2019-12-16 19:52:38 +03:00
# Deploy development RP
2019-12-28 21:52:43 +03:00
## Prerequisites
2019-12-16 19:52:38 +03:00
2021-03-22 17:48:48 +03:00
1. Your development environment is prepared according to the steps outlined in [Prepare Your Dev Environment ](./prepare-your-dev-environment.md )
2020-03-31 09:23:32 +03:00
## Installing the extension
1. Build the development `az aro` extension:
`make az`
1. Verify that the ARO extension path is in your `az` configuration:
```bash
grep -q 'dev_sources' ~/.azure/config || cat >>~/.azure/config < < EOF
[extension]
dev_sources = $PWD/python
EOF
```
1. Verify the ARO extension is registered:
```bash
az -v
...
Extensions:
2020-04-14 21:17:44 +03:00
aro 0.4.0 (dev) /path/to/rp/python/az/aro
2020-03-31 09:23:32 +03:00
...
Development extension sources:
/path/to/rp/python
...
```
Note: you will be able to update your development `az aro` extension in the
future by simply running `git pull` .
## Prepare your environment
2020-02-27 16:35:25 +03:00
1. If you don't have access to a shared development environment and secrets,
follow [prepare a shared RP development
2020-01-09 14:07:38 +03:00
environment](prepare-a-shared-rp-development-environment.md).
2019-12-16 19:52:38 +03:00
2023-02-15 02:06:44 +03:00
1. If you have multiple subscriptions in your account, verify that "ARO SRE Team - InProgress (EA Subscription 2)" is your active subscription:
```bash
az account set --subscription "ARO SRE Team - InProgress (EA Subscription 2)"
```
2020-02-27 16:35:25 +03:00
1. Set SECRET_SA_ACCOUNT_NAME to the name of the storage account containing your
shared development environment secrets and save them in `secrets` :
```bash
2022-04-21 00:11:56 +03:00
SECRET_SA_ACCOUNT_NAME=rharosecretsdev make secrets
2020-02-27 16:35:25 +03:00
```
2019-12-16 19:52:38 +03:00
2019-12-28 21:52:43 +03:00
1. Copy, edit (if necessary) and source your environment file. The required
environment variable configuration is documented immediately below:
2019-12-16 19:52:38 +03:00
2020-02-27 16:35:25 +03:00
```bash
2019-12-16 19:52:38 +03:00
cp env.example env
vi env
. ./env
```
2020-03-31 09:23:32 +03:00
* `LOCATION` : Location of the shared RP development environment (default:
2019-12-28 21:52:43 +03:00
`eastus` ).
2020-03-31 09:23:32 +03:00
* `RP_MODE` : Set to `development` to use a development RP running at
https://localhost:8443/.
2019-12-16 19:52:38 +03:00
2019-12-28 21:52:43 +03:00
1. Create your own RP database:
2019-12-16 19:52:38 +03:00
2020-02-27 16:35:25 +03:00
```bash
2020-06-18 23:32:46 +03:00
az deployment group create \
2019-12-27 02:25:08 +03:00
-g "$RESOURCEGROUP" \
2019-12-28 21:52:43 +03:00
-n "databases-development-$USER" \
2022-07-12 21:32:12 +03:00
--template-file pkg/deploy/assets/databases-development.json \
2019-12-27 02:25:08 +03:00
--parameters \
2020-11-18 01:10:02 +03:00
"databaseAccountName=$DATABASE_ACCOUNT_NAME" \
2019-12-28 21:52:43 +03:00
"databaseName=$DATABASE_NAME" \
>/dev/null
2019-12-16 19:52:38 +03:00
```
2019-12-28 21:52:43 +03:00
## Run the RP and create a cluster
2019-12-16 19:52:38 +03:00
2019-12-28 21:52:43 +03:00
1. Source your environment file.
2019-12-16 19:52:38 +03:00
2020-02-27 16:35:25 +03:00
```bash
2019-12-28 21:52:43 +03:00
. ./env
2019-12-16 19:52:38 +03:00
```
1. Run the RP
2020-02-27 16:35:25 +03:00
```bash
2021-08-26 17:17:38 +03:00
make runlocal-rp
2019-12-16 19:52:38 +03:00
```
2020-10-26 22:33:20 +03:00
1. To create a cluster, EITHER follow the instructions in [Create, access, and
manage an Azure Red Hat OpenShift 4.3 Cluster][1]. Note that as long as the
2020-03-31 09:23:32 +03:00
`RP_MODE` environment variable is set to `development` , the `az aro` client
will connect to your local RP.
2020-10-26 22:33:20 +03:00
OR use the create utility:
```bash
2022-05-16 09:48:31 +03:00
CLUSTER=< cluster-name > go run ./hack/cluster create
2020-10-26 22:33:20 +03:00
```
Later the cluster can be deleted as follows:
```bash
2022-05-16 09:48:31 +03:00
CLUSTER=< cluster-name > go run ./hack/cluster delete
2020-10-26 22:33:20 +03:00
```
2022-07-08 00:53:51 +03:00
By default, a public cluster will be created. In order to create a private cluster, set the `PRIVATE_CLUSTER` environment variable to `true` prior to creation. Internet access from the cluster can also be restricted by setting the `NO_INTERNET` environment variable to `true` .
2020-05-15 17:02:47 +03:00
[1]: https://docs.microsoft.com/en-us/azure/openshift/tutorial-create-cluster
2019-12-16 19:52:38 +03:00
1. The following additional RP endpoints are available but not exposed via `az
aro`:
* Delete a subscription, cascading deletion to all its clusters:
2020-02-27 16:35:25 +03:00
```bash
2019-12-16 19:52:38 +03:00
curl -k -X PUT \
-H 'Content-Type: application/json' \
-d '{"state": "Deleted", "properties": {"tenantId": "'"$AZURE_TENANT_ID"'"}}' \
"https://localhost:8443/subscriptions/$AZURE_SUBSCRIPTION_ID?api-version=2.0"
```
* List operations:
2020-02-27 16:35:25 +03:00
```bash
2019-12-16 19:52:38 +03:00
curl -k \
2020-04-01 03:51:28 +03:00
"https://localhost:8443/providers/Microsoft.RedHatOpenShift/operations?api-version=2020-04-30"
2019-12-16 19:52:38 +03:00
```
2020-06-17 06:04:10 +03:00
* View RP logs in a friendly format:
```bash
journalctl _COMM=aro -o json --since "15 min ago" -f | jq -r 'select (.COMPONENT != null and (.COMPONENT | contains("access"))|not) | .MESSAGE'
```
2021-12-27 07:07:33 +03:00
2022-08-29 10:48:02 +03:00
## Automatically run local RP
If you are already familiar with running the ARO RP locally, you can speed up the process executing the [local_dev_env.sh ](../hack/devtools/local_dev_env.sh ) script.
2023-01-27 14:09:25 +03:00
## Connect ARO-RP with a Hive development cluster
The env variables names defined in pkg/util/liveconfig/manager.go control the communication of the ARO-RP with Hive.
- If you want to use ARO-RP + Hive, set *HIVE_KUBE_CONFIG_PATH* to the path of the kubeconfig of the AKS Dev cluster. [Info ](https://github.com/Azure/ARO-RP/blob/master/docs/deploy-development-rp.md#debugging-openshift-cluster ) about creating that kubeconfig (Step *Get an admin kubeconfig:* ).
- If you want to create clusters using the local ARO-RP + Hive instead of doing the standard cluster creation process (which doesn't use Hive), set *ARO_INSTALL_VIA_HIVE* to *true* .
- If you want to enable the Hive adoption feature (which is performed during adminUpdate()), set *ARO_ADOPT_BY_HIVE* to *true* .
After setting the above environment variables (using *export* direclty in the terminal or including them in the *env* file), connect to the [VPN ](https://github.com/Azure/ARO-RP/blob/master/docs/deploy-development-rp.md#debugging-aks-cluster ) (*Connect to the VPN* section).
Then proceed to [run ](https://github.com/Azure/ARO-RP/blob/master/docs/deploy-development-rp.md#run-the-rp-and-create-a-cluster ) the ARO-RP as usual.
After that, when you [create ](https://github.com/Azure/ARO-RP/blob/master/docs/deploy-development-rp.md#run-the-rp-and-create-a-cluster ) a cluster, you will be using Hive behind the scenes. You can check the created Hive objects following [Debugging OpenShift Cluster ](https://github.com/Azure/ARO-RP/blob/master/docs/deploy-development-rp.md#debugging-openshift-cluster ) and using the *oc* command.
2022-01-06 11:49:40 +03:00
## Make Admin-Action API call(s) to a running local-rp
2021-12-27 07:07:33 +03:00
```bash
export CLUSTER=< cluster-name >
export AZURE_SUBSCRIPTION_ID=< subscription-id >
export RESOURCEGROUP=< resource-group-name >
[OR]
. ./env
```
* Perform AdminUpdate on a dev cluster
```bash
curl -X PATCH -k "https://localhost:8443/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER?api-version=admin" --header "Content-Type: application/json" -d "{}"
```
2022-03-15 22:22:18 +03:00
* Get Cluster details of a dev cluster
2021-12-27 07:07:33 +03:00
```bash
curl -X GET -k "https://localhost:8443/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER?api-version=admin" --header "Content-Type: application/json" -d "{}"
```
* Get SerialConsole logs of a VM of dev cluster
```bash
VMNAME="aro-cluster-qplnw-master-0"
curl -X GET -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/serialconsole?vmName=$VMNAME" --header "Content-Type: application/json" -d "{}"
```
2023-01-16 16:09:49 +03:00
* Redeploy a VM in a dev cluster
2022-07-19 12:06:54 +03:00
```bash
VMNAME="aro-cluster-qplnw-master-0"
curl -X POST -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/redeployvm?vmName=$VMNAME" --header "Content-Type: application/json" -d "{}"
```
2023-01-16 16:09:49 +03:00
* Stop a VM in a dev cluster
2022-07-21 17:38:03 +03:00
```bash
VMNAME="aro-cluster-qplnw-master-0"
curl -X POST -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/stopvm?vmName=$VMNAME" --header "Content-Type: application/json" -d "{}"
```
2023-01-16 16:09:49 +03:00
* Stop and deallocate a VM in a dev cluster
```bash
VMNAME="aro-cluster-qplnw-master-0"
curl -X POST -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/stopvm?vmName=$VMNAME" --header "Content-Type: application/json" -d "{}"
```
* Start a VM in a dev cluster
2022-07-21 17:38:03 +03:00
```bash
VMNAME="aro-cluster-qplnw-master-0"
curl -X POST -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/startvm?vmName=$VMNAME" --header "Content-Type: application/json" -d "{}"
```
* List VM Resize Options for a master node of dev cluster
```bash
curl -X GET -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/skus" --header "Content-Type: application/json" -d "{}"
```
2022-09-12 19:01:31 +03:00
* Resize master node of a dev cluster
2022-07-21 17:38:03 +03:00
```bash
VMNAME="aro-cluster-qplnw-master-0"
VMSIZE="Standard_D16s_v3"
curl -X POST -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/resize?vmName=$VMNAME& vmSize=$VMSIZE" --header "Content-Type: application/json" -d "{}"
```
2021-12-27 07:07:33 +03:00
* List Clusters of a local-rp
```bash
curl -X GET -k "https://localhost:8443/admin/providers/microsoft.redhatopenshift/openshiftclusters"
```
* List cluster Azure Resources of a dev cluster
```bash
curl -X GET -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/resources"
```
* Perform Cluster Upgrade on a dev cluster
```bash
curl -X POST -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/upgrade"
```
2019-12-16 19:56:29 +03:00
2022-06-02 12:56:07 +03:00
* Get container logs from an OpenShift pod in a cluster
```bash
NAMESPACE=< namespace-name >
POD=< pod-name >
CONTAINER=< container-name >
curl -X GET -k "https://localhost:8443/admin/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/kubernetespodlogs?podname=$POD& namespace=$NAMESPACE& container=$CONTAINER"
```
2022-09-20 17:38:32 +03:00
## OpenShift Version
2022-09-20 18:55:23 +03:00
* We have a cosmos container which contains supported installable OCP versions, more information on the definition in `pkg/api/openshiftversion.go` .
2022-09-20 17:38:32 +03:00
* Admin - List OpenShift installation versions
```bash
curl -X GET -k "https://localhost:8443/admin/versions"
```
* Admin - Put a new OpenShift installation version
```bash
curl -X PUT -k "https://localhost:8443/admin/versions" --header "Content-Type: application/json" -d '{ "properties": { "version": "4.10.0", "enabled": true, "openShiftPullspec": "test.com/a:b", "installerPullspec": "test.com/a:b" }}'
```
* List the enabled OpenShift installation versions within a region
```bash
2022-10-05 21:02:28 +03:00
curl -X GET -k "https://localhost:8443/subscriptions/$AZURE_SUBSCRIPTION_ID/providers/Microsoft.RedHatOpenShift/locations/$LOCATION/openshiftversions?api-version=2022-09-04"
2022-09-20 17:38:32 +03:00
```
2022-09-20 18:55:23 +03:00
2022-07-22 22:34:34 +03:00
## OpenShift Cluster Manager (OCM) Configuration API Actions
* Create a new OCM configuration
* You can find example payloads in the projects `./hack/ocm` folder.
```bash
2022-09-07 04:45:12 +03:00
curl -X PUT -k "https://localhost:8443/subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$RESOURCEGROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/syncsets/mySyncSet?api-version=2022-09-04" --header "Content-Type: application/json" -d @./hack/ocm/syncset.b64
2022-07-22 22:34:34 +03:00
2022-09-20 17:38:32 +03:00
2022-05-17 12:56:48 +03:00
## Debugging OpenShift Cluster
2019-12-16 19:52:38 +03:00
2019-12-20 21:43:52 +03:00
* SSH to the bootstrap node:
2020-11-06 20:52:12 +03:00
> __NOTE:__ If you have a password-based `sudo` command, you must first authenticate before running `sudo` in the background
2020-02-27 16:35:25 +03:00
```bash
2019-12-31 20:33:44 +03:00
sudo openvpn secrets/vpn-$LOCATION.ovpn &
2020-11-06 20:52:12 +03:00
CLUSTER=cluster hack/ssh-agent.sh bootstrap
2019-12-20 21:43:52 +03:00
```
2019-12-16 19:52:38 +03:00
* Get an admin kubeconfig:
2020-02-27 16:35:25 +03:00
```bash
2020-11-06 20:52:12 +03:00
CLUSTER=cluster make admin.kubeconfig
2019-12-16 19:52:38 +03:00
export KUBECONFIG=admin.kubeconfig
```
2019-12-20 21:43:52 +03:00
* "SSH" to a cluster node:
2019-12-16 19:52:38 +03:00
Ssh docs/examples , PR template update (#1446)
* Fix -> remove the dash, valid names are master0,master1,master2, but not master-0,master-1,master-2
* Add more information, show example with nodes, show multiple ways to ssh to a worker node
* Change VSTS to ADO because that is the tool we use now
* Add an additional example of connecting to a worker
* respected->respective, english is hard
2021-04-19 13:36:36 +03:00
* Get the admin kubeconfig and `export KUBECONFIG` as detailed above.
* Run the ssh-agent.sh script. This takes the argument is the name of the NIC attached to the VM you are trying to ssh to.
* Given the following nodes these commands would be used to connect to the respective node
```
$ oc get nodes
NAME STATUS ROLES AGE VERSION
aro-dev-abc123-master-0 Ready master 47h v1.19.0+2f3101c
aro-dev-abc123-master-1 Ready master 47h v1.19.0+2f3101c
aro-dev-abc123-master-2 Ready master 47h v1.19.0+2f3101c
aro-dev-abc123-worker-eastus1-2s5rb Ready worker 47h v1.19.0+2f3101c
aro-dev-abc123-worker-eastus2-php82 Ready worker 47h v1.19.0+2f3101c
aro-dev-abc123-worker-eastus3-cbqs2 Ready worker 47h v1.19.0+2f3101c
CLUSTER=cluster hack/ssh-agent.sh master0 # master node aro-dev-abc123-master-0
CLUSTER=cluster hack/ssh-agent.sh aro-dev-abc123-worker-eastus1-2s5rb # worker aro-dev-abc123-worker-eastus1-2s5rb
CLUSTER=cluster hack/ssh-agent.sh eastus1 # worker aro-dev-abc123-worker-eastus1-2s5rb
CLUSTER=cluster hack/ssh-agent.sh 2s5rb # worker aro-dev-abc123-worker-eastus1-2s5rb
CLUSTER=cluster hack/ssh-agent.sh bootstrap # the bootstrap node used to provision cluster
```
2020-03-31 09:23:32 +03:00
2022-05-17 12:56:48 +03:00
# Debugging AKS Cluster
* Connect to the VPN:
To access the cluster for oc / kubectl or SSH'ing into the cluster you need to connect to the VPN first.
> __NOTE:__ If you have a password-based `sudo` command, you must first authenticate before running `sudo` in the background
```bash
sudo openvpn secrets/vpn-aks-$LOCATION.ovpn &
```
* Access the cluster via API (oc / kubectl):
```bash
make aks.kubeconfig
export KUBECONFIG=aks.kubeconfig
$ oc get nodes
NAME STATUS ROLES AGE VERSION
aks-systempool-99744725-vmss000000 Ready agent 9h v1.23.5
aks-systempool-99744725-vmss000001 Ready agent 9h v1.23.5
aks-systempool-99744725-vmss000002 Ready agent 9h v1.23.5
```
* "SSH" into a cluster node:
* Run the ssh-aks.sh script, specifying the cluster name and the node number of the VM you are trying to ssh to.
```
hack/ssk-aks.sh aro-aks-cluster 0 # The first VM node in 'aro-aks-cluster'
hack/ssk-aks.sh aro-aks-cluster 1 # The second VM node in 'aro-aks-cluster'
hack/ssk-aks.sh aro-aks-cluster 2 # The third VM node in 'aro-aks-cluster'
```
2022-06-02 10:52:50 +03:00
* Access via Azure Portal
2022-07-12 21:32:12 +03:00
Due to the fact that the AKS cluster is private, you need to be connected to the VPN in order to view certain AKS cluster properties, because the UI interrogates k8s via the VPN.
2022-06-02 10:52:50 +03:00
2020-01-08 19:39:44 +03:00
### Metrics
To run fake metrics socket:
2020-02-27 16:35:25 +03:00
```bash
2020-03-26 06:59:46 +03:00
go run ./hack/monitor
2020-01-08 19:39:44 +03:00
```