Understanding OpenShift 4 Installation

How to install OpenShift 4 on Bare Metal and vmware | User Provisioned Infrastructure (UPI) | Part-1

Estimated read time: 1:20

    Summary

    In this insightful video, the creator from DevOps Virtual University delves into the OpenShift 4 installation process on bare metal and VMware using the User Provisioned Infrastructure (UPI) method. Starting with an overview of the necessary infrastructure, including hardware specifications and network configurations, the video provides a step-by-step guide on setting up the OpenShift cluster. It emphasizes key concepts like DNS configuration and the role of load balancers. With practical examples and detailed explanations, the video is an invaluable resource for IT professionals looking to install OpenShift effectively.

      Highlights

      • The video starts by explaining the difference between UPI and IPI installation methods. 🚀
      • Discusses the OpenShift cluster's hardware requirements in detail. 💡
      • Detailed explanation of the infrastructure setup using ESXi hypervisor. 🖥️
      • Shows how to configure DNS, DHCP and load balancer settings. 🔄
      • Provides insights into network interface setups necessary for OpenShift. 📡
      • Explains the process of enabling IP forwarding in the Linux kernel. 🐧
      • Covers the step-by-step process of generating and using a special boot ISO from Red Hat. 💾
      • Offers troubleshooting tips, such as handling ESXi specific settings. 🛠️

      Key Takeaways

      • OpenShift installation can be done using UPI and IPI methods. 🛠️
      • UPI requires pre-configured infrastructure; ideal for those familiar with their hardware. 🔧
      • Three master nodes are a baseline requirement for setting up OpenShift. 💻
      • The video provides detailed hardware specs needed for setting up OpenShift. 🤓
      • Load balancing is critical and can be set up using HA Proxy or other tools. 📊
      • Proper DNS and DHCP configurations are necessary for a successful installation. 🌐
      • The walkthrough includes setting up a Red Hat Developer account for needed subscriptions. 📋
      • Practical insights into using ESXi as a hypervisor for virtual networks. 🖧

      Overview

      In the video, the creator from DevOps Virtual University embarks on an informative journey detailing the installation of OpenShift 4 on bare metal and VMware using the User Provisioned Infrastructure (UPI) method. Starting with the basics, the creator explains different installation methods, putting a spotlight on UPI, which requires the pre-existence of infrastructure.

        The video provides a detailed breakdown of the necessary hardware, including RAM, CPU, and storage requirements for both master and worker nodes. Networking is a significant focus, demonstrating how to set up virtual networks and switches using the ESXi hypervisor. Viewers receive guidance on configuring H Proxy for load balancing, ensuring efficient distribution of network traffic.

          Additionally, the video dives into the configuration of DNS and DHCP servers, crucial for the seamless operation of OpenShift. The process of obtaining a Red Hat subscription is explained, along with tips for managing hypervisor settings. This comprehensive guide equips viewers with the tools and knowledge needed to execute a successful OpenShift deployment.

            Chapters

            • 00:00 - 00:30: Introduction to OpenShift Series In the introductory chapter of the OpenShift series, the focus is on understanding the OpenShift installation. The speaker mentions that throughout the series, they will explore OpenShift deployment in detail, addressing common inquiries regarding various deployment methods available.
            • 00:30 - 01:00: Overview of OpenShift Installation Methods The chapter discusses the various methods for installing an OpenShift cluster, which is the first step in OpenShift administration. It focuses on two primary installation methods: UPI (User Provisioned Infrastructure) and IPI (Installer Provisioned Infrastructure).
            • 01:00 - 01:30: User Provisioned Infrastructure (UPI) Method In the User Provisioned Infrastructure (UPI) method, you need to manually set up your entire infrastructure in advance. This contrasts with the Installer Provisioned Infrastructure (IPI) method, where OpenShift automatically configures your infrastructure based on a manifest that contains all necessary compute resources, requirements, and information about the hypervisor or cloud service you use. With UPI, your infrastructure must be pre-configured, as it does not automatically handle this part.
            • 01:30 - 02:30: Infrastructure Specifications for UPI The chapter describes the infrastructure specifications required for deploying OpenShift with a focus on hardware specs including HAProxy with 1GB RAM, 20GB disk, and 1 CPU. It also mentions the configuration of three master nodes, emphasizing that OpenShift cannot operate with fewer than one master node.
            • 02:30 - 04:00: Network and Hypervisor Setup The chapter discusses the requirements for setting up a network and hypervisor for nodes and master nodes. It details the hardware specifications needed, including memory, disk space, CPU, and network interface card. Specifically, it mentions having a minimum of three master nodes, with the potential to scale up to five, seven, or nine, each requiring 24 GB of RAM, 150 GB of disk space, four CPUs, and one network interface card. For worker nodes, it's suggested to use 32 GB of memory, 200 GB of disk space, four CPUs, and one network interface card to handle application loads.
            • 04:00 - 07:30: Load Balancer and DNS Configuration In this chapter titled 'Load Balancer and DNS Configuration,' the focus is on setting up infrastructure using both physical and virtual elements. The speaker begins by stating a preference for using bare metal servers, physical networks, cables, and switches for this particular setup. They start to explain the configuration and operational flow of the infrastructure in their lab environment. Specifically, the ESXi hypervisor is used, as mentioned when they log into the system to manage their servers. The server's capacity listed includes about 250 to 256 GB, which likely refers to memory or storage specifications. The chapter sets the stage for discussing load balancing and DNS configuration, hinting at a hands-on approach using robust physical resources combined with virtualization tools.
            • 07:30 - 09:30: Configuration of DHCP and Network Interfaces The chapter discusses the configuration of DHCP and network interfaces, particularly in the context of setting up virtual machines on a high-performance machine. The machine described has 1 TB SSD, over 16 CPUs, and a substantial amount of RAM. The chapter covers creating multiple networks and network switches to facilitate connectivity and deploying an OpenShift cluster on the virtual machines.
            • 09:30 - 12:00: OpenShift Deployment Process The chapter discusses the OpenShift deployment process using the User Provisioned Infrastructure (UPI) method. It explains that the installation process is similar to other methods and the main difference is replacing virtual machines with physical servers. The speaker also begins to explain their hypervisor setup.
            • 12:00 - 15:00: Cluster Setup and Final Steps The chapter discusses the network infrastructure involved in setting up an OpenShift deployment. It explains that all the master and worker nodes are connected to an OpenShift Network, which is a virtual switch in the ESXi hypervisor. This OpenShift Network is further connected to a load balancer. The load balancer will utilize Red Hat Enterprise Linux 9, although CentOS can also be used as an alternative.

            How to install OpenShift 4 on Bare Metal and vmware | User Provisioned Infrastructure (UPI) | Part-1 Transcription

            • 00:00 - 00:30 today we are going to start a new series of open shift so in this uh in these sessions we will look the cuber open shift deployment in detail so today we have to understand the open shift installation a lot of people ask me about the open shift deployment process so there are different methods so there
            • 00:30 - 01:00 I am going to explain the open shift redhead open shift Administration uh and uh the very first step is you must have a open shift cluster up and running so to install the cluster there are multiple ways so I will discuss today the UPI user provisioning uh installation online method uh there is another method IPI uh infrastructure provision
            • 01:00 - 01:30 installer so in that IPI method open shift will automatically configure your whole infrastructure you have to provide the uh some manifest that will contain all the uh compute resource and uh requirements and your hypervisor or whatever the cloud you are using so it will automatically provision the infrastructure to but UPI is a method where your infrastructure is already configured
            • 01:30 - 02:00 and uh you just want to deply the open shift on top of that so uh what infrastructure specs I am going to use for this method hardware specs I will use uh H proxy it's uh 1GB RAM 20 GB disc 1 CPU and two uh CN I uh and uh Master nodes three Master nodes I am going to configure because open shift cannot install less than uh one master
            • 02:00 - 02:30 node and minimum three Master nodes are required you can go up to five seven or nine and uh 24 GB each I will use Ram 150gb disk and four CPU and one uh network interface card similarly worker nodes that will that will hold the application load so I am giving the 32 GB of memory and uh 200 GB disk and four CPUs and one uh network interface card
            • 02:30 - 03:00 so for this whole infrastructure what I am using you can use the bare metal servers physical networks cables switch and uh let me explain you how this whole infrastructure is going to work and uh for my in my lab what I am using I will use this uh I am using the esxi hypervisor let me just logged in on this one so here I have have about 250 g 256
            • 03:00 - 03:30 GB of RAM um about 1 TB SSD and uh and uh I have more than 16 CPUs so this is a good machine so I will set up virtual machines on top of this hypervisor and I will create multiple networks uh Network switches to make the connectivity and uh we'll deploy the whole open shift cluster
            • 03:30 - 04:00 so if you want to deplo the open shift using uh UPI method can use the same installation process what I am using just replace the virtual machine with the physical servers so rest of all is everything same so now uh I will explain you this is my hypervisor and and uh this is the
            • 04:00 - 04:30 network infrastructure of uh open shift deployment on the top on the right side you can see the there is an open shift net this is a virtual switch in the esxi hypervisor all the master and worker nodes are connected with this open Shift Network and this open Shift Network is connected with the load balancer for the load balancer we are going to use a redhead uh Enterprise Linux 9 you can also use sentos uh and this load balancer will actually
            • 04:30 - 05:00 be configured by the ha proxy uh and uh uh it will also serve the DNS uh name to IP resolution of all these master and worker nodes that is a requirement of open shift cluster deployment the DHCP the automatic IP allocation based on the Mac address binded in the DHCP uh server so each each machine will automatically affect the IP from DHCP uh every time the fix IP because it is binded with the
            • 05:00 - 05:30 mac and uh this network interface that is connected with the open Shift Network I am using 101010 0/24 network you can use any network whatever you feel convenient and uh this interface of the load bancer has an IP 1010101 this will be the Gateway of whole open shift cluster uh all the worker and master nodes so I am using two worker nodes you can deploy more than two worker nodes to
            • 05:30 - 06:00 uh so it depends on the whatever application you want to deploy and the second interface of uh another interface that I attach with this load balancer is connected with the internet My Lan uh IP that is having the internet access is 1.2.3 0/24 you allocate 50 IP from De series on this van interface it has a Gateway 1.2
            • 06:00 - 06:30 3.4 that is connected with the firewall and uh this uh this is a van Network this these two networks are residing inside the uh esxi hypervisor but this van network has a physical connectivity to the external uh physical networks but this open Shift Network is only residing inside the hypervisor uh its purpose is to just connect all these six virtual machines uh and
            • 06:30 - 07:00 uh and this van network is actually connected with the physical network with my firewall I am using 40 net firewall to make it connectivity and a public IP is also landed on my firewall and that is connected to the internet we will not use the public IP uh but uh if you want to expose your open shift cluster to the public network we can use this public IP uh all the cluster related Administration uh will be done by this van Network so these administrators or
            • 07:00 - 07:30 developers that who want to deploy the application on the open shift will be connected to v v Network directly uh this open Shift Network is not exposed directly to the end user so and application user if you deply some application and application users want to access this application locally from Lan and they can connect with the van Network otherwise you can expose 480 and 443 to the internet if you want to publish this these application to the
            • 07:30 - 08:00 Internet so this public IP you can port forward to uh this van Network so uh this is a quick overview what we are going to deploy uh I just installed so far this load balancer redhead Enterprise Linux 9 and I did the subscription of uh uh redhead and for that purpose I create the redhead developer account you can also use the sentos 9 that will also work but I use rated 9
            • 08:00 - 08:30 and uh uh let me show you how I I you I use a hypervisor so this is my all the virtual machines so far I set up uh so this is the ha proxy so my ha proxy let me do SSH
            • 08:30 - 09:00 so this H proxy is uh having two network interfaces uh one is that I showed you in the diagram that is connected with this uh uh internet enable Network and this is the con connected with the open Shift Network if I show you the route it's a static uh default route it is pointing to my firewall IP and uh internet is working on this machine
            • 09:00 - 09:30 uh so and also this machine is subscribed with the redhead interel Linux if you are new with the red hat you can simply create a redhe hat developer account uh on uh uh on redhead and uh they will provide you uh um redhead subscription free of cost uh I believe they can provide on one account 16 machine you can connect with your subscription to
            • 09:30 - 10:00 make the uh to connect your redhead machine with subscription manager you can use subscription manager register and uh then you will press enter you have to provide your uh username and password uh of red hat and then it will be connected with red hat subscription so far it is configured so that's why it's ask it's uh giving me message that it is already registered so uh I have
            • 10:00 - 10:30 uh uh dnf repol list my repositories are working fine and uh we have to install some basic packages first of all because I install the minimal redit Enterprise Linux so it is not coming with whim it is not coming for bash completion uh and it is not having the Tet utility it is not having net tools
            • 10:30 - 11:00 so it will provide the net stat related utilities uh okay let's see which I installed or not okay I I installed everything already but just to show you you must have to install if you install the minimal and I I will recommend the minimal install don't use the GUI based installation so I set up the host name to H proxy now uh according to this documentation that is uh given this
            • 11:00 - 11:30 in the description of this video uh we have to we configur these virtual machines I will explain you this one why this is required for the esxi based uh uh virtual machines there is a feature we have to enable but to in when you will create the redhead developer account it will give you a 60 days free trial for open
            • 11:30 - 12:00 shift open shift is not free uh it's lens based but now the developers account can use 60 days trial without sport uh just to make the PES so you can go to conso redhead.com open shift account and uh you can log to your account okay let me just log in
            • 12:00 - 12:30 so uh here now we are directly landed in the open shift redhe open shift products if you go to I believe the services uh yeah we don't need to go to under the service so you are directly under the
            • 12:30 - 13:00 open shift so uh here on the left side you can see the cluster list so here we will deploy a new cluster this cluster is already in under the deployment I provisioned this 30 days ago for some POC uh so we will create a new cluster today okay now uh this load balancer machine we have to understand how to enable The netting on
            • 13:00 - 13:30 this machine how to install the A proxi and S thcp uh and how uh the what tools we we are going to configure so in the video description you can see the uh open shift this uh load balancer machine will act actually work for these these purpose it will all the command line based Administration we will perform by this open shift admin and
            • 13:30 - 14:00 load balancer machine so it will also perform the open shift administra admin Administration we will generate SSH key share key PA to and we will share the public key to the open shift cluster so that we can directly land into the open shift CL cluster uh because we we don't know what is the password actually to get into the open shift cluster so the only way to enter in the cluster is SSH key H in the worker nodes and master
            • 14:00 - 14:30 node it will work as a router it will provide the internet to all my open shift cluster uh it will work as a load balancer it will do the load balancing for Port 80 Port 443 for bootstrapping uh during the cluster installation and uh for the apepi 6443 Port access uh from uh mean to to the worker and to the master nodes uh it will provide DCP and DNS all these things we have to configure so here I
            • 14:30 - 15:00 mentioned the in first of all install de or Centos 9 it is done I showed you then we have to disable firewall D and Linux we can perform all these activities including firewall D and Linux but uh because this video is not uh redhead Administration related so that's why I skip this part so I am just going to disable firewall
            • 15:00 - 15:30 D and uh I will disable the Linux so here by default it's mode in is enforcing so I will set to disable we can configure the whole uh load balancer by using S Linux by using fird but uh if we set up this here it will DET track US so a lot of time we need to configure this if if you if you
            • 15:30 - 16:00 need uh the detail understanding you can directly contact me by email so about this firewall and SE Linux so so far but what I did I just disabled this so get uh get enforce you can see it is enforcing and firewall is disabled so I would like to just reboot this machine and uh because the Linux will be in the
            • 16:00 - 16:30 disabled mode after reboot and here my a proxy is running yeah it's rebooted so next we have to configure this complete load Baner
            • 16:30 - 17:00 so here we installed we did these two steps firewall Asen is disabled next we have to enable make this machine a router so we have two network interfaces and we also verified that on one interface its Gateway is set and its internet is working so the second interface that is connected with the open Shift Network and that will be the Gateway of the open Shift Network we have to install uh uh so far we disabled
            • 17:00 - 17:30 the firewall D we can also do the netting by using firewall but if we enable the firewall we need to con configure all the ports for uh whatever we want to open for this load balancer so that's why I disable the firewall uh but it is totally uh makes sense if you use the firewall D but uh that is another level of effort so what I am going to do here I will run these three command it will install the net filter
            • 17:30 - 18:00 NF table uh for the IP table installation and uh it is enabling the service it is starting the service NF tables and if I look the status so you can see it status is active okay okay
            • 18:00 - 18:30 now uh we have to write this IP table rule on that interface that will receive actually the traffic from open shift uh cluster so 10 10 101 the ens 224 will be the interface that will actually receive the uh traffic so I enable The netting on this interface and uh so this will be the Gateway so that's why I use ens 224 in
            • 18:30 - 19:00 your in environment uh maybe this network interface name is different you just have to change here uh for your network interface so this with this command you can validate uh either uh what type of IP table rules are configured you can see in from all the interfaces traffic and uh in and uh go out to yeah so I I did one thing wrong
            • 19:00 - 19:30 actually it should be enabled on the outgoing interface not the this one so from here I found the error you can see in and out so I know this is not the out this is the in interface and this is the out interface so let me to delete this uh rules I can use hyphen f
            • 19:30 - 20:00 so you can see the flush which flush the rule and let me now change the network interface to ens 192 so our network interface is ens 192 that is having the uh internet access so let's see now you can see any interface that is connected with this machine if defined as a Gateway will outout the traffic to this uh outgoing
            • 20:00 - 20:30 interface any Source IP any destination I just made a very simple netting rule uh but you can customize this with specific Source IPS uh to Route the traffic to the internet now uh netting is enabled now uh we need to do one more thing by default uh redhead the Linux kernel is not doing put forwarding so to make your machine a
            • 20:30 - 21:00 router uh we have to provide uh we have to provide uh we have to enable a feature in uh Linux kernel ipv4 uh forwarding so now if from one network to another network uh IP's the packets can jump by enabling this
            • 21:00 - 21:30 feature by by default this feature is disabled and we also have to run cctl hyphen P to recall this these new return rule in features in this cctl uh to inside your uh Kel so now Kel is enabled with this feature let me quickly add this one here to okay next is is we have
            • 21:30 - 22:00 to install the and configure the B DNS so first of all we need to conf install the bind packages so so bind is uh Red Hat DNS uh local DNS if you want to set up the bind package bind is use so bind is installed uh the configuration files I
            • 22:00 - 22:30 already configured and uploaded in the git repo and you can see the link in the video description so uh this directory the open shift uh setup I uploaded in the git repo and this contains a DNS uh directory the architecture that I showed you is also attached uh in this uh directory and uh this D DNS
            • 22:30 - 23:00 directory it contains uh named docon that is a main configuration file for the DNS and let me just quickly show what is this file doing so actually this file is the DNS configuration mean my TNS will work on 10 101 and Local Host IP on this machine on Port 53 uh and DNS can receive cury name to IP resolution from any IP of this network that is pointing to open Shift
            • 23:00 - 23:30 Network uh these are some other features uh and uh if some request came other than the locally defined DNS uh uh reverse and forward lookup Zone it will be routed to uh these public DNS for any internet related name to IP resolution and here I provide the zone you know dot contain the international DNS and uh this is the
            • 23:30 - 24:00 domain name I am going to use for my cluster it's cluster 1. local the name of my local DNS and its forward look of Zone file is here at this location and this is the reverse lookup Zone and its reverse lookup Zone file is residing at this will be residing at this location the rest of all these two files are built in in in when you will install the buy package so now what I need to
            • 24:00 - 24:30 do just we have to run these commands if you are inside the directory of this uh of this uh open shift setup so just copy DNS name.on with the existing name.om I overwrite this one and this whole Zone directory under
            • 24:30 - 25:00 the ATC named because I defined this path inside my uh inside my uh configuration file on name.on so in this file if you go you can see these two files I uploaded okay so everything is good now I need [Music] to enable start and look the status of
            • 25:00 - 25:30 this TNS Point Let's see is everything is working fine the service is active okay perfect uh okay it's working fine and our DNS if I look at net stat I find n t you can see the port 53 is open for Local Host as well as for for this interface whatever we defined in the
            • 25:30 - 26:00 configuration files okay now the next thing that we want to do uh we have to so at the mement you can see at the moment DNS will still be pointing to the land DNS server uh you can see this by testing the Dig cluster. local so right now if I show you
            • 26:00 - 26:30 you c/c resolve. so resolve docon on this machine I set up to this public DNS but so far my this local machine is also working as a DNS so let me change my DNS uh in on the fan interface whatever I provide it to Local Host or 10 10 10 one I will set Local Host mean this machine is also working as a
            • 26:30 - 27:00 DNS and uh it is I believe not applied so we have to system CTL restart uh network manager and here we have to look into we have to look into yeah now it is changed now if I pink uh yahoo.com yeah perfect it is resolving so and let
            • 27:00 - 27:30 look up uh CNN.com yes it is resolving so whatever request I am sending for my local TNS it is resolving now uh the files I added in the public Zone I would like to show you TB uh DB cluster
            • 27:30 - 28:00 local okay so I will show you the files uh under the zone and TP do uh uh cluster one. local okay this is my forward lookup Zone here I defined uh uh a proxy cluster 1. loal uh uh because this machine is working as a DNS server
            • 28:00 - 28:30 and uh this name to IP resolution H proxy do cluster 1. loal it's IPS 1010101 okay then the control plane machines uh here the the name of the cluster I Define Dev Ops Vu and the domain name is cluster 1. loal and this is the name of the uh uh machine so worker node one will be cp1
            • 28:30 - 29:00 cp2 CP3 and uh this will be the cluster name and this will be the domain name so to install the open shift you must have to define the uh TNS names with this sequence mean the machine name do cluster name dot domain name whatever domain you want to use you can use a public domain you can use the local domain it depends on your infrastructure and these IPS will be all ated to by DHCP to uh these Machin similarly the
            • 29:00 - 29:30 worker node one and then open shift internal load balancer uh these three entries are mandatory a API uh and uh API hyphen init and star apps mean anything I will write with this uh uh with this uh with the Ingress rule I will add it will be something like
            • 29:30 - 30:00 uh app one. apps do Dev Ops vu. cluster one. Lo so that will be routed to my load balancer so uh why is this this entry is basically for the uh end user so this diagram uh here the end user app user so for the app user we will also configure this uh machine as a DN we can configure but uh uh the
            • 30:00 - 30:30 internally open shift also want to resolve all the apps defined uh deployed inside the cluster so and these two entries are also for the internal cluster uh connectivity because the API is running on the all the master node so to access the master node the V is only load balancer so all the master nodes uh will send the request for the API to the load balancer and
            • 30:30 - 31:00 then load balancer will send back to other Master nodes so you know uh the the scheduler the API the sched the etcd the controller manager uh these all are communicating with the API so they will use the load balancer to communicate with the API because API is running on all the master master nodes so if you your load balancer is down your open shift cluster cannot work properly
            • 31:00 - 31:30 because the API is not re reachable from within the cluster and from outside the cluster so this can be a center point of failure so in production environment if you are using this uh H proxy has a load blender then it should have multiple machines uh and on top of this there should be a load balancer or firewall and you can also replace this whole load balancer with some physical firewall just like 4 net or any
            • 31:30 - 32:00 other F5 firewall you can use so you can set up uh these this DNS separately somewhere and you can Define the load balancing rules uh in the 4et or whatever firewall you are using so then etcd these entries are also mandatory and be where where the etcd database is running so cluster will uh try to hit the these machines on
            • 32:00 - 32:30 etcd and for the etcd and similarly this these records are also mandatory for the etcd and uh and uh this is O this is the dashboard for the open shift if someone want to open the dashboard they can provide the DNS this DNS and they can reach to this this interface similarly console open shift this is also the dashbo these both are same dashboard so these
            • 32:30 - 33:00 are the DNS resolutions I create this file and DB do reverse in the reverse what I did I just add the same entries with the reverse lookup Zone uh with the same entries the H proxy the the API the init and uh control plane and master node Okay so uh the host name of this uh
            • 33:00 - 33:30 machine is H proxy uh but it should be host name let me set uh set host name proxy dot one. local me just ping to this one yeah it's name to IP res resolving because my TNS
            • 33:30 - 34:00 is working fine okay now uh if I ping my uh cp1 sorry cpy 1. uh Tav Ops vu. cluster 1. loal you can see it's resolving so far this machine is not up that's why it's not pinging but I just
            • 34:00 - 34:30 want to quickly check the name to IP resolution DNS is working fine sorry this is H 3 and for the worker node I think I set up the name like worker one yes and worker two okay so everything is good from the DNS side it is configured it is working now move to Next Step the next step
            • 34:30 - 35:00 is uh we have [Music] to okay this I give the dig dig command but you can also use the Ping command to see the resolution of the now we have to set up the DHCP so to install the DHCP simply you have to install this package DHCP server
            • 35:00 - 35:30 okay perfect now uh DHCP server package is installed so DHCP configuration file we have to throw uh copy from the git repo I provided you so I copied that folder here and you can see so you can see this uh
            • 35:30 - 36:00 file in the ins the named sorry I have to be shift yes so here this is the DHCP doc file I will copy to uh Etc dcpa at this location so what is this file actually doing this file is a DHCP it's author
            • 36:00 - 36:30 authoritative and uh these are some uh options and uh the subnet that is dealing this is a subnet this is a subnet MK this is a default gateway it will provide the net MK the domain name for this for this subnet is cluster one. local the DNS IP is same like the Gateway so this interface we configure to resolve the name to IP for the open shift cluster
            • 36:30 - 37:00 and these this is a range if some mac address is not uh binded so that machine can get the IP from this range and uh these are the hardware uh Mac binding I did with the Mac addresses of uh control plane and uh just to save the time in this video what I did I
            • 37:00 - 37:30 install the I just uh configured the virtual machines I configure the virtual machines with the specs that I showed you the hardware specs
            • 37:30 - 38:00 and sometime it is taking time to log in
            • 38:00 - 38:30 okay so here you can see I just configured these virtual machines Master One Master 2 Master 3 worker one worker two and I have not
            • 38:30 - 39:00 deployed any operating system uh and I will show you the configuration Hardware settings what I did for CPU 2C uh GB of RAM and uh 24 GB RAM and uh the 150gb thin provision I use I am using a hard drive SSD and I connect this I have two
            • 39:00 - 39:30 networks as I showed you in the diagram so I connect this virtual machine with this open shift uh Port group so this VM network is the uh second network of the load bancer uh if I show you the load balancer I show you the load bancer so load blaner is actually having two network interface
            • 39:30 - 40:00 B you can see network one network 2 one is going to vmnet and other one is connecting with open Shift Network okay so to save the time what I did I configure all these machines and when you will configure these machines so that after configuration the network interfaces will not C the Mac address automatically so so so you just need to
            • 40:00 - 40:30 power on this machine just for a while and you can then power off again so this is the behavior of the hyper esxi that it will allocate the MAC address when the machine will power on first time so the MAC address I just power on these machines and power off the MAC address is allocated and what I did I put the MAC address addresses of each machine I created here in this file and I allocate the IP same like whatever I Define in
            • 40:30 - 41:00 the DNS okay and these will be the host name of this uh uh of these machines so host name and IP addresses will be provided host name IP address DNS Gateway subnet mask and the domain name all these will be provided by this DHCP server so this file is perfectly fine so I need to start and enable and look the status of
            • 41:00 - 41:30 thcp and uh okay it is active and you can see for this interface there is no subnet declare so it will ignore this interface the second interface because the network I defined the DHCP is only for 10 10 10 zero Network so that will it will only work for that interface okay so DHCP is is also up now we have to install uh
            • 41:30 - 42:00 Hy that will actually take the request of uh uh application and uh open shift Administration API request uh from outside as I showed you in the architecture so H proxy is already installed okay okay no problem uh and H
            • 42:00 - 42:30 proxy configuration file I also provided I will show you H proxy cfp file and here you can see these are the max connections logs and different parameters about a j proxy which user and system user and group will be responsible so these are some default parameter this is the enable appr proxy stats it will show you a page on Port 9,000 and uh uh
            • 42:30 - 43:00 SL stats we will write and it will refresh after every 10 seconds 1,00 10,000 millisecond mean 10 seconds and uh these are the load balancing rules the front end mean it will receive the request from the when interface uh 1.2. uh 3.50 interface on Port 6443 and it will forward these request to K8
            • 43:00 - 43:30 API backend so uh this is the K8 API backend rule I wrote and here I only defined the master nodes so on Master node uh they will have this port already open so if you in future you will have more Master node you can add here and uh if any of the master node is not responding it will not send the request to De Master node it only out the traffic to working Master node similarly
            • 43:30 - 44:00 the Port bootstrapping Port uh machine config so this is used during the installation 2623 after the installation it is not required and uh it is also pointing to master node only so here I gave the wrong name here I should also write the master instead of cpcp so these names are just uhe
            • 44:00 - 44:30 presenting on the uh dashboard this is not the actual machine this should not be the actual machine name mean this is just presentable on the dashboard you can write here any meaningful name but the IP and port number should be should be uh correct so then the port 80 if you you are going to expose any any Ingress rule uh uh on Port 80 it will be routed to master and worker node you know the
            • 44:30 - 45:00 node the port will be open on all whole across the cluster and similarly Port 443 uh will also be route to master and worker nodes so just copy this file to uh the actual uh location it will overwrite the by default coming file and we have to enable start and look the
            • 45:00 - 45:30 status of this H proxy uh okay it is active great so here you can see if I look the status again uh you can see it's giving some logs that it is done because it is trying now start S looking the worker
            • 45:30 - 46:00 nodes and master node for the ports what I have defined but you know so far our machines are not ready it is giving error so you can access the dashboard of this proxy so uh uh here if I show you the net stat iph nup you can see the port 9th 000 is open on all the interfaces I Define in this
            • 46:00 - 46:30 configuration and it's mean my IP 1.2. 3.50 on Port 9000 SL stats is working fine it's showing me the FL so so far you can see the API back end is all master nodes are not giving any response uh similarly this is the bootstrap Port all
            • 46:30 - 47:00 nodes are down similarly HTTP https traffic is not coming so far the cluster is not ready okay so now what I have to set up so a proxy is done uh NFS server we will also set up uh but not in this video because uh making this is a a different topic that
            • 47:00 - 47:30 I will explain in next video so but I gave in the video description so now we are good one thing that I have not explained you so far that is a special configuration you must have to do in the esxi virtual machines when you will install the open shift cluster so it will give you an error that uh the machine uh hard drive u u ID must be set
            • 47:30 - 48:00 this is a feature of uh virtual machine so when if you are using esxi hypervisor so you must have to set your all worker and master nodes only uh you will go to the VM options go to the advance and here edit configuration and here here uh I believe I
            • 48:00 - 48:30 added just search okay so uh what I did I already configured these virtual machines with uh with uh this parameter uh so you must have to set this parameter otherwise you will get the error uh when the open shift will be installed so document in the video description I gave
            • 48:30 - 49:00 the steps how you can enable this so here you just search for uid here so disk enable uu ID true in all master and work modes okay this this is only for the esxi hypervisor next we are done with all the configuration we have uh make sure all these specs we we make sure this uu ID uh enable U ID parameter we have now
            • 49:00 - 49:30 Red Hat account logged in uh developer account uh install the sentos firewall D netting is enabled installed B DNS we test it DHCP we configured H proxies running NFS we are not done now I will go to the actual deployment process of open shift so it's uh console. head.com
            • 49:30 - 50:00 openshift so I am already logged in so here you can go to clusters and create a cluster so you know uh open shift is Deployable with lot of methods I mean methods are basically UPI and IPI but on multiple infrastructure uh on a or aw app on IBM Cloud on Alibaba whatever on on Prem so
            • 50:00 - 50:30 when you whenever you are going to depl on Prem with UPI method so UPI is user provisioning infrastructure so pre-existing infrastructure we must have to use this uh platform aestic and our uh architecture is Intel based 64bit processor so I will use platform magistic uh X 8664 so you will go to Data
            • 50:30 - 51:00 Center this option is available in um uh yeah both either in the cloud or either in the data center you will not go in the local just go to the data center and select the platform mtic and uh here there are this is a recommended interactive way this is Agent based but uh use this this interactive way uh web
            • 51:00 - 51:30 based now it is a look it is asking you the name of the cluster so name of the cluster I gave devops uh Vu and the domain name you know we set up uh cluster one do local so this is the cluster name this is the cluster 1 local so our complete domain will be devops vu. cluster 1.
            • 51:30 - 52:00 loal and uh before this all the uh worker nodes I mean the name of the as a child domain the name of the master work will be so the latest variant right now available let me just do some zoom in okay so right now the latest Varian is
            • 52:00 - 52:30 14.17 uh and uh my architecture is 64bit uh I am not using power PC I am not using system IBM Z or armm processor I am using 64bit Intel based processor so I will deplo open shift where little
            • 52:30 - 53:00 older I can say 14.15 because later on I have to show you how to upgrade the open shift uh with the newer variant so I am using this one and uh install single node open shift this is also possible just give a big node and uh uh it will install
            • 53:00 - 53:30 everything on one node but it will not make sense uh for your production environment so better to use multimaster setup uh addit pool secret any images you want to you want to configure the pre-configure The Secret inside your cluster for your registries so you can provide the secret value here but I am
            • 53:30 - 54:00 not using anything I will provide the secret inside my manifest uh mean with the I will Define my own Secrets uh here it is asking for the platform integration me UT tenic Oracle Cloud V spere so far we are using vsphere but we are giving uh we are making a sense that we are going to toly on the pair metal although these
            • 54:00 - 54:30 are the virtual machine but think like it is uh bare metal based installation servers uh I don't want to provide the custom manifest the IPS will be taken by this uh by the DCP I showed you automatically uh I can also configure the static IP but uh I will use the
            • 54:30 - 55:00 DHCP I don't want to encrypt worker and master nodes uh okay we are good here devops V Crystal one. local okay next uh now uh open shift you know the new open shift is also providing the viralization and uh we can deplo the virtual machines on top in parallel to containers in the open shift you I don't
            • 55:00 - 55:30 want to enable this feature uh install multicluster engine uh uh I don't want to check this one operator these are some operators that will provide additional functionalities uh install logical volume manager storage mean the uh it is good uh if I want to set it will will configure the partition on the work Master node with lvm uh but uh I will use the default
            • 55:30 - 56:00 partition structure and uh data open shift data Foundation is also uh an open shift product uh of storage uh related product so I don't I don't want to do this our Target is to just make uh open shift uh cluster very basic open shift cluster later on we will add these fun function ities uh okay now
            • 56:00 - 56:30 next uh mean here it is asking to add the host so I will click on ADD host and to enter in my open shift cluster uh open shift will not provide me the username password so I I have only one way to enter in my cluster by using SSH key so I will use
            • 56:30 - 57:00 this machine generate SSH I key gen so I am generating a key and uh it is generated here public key is generated I just need to copy this public key private key is also created here here and I have to provide
            • 57:00 - 57:30 here okay uh show proxy settings actually what is happening here it will generate a dedicated ISO for your cluster that F that is basically based on core OS core OS is Red Hat uh s Red Hat 9 B redhead 9 and it is specially designed operating system the redhead
            • 57:30 - 58:00 flavor for uh running the microservices it is uh totally customized for the high performance of running the containers so now it will generate a special ISO forour environment and that ISO will already have embedded this key so when we want to jump into our any work Master node
            • 58:00 - 58:30 this key will be there and we can do a passwordless SSH by using a user core uh and we can jump into our any Master node so it will it is asking me and here this option is very important I must have to set a full image file I don't need to select minimal image and ipixie full image file mean everything is included in this in that ISO file and it size is
            • 58:30 - 59:00 about uh about 1 GB it will be otherwise if you select the minimal it will pull every Everything download and update the packages from the internet on the runtime during the installation that will take time so it's better to use uh this full image so now this full image will have this key and generate Discovery ISO so now uh it is saying me you can download this ISO uh by using wget command from Linux
            • 59:00 - 59:30 or by using uh by directly downloading from this link so I am using wget on my H proxy then I will copy uh sorry Wate is not there install W get so w
            • 59:30 - 60:00 get it is downloading it is downloading and it will take some time to download okay so the image is about to download so in this session we are going to uh we are going to close this session because uh in uh we just downloaded the image and
            • 60:00 - 60:30 we will upload this image in the in the hypervisor uh data store and then we have to mount this image in with all the worker and master node and we will power on the machine and then the machines will automatically get the uh machines will automatically get the IPS and host name and internet whatever we set DHCP DNS and nting this image is
            • 60:30 - 61:00 downloaded and size is uh LH 1.1 GB so I will upload this image uh and in next session I will show you how to how this whole open open shift cluster will work so here you can see we provide as the link so we can close this and we can edit this configuration too if we want to make any changes later on
            • 61:00 - 61:30 so uh you can open this link again uh by use adding host so when we will power on the machine so these machine will be machines will be reflected here in the inventory list so uh this is up to this we are done for today's videos so in next session we will install the whole cluster