Are you reviewing Docker orchestration systems like Kubernetes, DC/OS or OpenShift? In this blog post, let us learn how to install a standalone OpenShift Origin system on Fedora.

OpenShift Installation on Fedora is a tough nut. As an example, read this blog post, where the author comes to the conclusion that the OpenShift installation on Fedora is broken. He is right. Following the OpenShift Origin instructions will lead to nowhere, even now with OpenShift v3.11.

However, I have managed to install OpenShift Origin 3.9 on Fedora 28 by applying a bunch of workarounds. I have cast the process into an open source GIT project for automating the process. The GIT project will allow you to install OpenShift on Fedora in less than an hour.

Finally, we will learn how to install a simple app on OpenShift that is reachable from the Internet.

References

  • Getting Started with OpenShift on Vagrant
  • Coming soon: full log of the first, manual OpenShift installation on Fedora. This is the source, where we have found the workarounds applied in this quick installation guide.
  • If you are looking for an installation procedure for CentOS instead of Fedora, I can recommend the gshipley/installcentos project.

Quick Installation

In short, you can install OpenShift 3.9 on a Fedora 28 system (2 vCPU, 4 GB RAM) as follows:

Step 1: Clone the GIT project

(root)# dnf install -y git
(root)# git clone https://github.com/oveits/install-openshift-on-fedora
(root)# cd install-openshift-on-fedora

Step 2: Install SELINUX

The next command will cause a reboot if SELINUX is disabled, currently

(root)# bash 0_enable_selinux.sh

Allow the system to re-label its file system, so you might need to wait a few minutes before you can reconnect.

Step 3: Prepare the System and Install OpenShift Standalone

After some minutes, we re-connect to the system:

(root)# cd install-openshift-on-fedora
(root)# bash 1_install_all.sh

This will run through a set of eight shell scripts that will perform the job of preparing the system, checking the prerequisites and installing a standalone OpenShift 3.9 system. Note that the whole procedure can take up to an hour.

Step 4: Connect to the OpenShift Console

On the system, you use as the browser client, add the line

<ip-address-of-Fedora-system>  <hostname-of-fedora-system>

and connect to https://<hostname-of-fedora-system>:8443. Accept the insecure self-signed certificate of the OpenShift system and log in as admin (pass: admin):

We log in as admin (default password “admin”) and reach the dashboard a.k.a. cockpit:

Note: at first login, I have seen an error message I failed to take a screenshot from. However, at the second attempt the login was successful.

The appearance of the dashboard has changed quite a bit since the last time I had installed OpenShift:

Now let us log in via command line, so the rest will be scriptable:

First Steps with OpenShift

Login

(master)# oc login
Authentication required for https://fedora-4gb-nbg1-1:8443 (openshift)
Username: admin
Password:
Login successful.

You don't have any projects. You can try to create a new project, by running

    oc new-project 

Create Project

(master)# oc new-project testproject
Now using project "testproject" on server "https://fedora-4gb-nbg1-1:8443".

You can add applications to this project with the 'new-app' command. For example, try:

    oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-ex.git

to build a new example application in Ruby.

Create App

Now, we will create a new application from a Docker Image from Docker Hub:

[root@fedora-4gb-nbg1-1 ~]# oc new-app openshift/deployment-example
--> Found Docker image 1c839d8 (3 years old) from Docker Hub for "openshift/deployment-example"

    * An image stream will be created as "deployment-example:latest" that will track this image
    * This image will be deployed in deployment config "deployment-example"
    * Port 8080/tcp will be load balanced by service "deployment-example"
      * Other containers can access this service through the hostname "deployment-example"
    * WARNING: Image "openshift/deployment-example" runs as the 'root' user which may not be permitted by your cluster administrator

--> Creating resources ...
    imagestream "deployment-example" created
    deploymentconfig "deployment-example" created
    service "deployment-example" created
--> Success
    Application is not exposed. You can expose services to the outside world by executing one or more of the commands below:
     'oc expose svc/deployment-example'
    Run 'oc status' to view your app.
[root@fedora-4gb-nbg1-1 ~]# oc expose svc/deployment-example
route "deployment-example" exposed
[root@fedora-4gb-nbg1-1 ~]# oc status
In project testproject on server https://fedora-4gb-nbg1-1:8443

http://deployment-example-testproject.router.default.svc.cluster.local to pod port 8080-tcp (svc/deployment-example)
  dc/deployment-example deploys istag/deployment-example:latest
    deployment #1 deployed 28 seconds ago - 1 pod

dc/hello deploys istag/hello:latest
  deployment #1 failed 15 minutes ago: config change


1 warning, 5 infos identified, use 'oc status -v' to see details.
[root@fedora-4gb-nbg1-1 ~]# curl http://deployment-example-testproject.router.default.svc.cluster.local
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Deployment Demonstration</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <style>
    HTML{height:100%;}
    BODY{font-family:Helvetica,Arial;display:flex;display:-webkit-flex;align-items:center;justify-content:center;-webkit-align-items:center;-webkit-box-align:center;-webkit-justify-content:center;height:100%;}
    .box{background:#006e9c;color:white;text-align:center;border-radius:10px;display:inline-block;}
    H1{font-size:10em;line-height:1.5em;margin:0 0.5em;}
    H2{margin-top:0;}
  </style>
</head>
<body>
<div class="box"><h1>v1</h1><h2></h2></div>
</body>
</html>[root@fedora-4gb-nbg1-1 ~]#

Expose App

For the application to be reachable from the Internet, we create a new route by exposing the service and by using a domain the Internet will resolve to the IP address of our OpenShift load balancer located on the master:

# oc expose svc/deployment-example --hostname deployment-example.apps.159.69.38.201.xip.io
route "deployment-example" exposed

then

# oc get routes
NAME                 HOST/PORT                                      PATH      SERVICES             PORT       TERMINATION   WILDCARD
deployment-example   deployment-example.apps.159.69.38.201.xip.io             deployment-example   8080-tcp                 None

Access the App locally

We can access the application locally by using cURL:

# curl http://deployment-example.apps.159.69.38.201.xip.io
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Deployment Demonstration</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <style>
    HTML{height:100%;}
    BODY{font-family:Helvetica,Arial;display:flex;display:-webkit-flex;align-items:center;justify-content:center;-webkit-align-items:center;-webkit-box-align:center;-webkit-justify-content:center;height:100%;}
    .box{background:#006e9c;color:white;text-align:center;border-radius:10px;display:inline-block;}
    H1{font-size:10em;line-height:1.5em;margin:0 0.5em;}
    H2{margin-top:0;}
  </style>
</head>
<body>
<div class="box"><h1>v1</h1><h2></h2></div>
</body>
</html>

Note that we have used the FQDN <whatever>.159.69.38.201.xip.io. The domain …xip.io is a clever, dynamic domain that is resolving to the IP address 159.69.38.201. Therefore, any machine reaching the Internet will be able to access this service using this domain now. Let us try:

Access the App from the Internet

This is the expected output of the application. All in all, we are running a simple Docker image on OpenShift and the application is reachable from the Internet. Perfect.

Excellent!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.