Chapter 2. Preparing Infrastructure for Installation

  1. Determine which type of installation you require:

    Installation TypeReplicasetCoreMBaaSPurpose

    Single core and 1-node mbaas

    no

    1

    1-node

    Proof of Concept (POC) - all data and code stored on your infrastructure.

    Single core with a 3-node MbaaS

    yes

    1

    3-node

    Production ready - All data and code stored on your infrastructure.

  2. Make sure your infrastructure satisfies hardware requirements.

    Use the Red Hat Mobile Application Platform 4.x sizing tool to determine how many nodes with how many processors, and how much RAM and storage are required to run RHMAP. Alternatively, see the Infrastructure Sizing Considerations for Installation of RHMAP MBaaS for a full reference of all configurations.

  3. Install Red Hat Enterprise Linux (RHEL).

    Note

    See the OpenShift Container Platform Tested Integrations site to determine which version of RHEL to install.

    Install RHEL on each machine that will serve as a node in the OpenShift cluster for the Core or MBaaS. For more information, see the RHEL Installation Guide.

  4. Register all cluster nodes using Red Hat Subscription Manager (RHSM) and attach the nodes to the RHMAP subscription.

    For each node in the cluster:

    1. Register the node with RHSM.

      Replace <username> and <password> with the user name and password for your Red Hat account. 

      sudo subscription-manager register --username=<username> --password=<password>

      The output is similar to the following: 

      Registering to: subscription.rhn.redhat.com:443/subscription
The system has been registered with ID: abcdef12-3456-7890-1234-56789012abcd

    2. List the available subscriptions. 

      sudo subscription-manager list --available

    3. Find the pool ID for an RHMAP subscription and attach that pool. The pool ID is listed with the product subscription information. 

      sudo subscription-manager attach --pool=<pool_id>

      The output is similar to the following: 

      Successfully attached a subscription for: Red Hat Mobile Application Platform

  5. Install OpenShift version 3.7, 3.9 or 3.10.

    See the Installation and Configuration guide for detailed installation procedures.

    Important

    Consider the following points when performing the installation:

    • One of the options documented for OpenShift installation is to use the remaining free space from the volume group where your root file system is located. Red Hat recommends that you do not choose this option, that is, you use an existing, specified volume group, or an additional block device.
    • In the OpenShift Installation and Configuration guide, skip steps that you have already performed as part of this procedure, for example, steps 1, 2, 3 and 4 in section 2.3.3. Host Registration, which describe the registration process.

    Use the Red Hat Mobile Application Platform 4.x sizing tool or the Infrastructure Sizing Considerations for Installation of RHMAP MBaaS document to determine how many nodes to configure in your OpenShift cluster.

2.1. Install the RHMAP OpenShift Templates

Get the templates by installing the RPM package rhmap-fh-openshift-templates:

  1. Update subscription-manager information 

    subscription-manager refresh

  2. Enable the RHMAP 4.7 RPMs repository in RHEL. 

    subscription-manager repos --enable=rhel-7-server-rhmap-4.7-rpms

  3. Install rhmap-fh-openshift-templates 

    yum install rhmap-fh-openshift-templates

The Ansible scripts to install RHMAP are installed into /opt/rhmap/4.7/rhmap-installer directory.

The following templates are installed into the /opt/rhmap/4.7/templates/core directory:

  • fh-core-backend.json
  • fh-core-frontend.json
  • fh-core-infra.json
  • fh-core-mongo-config.json
  • fh-core-mongo.json
  • fh-core-mongo-replica.json
  • fh-core-monitoring.json
  • fh-core-mysql-config.json
  • fh-core-mysql.json
  • fh-core-mysql-master-slave.json
  • fh-nginx-proxy-template.json

2.2. Configure Ansible for installing RHMAP components.

To install Ansible version 2.4, see the Ansible Installation Guide.

Playbooks are Ansible’s configuration, deployment, and orchestration language. They can describe a policy you want your remote systems to enforce, or a set of steps in a general IT process. The playbooks required to install RHMAP are included in the RPM file described in Section 2.1, “Install the RHMAP OpenShift Templates”. See http://docs.ansible.com/ansible/playbooks.html for more information.

Ansible requires ssh access to the nodes in your OpenShift cluster to perform the installation. To enable this, enter the nodes into an Ansible inventory file.

2.2.1. Accessing the Cluster

Validate that you can access the cluster using one of the following methods:

  • Using the following command to log into your cluster: ssh <ansible_ssh_user>@<master_node> -t "oc login --username=<oc_user> --password=<os_password>". If you use this method, set the oc_user and oc_password variables as described in Section 2.2.2, “Setting Up an Inventory File”.

  • Using OAuth authentication (RHMAP 4.5.1 or later):

    1. Determine the value required for the oc_oauth_token variable by visiting https://<domain_name>/oauth/token/request. This generates a short-lived token for the current user.
    2. Use the token to log into your cluster: ssh <ansible_ssh_user>@<master_node> -t -e oc_oauth_token.
    3. Set the oc_oauth_token variable as described in Section 2.2.2, “Setting Up an Inventory File”.

2.2.2. Setting Up an Inventory File

The RPM file include several example inventory files that can be referenced as guidelines for your installation The inventory file acts as a configuration for your installation. See http://docs.ansible.com/ansible/intro_inventory.html for more information.

For a multi-node installation, consider the following template: 

/opt/rhmap/4.7/rhmap-installer/inventory-templates/multi-node-example

There are a number of parameters that can be overridden. These include settings such as that required for an outbound HTTP Proxy, the OpenShift username and password to use, and the list of nodes you intend to use for RHMAP Core and MBaaS installation. These parameters represent the global configuration options when installing RHMAP. There are more specific parameters in the Core playbooks and MBaaS playbooks that are covered under the installation guides. Below is a list of the parameters you can set in this inventory file when installing RHMAP, their uses and their defaults.

VariableDescriptionRequired

ansible_ssh_user

The SSH user Ansible uses to install RHMAP. This user must allow SSH-based authentication without requiring a password. Validate this setting as described in Section 2.2.1, “Accessing the Cluster”.

true

ansible_sudo

Allows Ansible to escalate privileges when required. For example when checking the required PVs exist.

true

target

The type of OpenShift are we targeting. The only value that is supported at this moment is enterprise

true

cluster_hostname

Cluster hostname. The base route for your OpenShift router.

true

domain_name

Customer subdomain name. For example rhmap which will become the base domain to access RHMAP: (rhmap.my.example.com)

true

oc_user

OpenShift User that runs commands

false

oc_password

OpenShift User password / token

false

login_url

The URL of the OpenShift server. For example, the URL used with you log in to the server using the oc client. Do not set this variable if using a http proxy, and the ansible tasks specified in the playbook run on an OpenShift node.

https://localhost:8443

skip_tls

If true, the OpenShift server’s certificate will not be checked for validity. This will make your HTTPS connections insecure

false

kubeconfig

The path to the config file containing the client certificates for the system:admin user. Default value is /etc/origin/master/admin.kubeconfig

true

proxy_host

HTTP_PROXY_HOST value

false

proxy_port

HTTP_PROXY_PORT value

false

proxy_user

HTTP_PROXY_USER value (only needed if authentication is required, otherwise leave it blank)

false

proxy_pass

HTTP_PROXY_PASS value (only needed if authentication is required, otherwise leave it blank)

false

proxy_url

The syntax is: http://<proxy-host>:<proxy-port> or http://<proxy_user>:<proxy_pass>@<proxy-host>:<proxy-port>

false

url_to_check

URL to test prerequisite of outbound HTTP connection. Must be whitelisted if you use a HTTP Proxy server.

true

gluster_storage

This must be set to true of using Gluster FS for persistent storage. Default value is false.

true

gluster_metadata_name

The name which defines the Gluster cluster in the Persistent Volume definition.

true

gluster_endpoints

A comma separated list of IP values. Must be the actual IP addresses of a Gluster server, not FQDNs. For example, ["10.10.0.55","10.10.0.56"]

true

[master]

Note this is a host group. Provide a single OpenShift master node, for example:

my-domain-master1.example.com.

true

[mbaas]

Note this is a host group. Each of the nodes you want to use to install the MBaaS, each node labeled as per the prerequisites, labelling is only required for the MBaaS. For example:

my-domain-mbaas1.example.com

my-domain-mbaas2.example.com

my-domain-mbaas3.example.com

true

[core]

Note this is a host group. Each of the nodes you want to use to install the Core.

my-domain-node1.example.com

my-domain-node2.example.com

my-domain-node3.example.com

true

oc_oauth_token

A token which enables access to the OpenShift instance without revealing the credentials of that instance

false

2.2.2.1. Configuring a Proxy Whitelist

If you are using a proxy, add the following to the proxy whitelist:

  • The wildcard DNS entry for your OpenShift Router, for example *example.example.net
  • api-ssl.bitly.com
  • github.com
  • registry.npmjs.org
  • fcm.googleapis.com
  • db3.notify.windows.com
  • gcm-http.googleapis.com
  • subscription.rhn.redhat.com