RedHatTraining/agnosticd.git

edit | blame | history | raw
ssh-copy-id kmendez-redhat.com@bastion.8828.openshiftworkshop.com
# Copy private git key to bastion
git clone git@github.com:kmendez-redhat/agnosticd.git

cd agnosticd/ansible

cp configs/openshift-demos/requirements.yml configs/ocp-workloads/

# Update configs/ocp-workloads/requirements.yml with siamaksude. prefix

ansible-playbook install_galaxy_roles.yml -e env_type=ocp-workloads


### SCRIPT START
GUID=8828
DOMAIN="cluster-${GUID}.${GUID}.openshiftworkshop.com"
#TARGET_HOST="bastion.$DOMAIN"
TARGET_HOST="localhost"
MASTER_HOSTNAME="master.$DOMAIN"
MASTER_HOSTNAME="ip-10-0-163-210.ec2.internal"
APPS_DOMAIN="apps.$DOMAIN"
OCP_USERNAME="opentlc-mgr"
#SSH_USER="kmendez-redhat.com"
SSH_USER="ec2-user"
#SSH_PRIVATE_KEY="ocp-workshop.pem"
SSH_PRIVATE_KEY="${GUID}key.pem"
# WORKLOAD SPECIFICS
WORKSHOP_PROJECT="ocp-workshop"
USER_PASSWORD="r3dh4t1!"
GOGS_PASSWORD="openshift"
NUM_USERS=10
ACTION=create
#ACTION=remove

WORKLOAD="ocp4-workload-security-compliance-lab"


# a TARGET_HOST is specified in the command line, without using an inventory file
ansible-playbook -i ${TARGET_HOST}, ./configs/ocp-workloads/ocp-workload.yml \
                 -e"ansible_ssh_private_key_file=~/.ssh/${SSH_PRIVATE_KEY}" \
                 -e"ansible_user=${SSH_USER}" \
                 -e"ocp_username=${OCP_USERNAME}" \
                 -e"ocp_workload=${WORKLOAD}" \
                 -e"guid=${GUID}" \
                 -e"ocp_user_needs_quota=true" \
                 -e"ocp_apps_domain=${APPS_DOMAIN}" \
                 -e"admin_project=${WORKSHOP_PROJECT}" \
                 -e"num_users=${NUM_USERS}" \
                 -e"user_password=${USER_PASSWORD}" \
                 -e"subdomain_base_suffix=${DOMAIN}"
                 -e"ACTION=${ACTION}"
### SCRIPT END


Manual Quay Configuration

1. Naviagate to http://quayecosystem-quay-quay-enterprise.apps.cluster-${GUID}.${GUID}.openshiftworkshop.com

2. Set database to quay, host is mysql.quay-mysql.svc, username quay, password quay

3. If you get an error after proceeding, refresh the page until it comes back

4. Wait for quay to indicate it is restarting

5. Revisit the above url

6. Create the quay superuser: 

   admin, nobody@nowhere.com, admin123

   If you get the error "Could not create superuser", refresh the page, select sign in button

8. login as admin/admin123

9. Enter the Redis Information and Click Save Configuration Changes.  Configuration will be Validated and Click Save Configuration.

- Redis Hostname: quayecosystem-redis
- Redis Port: 6379

10. Click Restart container.  Referesh the page after the container has restarted. Keep refreshing until the page comes back (you might get 502 errors before then)

11. Once restarted and refreshed, the installation should be complete.  Click `Super User Admin Panel` under the admin user menu in the upper right corner

12. Click Registry Settings at the left menu (gear icon)

13. Scroll down and Select "Enable Security Scanning" check mark under Security Scanner

14. Enter Security Scanner Endpoint of your clairsvc.  i.e. http://clairsvc:6060

15. Click Create Key

16. Select "Have the service provide a key" and click Start Approval.

- If Clair is not being responsive with providing a service key, restart Clair and try again. 
         oc scale rc/clair --replicas=0 -n quay-enterprise
         oc scale rc/clair --replicas=1 -n quay-enterprise

17. Save the configuration

18. Go to "Repositories" -> "Create New Repository" 

19. Name the repository "ecommerce".  Select "public"

20. Click "Create public repository"

21. Restart Quay (delete the pod)

22. Restart clair (scale to 0, then 1)

23. Refresh quay ui until a notification appears by the bell icon

24. Select notification, click approve keym enter admin password