From Fedora Project Wiki
(Created page with "The page describes how to easily deploy container into OpenShift.")
 
Line 1: Line 1:
The page describes how to easily deploy container into OpenShift.
+
This chapter describes how to easily generate working OpenShift template and what are useful OpenShift commands.
 +
 
 +
= OpenShift deployment possibilities =
 +
OpenShift uses an abstraction called deployment to deploy applications. A deployment could be basically explained as a load balancer for pods.
 +
 
 +
A pod is the smallest deployable unit in OpenShift which is composed of one or more containers. These containers share an IP address and volumes, are always deployed together on a single host, and are scaled together as a single unit.
 +
 
 +
== Scenario one Pod and two containers ==
 +
 
 +
This scenario is useful once you would like to have two containers, where one is opened to anyone and second one is used as “hidden” database. Like Internal register with hidden database.
 +
 
 +
= OpenShift linter command =
 +
Once you wrote an OpenShift template, you would like to check it, whether all fields are written properly. In order to verify the template, '''oc_linter''' or '''oc lint''' command would be welcome.
 +
 
 +
Really basic YAML checker is ''yamllint <YAML_NAME>'', but it does not check OpenShift specific things.
 +
 
 +
I have already filed a RFE issue on GitHub [https://github.com/openshift/origin/issues/12404 OpenShift Pull Request].
 +
 
 +
= How to generate working template for OpenShift =
 +
We need the templates, in order to test our containers on OpenShift. We should simplify a way, for template generation.
 +
I have already filed a RFE on OpenShift GitHub here [https://github.com/openshift/origin/issues/12402 GitHub RFE]
 +
These set of scripts, can help the users for testing their containers together with OpenShift.
 +
I don’t know if it is proper way, but for testing proposes it works.
 +
 
 +
== Creating template with oc command ==
 +
In order to create a working template with '''oc''' command only two steps are needed.
 +
* Run command:
 +
<pre>
 +
oc new-app <docker_image_name>
 +
</pre>
 +
* Run command:
 +
<pre>
 +
oc export dc/service_name>
 +
</pre>
 +
Can be taken from previous command. It is identical.
 +
 
 +
== Creating template by our tool ==
 +
===Prerequisites===
 +
* Clone GitHub repository: [https://github.com/phracek/modularity_tools Petr Hracek modularity_tools]
 +
** The tools will be moved soon into repository [https://pagure.io/modularity/modularity-tools Pagure modularity-tools]
 +
* Switch into your container directory. The directory has to contain '''Dockerfile''' or like '''Dockerfile.RHEL''' and '''[https://github.com/container-images/container-image-template/blob/master/openshift-template.yml openshift.yml]'''
 +
** Both files are important for proper template generation.
 +
** If '''Dockerfile''' contains ''ENV'', ''VOLUMES'' or ''EXPOSE'' directives, they are add into OpenShift template.
 +
* Build your container image with '''docker build ...''' command. Do '''NOT''' use '_' in the image name.
 +
 
 +
===How to feed the template into OpenShift===
 +
* From [https://github.com/phracek/modularity_tools modularity_tools] repository, run command:
 +
** '''get_oc_registry''' gets your OpenShift docker-repository IP address and stores it to file: '''~/.config/openshift_ip.ini'''
 +
* In order to build OpenShift template from your container directory, run command:
 +
<pre>
 +
build_oc_template.py <IMAGE_NAME>
 +
</pre>
 +
*** In case of different Dockerfile name like '''Dockerfile.RHEL''' add the option '''--dockerfile Dockerfile.RHEL'''
 +
** Template is stored in '''/tmp/<template_dir>/openshift-template.yml'''
 +
* For tagging your built image into OpenShift internal docker registry, run command:
 +
<pre>
 +
tag_into_oc_registry <IMAGE_NAME>
 +
</pre>
 +
** The command adds the image into OpenShift internal docker registry
 +
* For adding the template into OpenShift, run command:
 +
<pre>
 +
oc create -f /tmp/<template_dir>/openshift-template.yml
 +
</pre>
 +
** The last step for deploying the '''template''' names as ''IMAGE_NAME'' is over OpenShift UI. By default,
 +
<pre>
 +
"My Project" -> "Add to project" -> Select your template names as "IMAGE_NAME" in "Browsed Catalog" -> deploy it.
 +
</pre>
 +
* For getting template from running pod/deploymentconfig/is, run command:
 +
<pre>
 +
oc export {pod/dc/is}/<pod_name>|dc_name|is_name> > output.yml
 +
</pre>
 +
** Names are taken by commands <pre>oc get {pod|dc|is}</pre>
 +
 
 +
 
 +
=How to run container as a root under OpenShift=
 +
 
 +
Nowadays, OpenShift team provides a command, how to run container under OpenShift with root privileges.
 +
<pre>
 +
oadm policy add-scc-tu-user anyuid system:serviceaccount:<namespace>:default
 +
</pre>
 +
where namespace is project name. Default one is ''myproject''.
 +
 
 +
The script [https://github.com/phracek/modularity_tools/blob/master/add_anyuid_to_project.sh add_anyuid_to_project.sh] does it automatically. Required argument is project name, like in our case '''myproject'''.

Revision as of 14:49, 24 January 2017

This chapter describes how to easily generate working OpenShift template and what are useful OpenShift commands.

OpenShift deployment possibilities

OpenShift uses an abstraction called deployment to deploy applications. A deployment could be basically explained as a load balancer for pods.

A pod is the smallest deployable unit in OpenShift which is composed of one or more containers. These containers share an IP address and volumes, are always deployed together on a single host, and are scaled together as a single unit.

Scenario one Pod and two containers

This scenario is useful once you would like to have two containers, where one is opened to anyone and second one is used as “hidden” database. Like Internal register with hidden database.

OpenShift linter command

Once you wrote an OpenShift template, you would like to check it, whether all fields are written properly. In order to verify the template, oc_linter or oc lint command would be welcome.

Really basic YAML checker is yamllint <YAML_NAME>, but it does not check OpenShift specific things.

I have already filed a RFE issue on GitHub OpenShift Pull Request.

How to generate working template for OpenShift

We need the templates, in order to test our containers on OpenShift. We should simplify a way, for template generation. I have already filed a RFE on OpenShift GitHub here GitHub RFE These set of scripts, can help the users for testing their containers together with OpenShift. I don’t know if it is proper way, but for testing proposes it works.

Creating template with oc command

In order to create a working template with oc command only two steps are needed.

  • Run command:
oc new-app <docker_image_name>
  • Run command:
oc export dc/service_name>

Can be taken from previous command. It is identical.

Creating template by our tool

Prerequisites

  • Clone GitHub repository: Petr Hracek modularity_tools
  • Switch into your container directory. The directory has to contain Dockerfile or like Dockerfile.RHEL and openshift.yml
    • Both files are important for proper template generation.
    • If Dockerfile contains ENV, VOLUMES or EXPOSE directives, they are add into OpenShift template.
  • Build your container image with docker build ... command. Do NOT use '_' in the image name.

How to feed the template into OpenShift

  • From modularity_tools repository, run command:
    • get_oc_registry gets your OpenShift docker-repository IP address and stores it to file: ~/.config/openshift_ip.ini
  • In order to build OpenShift template from your container directory, run command:
build_oc_template.py <IMAGE_NAME>
      • In case of different Dockerfile name like Dockerfile.RHEL add the option --dockerfile Dockerfile.RHEL
    • Template is stored in /tmp/<template_dir>/openshift-template.yml
  • For tagging your built image into OpenShift internal docker registry, run command:
tag_into_oc_registry <IMAGE_NAME>
    • The command adds the image into OpenShift internal docker registry
  • For adding the template into OpenShift, run command:
oc create -f /tmp/<template_dir>/openshift-template.yml
    • The last step for deploying the template names as IMAGE_NAME is over OpenShift UI. By default,
"My Project" -> "Add to project" -> Select your template names as "IMAGE_NAME" in "Browsed Catalog" -> deploy it.
  • For getting template from running pod/deploymentconfig/is, run command:
oc export {pod/dc/is}/<pod_name>|dc_name|is_name> > output.yml
    • Names are taken by commands
      oc get {pod|dc|is}


How to run container as a root under OpenShift

Nowadays, OpenShift team provides a command, how to run container under OpenShift with root privileges.

oadm policy add-scc-tu-user anyuid system:serviceaccount:<namespace>:default

where namespace is project name. Default one is myproject.

The script add_anyuid_to_project.sh does it automatically. Required argument is project name, like in our case myproject.