fh-cup
( (
) )
........
| fh |]
\ /
`----'
Wrapper CLI for oc cluster up
to give you a working local RHMAP core for development with OpenShift Origin.
CI
PRs are built using Travis CI
Installation and Running
- Clone this repo to your $GOPATH
- You'll also need to clone rhmap-ansible, fh-core-openshift-templates & fh-openshift-templates to a working directory
- Copy
fh-cup.toml
to~/.fh-cup.toml
and configure the paths and Docker Hub details
dep ensure
using dep
Install dependencies via - Build
fh-cup
viago build
- Run
./fh-cup up --clean
Some other commands and options
./fh-cup down --clean # Tear down cluster & clean leftover config/persistence
./fh-cup check # Check for pre-requisites (WIP)
./fh-cup up --skip-image-seeding # Skip image seeding (Not recommended)
./fh-cup install # Run rhmap-ansible installer on an already running cluster
./fh-cup seed # Seed RHMAP Core & MBaaS images into Docker
TODO
- Drop in config into
~/.fh-cup.toml
(maybe interactive) - More pre-flight checks
- Embed templates into binary - use embedded by default. Single distributable.
- Build for multiple platforms
Prerequisites
- Docker (for Mac* / Linux**)
- OpenShift 3 Client CLI Tool
oc
version >= v1.3 -
socat
installed -
docker
logged in to a Docker Hub account with access to the rhmap project
Pre-requisites for Development
- Golang >=1.9
- dep
* Docker for Mac
- For an RHMAP Core & MBaaS install, you should allocate ~7GB of memory & > 5 CPU cores
- You must add
172.30.0.0/16
as an insecure registry (via the Docker for Mac UI) - Kubernetes is currently broken when using CE editions of Docker. For macOS, it's recommended to use Docker 1.13.1 for now.
** Docker for Linux
[CF: https://github.com/openshift/origin/blob/master/docs/cluster_up_down.md#getting-started]
WARNING |
---|
The default Firewalld configuration on Fedora blocks access to ports needed by containers running on an OpenShift cluster. Make sure you grant access to these ports. See step 3 below. |
Check that sysctl net.ipv4.ip_forward is set to 1. |
- Install Docker with your platform's package manager.
- Configure the Docker daemon with an insecure registry parameter of
172.30.0.0/16
-
In RHEL and Fedora, edit the
/etc/sysconfig/docker
file and add or uncomment the following line:INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16'
-
After editing the config, restart the Docker daemon.
$ sudo systemctl restart docker
-
- Ensure that your firewall allows containers access to the OpenShift master API (8443/tcp) and DNS (53/udp) endpoints.
In RHEL and Fedora, you can create a new firewalld zone to enable this access:
-
Determine the Docker bridge network container subnet:
docker network inspect bridge -f "{{range .IPAM.Config }}{{ .Subnet }}{{end}}"
You will should get a subnet like:
172.17.0.0/16
-
Create a new firewalld zone for the subnet and grant it access to the API and DNS ports:
firewall-cmd --permanent --new-zone dockerc firewall-cmd --permanent --zone dockerc --add-source 172.17.0.0/16 firewall-cmd --permanent --zone dockerc --add-port 8443/tcp firewall-cmd --permanent --zone dockerc --add-port 53/udp firewall-cmd --permanent --zone dockerc --add-port 443/tcp firewall-cmd --permanent --zone dockerc --add-port 80/tcp firewall-cmd --reload
-
Troubleshooting & Known Issues
General
- Docker configuration needs to be at
$HOME/.docker/config.json
- login viadocker login
FHC Core & MBaaS linking
If you see an error similar to the following:
fhc ERR! Error: getaddrinfo ENOTFOUND rhmap.cup.feedhenry.io rhmap.cup.feedhenry.io:443
This is likely because this hostname is not resolved correctly. *.cup.feedhenry.io
should resolve to 192.168.44.10
. Verify this with dig
or similar, for example:
dig rhmap.cup.feedhenry.io
No such file or folder
when looking for templates/generated/fh-core-XXXXX.json
- Ensure the
generated/
folder is populated, if not, runnpm install
andgrunt
from the templates root - Make sure to use complete paths in
~/.fh-cup.toml
eg./Users/ecrosbie/dir
instead of~/dir
Error: Waiting for API server to start listening
If you see the following error (usually on a Mac):
Waiting for API server to start listening
FAIL
Error: timed out waiting for OpenShift container "origin"
WARNING: 192.168.44.10:8443 may be blocked by firewall rules
Details:
No log available from "origin" container
Along with lots of lines in the origin container logs with the following:
I0926 20:55:00.077851 29405 logs.go:41] http: TLS handshake error from 127.0.0.1:37680: EOF
It's likely that traffic is being blocked by a firewall or filter (e.g. Little Snitch). Disable or allow access to fix.