Posts Tags Categories About
../../images/logo.svg

Ceph installation

 published on  included in Openshift

Requirements

Red Hat Enterprise Linux 8.4 EUS or later.
Ansible 2.9 or later.
A valid Red Hat subscription with the appropriate entitlements.
Root-level access to all nodes.
An active Red Hat Network (RHN) or service account to access the Red Hat Registry.

Create 3 RHEL 8 virtual machines

  1. ceph1
  2. ceph2
  3. ceph3
Note
Installing Ceph on Virtual Machines is not recommendend for production use

Register servers to RHN

Find and attach Red Hat Ceph Storage pool

$ subscription-manager list --available --matches 'Red Hat Ceph Storage'    
$ subscription-manager attach --pool=POOL_ID

Enable server & extra repos

$subscription-manager repos --disable=*
subscription-manager repos --enable=rhel-8-for-x86_64-baseos-rpms
subscription-manager repos --enable=rhel-8-for-x86_64-appstream-rpms
subscription-manager repos --enable=rhceph-5-tools-for-rhel-8-x86_64-rpms
subscription-manager repos --enable=ansible-2.9-for-rhel-8-x86_64-rpms

Update system

$ dnf update -y

Read More
 OpenshiftStorage

HTPasswd oauth provider

 published on
  1. Create htpaswd file
$ htpasswd -c -B -b htpasswd admin adminpass 
$ htpasswd -c -B -b htpasswd developer devpass
  1. Create secret
$ oc create secret generic htpass-secret --from-file=htpasswd -n openshift-config
  1. Patch oauth cluster
$ oc patch oauth/cluster --patch '{"spec":{"identityProviders":[{"name":"htpasswd","mappingMethod":"claim","type":"HTPasswd","htpasswd":{"fileData":{"name":"htpass-secret"}}}]}}' --type=merge
  1. Give admin user cluster-admin role
$ oc adm policy add-cluster-role-to-user cluster-admin admin
Read More

NGINX reverse

 published on

Use nginx as reverse proxy in front of multiple clusters

$ dnf install -y nginx nginx-mod-stream.x86_64

Add in nginx.conf include /etc/nginx/passthrough.conf;

passthrough.conf

stream {

    map $ssl_preread_server_name $internalport {
	hostnames;
        *.apps.sno1.domain     9441;
        *.apps.sno2.domain      9442;
        api.sno1.domain      6441;
        api.sno2.domain      6442;
    }


    upstream sno2_api {
        server 192.168.0.109:6443 max_fails=3 fail_timeout=10s;
    }
    upstream sno2_ingress {
        server 192.168.0.109:443 max_fails=3 fail_timeout=10s;
    }
    upstream sno1_api {
        server 192.168.0.110:6443 max_fails=3 fail_timeout=10s;
    }
    upstream sno1_ingress {
        server 192.168.0.110:6443 max_fails=3 fail_timeout=10s;
    }

log_format basic '$remote_addr [$time_local] '
                 '$protocol $status $bytes_sent $bytes_received '
                 '$session_time "$upstream_addr" '
                 '"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';

    access_log /var/log/nginx/access.log basic;
    error_log  /var/log/nginx/error.log;
    server {
        listen                  443;
        ssl_preread             on;
        proxy_connect_timeout   20s;  # max time to connect to pserver
        proxy_timeout           30s;  # max time between successive reads or writes
        proxy_pass              127.0.0.1:$internalport;
    } 
    server {
        listen                  6443;
        ssl_preread             on;
        proxy_connect_timeout   20s;  # max time to connect to pserver
        proxy_timeout           30s;  # max time between successive reads or writes
        proxy_pass              127.0.0.1:$internalport;
    }
    server {
        listen 9441;
        proxy_pass sno1_ingress;
        proxy_next_upstream on;
    }
    server {
        listen 9442;
        proxy_pass sno2_ingress;
        proxy_next_upstream on;
    }
    server {
        listen 6441;
        proxy_pass sno1_api;
        proxy_next_upstream on;
    }
    server {
        listen 6442;
        proxy_pass sno2_api;
        proxy_next_upstream on;
    }
}
Read More

ODF installation

 published on  included in Openshift

Install Openshift Data Foundation from Operator Hub

Create a StorageSystem using “Connect an external storage platform” of Red Hat Ceph Storage type

Download ceph-external-cluster-details-exporter.py script and run it on your ceph admin node

$ python3 ceph-external-cluster-details-exporter.py --rbd-data-pool-name testrbd --cephfs-data-pool-name cephfs.testfs.data --rgw-endpoint 10.0.0.n:80 --cephfs-filesystem-name testfs

Sample output :

[{"name": "rook-ceph-mon-endpoints", "kind": "ConfigMap", "data": {"data": "ceph1=10.0.0.n:6789", "maxMonId": "0", "mapping": "{}"}}, {"name": "rook-ceph-mon", "kind": "Secret", "data": {"admin-secret": "admin-secret", "fsid": "5dabcb8e-ad19-11ed-a179-005056af8aeb", "mon-secret": "mon-secret"}}, {"name": "rook-ceph-operator-creds", "kind": "Secret", "data": {"userID": "client.healthchecker", "userKey": "********************"}}, {"name": "rook-csi-rbd-node", "kind": "Secret", "data": {"userID": "csi-rbd-node", "userKey": "********"}}, {"name": "ceph-rbd", "kind": "StorageClass", "data": {"pool": "testrbd"}}, {"name": "monitoring-endpoint", "kind": "CephCluster", "data": {"MonitoringEndpoint": "10.0.0.n", "MonitoringPort": "9283"}}, {"name": "rook-ceph-dashboard-link", "kind": "Secret", "data": {"userID": "ceph-dashboard-link", "userKey": "https://10.0.0.n:8443/"}}, {"name": "rook-csi-rbd-provisioner", "kind": "Secret", "data": {"userID": "csi-rbd-provisioner", "userKey": "************"}}, {"name": "rook-csi-cephfs-provisioner", "kind": "Secret", "data": {"adminID": "csi-cephfs-provisioner", "adminKey": "***********"}}, {"name": "rook-csi-cephfs-node", "kind": "Secret", "data": {"adminID": "csi-cephfs-node", "adminKey": "*************"}}, {"name": "cephfs", "kind": "StorageClass", "data": {"fsName": "testfs", "pool": "cephfs.testfs.data"}}, {"name": "ceph-rgw", "kind": "StorageClass", "data": {"endpoint": "10.0.0.n:80", "poolPrefix": "default"}}, {"name": "rgw-admin-ops-user", "kind": "Secret", "data": {"accessKey": "************************", "secretKey": "**********************"}}]

Save the json file and import it in the StorageSystem wizard

rbd pool must be replicated because Erasure-Coded RBD pool(s) are not supported in ODF.

Read More
 OpenshiftStorage

Network Observability

 published on

Red Hat offers cluster administrators the Network Observability Operator to observe the network traffic for OpenShift Container Platform clusters. The Network Observability uses the eBPF technology to create network flows. The network flows are then enriched with OpenShift Container Platform information and stored in Loki. You can view and analyze the stored network flows information in the OpenShift Container Platform console for further insight and troubleshooting.

Network Observability Operator in OpenShift Container Platform

Read More