Blog & Insights
- Home
- Blog & Insights
Listed below are some great events coming up that you should check out! MSP Ansible Meetup – local, in person meetup this Thursday, 8/19. Great opportunity to meet and talk shop with local Ansible users. https://www.meetup.com/Ansible-Minneapolis/events/ Ansiblefest 2021 – 9/29 – 9/30: The yearly Ansible conference, online this year. Learn more at: https://www.redhat.com/en/events/ansiblefest-2021 Red Hat Automation for you, beginners… Aug 17th: https://www.redhat.com/en/events/webinar/automation-for-you-beginners-experts-and-everyone-else Shift Left Container Security 8/19 (AWS & McAfee) & Cloud Native Application Protection Workshop (8/26): Microsoft Azure Virtual Training: Migrating on-prem infrastructure: 9/2 and 9/3: https://mktoevents.com/Microsoft+Event/287240/157-GQE-382 Kong Summit – 9/27-9/29: https://konghq.com/kong-summit/ Accelerating Digital Transformation (On Demand): Rancher Desktop: Kubernetes & Container Management: 8/18 https://more.suse.com/RancherAug2021OnlineMeetup.html Spring is here and while we're all clamoring to get outside and enjoy some fresh air spring is also conference season and there are some great events you should check out. Red Hat Virtual Summit - 4/27-4/29 This is Red Hat's major yearly event. In happier time this event switches between coasts every other year, historically alternating between Boston and San Francisco. The event was held virtually last week, but if you missed it, no problem. You can register and view all of the great sessions and presentations on demand here: https://www.redhat.com/en/summit HashiCorp & Cisco 5/4: Making application-centric infrastructure a reality with Cisco ACI and HashiCorp Consul 5/4: This is a joint webinar between HashiCorp & Cisco and Highlights using Consul (a service mesh) with Cisco ACI. This is a good session for anyone interested in how these solutions can work well together in your environment. If you're interested register here: AWS Virtual Workshop: Cloud and Hybrid Operations Best Practices in a Modern Enterprise 5/10-14: AWS hosts tons and tons of events every month. This workshop is especially relevant for anyone that is using AWS but would like to know more about best practices for hybrid operations. Register at the link below: https://pages.awscloud.com/AWS-Virtual-Workshop_2021_VW_s14-MGT.html?trk=ep_card-el_a134p000006vlZJAAY&trkCampaign=2021_VW_s14-MGT&sc_channel=el&sc_campaign=pac_Q2-2021_exlinks_events_VW_14&sc_outcome=Product_Adoption_Campaigns&sc_geo=NAMER&sc_country=mult ServiceNow Knowledge 2021 5/11: ServiceNow's Knowledge is the event to attend if you're interested in all things ServiceNow and Service Management. Like the other major conferences this one is virtual and free to attend this year. Register at the link below and build your session agenda. https://knowledge.servicenow.com/ Achieving Security Goals with Vault and AWS 5/20: We frequently work with our clients to evaluate what in-cloud services they should use vs cloud agnostic solutions like Vault. This session with AWS and HashiCorp details how to use Vault in conjunction with AWS services to achieve robust cloud security. Register at the link below: https://www.brighttalk.com/webinar/achieving-security-goals-with-vault-and-aws/ Azure Webinar Series: K8s on Azure: Lessons from Real-World Deployments: 5/18 An upcoming webinar from Microsoft focused on real-world deployments of kubernetes workloads on Azure. This is a great opportunity to learn and ask your questions around deploying workloads into Azure. https://info.microsoft.com/ww-landing-kubernetes-on-azure-lessons-from-real-world-deployments.html Hey everyone! I hope you're staying warm through this historic cold snap. There's no better time than the present to stay indoors and check out some upcoming virtual tech events. The first event I'd like to mention is coming up this Thursday, Feb 18th, 2021. It's the Open Source North Speaker Series. It's free to attend but you need to register in advance. Here's a look at this Thursday's speaker agenda: Open Source North Speaker Series Thursday, February 18, 12:00 - 1:00 PM CST For details on each presentation and speaker - AND TO REGISTER, please visit https://opensourcenorth.com/speaker-series The next event I want to mention is an event coming up with the CTO of Kong , Marco Palladino. Marco is a dynamic speaker and excellent CTO, always a fun, informative watch. Kong - Automatic Observability With Service Mesh Friday, February 26, 11:00 - 12:00 PM CT Key takeaways: To register go here: Register Now The last event I want to draw your attention to this month is focused on the OpenShift Developer Sandbox hosted by Red Hat DevNation during which you will create an account an OpenShift cluster and deploy a sample app. The dev cluster will be available for you to use thereafter for 14 days. OpenShift Developer Sandbox Thursday, February 18, 11:00 - 12:00 PM CST Have you heard of the new OpenShift Developer Sandbox? Join this DevNation Tech Talk where you will be guided through the process of creating an account, creating/configuring your Developer Sandbox cluster, and deploying a sample application on OpenShift. Your OpenShift cluster will be available for your use for 14 days. If you've ever wanted to test out OpenShift, this is your chance to do it! Produced by the Red Hat Developer team, DevNation Tech Talks are live discussions led by the Red Hat technologists who create our products. Sessions include real solutions and code to help you build with open source, plus sample projects, robust discussion, and live Q&A to help you get started. Are you new to DevNation Tech Talks? See what you've missed. To register for this event go here: Register for the OpenShift Sandbox Tech Talk In this post we'll briefly explore the history of the Opsware automation portfolio and talk about modern equivalents and replacements you should be considering. A Brief History of Opsware Let’s start with defining what we are talking about in today's blog. I'm focusing specifically on the IT datacenter automation software, namely: Cloud Service Automation (CSA), Server Automation (SA), Network Automation (NA), and Operations Orchestration (OO) - a product which once had the acronym HPOO… you can't make it up! If we allow ourselves to hop in the way back machine, the story starts with a Bay Area startup called Loudcloud which was founded by Ben Horowitz and Marc Andreesen in 1999. Loudcloud was an infrastructure and application hosting company and developed really cool management software to manage its clients' IT infrastructure. The company went public in 2001. In 2002 Loudcloud sold its managed services business to EDS. (Ed. note: EDS briefly became HP ES in an acquisition on its ultimate voyage into the sun and to a merger with CSC, the joint company becoming known as DXC Technology in 2017.) Loudcloud rebranded as an enterprise software company called Opsware that focused on developing and selling its IT datacenter lifecycle management software. In 2007 Opsware was acquired by HP Software. In 2017 HP sold the software business to Micro Focus. This software that Loudcloud / Opsware built back in the late 1990 / early 2000s is the aforementioned suite of automation software, specifically: Server Automation (System), Network Automation (System), and Process Automation (System) - all of which were rebranded slightly after the 2007 acquisition by HP Software. So other than exercising some knowledge on the history of the software, why mention all of this? It's because it is truly old tech. It's been upgraded and expanded and rewritten since the early days, but it is still that kind of old school top-down management interface for IT environments with more modern amenities like the ability to write automation in YAML stapled to the side of it. At their peak these software solutions were used to manage tens of thousands of operating systems, network devices, and to automate endpoints leveraging an agent-based architecture. And it wasn't cheap! Solutions like Server Automation, Operations Orchestration and other similar market offerings (anyone remember BMC Bladelogic, now TrueSight?) were closed-source and partially responsible for the explosion of enterprise open source software. Sales teams had a number back then, if your device count was smaller than that number they knew there was no business case for you to evaluate that type of software - you just couldn't get there. A good chunk of mid-market and large, but not large-enough, IT enterprises were left with no good enterprise automation solutions. What Else Is Out There? So what happens? People start looking for (and building) their own solutions in the mid-2000s. Open source solutions start getting community adoption and IT staff are able to go way beyond things like CFEngine and are starting to adopt solutions like Chef and Puppet and learn more modern languages like Ruby. Chef and Puppet provide an early example of how to build a userbase on open source software but quickly realize no one wants to suddenly pay for things they'd been previously given for free. Licensing models change, some products go open core and paywall subsequently developed features. Far more recently, that is, in the last 10 years (geez, I am getting old)open source software supporting modern software development and hybrid cloud architectures has become the standard. And if you find yourself in a traditional IT environment or at least one with some tech debt you're looking to retire, you really owe it to yourself to look at Ansible & Terraform. Red Hat Ansible & HashiCorp Terraform Ansible began life as an open source project in 2012. Automation is written in YAML, a simple scripting language that anyone can learn and it is an agentless architecture. Ansible was acquired by Red Hat in 2015, and to their great credit, Red Hat not only left Ansible core as open source, they went and open-sourced the enterprise version Ansible Tower (the community version of which is AWX)! Awesome move for the community. Due to the commitment to open source, Red Hat's market reach, and the extraordinarily simple-to-use scripting language YAML, usage of Ansible in enterprises of all sizes has skyrocketed. If you're not using it today, you're in luck, you're a simple web search and download from having an enterprise grade solution that really acts as a jack-of-all-trades for endpoint configuration regardless of operating system running on the target. It's been used quite successfully for years at very large scale in organizations of every size. HashiCorp Terraform launched in the community in 2014. It has since seen massive growth as an open source project and as both SaaS-based and on-premise enterprise software solutions. Terraform is an extremely powerful tool which enables infrastructure-as-code use cases. Terraform manages external resources using what it calls providers and gives the end-user the ability to declare the end-state configuration leveraging those external providers. This declarative architecture allows for highly modular, scalable, and reusable code to configure highly complex end points, platform-as-a-service, etc. In practice, we see Ansible + Terraform being used in concert with code release processes as well as being front-ended by service catalogs like ServiceNow to enable a limitless variety of push button IT capabilities. Please contact us If you'd like to learn more about using Ansible or Terraform . By Brad Johnson, Lead DevOps Engineer Continuing from 'Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part I)', we are going to install OpenShift Cluster in this section. We are going to use a public Route53 domain name for our install. If you wish to create a private cluster then you will need to do a bit more setup. See the following pages for more information on creating a private cluster that does not require DNS. The first page has the RedHat solution on the install-config program not supporting private clusters and contains an install config yaml file to use instead of the install-config command. https://access.redhat.com/solutions/5158831 https://access.redhat.com/sites/default/files/attachments/aws-internal-install-config.yml This page has more info on the install process and limitations of private clusters: First create the install-config yaml file and back it up as it is consumed by manifest creation. Now we can create the manifest files and set up the OVN CNI settings: The important things to change in this file are the apiVersion and defaultNetwork settings. It is important that the hybrid cluster network CIDR does not overlap with the cluster network CIDR. If you are following this guide exactly you can use this our network config file. Here are the contents of our manifests/cluster-network-03-config.yml file: Creation of the Cluster With those files in place we can now create the cluster. Take a coffee break, this will take around 30 minutes to complete. Now you can run the export command and start using oc commands. To verify you have the proper network running you can run this command: Bootstrapping the Windows Worker Nodes If you already have an SSH keypair in AWS you can use that, if not you can generate a new one with the steps below. Note that you cannot use a key with a passphrase for Windows machines. Now we need to download the Windows node bootstrapper and create our Windows nodes. This will take about 5 minutes to run. See this page for the latest releases: https://github.com/openshift/windows-machine-config-bootstrapper/releases See this page for more info on wni: https://github.com/openshift/windows-machine-config-bootstrapper/tree/master/tools/windows-node-installer Note: Due to a bug in the Intel 82599 network adapter used in most Intel based instances that causes issues with overlay networks, we suggest using AMD based instances like m5a.large After creating the node we can get the login info and run Ansible to finish node setup. See this page for more information: https://github.com/openshift/windows-machine-config-bootstrapper/tree/master/tools/ansible Get the Windows node Instance ID from the json file and get the Windows Administrator password. This password can also be used for RDP. Ansible Windows Node Finalization Now we need to create an Ansible inventory file. Your file should look like this, with your Windows node password and node address. Be sure to put the password in single quotes and set the cluster address to match the name of your cluster and private IP to match your node as well. Verify Ansible connectivity with this command and look for SUCCESS in the output: Clone the Windows Machine Config Bootstrapper repo and run the ansible playbook against the node: This will produce a lot of output and take 10 minutes or so. In the end you should see the Play Recap. As long as 'failed=0' then everything should be good. To check the node is good and working in the cluster run this command: At this point you should use RDP to connect to the Windows worker node using the Administrator user and the password you pulled earlier. Just add the Windows Worker Node to a security group allowing RDP and then open a connection. After logging in start a powershell session with admin rights and run 'docker ps'. Deploy a Windows sample application: You can check it is running in OpenShift with this command: On Windows docker output should look like this: If you have any issues try waiting 15 minutes and then redeploying with one of the following commands: To look at logs for the container, do this: After the application is up and running DNS will take up to 5 minutes to populate. So if this doesn't work try again. Check the service is up and running by getting the external IP for the service and curling it. Deleting the Cluster If you're all done and want to tear down here are the commands: If you have any questions about the steps documented here, or have any feedback or requests, please let us know at info@keyvatech.com. By Brad Johnson, Lead DevOps Engineer This guide covers how to set up an OpenShift cluster in AWS with Windows worker nodes. Because this requires the OVN Kubernetes container network interface you can not simply add Windows nodes to existing clusters. Please also understand that this functionality is still considered to be preview or beta from Red Hat is not supported in production environments at this time. This functionality also requires using OpenShift 4.4 or later, we tested this using OpenShift 4.5, which was the latest when this was published. Requirements: Environment Setup: After the instance is launched, SSH to the new VM as 'ec2-user' using your keyfile. Navigate to https://cloud.redhat.com/openshift/install/aws/installer-provisioned and log in with your Red Hat account. This page provides links to the latest installer and CLI. You will also need to download your pull secret from here. These are correct as of Oct 2020, however if you have an issue, please use the links on the latest page from Red Hat. Download OpenShift CLI and Installer and place the binaries in the $PATH. Note: /home/ec2-user/bin is in the default of $PATH on AMZ Linux 2 and openshift-client also contains a kubectl binary. Check the versions of the pre-reqs. Here is the output from when I tested this example as well. Configure the AWS and the AWS CLI You will need an AWS IAM user with a programmatic access key and the AdministratorAccess policy attached. You will also need to set up Route53 for a public cluster, but this is not reqiured, if you wish to create a private cluster see our steps below. If you need information on names for availability zones you can run one of the following commands. Run these commands to set up the AWS CLI We are now ready to set up the OpenShift Cluster. Please go to 'Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part II)'. https://cloud.redhat.com/openshift/install/ If you are interested in deploying Windows worker nodes with Rancher, please see our post here. If you have any questions about the steps documented here, or have any feedback or requests, please let us know at info@keyvatech.com. AnsibleFest 2020 digital event kicks off today. The event runs from Oct 13th – Oct 14th. You can find the detailed agenda for this event here – https://www.ansible.com/ansiblefest The event features a number of talk sessions and talk tracks, as well as live demos and Q&As. Red Hat Ansible is regarded as the de-facto standard for open source automation and orchestration. Red Hat Ansible Tower – the enterprise version of community Ansible – provides support for clustered architecture, enterprise level support from Red Hat, and other enterprise features. Ansible is used by a large number of organizations to implement use cases like infrastructure-as-code, platform as a service, DevSecOps automation and more. Leveraging one of Keyva's integrations like ServiceNow App for Red Hat Ansible Tower, and ServiceNow App for Red Hat OpenShift, you can also tie back automated remediations with your IT Service Management systems. Keyva has strategic partnership with Red Hat, and Keyva provides services and offerings around community and enterprise versions of Red Hat Ansible and OpenShift. You can check out some of those offerings here - https://keyvatech.com/red-hat/ or can always reach our team at: info@keyvatech.com to request additional information. Kong Summit digital event kicks off today. The event runs from Oct 7th – Oct 9th. You can find the detailed agenda for this event here – https://konghq.com/kong-summit/sessions The event features a number of talk sessions and talk tracks, as well as 60-minute virtual workshops with hands-on-labs. Kong is very popular open source API gateway, and Kong Enterprise provides enterprise level support for RBAC, API throttling, API monetization, Dev Portal, and many other features. With add-ons like Kong Immunity and Kong Vitals, you can autonomously identify and monitor issues. Leveraging one of Keyva's integrations like ServiceNow App for Kong, you can also tie back automated remediations with your IT Service Management systems. Keyva has strategic partnership with Kong, and Keyva provides services and offerings around community and enterprise versions of Kong API gateway. You can check out some of those offerings here - https://keyvatech.com/kong-enterprise/. You can always reach our team at: info@keyvatech.com to request additional information. Listed below are some great events coming up that you should check out! MSP Ansible Meetup – local, in person meetup this Thursday, 8/19. Great opportunity to meet and talk shop with local Ansible users. https://www.meetup.com/Ansible-Minneapolis/events/ Ansiblefest 2021 – 9/29 – 9/30: The yearly Ansible conference, online this year. Learn more at: https://www.redhat.com/en/events/ansiblefest-2021 Red Hat Automation for you, beginners… Aug 17th: https://www.redhat.com/en/events/webinar/automation-for-you-beginners-experts-and-everyone-else Shift Left Container Security 8/19 (AWS & McAfee) & Cloud Native Application Protection Workshop (8/26): Microsoft Azure Virtual Training: Migrating on-prem infrastructure: 9/2 and 9/3: https://mktoevents.com/Microsoft+Event/287240/157-GQE-382 Kong Summit – 9/27-9/29: https://konghq.com/kong-summit/ Accelerating Digital Transformation (On Demand): Rancher Desktop: Kubernetes & Container Management: 8/18
In this session you'll learn how a service mesh can observe all of our traffic in new modern applications running on both Kubernetes and virtual machines.
https://docs.openshift.com/container-platform/4.5/installing/installing_aws/installing-aws-private.html
Note: from here out all commands are run from the openshift_windows_cluster directory unless otherwise stated.$ mkdir ~/openshift_windows_cluster && cd ~/openshift_windows_cluster
$ openshift-install create install-config
? Platform aws
INFO Credentials loaded from the "default" profile in file "/home/ec2-user/.aws/credentials"
? Region us-east-2
? Base Domain example.com
? Cluster Name win-test-cluster
? Pull Secret [? for help] (Paste your Pull Secret from the Red Hat web site or text file you downloaded)
$ sed -i 's/OpenShiftSDN/OVNKubernetes/g' install-config.yaml
$ cp -p install-config.yaml install-config.yaml.backup$ openshift-install create manifests
INFO Credentials loaded from the "default" profile in file "/home/ec2-user/.aws/credentials"
INFO Consuming Install Config from target directory
$ cp -p manifests/cluster-network-02-config.yml manifests/cluster-network-03-config.yml
$ vi manifests/cluster-network-03-config.ymlapiVersion: operator.openshift.io/v1
kind: Network
metadata:
creationTimestamp: null
name: cluster
spec:
clusterNetwork:
- cidr: 10.128.0.0/14
hostPrefix: 23
externalIP:
policy: {}
networkType: OVNKubernetes
serviceNetwork:
- 172.30.0.0/16
defaultNetwork:
type: OVNKubernetes
ovnKubernetesConfig:
hybridOverlayConfig:
hybridClusterNetwork:
- cidr: 10.132.0.0/14
hostPrefix: 23
status: {}$ openshift-install create cluster
INFO Consuming Openshift Manifests from target directory
INFO Consuming Worker Machines from target directory
INFO Consuming Master Machines from target directory
INFO Consuming OpenShift Install (Manifests) from target directory
INFO Consuming Common Manifests from target directory
INFO Credentials loaded from the "default" profile in file "/home/ec2-user/.aws/credentials"
INFO Creating infrastructure resources...
INFO Waiting up to 20m0s for the Kubernetes API at https://api.win-test-cluster.example.com:6443...
INFO API v1.18.3+5302882 up
INFO Waiting up to 40m0s for bootstrapping to complete...
INFO Destroying the bootstrap resources...
INFO Waiting up to 30m0s for the cluster at https://api.win-test-cluster.example.com:6443 to initialize...
I1015 22:40:12.502855 1042 trace.go:116] Trace[1959950141]: "Reflector ListAndWatch" name:k8s.io/client-go/tools/watch/informerwatcher.go:146 (started: 2020-10-15
22:39:55.810110164 +0000 UTC m=+886.539985514) (total time: 16.692708687s):
Trace[1959950141]: [16.692655552s] [16.692655552s] Objects listed
INFO Waiting up to 10m0s for the openshift-console route to be created...
INFO Install complete!
INFO To access the cluster as the system:admin user when using 'oc', run 'export KUBECONFIG=/home/ec2-user/openshift_windows_cluster/auth/kubeconfig'
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.win-test-cluster.example.com
INFO Login to the console with user: "kubeadmin", and password: "XXXXX-XXXXX-XXXXX-XXXXX"
INFO Time elapsed: 30m48s$ export KUBECONFIG=/home/ec2-user/openshift_windows_cluster/auth/kubeconfig
$ oc get nodes
NAME STATUS ROLES AGE VERSION
ip-10-0-128-115.us-east-2.compute.internal Ready master 1h v1.18.3+970c1b3
ip-10-0-150-141.us-east-2.compute.internal Ready worker 1h v1.18.3+970c1b3
ip-10-0-161-110.us-east-2.compute.internal Ready worker 1h v1.18.3+970c1b3
ip-10-0-186-69.us-east-2.compute.internal Ready master 1h v1.18.3+970c1b3
ip-10-0-201-57.us-east-2.compute.internal Ready master 1h v1.18.3+970c1b3
ip-10-0-220-129.us-east-2.compute.internal Ready worker 1h v1.18.3+970c1b3
$ oc version
Client Version: 4.5.14
Server Version: 4.5.14
Kubernetes Version: v1.18.3+5302882 $ oc get network.operator cluster -o yaml
Look at the spec section of the yaml output. It should look like this.
spec:
clusterNetwork:
- cidr: 10.128.0.0/14
hostPrefix: 23
defaultNetwork:
ovnKubernetesConfig:
hybridOverlayConfig:
hybridClusterNetwork:
- cidr: 10.132.0.0/14
hostPrefix: 23
type: OVNKubernetes
serviceNetwork:
- 172.30.0.0/16$ ssh-keygen -t rsa -b 4096 -N "" -C "example-key" -f ~/.ssh/example-key
$ aws --region us-east-2 ec2 import-key-pair --key-name "example-key" --public-key-material file://$HOME/.ssh/example-key.pub$ wget https://github.com/openshift/windows-machine-config-bootstrapper/releases/download/v4.5.2-alpha/wni -O ~/bin/wni
$ chmod +x ~/bin/wni && mkdir windowsnodeinstaller
$ wni aws create --kubeconfig $KUBECONFIG --credentials ~/.aws/credentials --credential-account default --instance-type m5a.large --ssh-key example-key --private-key ~/.ssh/example-key --dir ./windowsnodeinstaller/
2020/10/16 20:05:13 kubeconfig source: /home/ec2-user/openshift_windows_cluster/auth/kubeconfig
2020/10/16 20:05:14 Added rule with port 5986 to the security groups of your local IP
2020/10/16 20:05:14 Added rule with port 22 to the security groups of your local IP
2020/10/16 20:05:14 Added rule with port 3389 to the security groups of your local IP
2020/10/16 20:05:14 Using existing Security Group: sg-0123456789012345
2020/10/16 20:09:41 External IP: 4.138.182.84
2020/10/16 20:09:41 Internal IP: 10.0.42.50$ cat windowsnodeinstaller/windows-node-installer.json
{"InstanceIDs":["i-0123456789012345"],"SecurityGroupIDs":["sg-0123456789012345"]}
$ aws ec2 get-password-data --instance-id i-0123456789012345 --priv-launch-key ~/.ssh/example-key $ vi inventory.ini
[win]
4.138.182.84 ansible_password='YOURWINDOWSNODEPASSWORDHERE' private_ip=10.0.42.50
[win:vars]
ansible_user=Administrator
cluster_address=win-test-cluster.example.com
ansible_connection=winrm
ansible_ssh_port=5986
ansible_winrm_server_cert_validation=ignore$ ansible win -i inventory.ini -m win_ping
4.138.182.84 | SUCCESS => {
"changed": false,
"ping": "pong"
}$ git clone https://github.com/openshift/windows-machine-config-bootstrapper.git
$ ansible-playbook -v -i inventory.ini windows-machine-config-bootstrapper/tools/ansible/tasks/wsu/main.yaml$ oc get nodes -o wide -l kubernetes.io/os=windows
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
ip-10-0-42-50.us-east-2.compute.internal Ready worker 29m v1.18.3 10.0.42.50 3.138.182.84 Windows Server 2019 Datacenter 10.0.17763.1518 docker://19.3.12$ oc create -f https://raw.githubusercontent.com/keyvatech/blog_files/master/kubernetes_windows_web_server.yaml -n default
$oc rollout status deployment win-webserver -n default
deployment "win-webserver" successfully rolled outPS C:\Users\Administrator> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
09c8bbd2a7e8 mcr.microsoft.com/windows/servercore "powershell.exe -com…" 13 minutes ago Up 13 minutes k8s_windowswebserver_win-webserver-85b49f8677-cgqkq_default_01fe28db-5ae7-4ead-8e84-5d9d5cd2cb01_0
52d42f33de9d mcr.microsoft.com/k8s/core/pause:1.2.0 "cmd /S /C 'cmd /c p…" 16 minutes ago Up 16 minutes k8s_POD_win-webserver-85b49f8677-cgqkq_default_01fe28db-5ae7-4ead-8e84-5d9d5cd2cb01_0$ oc rollout restart deployment/win-webserver
$ oc rollout retry deployment/win-webserver$ oc get pods
NAME READY STATUS RESTARTS AGE
win-webserver-564d75c5f7-l4kk2 1/1 Running 0 96s
$ oc logs win-webserver-564d75c5f7-l4kk2
Listening at http://*:80/$ oc get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 172.30.0.1 <none> 443/TCP 23h
openshift ExternalName <none> kubernetes.default.svc.cluster.local <none> 23h
win-webserver LoadBalancer 172.30.88.146 a038a9aa4571f4a7cafaf15ebf7ae270-23672059.us-east-2.elb.amazonaws.com 80:32601/TCP 35m
$ curl a038a9aa4571f4a7cafaf15ebf7ae270-23672059.us-east-2.elb.amazonaws.com
<html><body><H1>Windows Container Web Server</H1></body></html>$ wni aws destroy --kubeconfig $KUBECONFIG --credentials ~/.aws/credentials --credential-account default --dir ./windowsnodeinstaller/
$ openshift-install destroy cluster
- Ansible 2.9+
- Python 3
- Python winrm module
- AWS CLI
- OpenShift 4.4+
- OC CLI 4.4+
- GIT
- AWS IAM User with programmatic access key and AdministratorAccess policy attached
If you don't have an environment that meets the above specs then create an EC2 instance with Amazon Linux 2.
I used a t2.micro instance and a security group allowing SSH on port 22. This environment already has the AWS CLI set up. During my run I only needed 4GB total disk space so the default disk size is fine.
Run the following commands to set up python pre-reqs:$ sudo yum install python3 python3-pip git
$ pip3 install --user pywinrm ansible$ cd ~
$ wget https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/openshift-client-linux.tar.gz
$ mkdir bin && tar -xvf openshift-client-linux.tar.gz --directory bin && mv bin/README.md ~/openshift-client-README.md
$ wget https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/openshift-install-linux.tar.gz
$ tar -xvf openshift-install-linux.tar.gz --directory bin && mv bin/README.md ~/openshift-install-README.md$ ansible --version
ansible 2.10.2
config file = None
configured module search path = ['/home/ec2-user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/ec2-user/.local/lib/python3.7/site-packages/ansible
executable location = /home/ec2-user/.local/bin/ansible
python version = 3.7.9 (default, Aug 27 2020, 21:59:41) [GCC 7.3.1 20180712 (Red Hat 7.3.1-9)]
$ aws --version
aws-cli/1.18.107 Python/2.7.18 Linux/4.14.193-149.317.amzn2.x86_64 botocore/1.17.31
$ oc version
Client Version: 4.5.14
$ openshift-install version
openshift-install 4.5.14
built from commit 9893a482f310ee72089872f1a4caea3dbec34f28
release image quay.io/openshift-release-dev/ocp-release@sha256:95cfe9273aecb9a0070176210477491c347f8e69e41759063642edf8bb8aceb6
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.2-0-g52c56ce", GitCommit:"d7f3ccf9a5bdc96ba92e31526cf014b3de4c46aa", GitTreeState:"clean", BuildDate:"2020-09-16T15:25:59Z", GoVersion:"go1.13.4", Compiler:"gc", Platform:"linux/amd64"}
$ pip3 freeze
ansible==2.10.1
ansible-base==2.10.2
certifi==2020.6.20
cffi==1.14.3
chardet==3.0.4
cryptography==3.1.1
idna==2.10
Jinja2==2.11.2
MarkupSafe==1.1.1
ntlm-auth==1.5.0
packaging==20.4
pycparser==2.20
pyparsing==2.4.7
pywinrm==0.4.1
PyYAML==5.3.1
requests==2.24.0
requests-ntlm==1.1.0
six==1.15.0
urllib3==1.25.10
xmltodict==0.12.0
$ pip3 show pywinrm
Name: pywinrm
Version: 0.4.1
Summary: Python library for Windows Remote Management
Home-page: http://github.com/diyan/pywinrm/
Author: Alexey Diyan
Author-email: alexey.diyan@gmail.com
License: MIT license
Location: /home/ec2-user/.local/lib/python3.7/site-packages
Requires: xmltodict, requests, requests-ntlm, six
See this page for information on setting up your AWS account. https://docs.openshift.com/container-platform/4.5/installing/installing_aws/installing-aws-account.html
Be sure you are using a region supported by RedHat for Openshift on the AWS.$ aws ec2 describe-regions
$ aws ec2 describe-availability-zones --region us-east-2
$ aws ec2 describe-availability-zones --all-availability-zones$ aws configure
AWS Access Key ID [None]: YOURACCESSKEYID
AWS Secret Access Key [None]: YOURSECRETACCESSKEY
Default region name [None]: us-east-2
Default output format [None]: jsonHelpful links:
August & September Events 2021
Read more
May Virtual Events 2021
Read more
Upcoming Tech Events – February 2021
Read more
Are There Any Alternatives to HP Software / Micro Focus Automation Tools?
Read more
Creating an OpenShift Cluster in AWS with Windows Worker Nodes (Part II)
Read moreCreating an OpenShift Cluster in AWS with Windows Worker Nodes (Part I)
Read more
Red Hat AnsibleFest 2020
Read more
Kong Summit 2020
Read more