openshift-cli-installer 1.0.2

CLI to install/uninstall Openshift clusters.

openshift-cli-installer

Basic Openshift install CLI wrapper.
The tool allows deploying or deletion of one or more clusters.
The clusters can be deployed on different platforms; currently supported platforms: AWS IPI, ROSA and Hypershift.
Each cluster can be provided with different configuration options, such as worker type, number of workers etc.

Tools

• AWS IPI installation uses openshift-installer cli which is extracted from the cluster's target version.
  The binary is taken from quay.io/openshift-release-dev/ocp-release:<target version>
• ROSA and Hypershift installation uses the latest ROSA CLI

Container

Image locate at openshift-cli-installer
To pull the image: podman pull quay.io/openshift-cli-installer

Global CLI configuration

• --clusters-install-data-directory: Clusters configurations are written to <clusters-install-data-directory><platform><cluster name>; write permissions are needed.

  • <cluster directory>/auth contains kubeconfig and kubeadmin-password files

• --parallel: To create / destroy clusters in parallel

• Pass --s3-bucket-name (and optionally --s3-bucket-path) to backup in an S3 bucket.

• AWS IPI clusters:

  • The installer output is saved in the .
  • The data is used for cluster destroy.
  • base_domain cluster parameter is mandatory
  • --registry-config-file: registry-config json file path, can be obtained from openshift local cluster
  • --ssh-key-file: id_rsa file path

• ROSA / Hypershift clusters:

  • --ocm-token: OCM token, defaults to OCM_TOKEN environment variable.
  • --ocm-env: OCM environment to deploy the cluster; available options: stage or production (defaults to stage)

Cluster parameters

Every call to the openshift installer cli must have at least one --cluster option.

• Mandatory parameters:
  • name: The name of the cluster
  • platform: The platform to deploy the cluster on (supported platforms are: aws, rosa and hypershift)
  • region: The region to deploy the cluster
• Optional parameters:
  • Parameter names should be separated by semicolons (;)
  • To set cluster create / destroy timeout, pass --cluster ...timeout=1h'; default is 30 minutes.
  • timeout and expiration-time format examples: 1h, 30m, 3600s
  • AWS IPI:
    • To overwrite cluster config, check install-config-template.j2 parameters.
    • Every parameter (marked with double curly brackets in the template) can be overwritten.
    • For example: to overwrite {{ fips|default("false", true) }} pass --cluster '...fips=true'
  • ROSA / Hypershift:
    • Every supported ROSA CLI create/delete parameter can be passed. Check rosa create --help for more details.
    • For example:
      • Pass --cluster ...fips=true' to enable FIPS
      • Pass --cluster ...expiration-time=2h' to have the cluster expiration time set to 2 hours
  • Hypershift:
    • Cluster VPC CIDR, public and private subnets can be configured from the CLI. Otherwise, values in setup-vpc.tf will be used.
      • To set cidr, pass --cluster ...cidr=1.1.0.0/16'
      • To set private_subnets, pass --cluster ...private_subnets=10.1.1.0/24,10.1.2.0/24'
      • To set public_subnets, pass --cluster ...public_subnets=10.1.10.0/24,10.1.20.0/24'

Usages

podman run quay.io/redhat_msi/openshift-cli-installer --help

Local run

Clone the repository

git clone https://github.com/RedHatQE/openshift-cli-installer.git

Install poetry

Install regctl

Install Terraform how-to

sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/fedora/hashicorp.repo
sudo dnf install terraform

Use poetry run python openshift_cli_installer/cli.py to execute the cli.

poetry install
poetry run python openshift_cli_installer/cli.py --help

Create Clusters

Each command can be run via container podman run quay.io/redhat_msi/openshift-cli-installer or via poetry command poetry run python openshift_cli_installer/cli.py When using the container pass: -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY -v registry-config.json:/registry-config.json -v ./clusters-install-data:/openshift-cli-installer/clusters-install-data

One cluster

AWS IPI cluster

Versions

• Supported streams are: stable, nightly, rc, ci and ec, Supported architecture(s): X86_64
• If passed exact version this version will be used (if exists), Example: 3.14.9
• If passed partial version, latest version will be used, Example: 4.13 install 4.13.9 (latest)
• If passed stream=nightly and version 4.13, latest 4.13 nightly will be used.
  • stream should be passed as part on --cluster, --cluster ...... stream=stable

podman run quay.io/redhat_msi/openshift-cli-installer \
    --action create \
    --registry-config-file=registry-config.json \
    --s3-bucket-name=openshift-cli-installer \
    --s3-bucket-path=install-folders \
    --cluster 'name=ipi1;base_domain=aws.interop.ccitredhat.com;platform=aws;region=us-east-2;version=4.14.0-ec.2;worker_flavor=m5.xlarge'

ROSA cluster

Versions

[Same for Hypershift clusters]

• Supported channel-group are: stable, candidate, and nightly.
• If passed exact version this version will be used (if exists), Example: 3.14.9
• If passed partial version, latest version will be used, Example: 4.13 install 4.13.9 (latest)
• If passed channel-group=nightly and version 4.13, latest 4.13 nightly will be used.
  • stream should be passed as part on --cluster, --cluster ...... channel-group=stable

podman run quay.io/redhat_msi/openshift-cli-installer \
    --action create \
    --ocm-token=$OCM_TOKEN \
    --ocm-env=stage \
    --cluster 'name=rosa1;platform=rosa;region=us-east-2;version=4.13.4;compute-machine-type=m5.xlarge;replicas=2;channel-group=candidate;expiration-time=4h;timeout=1h'

Hypershift cluster

podman run quay.io/redhat_msi/openshift-cli-installer \
    --action create \
    --ocm-token=$OCM_TOKEN \
    --ocm-env=stage \
    --cluster 'name=hyper;platform=hypershift;region=us-west-2;version=4.13.4;compute-machine-type=m5.4xlarge;replicas=6;channel-group=candidate;expiration-time=4h;timeout=1h'

Multiple clusters

To run multiple clusters deployments in parallel pass -p,--parallel.

podman run quay.io/redhat_msi/openshift-cli-installer \
    --action create \
    --registry-config-file=registry-config.json \
    --s3-bucket-name=openshift-cli-installer \
    --s3-bucket-path=install-folders \  
    --ocm-token=$OCM_TOKEN \
    --ocm-env=stage \
    --cluster 'name=hyper1;platform=hypershift;region=us-west-2;version=4.13.4;compute-machine-type=m5.4xlarge;replicas=6;channel-group=candidate;expiration-time=2h;timeout=1h' \
    --cluster 'name=ipi1;base_domain=aws.interop.ccitredhat.com;platform=aws;region=us-east-2;version=4.14.0-ec.2;worker_flavor=m5.xlarge' \
    --cluster 'name=rosa1;platform=rosa;region=us-east-2;version=4.13.4;compute-machine-type=m5.xlarge;replicas=2;channel-group=candidate;expiration-time=4h;timeout=1h' \
    --parallel

Destroy Clusters

One cluster

AWS IPI cluster

podman run quay.io/redhat_msi/openshift-cli-installer \
    --action destroy \
    --ocm-token=$OCM_TOKEN \
    --ocm-env=stage \
    --cluster 'name=ipi1;region=us-east-2;version=4.14.0-ec.2;timeout=1h'

ROSA cluster

podman run quay.io/redhat_msi/openshift-cli-installer \
    --action destroy \
    --ocm-token=$OCM_TOKEN \
    --ocm-env=stage \
    --cluster 'name=rosa1;platform=rosa;region=us-east-2;version=4.13.4;timeout=1h'

Hypershift cluster

podman run quay.io/redhat_msi/openshift-cli-installer \
    --action destroy \
    --ocm-token=$OCM_TOKEN \
    --ocm-env=stage \
    --cluster 'name=hyper1;platform=rosa;region=us-east-2;version=4.13.4;timeout=1h'

Multiple clusters

To run multiple clusters deletion in parallel pass -p,--parallel.

podman run quay.io/redhat_msi/openshift-cli-installer \
    --action destroy \
    --ocm-token=$OCM_TOKEN \
    --ocm-env=stage \
    --cluster 'name=rosa1;platform=rosa;region=us-east-2;version=4.13.4;timeout=1h' \
    --cluster 'name=hyper1;platform=rosa;region=us-east-2;version=4.13.4;timeout=1h' \
    --cluster 'name=ipi1;region=us-east-2;version=4.14.0-ec.2;timeout=1h'