r3dact3d / OCP4-Deploy

Automated way to deploy and destroy OCP4.x IPI to AWS

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Repo for deploying OCP to AWS

Note
fork or clone repo so that you can use Your own GitHub Secrets and worklflow.

Workflow

To deploy OCP4.x

  1. Ensure GitHub Repository Secrets are created and up-to-date - (do not create environment secrets, do create repository secrets)

    1. OCP_ADMIN_USER is the cluster admin username

    2. OCP_ADMIN_PASS

    3. OCP_DEV_USER

    4. OCP_DEV_PASS

    5. OCP_BASE_DOMAIN is the top level route53 domain and does NOT require a leading dot

    6. OCP_CLUSTER_NAME

    7. OCP_CLIENT_VERSION will be the version of OpenShift "4", "4.7", or "4.9.9"

    8. RED_HAT_PULLSECRET is the required Red Hat creds for their repositories

    9. AWS_ACCESS_KEY_ID is the AWS Access Key

    10. AWS_SECRET_ACCESS_KEY is the AWS Secret Access key

    11. AWS_REGION

  2. Click Deploy button below and run workflow

badge
Note
You can now check the Actions to watch/check the status of the deployment.

Actions

Running Deploy workflow will automatically kick off.

  1. Perform AWS IPI

  2. Creates an Artifact for Destroy

    1. You can download artifact if needed from GitHub Actions > Runs

    2. Double check your retention period for Artifacts

  3. Setup HTPasswd IDP

    1. Uses CLUSTER_ADMIN and ADMIN_PASS

    2. Uses DEV_PASS for andrew the developer

  4. Install GitOps Operator

    1. Sets admin password for console to ADMIN_PASS

  5. Adds MachineSet for infra nodes

On completion of Deploy workflow, the GitOps-Tasks workflow will automatically start.

  1. Creates argoCD applications from r3dact3d/gitops/main/blinker19/cluster.yaml

Important

  • During the deploy workflow the artifacts describing the AWS resources that are deployed are needed for the destroy workflow.

  • The artifacts are uploaded for only 90 days and will need to be manually downloaded if it’s not planned to destroy the cluster within that retention period.

To destroy OCP4.x

  1. Click below Destroy button to use last saved artifact to destroy Openshift cluster and infra resources.

badge

This will kick off the destroy workflow, pulling the artifact from deploy workflow automatically and destroying the AWS resources.

TODO

  • Add node sizing templates

  • cost management operator

Note
GitHub IDP is disabled currently

GitHub IDP

  • GitHub IDP is used in this deploy, so a GitHub organization should be created

  • Add the clientSecret to GitHub Secrets as CLIENT_SECRET

  • Update the GitHub Organization name and clientID in idp-oauth.yaml file

About

Automated way to deploy and destroy OCP4.x IPI to AWS

License:MIT License