IBM Cloud Private on RHEL
An easy installation guide
Background
IBM Cloud Private is a Kubernetes-based platform that runs on your infrastructure. It can be used for managing a rich catalog of IBM applications, as well as for hosting your own internal apps.
This tutorial will teach you how to install IBM Cloud Private 2.1.0 - Community Edition on RHEL 7.4
Requirements
The infrastructure for your Kubernetes cluster must be created prior to following this guide. At minimum a master and single worker node are required. The machine specs used for testing are below. A minimum of 151 GB of disk space on the master node is recommended.
Master Node — 4 CPUs, 8 GB RAM, 80 GB disk, public/accessable IP
Worker Node(s) — 2 CPUs, 4 GB RAM, 40 GB disk
Steps
1. Review the System Requirements
The system requirements doc can be found here. Note the hardware requirements when setting up your machines. All of the machines created must have network access to one-another.
2. Architecture
Familiarize yourself with the architecture of IBM Cloud Private found here. For this install a single machine will act as the master, boot and proxy node. Each worker node will have its own machine. The management node will not be used.
3. Clone the Install Repo
Clone the GitHub Repo https://github.com/jcantosz/icp-rhel-install to your master node.
The repo contains a scripts folder with a series of of numbered scripts. Change (cd) to icp-rhel-install/scripts for the rest of the remaining steps.
[cloudusr@jcantosz-rhel-master ~]$ git clone https://github.com/jcantosz/icp-rhel-install.git
Cloning into 'icp-rhel-install'...
remote: Counting objects: 36, done.
remote: Compressing objects: 100% (33/33), done.
remote: Total 36 (delta 10), reused 20 (delta 3), pack-reused 0
Unpacking objects: 100% (36/36), done.
[cloudusr@jcantosz-rhel-master ~]$ cd icp-rhel-install/scripts/
[cloudusr@jcantosz-rhel-master scripts]$ ls
00-variables.sh 01-update-hosts.sh 04-configure-os.sh 07-configure-installer.sh
01-1-passwordless-ssh.sh 02-ssh-setup.sh 05-firewall-config.sh 08-install.sh
01-2-bind-mounts.sh 03-install-packages.sh 06-get-installer.sh 09-kubeconfig.sh4. Fill in the Variables
Using your favorite editor fill in the 00-variables.sh file.
- SSH_KEY — the path to the private key file used to SSH into each of the workers.
- SSH_USER — the user to SSH into the workers as.
- PUBLIC_IP — The IP on which you plan to access the web dashboard. This may be the same as the MASTER_IP if there is only one interface for accessing the master
- MASTER_IP — The (private) IP address of the master node
- WORKER_IPS — An array of IP addresses, one per worker
- WORKER_HOSTNAMES — An array of hostnames, one per worker, the size and order must match WORKER_IPS
Note that this file also contains links to the ICP install docs, the ICP wiki, and a wiki page with directions for joining the #ibm-cloud-private private channel on Slack.
[cloudusr@jcantosz-rhel-master scripts]$ cat 00-variables.sh
#!/bin/bash
# ----------------------------------------------------------------------------------------------\\
# Description:
# A basic installer for IBM Cloud Private-CE 1.2.0 on RHEL 7.4
# ----------------------------------------------------------------------------------------------\\
# Note:
# This assumes all VMs were provisioned to be accessable with the same SSH key
# All scripts should be run from the master node
# ----------------------------------------------------------------------------------------------\\
# System Requirements:
# Tested against RHEL 7.4 (OpenStack - KVM-RHE7.4-Srv-x64)
# Master Node - 4 CPUs, 8 GB RAM, 80 GB disk, public IP
# Worker Node - 2 CPUs, 4 GB RAM, 40 GB disk
# Requires sudo access
# ----------------------------------------------------------------------------------------------\\
# Docs:
# Installation Steps From:
# - https://www.ibm.com/support/knowledgecenter/SSBS6K_2.1.0/installing/prep_cluster.html
# - https://www.ibm.com/support/knowledgecenter/SSBS6K_2.1.0/installing/install_containers_CE.html
#
# Wiki:
# - https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/W1559b1be149d_43b0_881e_9783f38faaff
# - https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/W1559b1be149d_43b0_881e_9783f38faaff/page/Connect
# ----------------------------------------------------------------------------------------------\\
export SSH_KEY=~/.ssh/id_rsa
export SSH_USER=cloudusr
export PUBLIC_IP=9.x.x.x
export MASTER_IP=10.10.25.157
# WORKER_IPS[0] should be the same worker at WORKER_HOSTNAMES[0]export WORKER_IPS=("10.10.25.158" "10.10.25.159")
export WORKER_HOSTNAMES=("jcantosz-rhel-worker-1" "jcantosz-rhel-worker-2")
if [[ "${#WORKER_IPS[@]}" != "${#WORKER_HOSTNAMES[@]}" ]]; then
echo "ERROR: Ensure that the arrays WORKER_IPS and WORKER_HOSTNAMES are of the same length"
return 1
fi
export NUM_WORKERS=${#WORKER_IPS[@]}5. Set Up Password-less SSH if needed
If SSH communication using keyfiles is not already set up between the master and worker nodes, the script 01–1-passwordless-ssh.sh can be run to help accomplish this.
6. Bind Mounted Volumes if needed
If you have volume mounts you wish to use for installing ICP, the script 01–2-bind-mounts.sh can help you accomplish this. Identify which mounted volumes you wish to bind to which folder locations and fill in the MOUNT_DIR variable as appropriate.
This is helpful when the base machine’s storage is insufficient for installing ICP and volume mounts are used.
7. Run the Scripts
Run each script 01-update-hosts.sh through 09-kubeconfig.sh in numerical order. Reviewing each script prior to running it.
Each script has a section that runs on the master and a for loop that cycles through each of the worker’s hostnames and runs the same or similar commands on the workers.
Note the URL and credentials of the web UI after running script 08-install.sh
[cloudusr@j scripts]$ ./08-install.sh
...
PLAY RECAP **********************************************************************************
10.10.25.157 : ok=200 changed=65 unreachable=0 failed=0
10.10.25.158 : ok=118 changed=48 unreachable=0 failed=0
10.10.25.159 : ok=118 changed=48 unreachable=0 failed=0
localhost : ok=215 changed=113 unreachable=0 failed=0
POST DEPLOY MESSAGE *************************************************************************
UI URL is https://9.x.x.x:8443 , default username/password is admin/admin
Playbook run took 0 days, 0 hours, 21 minutes, 3 seconds8. Test kubectl commands
After script 09-kubeconfig.sh has completed, your master node should have a working version of kubectl. Try running kubectl get pods –all-namespaces to see what is running on Kubernetes.
[cloudusr@j scripts]$ ./09-kubeconfig.sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 49.9M 100 49.9M 0 0 3843k 0 0:00:13 0:00:13 --:--:-- 5989k
Cluster "cfc-cluster" set.
Context "kubectl" created.
User "user" set.
Context "kubectl" modified.
Switched to context "kubectl".
[cloudusr@j scripts]$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system auth-apikeys-29j0b 1/1 Running 0 11m
kube-system auth-idp-m7grf 3/3 Running 0 13m
kube-system auth-pap-2rx27 1/1 Running 0 11m
kube-system auth-pdp-9scjn 1/1 Running 0 11m
kube-system calico-node-amd64-k31w5 2/2 Running 0 21m
kube-system calico-node-amd64-lbt1f 2/2 Running 0 21m
kube-system calico-node-amd64-r1l1f 2/2 Running 0 21m
kube-system calico-policy-controller-1048521425-21j6h 1/1 Running 0 21m
kube-system catalog-catalog-apiserver-gdhls 0/1 ContainerCreating 0 11m
kube-system catalog-catalog-controller-manager-3100032879-gl3mg 0/1 ContainerCreating 0 10m
kube-system catalog-ui-wbzvm 1/1 Running 0 11m
kube-system default-http-backend-198681862-rx2sn 1/1 Running 0 11m
kube-system elasticsearch-client-3479638665-q9dcx 0/2 PodInitializing 0 11m
kube-system elasticsearch-data-0 0/1 PodInitializing 0 11m
kube-system elasticsearch-master-1570256108-gmfrn 0/1 PodInitializing 0 11m
kube-system filebeat-ds-amd64-3ph6r 1/1 Running 0 11m
kube-system filebeat-ds-amd64-4kkgm 1/1 Running 0 11m
kube-system filebeat-ds-amd64-s0h34 1/1 Running 0 11m
kube-system heapster-1250025240-lf9dj 1/2 CrashLoopBackOff 5 11m
kube-system helm-api-792621620-r78vb 0/1 ContainerCreating 0 9m
kube-system helmrepo-2349593664-b3lc6 0/1 ContainerCreating 0 9m
kube-system icp-ds-0 1/1 Running 0 18m
kube-system icp-router-ct1lz 0/1 ContainerCreating 0 9m
kube-system image-manager-0 0/2 ContainerCreating 0 11m
kube-system k8s-etcd-10.10.25.157 1/1 Running 0 20m
kube-system k8s-mariadb-10.10.25.157 1/1 Running 0 20m
kube-system k8s-master-10.10.25.157 3/3 Running 0 20m
kube-system k8s-proxy-10.10.25.157 1/1 Running 0 19m
kube-system k8s-proxy-10.10.25.158 1/1 Running 0 20m
kube-system k8s-proxy-10.10.25.159 1/1 Running 0 19m
kube-system kube-dns-1038623989-jv1hd 3/3 Running 0 19m
kube-system logstash-4245234969-pv82n 1/1 Running 0 11m
kube-system metering-dm-653503904-q63wq 1/1 Running 0 11m
kube-system metering-reader-amd64-3lg3d 1/1 Running 0 11m
kube-system metering-reader-amd64-kwphq 1/1 Running 0 11m
kube-system metering-reader-amd64-l2lkz 1/1 Running 0 11m
kube-system metering-server-1157299371-6cmhj 1/1 Running 0 11m
kube-system metering-ui-3174349629-36c0b 0/1 ContainerCreating 0 11m
kube-system monitoring-exporter-3293343457-fvdbs 0/1 ContainerCreating 0 10m
kube-system monitoring-grafana-2476181526-fzp7z 0/2 ContainerCreating 0 10m
kube-system monitoring-prometheus-2422752664-pmmbn 0/2 ContainerCreating 0 10m
kube-system monitoring-prometheus-alertmanager-3766402458-wfq4d 0/2 ContainerCreating 0 10m
kube-system monitoring-prometheus-kubestatemetrics-3025976457-bjnxk 0/1 ContainerCreating 0 10m
kube-system monitoring-prometheus-nodeexporter-amd64-5f5kw 0/1 ContainerCreating 0 10m
kube-system monitoring-prometheus-nodeexporter-amd64-b101z 1/1 Running 0 10m
kube-system monitoring-prometheus-nodeexporter-amd64-ll4wm 1/1 Running 0 10m
kube-system nginx-ingress-lb-amd64-8vs8w 1/1 Running 0 11m
kube-system platform-api-pzb2k 1/1 Running 0 11m
kube-system platform-ui-sdmb4 1/1 Running 0 11m
kube-system rescheduler-w83vj 1/1 Running 0 11m
kube-system tiller-deploy-2307655136-881r5 1/1 Running 0 11m
kube-system unified-router-86zn3 1/1 Running 09. View the Web UI
Upon successful completion of the 08-install.sh script, instructions on how to access the web interface will be printed. if the UI does not appear, you may need to wait for your pods to be in the “Running” state. By default the web interface will be accessible on https://<PUBLIC_IP>:8443 with the username/password of admin/admin. The cluster is using a self-signed certificate, so you may get a message about an untrusted certificate. Accept and proceed to the log in page. Log in and view the dashboard. Many elements of Kubernetes that can be accesses via kubectl commands can also be viewed using the left-hand navigation menu. Additional options such as LDAP configuration and a catalog of content can also be found here.
Self-signed certificate warning, click “advanced” and proceed to the page.
Accepting the warning will lead you to the log in page, log in:
View the dashboard and explore the UI:
10. Conclusion
IBM Cloud Private is a fully-featured Kubernetes-based platform that runs on your infrastructure. The Community Edition is a great way to test out the platform. The scripts that accompany this article are intended to provide a digestable way to understand the install process and get the product up-and-running on your machines, so you can do the important tasks using the platform.
Originally published at developer.ibm.com.
