Setting up OpenShift Container Platform (OCP) on vSphere running on Lenovo ThinkSystem

OpenShift Container Platform (OCP) is a container orchestration platform based on Kubernetes from Red Hat. OCP is one of the oldest Kubernetes based container orchestration solution and its installation is supported across on-prem and on cloud environments. In this blog post, I will walk you through the step-by-step instructions to setup OCP on vSphere 7.x running on Lenovo ThinkSystem using Installer Provisioned Infrastructure (IPI).

Pre-Requirements

ComponentRecordDescription
API VIPapi.<cluster_name>.<base_domain>.This DNS A/AAAA or CNAME record must point to the load balancer for the control plane machines. This record must be resolvable by both clients external to the cluster and from all the nodes within the cluster.
Ingress VIP*.apps.<cluster_name>.<base_domain>.A wildcard DNS A/AAAA or CNAME record that points to the load balancer that targets the machines that run the Ingress router pods, which are the worker nodes by default. This record must be resolvable by both clients external to the cluster and from all the nodes within the cluster.
  • Generate a keypair
ssh-keygen -t ed25519 -N '' -f <path>/<file_name> 
  • Once you click on vSphere, select Installer-Provisioned Infrastructure
  • Download the installer depending on what is the machine type you will be using to run it. e.g. Linux or Mac
  • Also Download the pull secret that you will need later during installation
  • Extract the installation program
$ tar -xvf openshift-install-linux.tar.gz
$ ls -ltr | grep -i openshift
-rwxr-xr-x 1 ubuntu ubuntu 481968128 Sep 26 19:25 openshift-install
-rw-rw-r-- 1 ubuntu ubuntu 344582118 Oct 11 02:55 openshift-install-linux.tar.gz
  • Add vCenter root certificate to your system trust by following the instructions here

Installation Steps

Before triggering the OCP install, create a directory where installation program will run.

  • Create a directory
$ mkdir ocpinstall
  • Trigger the installation and provide the required info

root@ubuntu:/home/ubuntu# ./openshift-install create cluster --dir ocpinstall --log-level=info
? SSH Public Key <none>
? Platform vsphere
? vCenter <Enter your vc hostname>
? Username administrator@vsphere.local
? Password [? for help] ***********
INFO Connecting to vCenter <your vc hostname>
INFO Defaulting to only available datacenter: <your vc datacenter>
INFO Defaulting to only available cluster: <Available cluster>
? Default Datastore NFS3
? Network CustEdi-XSE-Mgmt-LCE1
? Virtual IP Address for API <Static IP address used by api server>
? Virtual IP Address for Ingress <static IP address used by ingress>
? Base Domain <base domain name>
? Cluster Name truscaleocp
? Pull Secret [? for help] **************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       *****************************************************************************************************************************************       INFO Obtaining RHCOS image file from 'https://rhcos.mirror.openshift.com/art/storage/releases/rhcos-4.11/411.86.202208112011-0/x86_64/rhc       os-411.86.202208112011-0-vmware.x86_64.ova?sha256='
INFO Creating infrastructure resources...
INFO Waiting up to 20m0s (until 4:05AM) for the Kubernetes API at https://api.truscaleocp.hec.lenovo:6443...
INFO API v1.24.0+3882f8f up
INFO Waiting up to 30m0s (until 4:17AM) for bootstrapping to complete...
INFO Destroying the bootstrap resources...
INFO Waiting up to 40m0s (until 4:36AM) for the cluster at https://api.truscaleocp.hec.lenovo:6443 to initialize...
W1011 03:56:30.899980    9523 reflector.go:324] k8s.io/client-go/tools/watch/informerwatcher.go:146: failed to list *v1.ClusterVersion: Get "ht tps://api.truscaleocp.hec.lenovo:6443/apis/config.openshift.io/v1/clusterversions?fieldSelector=metadata.name%3Dversion&limit=500&resourceVersi on=0": dial tcp 10.189.85.115:6443: connect: connection refused
E1011 03:56:30.900136    9523 reflector.go:138] k8s.io/client-go/tools/watch/informerwatcher.go:146: Failed to watch *v1.ClusterVersion: failed  to list *v1.ClusterVersion: Get "https://api.truscaleocp.hec.lenovo:6443/apis/config.openshift.io/v1/clusterversions?fieldSelector=metadata.na me%3Dversion&limit=500&resourceVersion=0": dial tcp 10.189.85.115:6443: connect: connection refused
W1011 03:56:32.430235    9523 reflector.go:324] k8s.io/client-go/tools/watch/informerwatcher.go:146: failed to list *v1.ClusterVersion: Get "ht tps://api.truscaleocp.hec.lenovo:6443/apis/config.openshift.io/v1/clusterversions?fieldSelector=metadata.name%3Dversion&limit=500&resourceVersi on=0": dial tcp 10.189.85.115:6443: connect: connection refused
E1011 03:56:32.430346    9523 reflector.go:138] k8s.io/client-go/tools/watch/informerwatcher.go:146: Failed to watch *v1.ClusterVersion: failed  to list *v1.ClusterVersion: Get "https://api.truscaleocp.hec.lenovo:6443/apis/config.openshift.io/v1/clusterversions?fieldSelector=metadata.na me%3Dversion&limit=500&resourceVersion=0": dial tcp 10.189.85.115:6443: connect: connection refused
W1011 03:56:34.101227    9523 reflector.go:324] k8s.io/client-go/tools/watch/informerwatcher.go:146: failed to list *v1.ClusterVersion: Get "ht tps://api.truscaleocp.hec.lenovo:6443/apis/config.openshift.io/v1/clusterversions?fieldSelector=metadata.name%3Dversion&limit=500&resourceVersi on=0": dial tcp 10.189.85.115:6443: connect: connection refused
E1011 03:56:34.101406    9523 reflector.go:138] k8s.io/client-go/tools/watch/informerwatcher.go:146: Failed to watch *v1.ClusterVersion: failed  to list *v1.ClusterVersion: Get "https://api.truscaleocp.hec.lenovo:6443/apis/config.openshift.io/v1/clusterversions?fieldSelector=metadata.na me%3Dversion&limit=500&resourceVersion=0": dial tcp 10.189.85.115:6443: connect: connection refused
W1011 03:56:39.138486    9523 reflector.go:324] k8s.io/client-go/tools/watch/informerwatcher.go:146: failed to list *v1.ClusterVersion: Get "ht tps://api.truscaleocp.hec.lenovo:6443/apis/config.openshift.io/v1/clusterversions?fieldSelector=metadata.name%3Dversion&limit=500&resourceVersi on=0": dial tcp 10.189.85.115:6443: connect: connection refused
E1011 03:56:39.138592    9523 reflector.go:138] k8s.io/client-go/tools/watch/informerwatcher.go:146: Failed to watch *v1.ClusterVersion: failed  to list *v1.ClusterVersion: Get "https://api.truscaleocp.hec.lenovo:6443/apis/config.openshift.io/v1/clusterversions?fieldSelector=metadata.na me%3Dversion&limit=500&resourceVersion=0": dial tcp 10.189.85.115:6443: connect: connection refused
INFO Waiting up to 10m0s (until 4:22AM) for the openshift-console route to be created...
INFO Install complete!
INFO To access the cluster as the system:admin user when using 'oc', run
INFO     export KUBECONFIG=/home/ubuntu/ocpinstall/auth/kubeconfig
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.truscaleocp.hec.lenovo
INFO Login to the console with user: "kubeadmin", and password: "xxxxxxxxxx"
INFO Time elapsed: 33m51s
  • It took around 34 mins to complete the installation. Once installation is successful, you will see 3 master nodes and 3 worker nodes created on your vCenter as below.
  • You can also find the console url and username/password to access it. Try opening it in your web broswer.
  • That’s all for this post. In the upcoming one, we will talk about setting up oc utility and access the cluster from command line.
Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s