Article directory
- Red Hat OpenShift 4.8 environment cluster building
- How does openshift output json logs
- openshfit Vertical Pod Autoscaler practice
- openshift Certified Helm Charts Practice
- openshift creates a serverless application
- openshift gitops practice
- openshift Tekton pipeline practice
Red Hat OpenShift 4.8 environment cluster building
1. Introduction to helm
Helm was one of the original package managers for Kubernetes. Red Hat® is now certifying Helm Charts, much like how Red Hat certifies operators. To understand how a partner's helm chart or operator can be certified by Red Hat, Red Hat has published the Partner Guide for OpenShift and Container Certification .
In this lab, you can learn certified servo diagrams. First, you tried to deploy an uncertified Helm chart, which caused the installation to fail. Then check why the installation failed. Next, you deploy a certified steering wheel chart and observe the conditions under which it succeeds.
Target:
- 验证the Red Hat Certified Helm Chart repository
- Add third-party Helm repositories
- Install a non-certified Helm Chart (fails on purpose)
- Install the Red Hat Community Helm Chart repository
2. Verify the Red Hat Certified Helm Chart Repository
Red Hat has created a Helm Charts repository to provide Red Hat to provide Certified Helm Charts. In this exercise, you will verify that the repository exists in your cluster. charts.openshift.io
Is the official certified Helm Charts repository.
- Browse to your Red Hat OpenShift® Container Platform web console and
admin
log
in as Instructions and credentials for this are in the configuration email you received - Switch to the Administrator perspective using the perspective switcher
- In the navigation menu, click "
Home
". - .Click " " in the "Home Navigation" area
Search
. - Click the
Resources
drop-down list and selectHelmChartRepository
. - Click
HCR openshift-helm-charts
. - Click the
YAML
tab. - Scroll to line 36 to see the URL of the OpenShift Certified Charts Repository:
url:https://charts.openshift.io
3. Add Helm Repository
In this example, you will install a specific new Helm Repository. It won't work because your cluster is on AWS and this example is for Azure. But this lesson is important, so be sure to complete the exercises.
3.1 View Quick Start
1.Use the perspective switcher to switch to the Developer
perspective
2.Click Add
and click View all quick starts
:
3.In the search box, type helm and select "Manage available content in the Helm Chart Catalog" in the helm Chart Catalog card.
4. Follow the steps in the five-minute introduction help that opens on the right.
3.2 Install Helm Client
1. Login to your bastion host
2. Install the helm client on your bastion host Download it from the Red Hat mirror:
sudo wget https://mirror.openshift.com/pub/openshift-v4/clients/helm/latest/helm-linux-amd64 -O /usr/local/bin/helm
sudo chmod +x /usr/local/bin/helm
3.3 Install Non-Certified Helm Chart
In this section, you will install an uncertified Helm chart from the command line using the Helm command line application.
1. Log in to your bastion host using SSH. Experiment 1 has related instructions
2. Check if helm is working properly:
$ helm version
version.BuildInfo{
Version:"v3.5.0+6.el8", GitCommit:"77fb4bd2415712e8bfebe943389c404893ad53ce", GitTreeState:"clean", GoVersion:"go1.14.12"}
3, Execute the following command to add the Bitnami Helm repository to your bastion
$ helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
4. To make sure the Bitnami repository is working, list all Helm Charts:
$ helm search repo bitnami | grep mariadb
bitnami/mariadb 9.3.16 10.5.11 Fast, reliable, scalable, and easy to use open-...
bitnami/mariadb-cluster 1.0.2 10.2.14 DEPRECATED Chart to create a Highly available M...
bitnami/mariadb-galera 5.10.3 10.5.11 MariaDB Galera is a multi-master database clust...
5. Next, try to install a chart from the Bitnami repository:
First, create a project to deploy the chart to:
$ oc new-project my-helm-test
Now using project "my-helm-test" on server "https://api.cluster-41ff.41ff.sandbox842.opentlc.com:6443".
You can add applications to this project with the 'new-app' command. For example, try:
oc new-app rails-postgresql-example
to build a new example application in Ruby. Or use kubectl to deploy a simple Kubernetes application:
kubectl create deployment hello-node --image=k8s.gcr.io/serve_hostname
Install a chart using a <release_name>
, which is a unique identifier you make up, and a <chart>
name, which is the actual chart name from the repository:
# helm install <release_name> <chart> <parameters>
$ helm install my-mariadb bitnami/mariadb
[omitted]
6. Check if the Pod is started:
$ oc get pods
No resources found in helm-test namespace.
If you do see mariadb
pods, wait a few minutes and try again oc get pods
. It is estimated that the pod has moved away.
What is the error? It's a permissions issue. MariaDB Helm Chart
Tried to deploy Pods StatefulSet
, but failed because the userId requested to run the pod was too low for OpenShift's strong default permission settings.
7.: For specific errors, see:
$ oc describe statefulset my-mariadb
[ ... omitted for brevity ... ]
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 5m12s statefulset-controller create Claim data-my-mariadb-0 Pod my-mariadb-0 in StatefulSet my-mariadb success
Warning FailedCreate 90s (x17 over 5m12s) statefulset-controller create Pod my-mariadb-0 in StatefulSet my-mariadb failed error: pods "my-mariadb-0" is forbidden: unable to validate against any security context constraint: [provider "anyuid": Forbidden: not usable by user or serviceaccount, provider restricted: .spec.securityContext.fsGroup: Invalid value: []int64{
1001}: 1001 is not an allowed group, spec.containers[0].securityContext.runAsUser: *Invalid value: 1001: must be in the ranges: [1000650000, 1000659999],* provider "nonroot": Forbidden: not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "machine-api-termination-handler": Forbidden: not usable by user or serviceaccount, provider "hostnetwork": Forbidden: not usable by user or serviceaccount, provider "hostaccess": Forbidden: not usable by user or serviceaccount, provider "node-exporter": Forbidden: not usable by user or serviceaccount, provider "privileged": Forbidden: not usable by user or serviceaccount]
4. Install the Red Hat Community Helm Repository
In addition to Red Hat Certified Helm Charts, Red Hat also has a developer repository. There aren't many interesting steering wheel diagrams in the certification library so far. In this section, you'll add the developer's repository and see if you can deploy some useful applications.
1. From the toolbar at the top of the web console, click ocp_web_console_add_icon (Add) to add the following YAML content to the cluster.
2. Copy and paste the following YAML content into the open text area:
apiVersion: helm.openshift.io/v1beta1
kind: HelmChartRepository
metadata:
name: redhat-developer-charts
spec:
name: redhat-developer-charts
connectionConfig:
url: https://redhat-developer.github.io/redhat-helm-charts
3.Click Create
.
4.Use the perspective switcher to switch to the Developer
perspective.
5.Select the my-helm-test
project if it is not already selected.
6.In the navigation menu, click Add
.
7.Scroll down to the Developer Catalog
card and click Helm Chart.
Note that your cluster now has community-contributed Helm Charts made specifically for OpenShift:
8.Install the Helm Charts if you like.
Red Hat community charts are likely to work on your cluster.
9.Clean up the the environment:
oc delete project my-helm-test
In this lab you experienced the various ways that Helm Charts are made available through Helm Repositories.
- You validated the Red Hat Certified Helm Repository
- You added a third party Helm Repository
- You installed a non-certified Helm Chart to experience a failure
- You installed the Red Hat Community Helm Repository
In the next lab you try out the Vertical Pod Autoscaler
with your Coffee Shop application.