{"id":12359,"date":"2019-04-17T18:24:47","date_gmt":"2019-04-17T16:24:47","guid":{"rendered":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/"},"modified":"2019-04-17T18:24:47","modified_gmt":"2019-04-17T16:24:47","slug":"bringing-up-an-openshift-playground-in-aws","status":"publish","type":"post","link":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/","title":{"rendered":"Bringing up an OpenShift playground in AWS"},"content":{"rendered":"

Before we begin: This is in no way production ready, as the title states. In a production setup you would put the internal registry on a persistent storage, you would probably have more than one master node and you would probably have more than on compute node. Security is not covered at all here. This post is intended to quickly bring up something you can play with, that’s it. In future posts will explore more details of OpenShift. So, lets start.<\/p>\n

<\/p>\n

What I used as a starting point are three t2.xlarge<\/a> instances:
\n\"\"<\/a><\/p>\n

One of them will be the master, there will be one infrastructure and one compute node. All of them are based on the Red Hat Enterprise Linux 7.5 (HVM) AMI<\/a>:<\/p>\n

\"\"<\/a><\/p>\n

Once these three instances are running the most important thing is that you set persistent hostnames (if you do not do this the OpenShift installation will fail):<\/p>\n

\n[root@master ec2-user]$ hostnamectl set-hostname --static master.it.dbi-services.com\n[root@master ec2-user]$ echo \"preserve_hostname: true\" >> \/etc\/cloud\/cloud.cfg\n<\/pre>\n
Of course you need to do that on all three hosts. Once that is done, because I have no DNS in my setup, \/etc\/hosts should be adjusted on all the machines, in my case:<\/p>\n
\n[root@master ec2-user]$ cat \/etc\/hosts\n127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4\n::1         localhost localhost.localdomain localhost6 localhost6.localdomain6\n10.0.1.167  master master.it.dbi-services.com\n10.0.1.110  node1 node1.it.dbi-services.com\n10.0.1.13   node2 node2.it.dbi-services.com\n<\/pre>\n
As everything is based on RedHat you need to register all the machines:<\/p>\n
\n[root@master ec2-user]$ subscription-manager register\nRegistering to: subscription.rhsm.redhat.com:443\/subscription\nUsername: xxxxxx\nPassword: \nThe system has been registered with ID: xxxxxxx\nThe registered system name is: master\n<\/pre>\n
Once done, refresh and then list the available subscriptions. There should be at least one which is named like “Red Hat OpenShift”. Having identified the “Pool ID” for that one attach it (on all machines):<\/p>\n
\n[root@master ec2-user]$ subscription-manager refresh\n[root@master ec2-user]$ subscription-manager list --available\n[root@master ec2-user]$ subscription-manager attach --pool=xxxxxxxxxxxxxxxxxxxxxxxxx\n<\/pre>\n
Now you are ready to enable the required repositories (on all machines):<\/p>\n
\n[root@master ec2-user]$ subscription-manager repos --enable=\"rhel-7-server-rpms\" \\\n    --enable=\"rhel-7-server-extras-rpms\" \\\n     --enable=\"rhel-7-server-ose-3.11-rpms\" \\\n     --enable=\"rhel-7-server-ansible-2.6-rpms\"\n\nRepository 'rhel-7-server-rpms' is enabled for this system.\nRepository 'rhel-7-server-extras-rpms' is enabled for this system.\nRepository 'rhel-7-server-ansible-2.6-rpms' is enabled for this system.\nRepository 'rhel-7-server-ose-3.11-rpms' is enabled for this system.\n<\/pre>\n
Having the repos enabled the required packages can be installed (on all machines):<\/p>\n
\n[root@master ec2-user]$ yum -y install wget git net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct\n<\/pre>\n
Updating all packages to the latest release and rebooting to the potentially new kernel is recommended. As we will be using Docker<\/a> for this deployment we will install that as well (on all machines):<\/p>\n
\n[root@master ec2-user]$ yum install -y docker\n[root@master ec2-user]$ yum update -y\n[root@master ec2-user]$ systemctl reboot\n<\/pre>\n
Now, that we are up to date and the prerequisites are met we create a new group and a new user. Why that? The complete OpenShift installation is driven by Ansible<\/a>. You could run all of the installation directly as root, but a better way is to use a dedicated user that has sudo permissions to perform the tasks (on all machines):<\/p>\n
\n[root@master ec2-user]$ useradd -g dbi dbi\n[root@master ec2-user]$ useradd -g dbi dbi\n<\/pre>\n
As Ansible needs to login to all the machines you will need to setup password-less ssh connections for the user. I am assuming that you know how to do that. If not, please check here<\/a>.<\/p>\n
Several tasks<\/a> of the OpenShift Ansible playbooks need to be executed as root so the “dbi” user needs permissions to do that (on all machines):<\/p>\n
\n[root@master ec2-user]$ cat \/etc\/sudoers | grep dbi\ndbi\tALL=(ALL)\tNOPASSWD: ALL\n<\/pre>\n
There is one last preparation step to be executed on the master only: Installing the Ansible playbooks required to bring up OpenShift:<\/p>\n
\n[root@master ec2-user]$ yum -y install openshift-ansible\n<\/pre>\n
That’s all the preparation required for this playground setup. As all the installation is Ansible based we need an inventory<\/a> file on the master:<\/p>\n
\n[dbi@master ~]$ id -a\nuid=1001(dbi) gid=1001(dbi) groups=1001(dbi),994(dockerroot) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023\n[dbi@master ~]$ pwd\n\/home\/dbi\n[dbi@master ~]$ cat inventory \n# Create an OSEv3 group that contains the masters, nodes, and etcd groups\n[OSEv3:children]\nmasters\nnodes\netcd\n\n# Set variables common for all OSEv3 hosts\n[OSEv3:vars]\n# SSH user, this user should allow ssh based auth without requiring a password\nansible_ssh_user=dbi\n# If ansible_ssh_user is not root, ansible_become must be set to true\nansible_become=true\nbecome_method = sudo\nopenshift_deployment_type=openshift-enterprise\nopenshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]\nopenshift_master_htpasswd_users={'admin': '$apr1$4ZbKL26l$3eKL\/6AQM8O94lRwTAu611', 'developer': '$apr1$4ZbKL26l$3eKL\/6AQM8O94lRwTAu611'}\n# Registry settings\noreg_url=registry.redhat.io\/openshift3\/ose-${component}:${version}\noreg_auth_user=dbiservices2800\noreg_auth_password=eIJAy7LsyA\n# disable checks\nopenshift_disable_check=disk_availability,docker_storage,memory_availability\n\nopenshift_master_default_subdomain=apps.it.dbi-services.com\n\n# host group for masters\n[masters]\nmaster.it.dbi-services.com\n\n# host group for etcd\n[etcd]\nmaster.it.dbi-services.com\n\n# host group for nodes, includes region info\n[nodes]\nmaster.it.dbi-services.com openshift_node_group_name='node-config-master'\nnode1.it.dbi-services.com openshift_node_group_name='node-config-compute'\nnode2.it.dbi-services.com openshift_node_group_name='node-config-infra'\n<\/pre>\n
If you need more details about all the variables and host groups used here, please check the OpenShift documentation<\/a>.<\/p>\n
In any case pleas execute the prerequisites playbook before starting with the installation. When that does not run until the end or does show any “failed” tasks then you need to fix something before proceeding:<\/p>\n
\n[dbi@master ~]$ ansible-playbook -i inventory \/usr\/share\/ansible\/openshift-ansible\/playbooks\/prerequisites.yml \n\nPLAY [Fail openshift_kubelet_name_override for new hosts] **********************************************\n\nTASK [Gathering Facts] *********************************************************************************\nok: [master.it.dbi-services.com]\nok: [node1.it.dbi-services.com]\n\n...\n\nPLAY RECAP *********************************************************************************************\nlocalhost                  : ok=11   changed=0    unreachable=0    failed=0   \nmaster.it.dbi-services.com : ok=80   changed=17   unreachable=0    failed=0   \nnode1.it.dbi-services.com  : ok=56   changed=16   unreachable=0    failed=0   \n\n\nINSTALLER STATUS ***************************************************************************************\nInitialization  : Complete (0:01:40)\n<\/pre>\n
When it is fine, install OpenShift:<\/p>\n
\n[dbi@master ~]$ ansible-playbook -i inventory \/usr\/share\/ansible\/openshift-ansible\/playbooks\/deploy_cluster.yml \n<\/pre>\n
That will take some time but at the end your OpenShift cluster should be up and running:<\/p>\n
\n[dbi@master ~]$ oc login -u system:admin\nLogged into \"https:\/\/master:8443\" as \"system:admin\" using existing credentials.\n\nYou have access to the following projects and can switch between them with 'oc project ':\n\n  * default\n    kube-public\n    kube-service-catalog\n    kube-system\n    management-infra\n    openshift\n    openshift-ansible-service-broker\n    openshift-console\n    openshift-infra\n    openshift-logging\n    openshift-monitoring\n    openshift-node\n    openshift-sdn\n    openshift-template-service-broker\n    openshift-web-console\n\nUsing project \"default\".\n\n[dbi@master ~]$ oc get nodes \nNAME                         STATUS    ROLES     AGE       VERSION\nmaster.it.dbi-services.com   Ready     master    1h        v1.11.0+d4cacc0\nnode1.it.dbi-services.com    Ready     compute   1h        v1.11.0+d4cacc0\nnode2.it.dbi-services.com    Ready     infra     1h        v1.11.0+d4cacc0\n<\/pre>\n
As expected there is one master, one infratructure and one compute node. All the pods<\/a> in the default namespace should be running fine:<\/p>\n
\n[dbi@master ~]$ oc get pods -n default\nNAME                       READY     STATUS    RESTARTS   AGE\ndocker-registry-1-lmjzs    1\/1       Running   0          1h\nregistry-console-1-n4z5j   1\/1       Running   0          1h\nrouter-1-5wl27             1\/1       Running   0          1h\n<\/pre>\n
All the default Image Streams<\/a> are there as well:<\/p>\n
\n[dbi@master ~]$ oc get is -n openshift\nNAME                                           DOCKER REPO                                                                               TAGS                          UPDATED\napicurito-ui                                   docker-registry.default.svc:5000\/openshift\/apicurito-ui                                   1.2                           2 hours ago\ndotnet                                         docker-registry.default.svc:5000\/openshift\/dotnet                                         latest,1.0,1.1 + 3 more...    2 hours ago\ndotnet-runtime                                 docker-registry.default.svc:5000\/openshift\/dotnet-runtime                                 2.2,latest,2.0 + 1 more...    2 hours ago\neap-cd-openshift                               docker-registry.default.svc:5000\/openshift\/eap-cd-openshift                               14.0,15.0,13 + 6 more...      2 hours ago\nfis-java-openshift                             docker-registry.default.svc:5000\/openshift\/fis-java-openshift                             1.0,2.0                       2 hours ago\nfis-karaf-openshift                            docker-registry.default.svc:5000\/openshift\/fis-karaf-openshift                            1.0,2.0                       2 hours ago\nfuse-apicurito-generator                       docker-registry.default.svc:5000\/openshift\/fuse-apicurito-generator                       1.2                           2 hours ago\nfuse7-console                                  docker-registry.default.svc:5000\/openshift\/fuse7-console                                  1.0,1.1,1.2                   2 hours ago\nfuse7-eap-openshift                            docker-registry.default.svc:5000\/openshift\/fuse7-eap-openshift                            1.0,1.1,1.2                   2 hours ago\nfuse7-java-openshift                           docker-registry.default.svc:5000\/openshift\/fuse7-java-openshift                           1.0,1.1,1.2                   2 hours ago\nfuse7-karaf-openshift                          docker-registry.default.svc:5000\/openshift\/fuse7-karaf-openshift                          1.0,1.1,1.2                   2 hours ago\nhttpd                                          docker-registry.default.svc:5000\/openshift\/httpd                                          2.4,latest                    2 hours ago\njava                                           docker-registry.default.svc:5000\/openshift\/java                                           8,latest                      2 hours ago\njboss-amq-62                                   docker-registry.default.svc:5000\/openshift\/jboss-amq-62                                   1.3,1.4,1.5 + 4 more...       2 hours ago\njboss-amq-63                                   docker-registry.default.svc:5000\/openshift\/jboss-amq-63                                   1.0,1.1,1.2 + 1 more...       2 hours ago\njboss-datagrid73-openshift                     docker-registry.default.svc:5000\/openshift\/jboss-datagrid73-openshift                     1.0                           \njboss-datavirt63-driver-openshift              docker-registry.default.svc:5000\/openshift\/jboss-datavirt63-driver-openshift              1.0,1.1                       2 hours ago\njboss-datavirt63-openshift                     docker-registry.default.svc:5000\/openshift\/jboss-datavirt63-openshift                     1.0,1.1,1.2 + 2 more...       2 hours ago\njboss-decisionserver62-openshift               docker-registry.default.svc:5000\/openshift\/jboss-decisionserver62-openshift               1.2                           2 hours ago\njboss-decisionserver63-openshift               docker-registry.default.svc:5000\/openshift\/jboss-decisionserver63-openshift               1.3,1.4                       2 hours ago\njboss-decisionserver64-openshift               docker-registry.default.svc:5000\/openshift\/jboss-decisionserver64-openshift               1.0,1.1,1.2 + 1 more...       2 hours ago\njboss-eap64-openshift                          docker-registry.default.svc:5000\/openshift\/jboss-eap64-openshift                          1.7,1.3,1.4 + 6 more...       2 hours ago\njboss-eap70-openshift                          docker-registry.default.svc:5000\/openshift\/jboss-eap70-openshift                          1.5,1.6,1.7 + 2 more...       2 hours ago\njboss-eap71-openshift                          docker-registry.default.svc:5000\/openshift\/jboss-eap71-openshift                          1.1,1.2,1.3 + 1 more...       2 hours ago\njboss-eap72-openshift                          docker-registry.default.svc:5000\/openshift\/jboss-eap72-openshift                          1.0,latest                    2 hours ago\njboss-fuse70-console                           docker-registry.default.svc:5000\/openshift\/jboss-fuse70-console                           1.0                           2 hours ago\njboss-fuse70-eap-openshift                     docker-registry.default.svc:5000\/openshift\/jboss-fuse70-eap-openshift                     1.0                           \njboss-fuse70-java-openshift                    docker-registry.default.svc:5000\/openshift\/jboss-fuse70-java-openshift                    1.0                           2 hours ago\njboss-fuse70-karaf-openshift                   docker-registry.default.svc:5000\/openshift\/jboss-fuse70-karaf-openshift                   1.0                           2 hours ago\njboss-processserver63-openshift                docker-registry.default.svc:5000\/openshift\/jboss-processserver63-openshift                1.3,1.4                       2 hours ago\njboss-processserver64-openshift                docker-registry.default.svc:5000\/openshift\/jboss-processserver64-openshift                1.2,1.3,1.0 + 1 more...       2 hours ago\njboss-webserver30-tomcat7-openshift            docker-registry.default.svc:5000\/openshift\/jboss-webserver30-tomcat7-openshift            1.1,1.2,1.3                   2 hours ago\njboss-webserver30-tomcat8-openshift            docker-registry.default.svc:5000\/openshift\/jboss-webserver30-tomcat8-openshift            1.2,1.3,1.1                   2 hours ago\njboss-webserver31-tomcat7-openshift            docker-registry.default.svc:5000\/openshift\/jboss-webserver31-tomcat7-openshift            1.0,1.1,1.2                   2 hours ago\njboss-webserver31-tomcat8-openshift            docker-registry.default.svc:5000\/openshift\/jboss-webserver31-tomcat8-openshift            1.0,1.1,1.2                   2 hours ago\njenkins                                        docker-registry.default.svc:5000\/openshift\/jenkins                                        2,latest,1                    2 hours ago\nmariadb                                        docker-registry.default.svc:5000\/openshift\/mariadb                                        10.1,10.2,latest              2 hours ago\nmongodb                                        docker-registry.default.svc:5000\/openshift\/mongodb                                        2.4,3.2,3.6 + 3 more...       2 hours ago\nmysql                                          docker-registry.default.svc:5000\/openshift\/mysql                                          5.7,latest,5.6 + 1 more...    2 hours ago\nnginx                                          docker-registry.default.svc:5000\/openshift\/nginx                                          1.8,latest,1.10 + 1 more...   2 hours ago\nnodejs                                         docker-registry.default.svc:5000\/openshift\/nodejs                                         8-RHOAR,0.10,6 + 3 more...    2 hours ago\nperl                                           docker-registry.default.svc:5000\/openshift\/perl                                           5.20,5.24,5.16 + 1 more...    2 hours ago\nphp                                            docker-registry.default.svc:5000\/openshift\/php                                            5.6,5.5,7.0 + 1 more...       2 hours ago\npostgresql                                     docker-registry.default.svc:5000\/openshift\/postgresql                                     latest,10,9.2 + 3 more...     2 hours ago\npython                                         docker-registry.default.svc:5000\/openshift\/python                                         2.7,3.3,3.4 + 3 more...       2 hours ago\nredhat-openjdk18-openshift                     docker-registry.default.svc:5000\/openshift\/redhat-openjdk18-openshift                     1.0,1.1,1.2 + 2 more...       2 hours ago\nredhat-sso70-openshift                         docker-registry.default.svc:5000\/openshift\/redhat-sso70-openshift                         1.3,1.4                       2 hours ago\nredhat-sso71-openshift                         docker-registry.default.svc:5000\/openshift\/redhat-sso71-openshift                         1.1,1.2,1.3 + 1 more...       2 hours ago\nredhat-sso72-openshift                         docker-registry.default.svc:5000\/openshift\/redhat-sso72-openshift                         1.0,1.1,1.2                   2 hours ago\nredis                                          docker-registry.default.svc:5000\/openshift\/redis                                          3.2,latest                    2 hours ago\nrhdm70-decisioncentral-openshift               docker-registry.default.svc:5000\/openshift\/rhdm70-decisioncentral-openshift               1.0,1.1                       2 hours ago\nrhdm70-kieserver-openshift                     docker-registry.default.svc:5000\/openshift\/rhdm70-kieserver-openshift                     1.0,1.1                       2 hours ago\nrhdm71-controller-openshift                    docker-registry.default.svc:5000\/openshift\/rhdm71-controller-openshift                    1.0,1.1                       2 hours ago\nrhdm71-decisioncentral-indexing-openshift      docker-registry.default.svc:5000\/openshift\/rhdm71-decisioncentral-indexing-openshift      1.0,1.1                       2 hours ago\nrhdm71-decisioncentral-openshift               docker-registry.default.svc:5000\/openshift\/rhdm71-decisioncentral-openshift               1.1,1.0                       2 hours ago\nrhdm71-kieserver-openshift                     docker-registry.default.svc:5000\/openshift\/rhdm71-kieserver-openshift                     1.0,1.1                       2 hours ago\nrhdm71-optaweb-employee-rostering-openshift    docker-registry.default.svc:5000\/openshift\/rhdm71-optaweb-employee-rostering-openshift    1.0,1.1                       2 hours ago\nrhdm72-controller-openshift                    docker-registry.default.svc:5000\/openshift\/rhdm72-controller-openshift                    1.0,1.1                       2 hours ago\nrhdm72-decisioncentral-indexing-openshift      docker-registry.default.svc:5000\/openshift\/rhdm72-decisioncentral-indexing-openshift      1.0,1.1                       2 hours ago\nrhdm72-decisioncentral-openshift               docker-registry.default.svc:5000\/openshift\/rhdm72-decisioncentral-openshift               1.1,1.0                       2 hours ago\nrhdm72-kieserver-openshift                     docker-registry.default.svc:5000\/openshift\/rhdm72-kieserver-openshift                     1.0,1.1                       2 hours ago\nrhdm72-optaweb-employee-rostering-openshift    docker-registry.default.svc:5000\/openshift\/rhdm72-optaweb-employee-rostering-openshift    1.0,1.1                       2 hours ago\nrhpam70-businesscentral-indexing-openshift     docker-registry.default.svc:5000\/openshift\/rhpam70-businesscentral-indexing-openshift     1.0,1.1,1.2                   2 hours ago\nrhpam70-businesscentral-monitoring-openshift   docker-registry.default.svc:5000\/openshift\/rhpam70-businesscentral-monitoring-openshift   1.1,1.2,1.0                   2 hours ago\nrhpam70-businesscentral-openshift              docker-registry.default.svc:5000\/openshift\/rhpam70-businesscentral-openshift              1.0,1.1,1.2                   2 hours ago\nrhpam70-controller-openshift                   docker-registry.default.svc:5000\/openshift\/rhpam70-controller-openshift                   1.0,1.1,1.2                   2 hours ago\nrhpam70-kieserver-openshift                    docker-registry.default.svc:5000\/openshift\/rhpam70-kieserver-openshift                    1.0,1.1,1.2                   2 hours ago\nrhpam70-smartrouter-openshift                  docker-registry.default.svc:5000\/openshift\/rhpam70-smartrouter-openshift                  1.0,1.1,1.2                   2 hours ago\nrhpam71-businesscentral-indexing-openshift     docker-registry.default.svc:5000\/openshift\/rhpam71-businesscentral-indexing-openshift     1.0,1.1                       2 hours ago\nrhpam71-businesscentral-monitoring-openshift   docker-registry.default.svc:5000\/openshift\/rhpam71-businesscentral-monitoring-openshift   1.0,1.1                       2 hours ago\nrhpam71-businesscentral-openshift              docker-registry.default.svc:5000\/openshift\/rhpam71-businesscentral-openshift              1.0,1.1                       2 hours ago\nrhpam71-controller-openshift                   docker-registry.default.svc:5000\/openshift\/rhpam71-controller-openshift                   1.0,1.1                       2 hours ago\nrhpam71-kieserver-openshift                    docker-registry.default.svc:5000\/openshift\/rhpam71-kieserver-openshift                    1.0,1.1                       2 hours ago\nrhpam71-smartrouter-openshift                  docker-registry.default.svc:5000\/openshift\/rhpam71-smartrouter-openshift                  1.0,1.1                       2 hours ago\nrhpam72-businesscentral-indexing-openshift     docker-registry.default.svc:5000\/openshift\/rhpam72-businesscentral-indexing-openshift     1.1,1.0                       2 hours ago\nrhpam72-businesscentral-monitoring-openshift   docker-registry.default.svc:5000\/openshift\/rhpam72-businesscentral-monitoring-openshift   1.0,1.1                       2 hours ago\nrhpam72-businesscentral-openshift              docker-registry.default.svc:5000\/openshift\/rhpam72-businesscentral-openshift              1.0,1.1                       2 hours ago\nrhpam72-controller-openshift                   docker-registry.default.svc:5000\/openshift\/rhpam72-controller-openshift                   1.0,1.1                       2 hours ago\nrhpam72-kieserver-openshift                    docker-registry.default.svc:5000\/openshift\/rhpam72-kieserver-openshift                    1.0,1.1                       2 hours ago\nrhpam72-smartrouter-openshift                  docker-registry.default.svc:5000\/openshift\/rhpam72-smartrouter-openshift                  1.0,1.1                       2 hours ago\nruby                                           docker-registry.default.svc:5000\/openshift\/ruby                                           2.2,2.3,2.4 + 3 more...       2 hours ago\n<\/pre>\n
Happy playing …<\/p>\n","protected":false},"excerpt":{"rendered":"
Before we begin: This is in no way production ready, as the title states. In a production setup you would put the internal registry on a persistent storage, you would probably have more than one master node and you would probably have more than on compute node. Security is not covered at all here. This […]<\/p>\n","protected":false},"author":29,"featured_media":12360,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[197,229],"tags":[762,601,1344,1324],"type_dbi":[],"class_list":["post-12359","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-application-integration-middleware","category-database-administration-monitoring","tag-containers","tag-docker","tag-openshift","tag-redhat"],"acf":[],"yoast_head":"\nBringing up an OpenShift playground in AWS - dbi Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Bringing up an OpenShift playground in AWS\" \/>\n<meta property=\"og:description\" content=\"Before we begin: This is in no way production ready, as the title states. In a production setup you would put the internal registry on a persistent storage, you would probably have more than one master node and you would probably have more than on compute node. Security is not covered at all here. This […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/\" \/>\n<meta property=\"og:site_name\" content=\"dbi Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-04-17T16:24:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/Selection_075-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1555\" \/>\n\t<meta property=\"og:image:height\" content=\"95\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Daniel Westermann\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@westermanndanie\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Daniel Westermann\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/\"},\"author\":{\"name\":\"Daniel Westermann\",\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/#\\\/schema\\\/person\\\/8d08e9bd996a89bd75c0286cbabf3c66\"},\"headline\":\"Bringing up an OpenShift playground in AWS\",\"datePublished\":\"2019-04-17T16:24:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/\"},\"wordCount\":579,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2022\\\/04\\\/Selection_075-1.png\",\"keywords\":[\"Containers\",\"Docker\",\"OpenShift\",\"redhat\"],\"articleSection\":[\"Application integration & Middleware\",\"Database Administration & Monitoring\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/\",\"url\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/\",\"name\":\"Bringing up an OpenShift playground in AWS - dbi Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2022\\\/04\\\/Selection_075-1.png\",\"datePublished\":\"2019-04-17T16:24:47+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/#\\\/schema\\\/person\\\/8d08e9bd996a89bd75c0286cbabf3c66\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2022\\\/04\\\/Selection_075-1.png\",\"contentUrl\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2022\\\/04\\\/Selection_075-1.png\",\"width\":1555,\"height\":95},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/bringing-up-an-openshift-playground-in-aws\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Bringing up an OpenShift playground in AWS\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/\",\"name\":\"dbi Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/#\\\/schema\\\/person\\\/8d08e9bd996a89bd75c0286cbabf3c66\",\"name\":\"Daniel Westermann\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g\",\"caption\":\"Daniel Westermann\"},\"description\":\"Daniel Westermann is Principal Consultant and Technology Leader Open Infrastructure at dbi services. He has more than 15 years of experience in management, engineering and optimization of databases and infrastructures, especially on Oracle and PostgreSQL. Since the beginning of his career, he has specialized in Oracle Technologies and is Oracle Certified Professional 12c and Oracle Certified Expert RAC\\\/GridInfra. Over time, Daniel has become increasingly interested in open source technologies, becoming \u201cTechnology Leader Open Infrastructure\u201d and PostgreSQL expert. \u00a0Based on community or EnterpriseDB tools, he develops and installs complex high available solutions with PostgreSQL. He is also a certified PostgreSQL Plus 9.0 Professional and a Postgres Advanced Server 9.4 Professional. He is a regular speaker at PostgreSQL conferences in Switzerland and Europe. Today Daniel is also supporting our customers on AWS services such as AWS RDS, database migrations into the cloud, EC2 and automated infrastructure management with AWS SSM (System Manager). He is a certified AWS Solutions Architect Professional. Prior to dbi services, Daniel was Management System Engineer at LC SYSTEMS-Engineering AG in Basel. Before that, he worked as Oracle Developper &\u00a0Project Manager at Delta Energy Solutions AG in Basel (today Powel AG). Daniel holds a diploma in Business Informatics (DHBW, Germany). His branch-related experience mainly covers the pharma industry, the financial sector, energy, lottery and telecommunications.\",\"sameAs\":[\"https:\\\/\\\/x.com\\\/westermanndanie\"],\"url\":\"https:\\\/\\\/www.dbi-services.com\\\/blog\\\/author\\\/daniel-westermann\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Bringing up an OpenShift playground in AWS - dbi Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/","og_locale":"en_US","og_type":"article","og_title":"Bringing up an OpenShift playground in AWS","og_description":"Before we begin: This is in no way production ready, as the title states. In a production setup you would put the internal registry on a persistent storage, you would probably have more than one master node and you would probably have more than on compute node. Security is not covered at all here. This […]","og_url":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/","og_site_name":"dbi Blog","article_published_time":"2019-04-17T16:24:47+00:00","og_image":[{"width":1555,"height":95,"url":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/Selection_075-1.png","type":"image\/png"}],"author":"Daniel Westermann","twitter_card":"summary_large_image","twitter_creator":"@westermanndanie","twitter_misc":{"Written by":"Daniel Westermann","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/#article","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/"},"author":{"name":"Daniel Westermann","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66"},"headline":"Bringing up an OpenShift playground in AWS","datePublished":"2019-04-17T16:24:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/"},"wordCount":579,"commentCount":0,"image":{"@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/#primaryimage"},"thumbnailUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/Selection_075-1.png","keywords":["Containers","Docker","OpenShift","redhat"],"articleSection":["Application integration & Middleware","Database Administration & Monitoring"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/","url":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/","name":"Bringing up an OpenShift playground in AWS - dbi Blog","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/#primaryimage"},"image":{"@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/#primaryimage"},"thumbnailUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/Selection_075-1.png","datePublished":"2019-04-17T16:24:47+00:00","author":{"@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66"},"breadcrumb":{"@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/#primaryimage","url":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/Selection_075-1.png","contentUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/Selection_075-1.png","width":1555,"height":95},{"@type":"BreadcrumbList","@id":"https:\/\/www.dbi-services.com\/blog\/bringing-up-an-openshift-playground-in-aws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.dbi-services.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Bringing up an OpenShift playground in AWS"}]},{"@type":"WebSite","@id":"https:\/\/www.dbi-services.com\/blog\/#website","url":"https:\/\/www.dbi-services.com\/blog\/","name":"dbi Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8d08e9bd996a89bd75c0286cbabf3c66","name":"Daniel Westermann","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/31350ceeecb1dd8986339a29bf040d4cd3cd087d410deccd8f55234466d6c317?s=96&d=mm&r=g","caption":"Daniel Westermann"},"description":"Daniel Westermann is Principal Consultant and Technology Leader Open Infrastructure at dbi services. He has more than 15 years of experience in management, engineering and optimization of databases and infrastructures, especially on Oracle and PostgreSQL. Since the beginning of his career, he has specialized in Oracle Technologies and is Oracle Certified Professional 12c and Oracle Certified Expert RAC\/GridInfra. Over time, Daniel has become increasingly interested in open source technologies, becoming \u201cTechnology Leader Open Infrastructure\u201d and PostgreSQL expert. \u00a0Based on community or EnterpriseDB tools, he develops and installs complex high available solutions with PostgreSQL. He is also a certified PostgreSQL Plus 9.0 Professional and a Postgres Advanced Server 9.4 Professional. He is a regular speaker at PostgreSQL conferences in Switzerland and Europe. Today Daniel is also supporting our customers on AWS services such as AWS RDS, database migrations into the cloud, EC2 and automated infrastructure management with AWS SSM (System Manager). He is a certified AWS Solutions Architect Professional. Prior to dbi services, Daniel was Management System Engineer at LC SYSTEMS-Engineering AG in Basel. Before that, he worked as Oracle Developper &\u00a0Project Manager at Delta Energy Solutions AG in Basel (today Powel AG). Daniel holds a diploma in Business Informatics (DHBW, Germany). His branch-related experience mainly covers the pharma industry, the financial sector, energy, lottery and telecommunications.","sameAs":["https:\/\/x.com\/westermanndanie"],"url":"https:\/\/www.dbi-services.com\/blog\/author\/daniel-westermann\/"}]}},"_links":{"self":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/12359","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/users\/29"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/comments?post=12359"}],"version-history":[{"count":0,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/12359\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media\/12360"}],"wp:attachment":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media?parent=12359"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/categories?post=12359"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/tags?post=12359"},{"taxonomy":"type","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/type_dbi?post=12359"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}