Playing with OpenShift 3

Posted on: 2017-04-15

OpenShift is the PaaS solution offered by Red Hat. It uses Docker containers and Kubernetes to orchestrate them. It also comes with nice CI/CD features. You can check some code into a repo and then: watch it get built, saved as a docker image, spawned in an environment in an HA way via a rolling restart that retires the old version and brings this one up with no downtime.

Stand up a minimal CentOS 7 VM. You probably want at least 2 cores, 4GB of RAM and 20GB of space.

yum -y update
yum -y install docker vim wget git
vim /etc/sysconfig/docker
    INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16'
systemctl start docker
systemctl enable docker
wget https://github.com/openshift/origin/releases/download/v1.4.1/openshift-origin-client-tools-v1.4.1-3f9807a-linux-64bit.tar.gz
tar -xzf openshift-origin-client-tools-v1.4.1-3f9807a-linux-64bit.tar.gz --strip=1 -C /usr/local/bin/ "*oc"
mkdir /opt/openshift_data/
[root@openshift ~]# oc cluster up --host-data-dir=/opt/openshift_data/
-- Checking OpenShift client ... OK
-- Checking Docker client ... OK
-- Checking Docker version ... OK
-- Checking for existing OpenShift container ... OK
-- Checking for openshift/origin:v1.4.1 image ... 
Pulling image openshift/origin:v1.4.1
Pulled 0/3 layers, 3% complete
Pulled 1/3 layers, 33% complete
Pulled 2/3 layers, 99% complete
Pulled 3/3 layers, 100% complete
Extracting
Image pull complete
-- Checking Docker daemon configuration ... OK
-- Checking for available ports ... OK
-- Checking type of volume mount ... 
Using nsenter mounter for OpenShift volumes
-- Creating host directories ... OK
-- Finding server IP ... 
Using 192.168.1.68 as the server IP
-- Starting OpenShift container ... 
Creating initial OpenShift configuration
Starting OpenShift using container 'origin'
Waiting for API server to start listening
OpenShift server started
-- Adding default OAuthClient redirect URIs ... OK
-- Installing registry ... OK
-- Installing router ... OK
-- Importing image streams ... OK
-- Importing templates ... OK
-- Login to server ... OK
-- Creating initial project "myproject" ... OK
-- Removing temporary directory ... OK
-- Server Information ... 
OpenShift server started.
The server is accessible via web console at:
   https://192.168.1.68:8443

You are logged in as:
   User:     developer
   Password: developer

To login as administrator:
   oc login -u system:admin

Explore the gui

https://192.168.1.68:8443/
developer / developer

Lets create some source code. Then use openshift to build it, save it as an image, deploy the image, then expose it as a route that we can access.

oc whoami
developer
oc new-project testphp
mkdir testphp
cd testphp
git init
vim index.php
<?php
echo "hi everybody";
phpinfo();
?>
git add .
git commit -m '1'

[root@openshift testphp]# oc new-app --name=testphp .
--> Found image 4da2ce1 (4 days old) in image stream "openshift/php" under tag "5.6" for "php"

Apache 2.4 with PHP 5.6 
----------------------- 
Platform for building and running PHP 5.6 applications

Tags: builder, php, php56, rh-php56

* The source repository appears to match: php
* A source build using binary input will be created
  * The resulting image will be pushed to image stream "testphp:latest"
  * A binary build was created, use 'start-build --from-dir' to trigger a new build
* This image will be deployed in deployment config "testphp"
* Port 8080/tcp will be load balanced by service "testphp"
  * Other containers can access this service through the hostname "testphp"

--> Creating resources ...
imagestream "testphp" created
buildconfig "testphp" created
deploymentconfig "testphp" created
service "testphp" created
--> Success
Use 'oc start-build testphp' to start a build.
Run 'oc status' to view your app.

[root@openshift testphp]# oc start-build testphp --from-dir=.
Uploading directory "." as binary input for the build ...
build "testphp-1" started

[root@openshift testphp]# oc logs -f build/testphp-1
Receiving source from STDIN as archive ...
---> Installing application source...
Pushing image 172.30.147.41:5000/testphp/testphp:latest ...
Pushed 0/9 layers, 2% complete
Pushed 1/9 layers, 11% complete
Pushed 2/9 layers, 24% complete
Pushed 3/9 layers, 35% complete
Pushed 4/9 layers, 46% complete
Pushed 5/9 layers, 57% complete
Pushed 6/9 layers, 69% complete
Pushed 7/9 layers, 85% complete
Pushed 7/9 layers, 100% complete
Pushed 8/9 layers, 100% complete
Pushed 9/9 layers, 100% complete
Push successful

oc logs -f dc/testphp
--> Scaling testphp-1 to 1
--> Waiting up to 10m0s for pods in deployment testphp-1 to become ready
--> Success

[root@openshift testphp]# oc get pods
NAME              READY     STATUS      RESTARTS   AGE
testphp-1-build   0/1       Completed   0          2m
testphp-1-l59j5   1/1       Running     0          23s

[root@openshift testphp]# oc expose service testphp
route "testphp" exposed

[root@openshift testphp]# oc status
In project testphp on server https://192.168.1.68:8443

http://testphp-testphp.192.168.1.68.xip.io to pod port 8080-tcp (svc/testphp)
dc/testphp deploys istag/testphp:latest <- bc/testphp source builds uploaded code on openshift/php:5.6 
deployment #1 deployed about a minute ago - 1 pod

Test it out in a browser and explore the gui a bit.

http://testphp-testphp.192.168.1.68.xip.io

Alright. Lets update our app.

vim index.php
echo "bye everybody";
git add .
git commit -m '2'
oc start-build testphp --from-dir=.
Uploading directory "." as binary input for the build ...
build "testphp-2" started

oc logs -f build/testphp-2
Receiving source from STDIN as archive ...
---> Installing application source...
Pushing image 172.30.147.41:5000/testphp/testphp:latest ...
Pushed 6/9 layers, 67% complete
Pushed 7/9 layers, 78% complete
Pushed 8/9 layers, 89% complete
Pushed 9/9 layers, 100% complete
Push successful

oc logs -f dc/testphp
[root@openshift testphp]# oc logs -f dc/testphp
--> Scaling up testphp-2 from 0 to 1, scaling down testphp-1 from 1 to 0 (keep 1 pods available, don't exceed 2 pods)
Scaling testphp-2 up to 1
Scaling testphp-1 down to 0
--> Success

Refersh the page in your browser to see the bye message.

When configured correctly all those rebuild steps are automatic based on code checkins.