IBMCloud OpenShift Install CLI

# notes * out of date ~~https://docs.google.com/document/d/12mxveZz1L2w8XDvvDllkAGTzmSGudOaDCtcoThAv4Xw/edit~~ ## real doc https://cloud.ibm.com/docs/openshift?topic=openshift-vpc_rh_tutorial ## IBMCloud CLI bash/zsh completion * https://cloud.ibm.com/docs/cli?topic=cli-shell-autocomplete ## Cli install https://cloud.ibm.com/docs/cli?topic=cli-install-ibmcloud-cli ## How is this doc tested * OADP 1.4 ONLY DM backup and restore ( success ) * E2E on OADP-1.4 branch ( in progress ) ### Execute ``` ibmcloud login --sso ibmcloud update ibmcloud plugin list ``` ** required ``` Listing installed plug-ins... Plugin Name Version Status Private endpoints supported container-service[kubernetes-service/ks] 1.0.638 false vpc-infrastructure[infrastructure-service/is] 11.5.0 true ``` ** install as needed ``` ibmcloud plugin install vpc-infrastructure ``` ** set session params * south or east are options ( both valid ) ``` ibmcloud target -r us-south ibmcloud target -g Default ibmcloud is target --gen 2 ``` ### Create your VPC * This will fail w/ non-unique name error if already created ``` ibmcloud is vpc-create whayutin-vpc1 ``` * OR list your current vpcs ``` ibmcloud is vpcs ``` * record your vpc-id ``` whayutin@thinkdoe:~/OPENSHIFT/RELEASE_STREAM/4.16$ ibmcloud is vpc-create whayutin-vpc1 Creating vpc whayutin-vpc1 in resource group Default under account MigrationEngineering as user whayutin@redhat.com... ID r006-c<SNIP>-47d0-8869 Name whayutin-vpc1 CRN crn:v1:bluemix:public:is:us-south:a/7aaac837f97e4410<snip> Status pending Classic access false Created 2024-07-11T06:50:50-06:00 Resource group ID Name 955ccd5afb2940dfa8c28bdbbaa4d330 Default Default network ACL ID Name r006-f6a5abcd-0837-4f18-8f6f-2286384f601c clarinet-confused-ceremony-synopsis Default security group ID Name r006-11a135ad-cf31-46d9-a911-c990b182871e huff-spotting-quintet-lankiness Default routing table ID Name r006-00066f1c-bb95-4fde-991c-e62140fd500f vacation-strained-jackal-washboard Cloud Service Endpoint source IP addresses: Zone Address us-south-1 10.249.199.228 us-south-2 10.16.244.221 us-south-3 10.22.37.162 Default routing table ID Name r006-00066f1c-bb95-4fde-991c-e62140fd500f vacation-strained-jackal-washboard Health reason - Health state inapplicable DNS Hub false DNS Resolution Binding Count 0 DNS Resolver Servers Address Zone 161.26.0.10 - 161.26.0.11 - DNS Resolver Type system DNS Resolver Configuration default ``` ``` export IBM_VPC=r006-cc5<snip>47d0-8869 ``` ``` ibmcloud is public-gateway-create gateway-us-south-1 $IBM_VPC us-south-1 ``` or ``` ibmcloud is public-gateways ``` * Export the IBM Gateway ID ``` export IBM_GATEWAY=r006-7354ddc9-2<snip>-902e-d ``` * Create your IBM Subnet ``` ibmcloud is subnet-create mysubnet1 $IBM_VPC --zone us-south-1 --ipv4-address-count 256 --public-gateway-id <gateway_ID> ``` or ``` ibmcloud is subnets ``` * Export IBM_SUBNET ``` export IBM_SUBNET=0717-5665c6<snip>-9dba-cca ``` * Export IBM_COS_NAME ``` export IBM_COS_NAME=wdh-myvpc-cos ``` ``` ibmcloud resource service-instance-create $IBM_COS_NAME cloud-object-storage standard global ``` ``` Creating service instance wdh-myvpc-cos in resource group Default of account MigrationEngineering as whayutin@redhat.com... Multiple deployments found in the same location. Please select one: Index Name 1 premium-global-deployment 2 premium-global-deployment-iam Enter a number [1..2]:> 1 OK Service instance wdh-myvpc-cos was created. Name: wdh-myvpc-cos ID: crn:v1:bluemix:public:cloud-object-storage:global:a/ GUID: 0d33dac4-6c20-48ce-b897- Location: global State: active Type: service_instance Sub Type: Allow Cleanup: false Locked: false Created at: 2024-07-11T22:32:44Z Updated at: 2024-07-11T22:32:45Z Last Operation: Status create succeeded Message Completed create instance operation ``` * Export IBM_COS_INSTANCE ``` export IBM_COS_INSTNACE="crn:v<snip>::" ``` ## create cluster * Export the cluster name ``` export IBM_CLUSTER_NAME=wdh415-vpc-cluster ``` * Check your IBM environmental variables ``` set | grep IBM ``` ``` IBM_COS_INSTANCE=crn:v1:bluemix:public:cloud-object-storage:global:a/7aaac837f97e441087486c5:<snip>-93e1-04b5ce8b95:: IBM_GATEWAY=r006-7354ddc9-23c1-<snip>e4369 IBM_SUBNET=0717-5665c661-<snip>-cca4fab9 IBM_VPC=r006-cc56<snip>-77c7bd4 IBM_NAME=wdh415-vpc-cluster ``` ``` ibmcloud oc cluster create vpc-gen2 --name $IBM_CLUSTER_NAME --zone us-south-1 --version 4.15_openshift --flavor bx2.4x16 --workers 3 --vpc-id $IBM_VPC --subnet-id $IBM_SUBNET --cos-instance $IBM_COS_INSTANCE ``` ****** WAIT FOR EGRESS zzzzzzzzzzzzzzzzzzzzz ************** ## and FINALLY * Allow outbound connections * This will enable your catalogs and OADP devel install ``` ibmcloud oc vpc outbound-traffic-protection disable --cluster $IBM_CLUSTER_NAME ``` ``` All outbound traffic from your cluster will be permitted. Do you want to continue? [y/N]> y OK ``` ## Notes: * OADP-1.4 only wil work atm https://github.com/vmware-tanzu/velero/pull/7926 ## Enable the default catalog sources. * Cluster Administration -> Operator Hub -> YAML ![image (6)](https://hackmd.io/_uploads/ByaHwfZc0.png) * set disableAllDefaultSources: false <---- * set each source disabled: false <---- ## StorageClass * ibmc-vpcblock-odf-ret-10iops is set to my default * AND the fun news is that is not working well w/ OADP e2e tets. * To enable vpc-file-csi storage classess ``` ibmcloud ks cluster addon enable vpc-file-csi-driver --version 2.0 --cluster $IBM_NAME ``` Just because IBM gets paid by the OPTION, you should now see both block AND file storage classes ``` oc get sc NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE ibmc-vpc-block-10iops-tier (default) vpc.block.csi.ibm.io Delete Immediate true 2d1h ibmc-vpc-block-5iops-tier vpc.block.csi.ibm.io Delete Immediate true 2d1h ibmc-vpc-block-custom vpc.block.csi.ibm.io Delete Immediate true 2d1h ibmc-vpc-block-general-purpose vpc.block.csi.ibm.io Delete Immediate true 2d1h ibmc-vpc-block-metro-10iops-tier vpc.block.csi.ibm.io Delete WaitForFirstConsumer true 2d1h ibmc-vpc-block-metro-5iops-tier vpc.block.csi.ibm.io Delete WaitForFirstConsumer true 2d1h ibmc-vpc-block-metro-custom vpc.block.csi.ibm.io Delete WaitForFirstConsumer true 2d1h ibmc-vpc-block-metro-general-purpose vpc.block.csi.ibm.io Delete WaitForFirstConsumer true 2d1h ibmc-vpc-block-metro-retain-10iops-tier vpc.block.csi.ibm.io Retain WaitForFirstConsumer true 2d1h ibmc-vpc-block-metro-retain-5iops-tier vpc.block.csi.ibm.io Retain WaitForFirstConsumer true 2d1h ibmc-vpc-block-metro-retain-custom vpc.block.csi.ibm.io Retain WaitForFirstConsumer true 2d1h ibmc-vpc-block-metro-retain-general-purpose vpc.block.csi.ibm.io Retain WaitForFirstConsumer true 2d1h ibmc-vpc-block-retain-10iops-tier vpc.block.csi.ibm.io Retain Immediate true 2d1h ibmc-vpc-block-retain-5iops-tier vpc.block.csi.ibm.io Retain Immediate true 2d1h ibmc-vpc-block-retain-custom vpc.block.csi.ibm.io Retain Immediate true 2d1h ibmc-vpc-block-retain-general-purpose vpc.block.csi.ibm.io Retain Immediate true 2d1h ibmc-vpc-file-1000-iops vpc.file.csi.ibm.io Delete Immediate true 2m44s ibmc-vpc-file-3000-iops vpc.file.csi.ibm.io Delete Immediate true 2m44s ibmc-vpc-file-500-iops vpc.file.csi.ibm.io Delete Immediate true 2m44s ibmc-vpc-file-eit vpc.file.csi.ibm.io Delete Immediate true 2m44s ibmc-vpc-file-metro-1000-iops vpc.file.csi.ibm.io Delete WaitForFirstConsumer true 2m44s ibmc-vpc-file-metro-3000-iops vpc.file.csi.ibm.io Delete WaitForFirstConsumer true 2m44s ibmc-vpc-file-metro-500-iops vpc.file.csi.ibm.io Delete WaitForFirstConsumer true 2m44s ibmc-vpc-file-metro-retain-1000-iops vpc.file.csi.ibm.io Retain WaitForFirstConsumer true 2m43s ibmc-vpc-file-metro-retain-3000-iops vpc.file.csi.ibm.io Retain WaitForFirstConsumer true 2m43s ibmc-vpc-file-metro-retain-500-iops vpc.file.csi.ibm.io Retain WaitForFirstConsumer true 2m43s ibmc-vpc-file-min-iops vpc.file.csi.ibm.io Delete Immediate true 2m43s ibmc-vpc-file-retain-1000-iops vpc.file.csi.ibm.io Retain Immediate true 2m43s ibmc-vpc-file-retain-3000-iops vpc.file.csi.ibm.io Retain Immediate true 2m43s ibmc-vpc-file-retain-500-iops vpc.file.csi.ibm.io Retain Immediate true 2m43s ibmc-vpcblock-odf-10iops vpc.block.csi.ibm.io Delete WaitForFirstConsumer true 2d1h ibmc-vpcblock-odf-5iops vpc.block.csi.ibm.io Delete WaitForFirstConsumer true 2d1h ibmc-vpcblock-odf-custom vpc.block.csi.ibm.io Delete WaitForFirstConsumer true 2d1h ibmc-vpcblock-odf-general vpc.block.csi.ibm.io Delete WaitForFirstConsumer true 2d1h ibmc-vpcblock-odf-ret-10iops (default) vpc.block.csi.ibm.io Retain WaitForFirstConsumer true 2d1h ibmc-vpcblock-odf-ret-5iops vpc.block.csi.ibm.io Retain WaitForFirstConsumer true 2d1h ibmc-vpcblock-odf-ret-custom vpc.block.csi.ibm.io Retain WaitForFirstConsumer true 2d1h ibmc-vpcblock-odf-ret-general vpc.block.csi.ibm.io Retain WaitForFirstConsumer true 2d1h ```