Open in app

Sign in

Write

Sign in

Deploy Red Hat OpenShift Cluster in AWS

A self managed OCP cluster provisioning in AWS

Himadri Talukder
Towards Generative AI
4 min readApr 17, 2024

--

Red Hat OpenShift Container Platform (RHOCP) is built upon the open-source Kubernetes project and extends the platform with features that contribute to a robust, flexible, and scalable container platform within customer datacenter. This extension allows developers to run workloads in a high-availability environment. It serves as an enterprise-ready platform that meets all requirements, including security, logging, and monitoring. OpenShift provides these essential features out of the box, offering a seamless integration and standardized solutions.

The Red Hat OpenShift product family comprises a range of solutions designed to enhance the deployment of business applications across diverse environments. One of the most common way of deploying OpenShift is self managed OCP cluster provision in Installer-provisioned Infrastructure (IPI). IPI provides a full-stack installation and configuration of the OpenShift Container Platform (OCP), including the establishment of a Bootstrapping node responsible for deploying the cluster.

Full-stack installation, the OpenShift installer orchestrates the allocation of compute, storage, and network resources from a cloud or virtualization provider. You only need to furnish the installer with essential data, such as credentials to a cloud provider and the desired size of the initial cluster. Subsequently, the installer initiates the deployment of a fully functional OpenShift cluster.

The cluster bootstrapping process unfolds as follows:

OpenShift Deployment Process

The outcome of this bootstrapping process is a fully operational OpenShift control plane including the API server, controllers (e.g., SDN), and the Etcd cluster. Then, the cluster proceeds to download and configure the remaining components.

We have discussed the theory behind the process of provisioning an OpenShift cluster. Now, let’s proceed to provision an actual cluster in AWS.

Prerequisite

  • Red Hat account (https://console.redhat.com/)
  • AWS Account with admin privileges
  • Install AWS cli
  • Need a domain registered in AWS public hosted zone ( Route 53 > Hosted Zones)

Set ssh key

If you don’t have private key generated use the below command to generate a ssh-key

ssh-keygen -t rsa -b 4096 -N '' -f ~/.ssh/id_rsa

Set the the ssh key

ssh-add ~/.ssh/id_rsa

Download OpenShift Installer

Create a directory and download the installer.

mkdir ocp-install && cd ocp-install

To obtain the installer, please follow this link and save it to the directory created in the previous step. A screenshot is included for your convenience. Additionally, download the secret from the same page.

Extract the downloaded binary and navigate to the extracted directory. In my case, I downloaded the Mac version.

cd openshift-install-mac

Setup AWS CLI

Go to IAM -> Users -> [user -id]

  • Create access key
  • Copy access key and Secret key in a secured location
aws configure

Then follow the instruction, enter access key, Secret access key and default region

Congratulations! You are ready to use AWS CLI.

Install OpenShift cluster

We will perform a customized deployment by creating an “installer” directory to house all the cluster configurations.

mkdir config_loc
./openshift-install create install-config --dir=config_loc

You will be asked some question and please enter them appropriately, here is a sample configuration I entered when I provisioned my cluster.

htalukder@Himadris-MacBook-Pro es % ./openshift-install create install-config --dir=config_loc
? SSH Public Key /Users/htalukder/.ssh/id_rsa.pub
? Platform aws
INFO Credentials loaded from the "default" profile in file "/Users/htalukder/.aws/credentials" 
? Region us-west-2
? Base Domain <exampledomain.com>
? Cluster Name ibm-sample-ocp
? Pull Secret [? for help] ******************************************************************************************************************************************************************************
INFO Install-Config created in: config_loc

A configuration file will be create in /config_loc/install-config.yaml. You can customize the configuration based on your design. I have modified a little bit to add the machine size for worker nodes.

You can select proper instance type from here https://aws.amazon.com/ec2/instance-types/

  platform: 
    aws:
      type: m4.xlarge

After some modification, now we are going to install the cluster.

./openshift-install create cluster --dir=config --log-level=info

It will take about 40 minutes

INFO Install-Config created in: config_loc        
(backend) htalukder@Himadris-MacBook-Pro es % ./openshift-install create cluster --dir=config_loc
INFO Credentials loaded from the "default" profile in file "/Users/htalukder/.aws/credentials" 
INFO Consuming Install Config from target directory 
INFO Creating infrastructure resources...         
INFO Waiting up to 20m0s (until 1:43PM) for the Kubernetes API at https://api.ibm-sample-ocp.ibm-cpd-partnerships.com:6443... 
INFO API v1.26.7+0ef5eae up                       
INFO Waiting up to 30m0s (until 1:55PM) for bootstrapping to complete... 
INFO Destroying the bootstrap resources...        
INFO Waiting up to 40m0s (until 2:17PM) for the cluster at https://api.ibm-sample-ocp.ibm-cpd-partnerships.com:6443 to initialize... 
INFO Checking to see if there is a route at openshift-console/console... 
INFO Install complete!                            
INFO To access the cluster as the system:admin user when using 'oc', run 'export KUBECONFIG=/Users/htalukder/devops/es/config_loc/auth/kubeconfig' 
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.ibm-sample-ocp.<example domain>.com 
INFO Login to the console with user: "kubeadmin", and password: "NGzDK-9MrDG-UcPeF-IRroP"

After a successful installation, you will find the kubeadmin user and password, as well as the OpenShift web console, in the log messages. Make sure to take note of them. If you lose this information, you won’t be able to log in to the cluster.

Destroy the cluster

./openshift-install destroy cluster --dir=config_loc --log-level=info

Conclusion

We have just deployed an OpenShift Installer-Provisioned Infrastructure. Now, we can schedule our containerized workloads on a secure, enterprise-ready Kubernetes platform.

Red Hat OpenShift as the central pillar of the hybrid cloud architecture. The platform boasts industry-leading security capabilities that are built into OpenShift, such as the Red Hat CoreOS operating system and SELinux capabilities for securing the Linux kernel for containerized environments.

Follow Towards Generative AI for more content related to latest in AI advancement.

Elasticsearch
Vector Database
Openshift
AWS
Red Hat Openshift

--

--

Himadri Talukder
Towards Generative AI

Written by Himadri Talukder

24 Followers

Senior Engineer, IBM. LinkedIn: https://www.linkedin.com/in/himadri-talukder-214b2539/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams