| commit | author | age | ||
| 88c9f8 | 1 | ssh-copy-id kmendez-redhat.com@bastion.8828.openshiftworkshop.com |
| K | 2 | # Copy private git key to bastion |
| 3 | git clone git@github.com:kmendez-redhat/agnosticd.git | |
| 4 | ||
| 5 | cd agnosticd/ansible | |
| 6 | ||
| 7 | cp configs/openshift-demos/requirements.yml configs/ocp-workloads/ | |
| 8 | ||
| 9 | # Update configs/ocp-workloads/requirements.yml with siamaksude. prefix | |
| 10 | ||
| 11 | ansible-playbook install_galaxy_roles.yml -e env_type=ocp-workloads | |
| 12 | ||
| 9e8f42 | 13 | |
| 88c9f8 | 14 | ### SCRIPT START |
| K | 15 | GUID=8828 |
| 16 | DOMAIN="cluster-${GUID}.${GUID}.openshiftworkshop.com" | |
| 17 | #TARGET_HOST="bastion.$DOMAIN" | |
| 18 | TARGET_HOST="localhost" | |
| 19 | MASTER_HOSTNAME="master.$DOMAIN" | |
| 20 | MASTER_HOSTNAME="ip-10-0-163-210.ec2.internal" | |
| 21 | APPS_DOMAIN="apps.$DOMAIN" | |
| 22 | OCP_USERNAME="opentlc-mgr" | |
| 23 | #SSH_USER="kmendez-redhat.com" | |
| 24 | SSH_USER="ec2-user" | |
| 25 | #SSH_PRIVATE_KEY="ocp-workshop.pem" | |
| 26 | SSH_PRIVATE_KEY="${GUID}key.pem" | |
| 27 | # WORKLOAD SPECIFICS | |
| 28 | WORKSHOP_PROJECT="ocp-workshop" | |
| 29 | USER_PASSWORD="r3dh4t1!" | |
| 30 | GOGS_PASSWORD="openshift" | |
| 31 | NUM_USERS=10 | |
| 32 | ACTION=create | |
| 33 | #ACTION=remove | |
| 34 | ||
| 35 | WORKLOAD="ocp4-workload-security-compliance-lab" | |
| 36 | ||
| 37 | ||
| 38 | # a TARGET_HOST is specified in the command line, without using an inventory file | |
| 39 | ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \ | |
| 40 | -e"ansible_ssh_private_key_file=~/.ssh/${SSH_PRIVATE_KEY}" \ | |
| 41 | -e"ansible_user=${SSH_USER}" \ | |
| 42 | -e"ocp_username=${OCP_USERNAME}" \ | |
| 43 | -e"ocp_workload=${WORKLOAD}" \ | |
| 44 | -e"guid=${GUID}" \ | |
| 45 | -e"ocp_user_needs_quota=true" \ | |
| 46 | -e"ocp_apps_domain=${APPS_DOMAIN}" \ | |
| 47 | -e"admin_project=${WORKSHOP_PROJECT}" \ | |
| 9e8f42 | 48 | -e"num_users=${NUM_USERS}" \ |
| 88c9f8 | 49 | -e"user_password=${USER_PASSWORD}" \ |
| 9e8f42 | 50 | -e"subdomain_base_suffix=${DOMAIN}" |
| 88c9f8 | 51 | -e"ACTION=${ACTION}" |
| K | 52 | ### SCRIPT END |
| 53 | ||
| 54 | ||
| 55 | Manual Quay Configuration | |
| 56 | ||
| 57 | 1. Naviagate to http://quayecosystem-quay-quay-enterprise.apps.cluster-${GUID}.${GUID}.openshiftworkshop.com | |
| 58 | ||
| 59 | 2. Set database to quay, host is mysql.quay-mysql.svc, username quay, password quay | |
| 60 | ||
| 61 | 3. If you get an error after proceeding, refresh the page until it comes back | |
| 62 | ||
| 63 | 4. Wait for quay to indicate it is restarting | |
| 64 | ||
| 65 | 5. Revisit the above url | |
| 66 | ||
| 67 | 6. Create the quay superuser: | |
| 68 | ||
| 69 | admin, nobody@nowhere.com, admin123 | |
| 70 | ||
| 71 | If you get the error "Could not create superuser", refresh the page, select sign in button | |
| 72 | ||
| 73 | 8. login as admin/admin123 | |
| 74 | ||
| 75 | 9. Enter the Redis Information and Click Save Configuration Changes. Configuration will be Validated and Click Save Configuration. | |
| 76 | ||
| 77 | - Redis Hostname: quayecosystem-redis | |
| 78 | - Redis Port: 6379 | |
| 79 | ||
| 80 | 10. Click Restart container. Referesh the page after the container has restarted. Keep refreshing until the page comes back (you might get 502 errors before then) | |
| 81 | ||
| 82 | 11. Once restarted and refreshed, the installation should be complete. Click `Super User Admin Panel` under the admin user menu in the upper right corner | |
| 83 | ||
| 84 | 12. Click Registry Settings at the left menu (gear icon) | |
| 85 | ||
| 86 | 13. Scroll down and Select "Enable Security Scanning" check mark under Security Scanner | |
| 87 | ||
| 88 | 14. Enter Security Scanner Endpoint of your clairsvc. i.e. http://clairsvc:6060 | |
| 89 | ||
| 90 | 15. Click Create Key | |
| 91 | ||
| 92 | 16. Select "Have the service provide a key" and click Start Approval. | |
| 93 | ||
| 94 | - If Clair is not being responsive with providing a service key, restart Clair and try again. | |
| 95 | oc scale rc/clair --replicas=0 -n quay-enterprise | |
| 96 | oc scale rc/clair --replicas=1 -n quay-enterprise | |
| 97 | ||
| 98 | 17. Save the configuration | |
| 99 | ||
| 100 | 18. Go to "Repositories" -> "Create New Repository" | |
| 101 | ||
| 102 | 19. Name the repository "ecommerce". Select "public" | |
| 103 | ||
| 104 | 20. Click "Create public repository" | |
| 105 | ||
| 106 | 21. Restart Quay (delete the pod) | |
| 107 | ||
| 108 | 22. Restart clair (scale to 0, then 1) | |
| 109 | ||
| 110 | 23. Refresh quay ui until a notification appears by the bell icon | |
| 111 | ||
| 112 | 24. Select notification, click approve keym enter admin password | |
| 113 | ||
