OpenShift



Install Ondat on OpenShift v4

Make sure the prerequisites for Ondat are satisfied before proceeding.

If you have installed OpenShift 4.3 in AWS ensure that the requisite ports are opened for the worker nodes' security group.

 

Installing Ondat on OpenShift 4.3 has fewer prerequisites as compared to previous OpenShift 3.x versions.

The recommended way to run Ondat on OpenShift 4.3 is to deploy the Ondat Cluster Operator using the OperatorHub and bootstrap Ondat using a Custom Resource.

Options:

OperatorHub install

Ondat has a RedHat OpenShift certified operator in the OpenShift OperatorHub. You can install the Ondat operator through the OperatorHub.

  1. Select the OperatorHub from the Catalog sub menu and search for Ondat

    install-1

  2. Select Ondat and click install

    install-2

  3. Create the Operator subscription by clicking subscribe

    install-3

  4. Wait until the Upgrade Status shows 1 installed

    install-4

  5. Create a secret containing an apiUsername and an apiPassword key. The username and password defined in the secret will be used to authenticate when using the Ondat CLI and GUI. Take note of which project you created the secret in.

    install-5   install-6

  6. Go to Installed Operators and select the Ondat operator. Select Ondat Cluster and create a Ondat cluster.

    install-7

  7. The Ondat cluster resource describes the Ondat cluster that will be created. The secretRefName and secretRefNamespace should reference the secret containing the apiUsername and apiPassword that was previously created.

    Additional spec parameters are available on the Cluster Operator configuration page.

     apiVersion: storageos.com/v1
 kind: StorageOSCluster
 metadata:
   name: storageos
   namespace: openshift-operators
 spec:
   secretRefName: "storageos-api" # Reference the Secret created in the previous step
   secretRefNamespace: "openshift-operators"  # Namespace of the Secret created in the previous step
   namespace: kube-system
   csi:
     enable: true
     deploymentStrategy: deployment
   resources:
     requests:
     memory: "512Mi"
   k8sDistro: "openshift"

    install-8

  8. Verify that the Ondat Resource enters a running state.

    install-9

  9. Set SELinux Permissions

    The Ondat CSI helper needs to mount a CSI Socket into the container so on each node add the svirt_sandbox_file_t flag to the CSI socket directory and CSI socket.

    chcon -Rt svirt_sandbox_file_t /var/lib/kubelet/plugins_registry/storageos

 

If this is your first installation you may wish to follow the Ondat Volume guide for an example of how to mount a Ondat volume in a Pod.

Manual install

Estimated time to complete the installation: 5-10 min

The Ondat Cluster Operator is a Kubernetes native application developed to deploy and configure Ondat clusters, and assist with maintenance operations. We recommend its use for standard installations.

The operator is a Kubernetes controller that watches the StorageOSCluster CRD. Once the controller is ready, a Ondat cluster definition can be created. The operator will deploy a Ondat cluster based on the configuration specified in the cluster definition.

 

Helm Note: If you want to use Helm to install Ondat, follow the Ondat Operator Helm Chart documentation.

Steps to install Ondat:

1. Install Ondat operator

Install the Ondat Cluster Operator using the following yaml manifest.

oc create -f https://github.com/storageos/cluster-operator/releases/download/1.5.4/storageos-operator.yaml

Verify the Cluster Operator Pod Status

[root@master03]# oc -n storageos-operator get pod
NAME                                         READY     STATUS    RESTARTS   AGE
storageoscluster-operator-68678798ff-f28zw   1/1       Running   0          3m

The READY 1/1 indicates that storageoscluster resources can be created.

2. Create a Secret

Before deploying a Ondat cluster, create a Secret defining the Ondat API Username and Password in base64 encoding. The API username and password are used to create the default Ondat admin account which can be used with the Ondat CLI and to login to the Ondat GUI. The account defined in the secret is also used by Kubernetes to authenticate against the Ondat API when installing with the native driver.

apiVersion: v1
kind: Secret
metadata:
  name: "storageos-api"
  namespace: "storageos-operator"
  labels:
    app: "storageos"
type: "kubernetes.io/storageos"
data:
  # echo -n '<secret>' | base64
  apiUsername: c3RvcmFnZW9z
  apiPassword: c3RvcmFnZW9z

This example contains a default password, for production installations, use a unique, strong password.

You can define a base64 value by echo -n "mystring" | base64.

Make sure that the encoding of the credentials doesn’t have special characters such as ‘\n’. The echo -n ensures that a trailing new line is not appended to the string.

If you wish to change the default accounts details post-install please see Managing Users

3 Trigger a Ondat installation

This is a Cluster Definition example.

apiVersion: "storageos.com/v1"
kind: StorageOSCluster
metadata:
  name: "example-ondat"
  namespace: "storageos-operator"
spec:
  secretRefName: "storageos-api" # Reference from the Secret created in the previous step
  secretRefNamespace: "storageos-operator"  # Namespace of the Secret
  k8sDistro: "openshift"
  images:
    nodeContainer: "storageos/node:1.5.4" # Ondat version
  csi:
    enable: true
    deploymentStrategy: deployment
  resources:
    requests:
    memory: "512Mi"
#  nodeSelectorTerms:
#    - matchExpressions:
#      - key: "node-role.kubernetes.io/worker" # Compute node label will vary according to your installation
#        operator: In
#        values:
#        - "true"

Additional spec parameters are available on the Cluster Operator configuration page.

You can find more examples such as deployments referencing a external etcd kv store for Ondat in the Cluster Operator examples page.

Verify Ondat Installation

[root@master03]# oc -n kube-system get pods -w
NAME                                    READY   STATUS    RESTARTS   AGE
storageos-csi-helper-5cf59b5b4-f5nwr    2/2     Running   0          3m
storageos-daemonset-75f6c               3/3     Running   0          3m
storageos-daemonset-czbqx               3/3     Running   0          3m
storageos-daemonset-zv4tq               3/3     Running   0          3m
storageos-scheduler-6d67b46f67-5c46j    1/1     Running   6          3m

The above command watches the Pods created by the Cluster Definition example. Note that pods typically take approximately 65 seconds to enter the Running Phase.

5. Set SELinux Permissions

The Ondat CSI helper needs to mount a CSI Socket into the container so on each node add the svirt_sandbox_file_t flag to the CSI socket directory and CSI socket.

chcon -Rt svirt_sandbox_file_t /var/lib/kubelet/plugins_registry/storageos

Install Ondat on OpenShift 3.11

The recommended way to run Ondat on an OpenShift 3.11 cluster is to deploy the Ondat Cluster Operator and bootstrap Ondat using a Custom Resource.

Prerequisites

  1. Ensure any firewalls permit the appropriate ports.

  2. If your cluster enables SELinux, add the following permissions for each of the nodes that run Ondat. bash setsebool -P virt_sandbox_use_fusefs on setsebool -P virt_use_fusefs on

    The -P option makes the change persistent after reboots.

  3. Ensure that your docker installation has mount propagation enabled per our mount propagation prerequisites.

  4. Enable the MountPropagation flag by appending feature gates to the API and controller (you can apply these changes using the Ansible Playbooks)

    Note: If you are using atomic installation rather than origin, the location of the yaml config files and service names might change.

    • Add to the KubernetesMasterConfig section (/etc/origin/master/master-config.yaml):

      kubernetesMasterConfig:
  apiServerArguments:
      feature-gates:
      - MountPropagation=true
  controllerArguments:
      feature-gates:
      - MountPropagation=true

    • Add to the feature-gates to the kubelet arguments (/etc/origin/node/node-config.yaml):

      kubeletArguments:
    feature-gates:
    - MountPropagation=true

    Warning: Restarting OpenShift services can cause downtime in the cluster.

    • Restart services in the MasterNode/s

      master-restart api
master-restart controllers

# Restart kubelet
systemctl restart atomic-openshift-node.service

    • Restart service in all Nodes

       # Restart kubelet
 systemctl restart atomic-openshift-node.service

 

Install

Estimated time to complete the installation: 5-10 min

The Ondat Cluster Operator is a Kubernetes native application developed to deploy and configure Ondat clusters, and assist with maintenance operations. We recommend its use for standard installations.

The operator is a Kubernetes controller that watches the StorageOSCluster CRD. Once the controller is ready, a Ondat cluster definition can be created. The operator will deploy a Ondat cluster based on the configuration specified in the cluster definition.

 

Helm Note: If you want to use Helm to install Ondat, follow the Ondat Operator Helm Chart documentation.

Steps to install Ondat:

1. Install Ondat operator

Install the Ondat Cluster Operator using the following yaml manifest.

oc create -f https://github.com/storageos/cluster-operator/releases/download/1.5.4/storageos-operator.yaml

Verify the Cluster Operator Pod Status

[root@master03]# oc -n storageos-operator get pod
NAME                                         READY     STATUS    RESTARTS   AGE
storageoscluster-operator-68678798ff-f28zw   1/1       Running   0          3m

The READY 1/1 indicates that storageoscluster resources can be created.

2. Create a Secret

Before deploying a Ondat cluster, create a Secret defining the Ondat API Username and Password in base64 encoding. The API username and password are used to create the default Ondat admin account which can be used with the Ondat CLI and to login to the Ondat GUI. The account defined in the secret is also used by Kubernetes to authenticate against the Ondat API when installing with the native driver.

apiVersion: v1
kind: Secret
metadata:
  name: "storageos-api"
  namespace: "storageos-operator"
  labels:
    app: "storageos"
type: "kubernetes.io/storageos"
data:
  # echo -n '<secret>' | base64
  apiUsername: c3RvcmFnZW9z
  apiPassword: c3RvcmFnZW9z

This example contains a default password, for production installations, use a unique, strong password.

You can define a base64 value by echo -n "mystring" | base64.

Make sure that the encoding of the credentials doesn’t have special characters such as ‘\n’. The echo -n ensures that a trailing new line is not appended to the string.

If you wish to change the default accounts details post-install please see Managing Users

3 Trigger a Ondat installation

This is a Cluster Definition example.

apiVersion: "storageos.com/v1"
kind: StorageOSCluster
metadata:
  name: "example-ondat"
  namespace: "storageos-operator"
spec:
  secretRefName: "storageos-api" # Reference from the Secret created in the previous step
  secretRefNamespace: "storageos-operator"  # Namespace of the Secret
  k8sDistro: "openshift"
  images:
    nodeContainer: "storageos/node:1.5.4" # Ondat version
  disableScheduler: true
  resources:
    requests:
    memory: "512Mi"
#  nodeSelectorTerms:
#    - matchExpressions:
#      - key: "node-role.kubernetes.io/worker" # Compute node label will vary according to your installation
#        operator: In
#        values:
#        - "true"

Additional spec parameters are available on the Cluster Operator configuration page.

You can find more examples such as deployments referencing a external etcd kv store for Ondat in the Cluster Operator examples page.

Verify Ondat Installation

[root@master03]# oc -n kube-system get pods -w
NAME                                    READY   STATUS    RESTARTS   AGE
storageos-daemonset-75f6c               1/1     Running   0          3m
storageos-daemonset-czbqx               1/1     Running   0          3m
storageos-daemonset-zv4tq               1/1     Running   0          3m

The above command watches the Pods created by the Cluster Definition example. Note that pods typically take approximately 65 seconds to enter the Running Phase.

Install Ondat on OpenShift 3.9

The recommended way to run Ondat on an OpenShift 3.9 cluster is to deploy the Ondat Cluster Operator and bootstrap Ondat using a Custom Resource.

Prerequisites

  1. Ensure any firewalls permit the appropriate ports.

  2. If your cluster enables SELinux, add the following permissions for each of the nodes that run Ondat. bash setsebool -P virt_sandbox_use_fusefs on setsebool -P virt_use_fusefs on

    The -P option makes the change persistent after reboots.

  3. Ensure that your docker installation has mount propagation enabled per our mount propagation prerequisites.

  4. Enable the MountPropagation flag by appending feature gates to the API and controller (you can apply these changes using the Ansible Playbooks)

    Note: If you are using atomic installation rather than origin, the location of the yaml config files and service names might change.

    • Add to the KubernetesMasterConfig section (/etc/origin/master/master-config.yaml):

      kubernetesMasterConfig:
  apiServerArguments:
      feature-gates:
      - MountPropagation=true
  controllerArguments:
      feature-gates:
      - MountPropagation=true

    • Add to the feature-gates to the kubelet arguments (/etc/origin/node/node-config.yaml):

      kubeletArguments:
    feature-gates:
    - MountPropagation=true

    Warning: Restarting OpenShift services can cause downtime in the cluster.

    • Restart services in the MasterNode origin-master-api.service, origin-master-controllers.service and origin-node.service
    • Restart service in all Nodes origin-node.service

    Usually through systemctl restart (origin-node.service|atomic-openshift-node.service)

 

Install

Estimated time to complete the installation: 5-10 min

The Ondat Cluster Operator is a Kubernetes native application developed to deploy and configure Ondat clusters, and assist with maintenance operations. We recommend its use for standard installations.

The operator is a Kubernetes controller that watches the StorageOSCluster CRD. Once the controller is ready, a Ondat cluster definition can be created. The operator will deploy a Ondat cluster based on the configuration specified in the cluster definition.

 

Helm Note: If you want to use Helm to install Ondat, follow the Ondat Operator Helm Chart documentation.

Steps to install Ondat:

1. Install Ondat operator

Install the Ondat Cluster Operator using the following yaml manifest.

oc create -f https://github.com/storageos/cluster-operator/releases/download/1.5.4/storageos-operator.yaml

Verify the Cluster Operator Pod Status

[root@master03]# oc -n storageos-operator get pod
NAME                                         READY     STATUS    RESTARTS   AGE
storageoscluster-operator-68678798ff-f28zw   1/1       Running   0          3m

The READY 1/1 indicates that storageoscluster resources can be created.

2. Create a Secret

Before deploying a Ondat cluster, create a Secret defining the Ondat API Username and Password in base64 encoding. The API username and password are used to create the default Ondat admin account which can be used with the Ondat CLI and to login to the Ondat GUI. The account defined in the secret is also used by Kubernetes to authenticate against the Ondat API when installing with the native driver.

apiVersion: v1
kind: Secret
metadata:
  name: "storageos-api"
  namespace: "storageos-operator"
  labels:
    app: "storageos"
type: "kubernetes.io/storageos"
data:
  # echo -n '<secret>' | base64
  apiUsername: c3RvcmFnZW9z
  apiPassword: c3RvcmFnZW9z

This example contains a default password, for production installations, use a unique, strong password.

You can define a base64 value by echo -n "mystring" | base64.

Make sure that the encoding of the credentials doesn’t have special characters such as ‘\n’. The echo -n ensures that a trailing new line is not appended to the string.

If you wish to change the default accounts details post-install please see Managing Users

3 Trigger a Ondat installation

This is a Cluster Definition example.

apiVersion: "storageos.com/v1"
kind: StorageOSCluster
metadata:
  name: "example-ondat"
  namespace: "storageos-operator"
spec:
  secretRefName: "storageos-api" # Reference from the Secret created in the previous step
  secretRefNamespace: "storageos-operator"  # Namespace of the Secret
  k8sDistro: "openshift"
  images:
    nodeContainer: "storageos/node:1.5.4" # Ondat version
  disableScheduler: true
  resources:
    requests:
    memory: "512Mi"
#  nodeSelectorTerms:
#    - matchExpressions:
#      - key: "node-role.kubernetes.io/worker" # Compute node label will vary according to your installation
#        operator: In
#        values:
#        - "true"

Additional spec parameters are available on the Cluster Operator configuration page.

You can find more examples such as deployments referencing a external etcd kv store for Ondat in the Cluster Operator examples page.

Verify Ondat Installation

[root@master03]# oc -n kube-system get pods -w
NAME                                    READY   STATUS    RESTARTS   AGE
storageos-daemonset-75f6c               1/1     Running   0          3m
storageos-daemonset-czbqx               1/1     Running   0          3m
storageos-daemonset-zv4tq               1/1     Running   0          3m

The above command watches the Pods created by the Cluster Definition example. Note that pods typically take approximately 65 seconds to enter the Running Phase.

First Ondat volume

If this is your first installation you may wish to follow the Ondat Volume guide for an example of how to mount a Ondat volume in a Pod.