OpenShift update Service

# OpenShift update Service * https://docs.openshift.com/container-platform/4.11/updating/updating-restricted-network-cluster.html * https://docs.openshift.com/container-platform/4.10/updating/updating-restricted-network-cluster.html#update-service-install ``` mkdir openshift-update-service cd openshift-update-service cat >./Dockerfile<<EOF FROM registry.access.redhat.com/ubi8/ubi:8.1 RUN curl -L -o cincinnati-graph-data.tar.gz https://github.com/openshift/cincinnati-graph-data/archive/master.tar.gz CMD exec /bin/bash -c "tar xvzf cincinnati-graph-data.tar.gz -C /var/lib/cincinnati/graph-data/ --strip-components=1" EOF ``` ``` REGISTRY_CODE="quay.ztp-pipelines.ocpincubator.com:8443/ocp4" podman build -f ./Dockerfile -t ${REGISTRY_CODE}/graph-data:latest ``` Push Graph to repo ``` podman push ${REGISTRY_CODE}/graph-data:latest ``` [Operator Lifecycle Manager on restricted networks](https://github.com/tosin2013/openshift-4-deployment-notes/blob/master/disconnected-scripts/operator-lifecycle-manager-on-restricted-networks.md) > https://quay.io/repository/openshift-release-dev/ocp-release ``` OCP_RELEASE=4.10.36 LOCAL_REGISTRY='quay.ztp-pipelines.ocpincubator.com:8443' LOCAL_REPOSITORY='openshift' LOCAL_RELEASE_IMAGES_REPOSITORY='openshift-release' PRODUCT_REPO='openshift-release-dev' LOCAL_SECRET_JSON=${HOME}/merged-pull-secret.json RELEASE_NAME="ocp-release" ARCHITECTURE=x86_64 oc adm release mirror -a ${LOCAL_SECRET_JSON} \ --from=quay.io/${PRODUCT_REPO}/${RELEASE_NAME}:${OCP_RELEASE}-${ARCHITECTURE} \ --to=${LOCAL_REGISTRY}/${LOCAL_REPOSITORY} \ --to-release-image=${LOCAL_REGISTRY}/${LOCAL_RELEASE_IMAGES_REPOSITORY}:${OCP_RELEASE}-${ARCHITECTURE} --dry-run ``` quay.ztp-pipelines.ocpincubator.com:8443/openshift-release ``` NAMESPACE=openshift-update-service NAME=service RELEASE_IMAGES=quay.ztp-pipelines.ocpincubator.com:8443/openshift-release REGISTRY_CODE="quay.ztp-pipelines.ocpincubator.com:8443/ocp4" GRAPH_DATA_IMAGE=${REGISTRY_CODE}/graph-data:latest oc -n "${NAMESPACE}" create -f - <<EOF apiVersion: updateservice.operator.openshift.io/v1 kind: UpdateService metadata: name: ${NAME} spec: replicas: 2 releases: ${RELEASE_IMAGES} graphDataImage: ${GRAPH_DATA_IMAGE} EOF $ while sleep 1; do POLICY_ENGINE_GRAPH_URI="$(oc -n "${NAMESPACE}" get -o jsonpath='{.status.policyEngineURI}/api/upgrades_info/v1/graph{"\n"}' updateservice "${NAME}")"; SCHEME="${POLICY_ENGINE_GRAPH_URI%%:*}"; if test "${SCHEME}" = http -o "${SCHEME}" = https; then break; fi; done while sleep 10; do HTTP_CODE="$(curl --header Accept:application/json --output /dev/stderr --write-out "%{http_code}" "${POLICY_ENGINE_GRAPH_URI}?channel=stable-4.6")"; if test "${HTTP_CODE}" -eq 200; then break; fi; echo "${HTTP_CODE}"; done ``` ![](https://i.imgur.com/Z57naKi.png)