68 |
|
69 | 69 |
### FirewallD Changes ### |
70 | 70 |
|
71 |
+**VAGRANT USERS**: |
|
72 |
+If you are using the OpenShift Vagrant image you can skip this step. |
|
73 |
+ |
|
71 | 74 |
Similar to our work on SELinux policies, the OpenShift firewalld rules are also a work in progress. For now it is easiest to disable firewalld altogether: |
72 | 75 |
|
73 | 76 |
$ sudo systemctl stop firewalld |
... | ... |
@@ -163,42 +169,20 @@ This section covers how to perform all the steps of building, deploying, and upd |
163 | 163 |
be added to the docker-registry service list so that it's reachable from other places. |
164 | 164 |
|
165 | 165 |
|
166 |
-6. Confirm the registry is accessible (you may need to run this more than once): |
|
167 |
- |
|
168 |
- $ curl -H 'Accept: application/json' -v `oc get service docker-registry --template="{{ .spec.portalIP }}:{{ with index .spec.ports 0 }}{{ .port }}{{ end }}/v2/" --config=openshift.local.config/master/admin.kubeconfig` |
|
169 |
- |
|
170 |
- You should see: |
|
171 |
- |
|
172 |
- "< Docker-Distribution-Api-Version: registry/2.0" |
|
173 |
- |
|
174 |
- |
|
175 |
-7. Bind a user names `test-admin` to the `view` role in the default namespace so you can observe progress in the web console |
|
176 |
- |
|
177 |
- $ oadm policy add-role-to-user view test-admin --config=openshift.local.config/master/admin.kubeconfig |
|
178 |
- |
|
179 |
- |
|
180 |
-9. Login as `test-admin` using any password |
|
166 |
+6. Login as `test-admin` using any password |
|
181 | 167 |
|
182 | 168 |
$ oc login --certificate-authority=openshift.local.config/master/ca.crt |
183 | 169 |
|
170 |
+ **VAGRANT USERS**: If subsequent commands fail because of a config validation error, log out, unset the $OPENSHIFTCONFIG environment variable (if it is set) and then log in again. |
|
184 | 171 |
|
185 |
-9. *Optional:* View the OpenShift web console in your browser by browsing to `https://<host>:8443/console`. Login using the user `test-admin` and any password. |
|
186 |
- |
|
187 |
- * You will need to have the browser accept the certificate at |
|
188 |
- `https://<host>:8443` before the console can consult the OpenShift |
|
189 |
- API. Of course this would not be necessary with a legitimate |
|
190 |
- certificate. |
|
191 |
- * If you click the `default` project and leave the tab open, |
|
192 |
- you'll see the page update as you deploy objects into the project |
|
193 |
- and run builds. |
|
194 | 172 |
|
195 | 173 |
|
196 |
-10. Create a new project in OpenShift. This creates a namespace `test` to contain the builds and app that we will generate below. |
|
174 |
+7. Create a new project in OpenShift. This creates a namespace `test` to contain the builds and app that we will generate below. |
|
197 | 175 |
|
198 | 176 |
$ oc new-project test --display-name="OpenShift 3 Sample" --description="This is an example project to demonstrate OpenShift v3" |
199 | 177 |
|
200 | 178 |
|
201 |
-11. *Optional:* View the OpenShift web console in your browser by browsing to `https://<host>:8443/console`. Login using the user `test-admin` and any password. |
|
179 |
+8. *Optional:* View the OpenShift web console in your browser by browsing to `https://<host>:8443/console`. Login using the user `test-admin` and any password. |
|
202 | 180 |
|
203 | 181 |
* You will need to have the browser accept the certificate at |
204 | 182 |
`https://<host>:8443` before the console can consult the OpenShift |
... | ... |
@@ -209,7 +193,7 @@ This section covers how to perform all the steps of building, deploying, and upd |
209 | 209 |
and run builds. |
210 | 210 |
|
211 | 211 |
|
212 |
-12. *Optional:* Fork the [ruby sample repository](https://github.com/openshift/ruby-hello-world) |
|
212 |
+9. *Optional:* Fork the [ruby sample repository](https://github.com/openshift/ruby-hello-world) |
|
213 | 213 |
to an OpenShift-visible git account that you control, preferably |
214 | 214 |
somewhere that can also reach your OpenShift server with a webhook. |
215 | 215 |
A github.com account is an obvious place for this, but an in-house |
... | ... |
@@ -223,7 +207,7 @@ This section covers how to perform all the steps of building, deploying, and upd |
223 | 223 |
OpenShift's public repository, just not a changed build. |
224 | 224 |
|
225 | 225 |
|
226 |
-13. *Optional:* Add the following webhook under the settings in your new GitHub repository: |
|
226 |
+10. *Optional:* Add the following webhook under the settings in your new GitHub repository: |
|
227 | 227 |
|
228 | 228 |
$ https://<host>:8443/osapi/v1beta3/namespaces/test/buildconfigs/ruby-sample-build/webhooks/secret101/github |
229 | 229 |
|
... | ... |
@@ -233,16 +217,16 @@ This section covers how to perform all the steps of building, deploying, and upd |
233 | 233 |
instance as the certificate chain generated is not publicly verified. |
234 | 234 |
|
235 | 235 |
|
236 |
-14. Edit application-template-stibuild.json which will define the sample application |
|
236 |
+11. Edit application-template-stibuild.json which will define the sample application |
|
237 | 237 |
|
238 | 238 |
* Update the BuildConfig's sourceURI (git://github.com/openshift/ruby-hello-world.git) to point to your forked repository. |
239 | 239 |
*Note:* You can skip this step if you did not create a forked repository. |
240 | 240 |
|
241 | 241 |
|
242 |
-15. Submit the application template for processing (generating shared parameters requested in the template) |
|
242 |
+12. Submit the application template for processing (generating shared parameters requested in the template) |
|
243 | 243 |
and then request creation of the processed template: |
244 | 244 |
|
245 |
- $ oc process -f application-template-stibuild.json | oc create -f - |
|
245 |
+ $ oc new-app application-template-stibuild.json |
|
246 | 246 |
|
247 | 247 |
This will define a number of related OpenShift entities in the project: |
248 | 248 |
|
... | ... |
@@ -261,14 +245,7 @@ This section covers how to perform all the steps of building, deploying, and upd |
261 | 261 |
immediately. |
262 | 262 |
|
263 | 263 |
|
264 |
-16. *Optional:* Trigger a build of your application: |
|
265 |
- * If you setup the GitHub webhook, push a change to `app.rb` in your ruby sample repository. |
|
266 |
- * Otherwise you can request a new build by running: |
|
267 |
- |
|
268 |
- $ oc start-build ruby-sample-build |
|
269 |
- |
|
270 |
- |
|
271 |
-17. Monitor the builds and wait for the status to go to "complete" (this can take a few minutes): |
|
264 |
+13. Monitor the builds and wait for the status to go to "complete" (this can take a few minutes): |
|
272 | 265 |
|
273 | 266 |
$ oc get builds |
274 | 267 |
|
... | ... |
@@ -289,7 +266,7 @@ This section covers how to perform all the steps of building, deploying, and upd |
289 | 289 |
|
290 | 290 |
If you want to see the build logs of a complete build, use the |
291 | 291 |
command below (substituting your build name from the "oc get builds" |
292 |
- output). |
|
292 |
+ output). |
|
293 | 293 |
|
294 | 294 |
$ oc build-logs ruby-sample-build-1 -n test |
295 | 295 |
|
... | ... |
@@ -298,7 +275,7 @@ This section covers how to perform all the steps of building, deploying, and upd |
298 | 298 |
pod each for the frontend (your Ruby code) and backend. |
299 | 299 |
|
300 | 300 |
|
301 |
-18. Wait for the application's frontend pod and database pods to be started (this can take a few minutes): |
|
301 |
+14. Wait for the application's frontend pod and database pods to be started (this can take a few minutes): |
|
302 | 302 |
|
303 | 303 |
$ oc get pods |
304 | 304 |
|
... | ... |
@@ -310,7 +287,7 @@ This section covers how to perform all the steps of building, deploying, and upd |
310 | 310 |
ruby-sample-build-1 sti-build openshift/origin-sti-builder:latest openshiftdev.local/127.0.0.1 build=ruby-sample-build-1,buildconfig=ruby-sample-build,name=ruby-sample-build,template=application-template-stibuild Succeeded 3 minutes |
311 | 311 |
|
312 | 312 |
|
313 |
-19. Determine the IP for the frontend service: |
|
313 |
+15. Determine the IP for the frontend service: |
|
314 | 314 |
|
315 | 315 |
$ oc get services |
316 | 316 |
|
... | ... |
@@ -325,7 +302,7 @@ This section covers how to perform all the steps of building, deploying, and upd |
325 | 325 |
*Note:* you can also get this information from the web console. |
326 | 326 |
|
327 | 327 |
|
328 |
-20. Confirm the application is now accessible via the frontend service on port 5432. Go to http://172.30.17.4:5432 (or whatever IP address was reported above) in your browser if you're running this locally; otherwise you can use curl to see the HTML, or port forward the address to your local workstation to visit it. |
|
328 |
+16. Confirm the application is now accessible via the frontend service on port 5432. Go to http://172.30.17.4:5432 (or whatever IP address was reported above) in your browser if you're running this locally; otherwise you can use curl to see the HTML, or port forward the address to your local workstation to visit it. |
|
329 | 329 |
|
330 | 330 |
- - - |
331 | 331 |
**VAGRANT USERS:** |
... | ... |
@@ -339,14 +316,14 @@ This section covers how to perform all the steps of building, deploying, and upd |
339 | 339 |
You should see a welcome page and a form that allows you to query and update key/value pairs. The keys are stored in the database container running in the database pod. |
340 | 340 |
|
341 | 341 |
|
342 |
-21. Make a change to your ruby sample main.html file, commit, and push it via git. |
|
342 |
+17. Make a change to your ruby sample main.html file, commit, and push it via git. |
|
343 | 343 |
|
344 | 344 |
* If you do not have the webhook enabled, you'll have to manually trigger another build: |
345 | 345 |
|
346 | 346 |
$ oc start-build ruby-sample-build |
347 | 347 |
|
348 | 348 |
|
349 |
-22. Repeat step 17 (waiting for the build to complete). Once the build is complete, refreshing your browser should show your changes. |
|
349 |
+18. Repeat step 13 (waiting for the build to complete). Once the build is complete, refreshing your browser should show your changes. |
|
350 | 350 |
|
351 | 351 |
Congratulations, you've successfully deployed and updated an application on OpenShift. |
352 | 352 |
|
... | ... |
@@ -373,25 +350,31 @@ the ip address shown below with the correct one for your environment. |
373 | 373 |
|
374 | 374 |
$ sudo chmod +r openshift.local.config/master/openshift-router.kubeconfig |
375 | 375 |
$ oadm router --create --credentials=openshift.local.config/master/openshift-router.kubeconfig --config=openshift.local.config/master/admin.kubeconfig |
376 |
- router # the service |
|
376 |
+ router # the service |
|
377 | 377 |
router # the deployment config |
378 | 378 |
|
379 | 379 |
|
380 | 380 |
3. Switch to the `default` project to watch for router to start |
381 |
- $ oc project default |
|
381 |
+ |
|
382 |
+ $ oc project default --config=openshift.local.config/master/admin.kubeconfig |
|
382 | 383 |
|
383 | 384 |
4. Wait for the router to start. |
384 | 385 |
|
385 |
- $ oc describe dc router |
|
386 |
+ $ oc describe dc router --config=openshift.local.config/master/admin.kubeconfig |
|
386 | 387 |
# watch for the number of deployed pods to go to 1 |
387 | 388 |
|
388 | 389 |
|
389 |
-5. *Optional:* View the logs of the router. |
|
390 |
+5. *Optional:* View the logs of the router. First though, you need to get random suffix that Kubernetes includes as part of the name it generates. |
|
391 |
+ |
|
392 |
+ $ oc get pods --config=openshift.local.config/master/admin.kubeconfig |
|
393 |
+ # Look for the pod name starting with "router-1-" |
|
394 |
+ |
|
395 |
+6. *Optional:* With that precise pod name, you can view its logs. |
|
390 | 396 |
|
391 |
- $ oc log router-1-<podrandom-suffix> |
|
397 |
+ $ oc logs router-1-<podrandom-suffix> --config=openshift.local.config/master/admin.kubeconfig |
|
392 | 398 |
|
393 | 399 |
|
394 |
-6. Curl the url, substituting the ip address shown for the correct value in your environment. |
|
400 |
+7. Curl the url, substituting the ip address shown for the correct value in your environment. The easiest way to get the IP is to do a ifconfig from where you have been running the oc command. |
|
395 | 401 |
|
396 | 402 |
$ curl -s -k --resolve www.example.com:443:10.0.2.15 https://www.example.com |
397 | 403 |
... removed for readability ... |
... | ... |
@@ -399,7 +382,7 @@ the ip address shown below with the correct one for your environment. |
399 | 399 |
... removed for readability ... |
400 | 400 |
|
401 | 401 |
|
402 |
-7. *Optional*: View the certificate being used for the secure route. |
|
402 |
+8. *Optional*: View the certificate being used for the secure route. |
|
403 | 403 |
|
404 | 404 |
$ openssl s_client -servername www.example.com -connect 10.0.2.15:443 |
405 | 405 |
... removed for readability ... |