OpenShift 4 is RedHat’s Platform as a Service (PaaS) offering. The system wraps around Kubernetes, and so some of the commands and terminology used refers to the underlying infrastructure. The system consists of deploying applications from images where we can easily recreate and scale up and down services. A service can consist of many different 'pods', which are instances of our application to permit distribution of load. For more information see What is Kubernetes?. For your coursework, you will have a single service running which will contain your API and have a single running pod.
Make sure that you fully complete the instructions listed here, up to the point where you must email Adam Booth ([email protected]) with your Route information!
Once you have completed the instructions here you should expect your OpenShift resources to be similar to the following image.
At this stage you should have the accounts setup and the required applications installed to deploy your application to OpenShift. If you are not currently at this stage please refer to the tutorial document.
Once your OpenShift account has been successfully provisioned (as mentioned above), you will have the option to access the web console.
This section of the tutorial only applies to students working on their own machines, not those provided by the university!
-
From here you can follow the instructions to install the
ocCLI for your platform
This section applies to all students
To login to oc navigate to the main OpenShift dashboard and select Copy Login Command from the account menu and paste it into cmd. This command contains your personal access token.
oc login --token=<HIDDEN> --server=https://api.sandbox-m2.ll9k.p1.openshiftapps.com:6443
Once logged in, OpenShift oc will automatically select your default developer project.
|
Important
|
To access the OpenShift CLI tool oc on University machines, navigate to Start → OpenShift → OpenShift CLI
|
Once you have completed these steps you should have successfully created an OpenShift account and installed and logged into the oc OpenShift CLI.
To permit OpenShift to access and view your private repositories, you must create a personal access token. This provides a secure method for an application to authenticate itself either over HTTPS calls or through use of the Git API.
-
Select 'Generate new token'
-
Provide the token with the
reposcope (Full control of private repositories), and give the token an appropriate description, such as 'OpenShift'
|
Important
|
Make sure you either copy the token or do not navigate away from this page for now! As GitHub states, you will only have access to the token while on that page |
We need to create a secret using this GitHub token, which we can then use to permit builds from our source code.
Assuming you are logged into the OpenShift CLI correctly (see section tutorial/Environment Setup), you can create a new secret using the following commands.
|
Note
|
Replace TOKEN with the GitHub token that you copied in the previous step
|
oc create secret generic github-secret --type=kubernetes.io/basic-auth --from-literal=password=TOKENoc secrets link builder secret/github-secretWe need to create a new JBoss EAP Image Stream by importing from the RedHat container registry. This will sit as a base for our application to be built on top of. The current latest version of this image stream can be found here. Run the command below to drag this image stream into the local namespace.
oc import-image my-eap-7/eap73-openjdk11 --from=registry.redhat.io/jboss-eap-7/eap73-openjdk11-openshift-rhel8 --confirmThe next stage is to create a new build using the JBoss EAP 7.3 image stream as a base with our application running on top of it. Use the command below to create a new build from your private repository. Make sure to change the link to the correct location of your repository. We provide the github-secret that we created prior to allow OpenShift to be able to pull code from our private repository!
oc new-build eap73-openjdk11~"https://github.com/NCL-CloudComputing/csc8104-<your-name>.git" --name=csc8104-build --to=csc8104-build-stream --source-secret=github-secret|
Note
|
Notice that we are creating a new image stream called csc8104-build-stream where our new builds will be placed, and we automatically trigger the first build. |
From the OpenShift web based developer console, access your build by navigating to Builds → csc8104-build.
From this location you can trigger new builds by selecting the Actions → Start Build button. This will automatically clone your source from the GitHub repository if set up correctly.
|
Tip
|
If you are working in a different branch to master you can adjust the Git Reference field to point to that branch |
|
Important
|
You can view the progress of the build by pressing Logs. This may be useful for debugging why your images do not build. |
Once our image builds successfully it is pushed to the image stream that we created, called csc8104-build-stream. Our most recent image is given the latest tag.
Now that we are successfully building our application into an image, we can create a deployment. This will create a new service and deploy a new container (pod) with our image running.
-
From the project overview within the developer console, click the +Add button.
-
Click the Container images option.
-
Select Image stream tag from internal registry.
-
Select the csc8104-build-stream in the Image Stream dropdown list.
-
Select latest in the Tag dropdown list.
-
Accept all defaults and ensure that Create a route to the Application is checked.
-
Click Create.
|
Tip
|
You can see the status of the current application by visiting the Project tab. |
|
Warning
|
You have been given access to create multiple pods to allow for rolling deployment. Please DO NOT scale your system to use multiple pods to run your application, otherwise rolling deployment will not work. |
To access the public URL given for your application, go to Project → Route and copy the Location value.
|
Important
|
Once you have completed this stage and have a link to the route for your service, please email Adam Booth ([email protected]) as soon as possible! I will append this to the document here, where you will be able to find links to your colleagues services for Part III |
|
Important
|
Your application may not be available as soon as you start your route. Navigate to Project → Pod → running pod → Logs to see the current output from JBoss EAP for your running service.
|
From here on out, updating your application is as simple as committing to your GitHub repository. You can Start a new build as before from navigating to the Builds section within the developer console and selecting your build. Then in the Actions menu, click Start Build. This will use your most recent version of source code on GitHub to create a new image and add this to the image stream with the latest tag. This then triggers the service to attempt a rolling deployment. For more information see here.
Due to using the OpenShift developer sandbox in the module, your services will be deallocated automatically after eight hours. Although these restrictions will be removed towards the end of the module, you will still need to redeploy your application when you are working on your coursework for part 1 and part 2.
To redeploy your application, go to Project → Deployment → csc8104-build-stream in OpenShift and press the up arrow once. This will automatically deploy a new pod for your application and will remain available for eight hours.
A demonstration of redeploying the application is provided here.