OpenShift

OpenShift = Docker + Kubernetes. OpenShift is an orchestration PaaS provided by Red Hat. It is infrastructure-agnostic; you could run it on top of EC2, for example: imagine deploying Docker containers to EC2 instances.

What do we need to run Magnolia? Tomcat, MySQL, Magnolia WAR file. What if I want to add or remove a public instance to a Magnolia install, say in a High Availability scenario? I will need some orchestration machine - this is where OpenShift comes in.

OpenShift uses ActiveMQ to communicate between the orchestration machine ('Broker') and the Nodes.

Cartridge

A Cartridge is an OpenShift extension. Think library include. We might build a Cartridge to a DB platform like MySQL. We install Cartridges into Gears to provide functionality to our apps.

Gear

A Gear is a Container. We organize N > 1 Gears into a Pod.

Pod

A Pod is the atomic unit for OpenShift. It is the smallest manageable unit. Pods live on Virtual Machines. Virtual Machines are also known as 'Nodes'.

Cluster

A Cluster is a collection of Virtual Machines.

Links

There's a basic Ansible Role for installing OpenShift here.
The OpenShift docu are either weak or outdated in most cases, and the authors of OpenShift tend to answer online questions with "You're using the product wrong", rather than be helpful, so, good documentation is hard to find. Here's a couple useful links - surprise, surprise - not from the OpenShift docu:
https://docs.ansible.com/ansible-container/openshift/containers.html
http://www.javamonamour.org/2017/12/oc-cluster-up-how-to-enable-admin.html

Other

First working cluster was built like so:

#!/bin/bash

# ===========================================================
# [1] get prerequisites, openshift client, and set hostname #
# ===========================================================
# need wget and docker
sudo yum -y install wget docker git
# get the latest open shift client from https://github.com/openshift/origin/releases
wget https://github.com/openshift/origin/releases/download/v3.9.0/openshift-origin-client-tools-v3.9.0-191fece-linux-64bit.tar.gz
# extract the latest open shift client you just downloaded
tar zxf openshift-origin-client-tools-v3.9.0-191fece-linux-64bit.tar.gz
# move the oc executable somewhere so it's on most PATHS
sudo mv openshift-origin-client-tools-v3.9.0-191fece-linux-64bit/oc /usr/local/bin/
# add your ip address to /etc/hosts
sudo -- sh -c "echo 139.162.131.60 localhost.openshift >> /etc/hosts"



# ==========================================
# [2] configure docker and start openshift #
# ==========================================
# unless you have a cert, tell docker to use insecure resgistries
sudo -- sh -c "echo "{\"insecure-registries\"" : ["\"139.162.131.60:5000\"", "\"172.30.0.0/16\""]} > /etc/docker/daemon.json"
# the file should look like this: {"insecure-registries" : ["139.162.131.60:5000", "172.30.0.0/16"]}
# now need to make docker mounts 'shared' ... guidance is here: https://docs.portworx.com/knowledgebase/shared-mount-propogation.html#redhatcentos-configuration-and-shared-mounts ... TL;DR: remove the line starting with 'MountFlags' from /lib/systemd/system/docker.service ... OS-level --make-shared does NOT work!
sed -i '/^MountFlags/d' /lib/systemd/system/docker.service
# reload docker
sudo service docker reload
# create the openshift cluster ... seems must be run as 'root', not even sudo works because it doesn't find oc on PATH
oc cluster up --public-hostname 139.162.131.60
# now you should be able to visit 139.162.131.60:8443 and log in using (by default) *any* credentials you choose ... whatever you enter, it'll create that acct for you
#### SCREEN SHOT HERE ####

Screenshots

Now that everything is set up and you can log in to the web console, let's do some configuration:

oc login 139.162.131.60:8443 --username=system --password=admin --insecure-skip-tls-verify

You should see something like:

[bandersen@li1397-60 ~]$ oc login 139.162.131.60:8443 --username=system --password=admin --insecure-skip-tls-verify
Login successful.

You don't have any projects. You can try to create a new project, by running

    oc new-project <projectname>

Welcome! See 'oc help' to get started.
[bandersen@li1397-60 ~]$

Most tutorials will tell you to do it this way, but I have never gotten it to work:

oc login -u system:admin

Usually, you'll get an error like so:

[bandersen@li1397-60 ~]$ oc login -u system:admin
Server [https://localhost:8443]:
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): y

Authentication required for https://localhost:8443 (openshift)
Username: system:admin
Password:
error: username system:admin is invalid for basic auth
[bandersen@li1397-60 ~]$

The best way is actually to follow the advice here.

Running Magnolia on OpenShift

Two ways: as a standalone WAR file, or using Docker.

as a standalone WAR

wget https://files.magnolia-cms.com/5.6/magnolia-enterprise-pro-demo-webapp-5.6.war

oc new-app wildfly:latest~. --name magnolia-enterprise-pro-demo-webapp-5.6

using Docker

Page tree