commit | author | age
|
88c9f8
|
1 |
ssh-copy-id kmendez-redhat.com@bastion.8828.openshiftworkshop.com |
K |
2 |
# Copy private git key to bastion |
|
3 |
git clone git@github.com:kmendez-redhat/agnosticd.git |
|
4 |
|
|
5 |
cd agnosticd/ansible |
|
6 |
|
|
7 |
cp configs/openshift-demos/requirements.yml configs/ocp-workloads/ |
|
8 |
|
|
9 |
# Update configs/ocp-workloads/requirements.yml with siamaksude. prefix |
|
10 |
|
|
11 |
ansible-playbook install_galaxy_roles.yml -e env_type=ocp-workloads |
|
12 |
|
9e8f42
|
13 |
|
88c9f8
|
14 |
### SCRIPT START |
K |
15 |
GUID=8828 |
|
16 |
DOMAIN="cluster-${GUID}.${GUID}.openshiftworkshop.com" |
|
17 |
#TARGET_HOST="bastion.$DOMAIN" |
|
18 |
TARGET_HOST="localhost" |
|
19 |
MASTER_HOSTNAME="master.$DOMAIN" |
|
20 |
MASTER_HOSTNAME="ip-10-0-163-210.ec2.internal" |
|
21 |
APPS_DOMAIN="apps.$DOMAIN" |
|
22 |
OCP_USERNAME="opentlc-mgr" |
|
23 |
#SSH_USER="kmendez-redhat.com" |
|
24 |
SSH_USER="ec2-user" |
|
25 |
#SSH_PRIVATE_KEY="ocp-workshop.pem" |
|
26 |
SSH_PRIVATE_KEY="${GUID}key.pem" |
|
27 |
# WORKLOAD SPECIFICS |
|
28 |
WORKSHOP_PROJECT="ocp-workshop" |
|
29 |
USER_PASSWORD="r3dh4t1!" |
|
30 |
GOGS_PASSWORD="openshift" |
|
31 |
NUM_USERS=10 |
|
32 |
ACTION=create |
|
33 |
#ACTION=remove |
|
34 |
|
|
35 |
WORKLOAD="ocp4-workload-security-compliance-lab" |
|
36 |
|
|
37 |
|
|
38 |
# a TARGET_HOST is specified in the command line, without using an inventory file |
|
39 |
ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ |
|
40 |
-e"ansible_ssh_private_key_file=~/.ssh/${SSH_PRIVATE_KEY}" \ |
|
41 |
-e"ansible_user=${SSH_USER}" \ |
|
42 |
-e"ocp_username=${OCP_USERNAME}" \ |
|
43 |
-e"ocp_workload=${WORKLOAD}" \ |
|
44 |
-e"guid=${GUID}" \ |
|
45 |
-e"ocp_user_needs_quota=true" \ |
|
46 |
-e"ocp_apps_domain=${APPS_DOMAIN}" \ |
|
47 |
-e"admin_project=${WORKSHOP_PROJECT}" \ |
9e8f42
|
48 |
-e"num_users=${NUM_USERS}" \ |
88c9f8
|
49 |
-e"user_password=${USER_PASSWORD}" \ |
9e8f42
|
50 |
-e"subdomain_base_suffix=${DOMAIN}" |
88c9f8
|
51 |
-e"ACTION=${ACTION}" |
K |
52 |
### SCRIPT END |
|
53 |
|
|
54 |
|
|
55 |
Manual Quay Configuration |
|
56 |
|
|
57 |
1. Naviagate to http://quayecosystem-quay-quay-enterprise.apps.cluster-${GUID}.${GUID}.openshiftworkshop.com |
|
58 |
|
|
59 |
2. Set database to quay, host is mysql.quay-mysql.svc, username quay, password quay |
|
60 |
|
|
61 |
3. If you get an error after proceeding, refresh the page until it comes back |
|
62 |
|
|
63 |
4. Wait for quay to indicate it is restarting |
|
64 |
|
|
65 |
5. Revisit the above url |
|
66 |
|
|
67 |
6. Create the quay superuser: |
|
68 |
|
|
69 |
admin, nobody@nowhere.com, admin123 |
|
70 |
|
|
71 |
If you get the error "Could not create superuser", refresh the page, select sign in button |
|
72 |
|
|
73 |
8. login as admin/admin123 |
|
74 |
|
|
75 |
9. Enter the Redis Information and Click Save Configuration Changes. Configuration will be Validated and Click Save Configuration. |
|
76 |
|
|
77 |
- Redis Hostname: quayecosystem-redis |
|
78 |
- Redis Port: 6379 |
|
79 |
|
|
80 |
10. Click Restart container. Referesh the page after the container has restarted. Keep refreshing until the page comes back (you might get 502 errors before then) |
|
81 |
|
|
82 |
11. Once restarted and refreshed, the installation should be complete. Click `Super User Admin Panel` under the admin user menu in the upper right corner |
|
83 |
|
|
84 |
12. Click Registry Settings at the left menu (gear icon) |
|
85 |
|
|
86 |
13. Scroll down and Select "Enable Security Scanning" check mark under Security Scanner |
|
87 |
|
|
88 |
14. Enter Security Scanner Endpoint of your clairsvc. i.e. http://clairsvc:6060 |
|
89 |
|
|
90 |
15. Click Create Key |
|
91 |
|
|
92 |
16. Select "Have the service provide a key" and click Start Approval. |
|
93 |
|
|
94 |
- If Clair is not being responsive with providing a service key, restart Clair and try again. |
|
95 |
oc scale rc/clair --replicas=0 -n quay-enterprise |
|
96 |
oc scale rc/clair --replicas=1 -n quay-enterprise |
|
97 |
|
|
98 |
17. Save the configuration |
|
99 |
|
|
100 |
18. Go to "Repositories" -> "Create New Repository" |
|
101 |
|
|
102 |
19. Name the repository "ecommerce". Select "public" |
|
103 |
|
|
104 |
20. Click "Create public repository" |
|
105 |
|
|
106 |
21. Restart Quay (delete the pod) |
|
107 |
|
|
108 |
22. Restart clair (scale to 0, then 1) |
|
109 |
|
|
110 |
23. Refresh quay ui until a notification appears by the bell icon |
|
111 |
|
|
112 |
24. Select notification, click approve keym enter admin password |
|
113 |
|