Install ephemeral OpenShift Local cluster for testing and development purposes.
This solution is for local testing and development only. It requires at least 40Gb of space and around 9G of RAM.
Install package dependencies
Install package dependencies.
$ sudo apt install qemu-kvm libvirt-daemon libvirt-daemon-system network-manager
Download CRC and pull secret
Go to RedHat web-site to create new cluster.
Download OpenShift Local for Linux.
$ wget https://developers.redhat.com/content-gateway/rest/mirror/pub/openshift-v4/clients/crc/latest/crc-linux-amd64.tar.xz
Inspect archive contents
$ tar tvfJ crc-linux-amd64.tar.xz
drwxr-xr-x root/root 0 2023-07-10 15:14 crc-linux-2.23.0-amd64/ -rw-r--r-- root/root 10759 2023-07-10 15:14 crc-linux-2.23.0-amd64/LICENSE -rwxr-xr-x root/root 89073609 2023-07-10 15:14 crc-linux-2.23.0-amd64/crc
Extract binary.
$ sudo tar --extract --xz --strip-components 1 --file crc-linux-amd64.tar.xz --directory /usr/local/bin/ crc-linux-2.23.0-amd64/cr
Build CRC (optional)
This part can be skipped, especially when you already downloaded CRC.
Install make utility.
$ sudo make
Download and extract Go.
$ wget https://go.dev/dl/go1.20.6.linux-amd64.tar.gz
--2023-07-27 11:47:13-- https://go.dev/dl/go1.20.6.linux-amd64.tar.gz Resolving go.dev (go.dev)... 216.239.36.21, 216.239.34.21, 216.239.38.21, ... Connecting to go.dev (go.dev)|216.239.36.21|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://dl.google.com/go/go1.20.6.linux-amd64.tar.gz [following] --2023-07-27 11:47:13-- https://dl.google.com/go/go1.20.6.linux-amd64.tar.gz Resolving dl.google.com (dl.google.com)... 142.250.186.206, 2a00:1450:401b:80d::200e Connecting to dl.google.com (dl.google.com)|142.250.186.206|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 100214407 (96M) [application/x-gzip] Saving to: ‘go1.20.6.linux-amd64.tar.gz’ go1.20.6.linux-amd64.tar.gz 100%[===================================================================================================================>] 95.57M 6.64MB/s in 14s 2023-07-27 11:47:27 (7.06 MB/s) - ‘go1.20.6.linux-amd64.tar.gz’ saved [100214407/100214407]
$ sudo tar -C /usr/local -xzf go1.20.6.linux-amd64.tar.gz
Update PATH variable, update .bashrc file to it persistent.
$ export PATH=$PATH:/usr/local/go/bin:~/go/bin
Download, extract, build and install CRC release.
wget https://github.com/crc-org/crc/archive/refs/tags/v2.23.0.tar.gz
$ tar xvfz v2.23.0.tar.gz
$ cd crc-2.23.0/
$ make install
fatal: not a git repository (or any of the parent directories): .git fatal: not a git repository (or any of the parent directories): .git go install -tags "containers_image_openpgp" -ldflags="-X github.com/crc-org/crc/pkg/crc/version.crcVersion=2.23.0 -X github.com/crc-org/crc/pkg/crc/version.ocpVersion=4.13.3 -X github.com/crc-org/crc/pkg/crc/version.okdVersion=4.13.0-0.okd-2023-06-04-080300 -X github.com/crc-org/crc/pkg/crc/version.podmanVersion=4.4.4 -X github.com/crc-org/crc/pkg/crc/version.microshiftVersion=4.13.3 -X github.com/crc-org/crc/pkg/crc/version.commitSha= " ./cmd/crc
Install OpenShift Local
Inspect CRC utility.
$ crc help
CRC is a tool that manages a local OpenShift 4.x cluster optimized for testing and development purposes
Usage:
crc [flags]
crc [command]
Available Commands:
bundle Manage CRC bundles
cleanup Undo config changes
completion Generate the autocompletion script for the specified shell
config Modify crc configuration
console Open the OpenShift Web Console in the default browser
delete Delete the instance
help Help about any command
ip Get IP address of the running OpenShift cluster
oc-env Add the 'oc' executable to PATH
podman-env Setup podman environment
setup Set up prerequisites for using CRC
start Start the instance
status Display status of the OpenShift cluster
stop Stop the instance
version Print version information
Flags:
-h, --help help for crc
--log-level string log level (e.g. "debug | info | warn | error") (default "info")
Use "crc [command] --help" for more information about a command.
Enable user network mode.
$ crc config set network-mode user
Network mode changed. Please run `crc cleanup` and `crc setup`.
Remove setup configuration. Setup will be executed for the first time, so you can skip this for now.
$ crc cleanup
INFO Removing vsock configuration INFO Removing 'crc' network from libvirt INFO Removing /etc/NetworkManager/dispatcher.d/99-crc.sh file INFO Cleaning up AppArmor configuration INFO Removing crc daemon systemd socket units INFO Removing crc daemon systemd service INFO Removing crc's virtual machine INFO Removing crc libvirt storage pool INFO Removing CRC Specific entries from user's known_hosts file INFO Removing hosts file records added by CRC INFO Removing pull secret from the keyring INFO Removing older logs INFO Removing CRC Machine Instance directory INFO Removing crc executable symlink unexpected AppArmor template file /etc/apparmor.d/libvirt/TEMPLATE.qemu, cannot configure it automatically
Ensure that you are part of the libvirt group.
$ groups
milosz adm cdrom sudo dip plugdev lxd libvirt
Configure local virtualization for CRC.
$ crc setup
INFO Using bundle path /home/milosz/.crc/cache/crc_libvirt_4.13.3_amd64.crcbundle INFO Checking if running as non-root INFO Checking if running inside WSL2 INFO Checking if crc-admin-helper executable is cached INFO Checking if running on a supported CPU architecture INFO Checking if crc executable symlink exists INFO Checking minimum RAM requirements INFO Checking if Virtualization is enabled INFO Checking if KVM is enabled INFO Checking if libvirt is installed INFO Checking if user is part of libvirt group INFO Checking if active user/process is currently part of the libvirt group INFO Checking if libvirt daemon is running INFO Checking if a supported libvirt version is installed INFO Checking if crc-driver-libvirt is installed INFO Installing crc-driver-libvirt INFO Checking crc daemon systemd service INFO Setting up crc daemon systemd service INFO Checking crc daemon systemd socket units INFO Setting up crc daemon systemd socket units INFO Checking if AppArmor is configured INFO Updating AppArmor configuration INFO Using root access: Updating AppArmor configuration [sudo] password for milosz: ************* INFO Using root access: Changing permissions for /etc/apparmor.d/libvirt/TEMPLATE.qemu to 644 INFO Checking if vsock is correctly configured INFO Setting up vsock support INFO Using root access: Setting CAP_NET_BIND_SERVICE capability for /home/milosz/go/bin/crc executable INFO Using root access: Creating udev rule for /dev/vsock INFO Using root access: Changing permissions for /etc/udev/rules.d/99-crc-vsock.rules to 644 INFO Using root access: Reloading udev rules database INFO Using root access: Loading vhost_vsock kernel module INFO Using root access: Creating file /etc/modules-load.d/vhost_vsock.conf INFO Using root access: Changing permissions for /etc/modules-load.d/vhost_vsock.conf to 644 INFO Checking if CRC bundle is extracted in '$HOME/.crc' INFO Checking if /home/milosz/.crc/cache/crc_libvirt_4.13.3_amd64.crcbundle exists INFO Getting bundle for the CRC executable INFO Downloading bundle: /home/milosz/.crc/cache/crc_libvirt_4.13.3_amd64.crcbundle... 3.92 GiB / 3.92 GiB [-----------------------------------------------------------------] 100.00% 7.07 MiB/s INFO Uncompressing /home/milosz/.crc/cache/crc_libvirt_4.13.3_amd64.crcbundle crc.qcow2: 14.24 GiB / 14.24 GiB [-----------------------------------------------------------------] 100.00% oc: 136.05 MiB / 136.05 MiB [-----------------------------------------------------------------] 100.00% Your system is correctly setup for using CRC. Use 'crc start' to start the instance
Start OpenShift Local.
$ crc start
INFO Checking if running as non-root INFO Checking if running inside WSL2 INFO Checking if crc-admin-helper executable is cached INFO Checking if running on a supported CPU architecture INFO Checking if crc executable symlink exists INFO Checking minimum RAM requirements INFO Checking if Virtualization is enabled INFO Checking if KVM is enabled INFO Checking if libvirt is installed INFO Checking if user is part of libvirt group INFO Checking if active user/process is currently part of the libvirt group INFO Checking if libvirt daemon is running INFO Checking if a supported libvirt version is installed INFO Checking if crc-driver-libvirt is installed INFO Checking crc daemon systemd socket units INFO Checking if AppArmor is configured INFO Checking if vsock is correctly configured INFO Loading bundle: crc_libvirt_4.13.3_amd64... CRC requires a pull secret to download content from Red Hat. You can copy it from the Pull Secret section of https://console.redhat.com/openshift/create/local. ? Please enter the pull secret ********************************************************************************************************************************************************************************** WARN Cannot add pull secret to keyring: The name org.freedesktop.secrets was not provided by any .service files INFO Creating CRC VM for OpenShift 4.13.3... INFO Generating new SSH key pair... INFO Generating new password for the kubeadmin user INFO Starting CRC VM for openshift 4.13.3... INFO CRC instance is running with IP 127.0.0.1 INFO CRC VM is running INFO Updating authorized keys... INFO Configuring shared directories INFO Check internal and public DNS query... INFO Check DNS query from host... INFO Verifying validity of the kubelet certificates... INFO Starting kubelet service INFO Waiting for kube-apiserver availability... [takes around 2min] INFO Adding user's pull secret to the cluster... INFO Updating SSH key to machine config resource... INFO Waiting until the user's pull secret is written to the instance disk... INFO Changing the password for the kubeadmin user INFO Updating cluster ID... INFO Updating root CA cert to admin-kubeconfig-client-ca configmap... INFO Starting openshift instance... [waiting for the cluster to stabilize] INFO 5 operators are progressing: image-registry, ingress, network, openshift-controller-manager, service-ca INFO 5 operators are progressing: image-registry, ingress, network, openshift-controller-manager, service-ca INFO 5 operators are progressing: image-registry, ingress, network, openshift-controller-manager, service-ca INFO 4 operators are progressing: image-registry, network, openshift-controller-manager, service-ca INFO 4 operators are progressing: image-registry, network, openshift-controller-manager, service-ca INFO 4 operators are progressing: image-registry, network, openshift-controller-manager, service-ca INFO 4 operators are progressing: image-registry, network, openshift-controller-manager, service-ca INFO 3 operators are progressing: image-registry, openshift-controller-manager, service-ca INFO 2 operators are progressing: image-registry, openshift-controller-manager INFO 2 operators are progressing: image-registry, openshift-controller-manager INFO 3 operators are progressing: authentication, image-registry, openshift-controller-manager INFO 3 operators are not available: authentication, console, openshift-apiserver INFO 2 operators are not available: console, openshift-apiserver INFO 2 operators are not available: console, openshift-apiserver INFO Operator console is not yet available INFO All operators are available. Ensuring stability... INFO Operators are stable (2/3)... INFO Operators are stable (3/3)... INFO Adding crc-admin and crc-developer contexts to kubeconfig... Started the OpenShift cluster. The server is accessible via web console at: https://console-openshift-console.apps-crc.testing Log in as administrator: Username: kubeadmin Password: gxNdI-qyom8-Fvy2e-qnpVn Log in as user: Username: developer Password: developer Use the 'oc' command line interface: $ eval $(crc oc-env) $ oc login -u developer https://api.crc.testing:6443
You can access it locally, but this can be cumbersome, so use HAProxy to access it remotely.
Get server IP address.
$ ip -br a
lo UNKNOWN 127.0.0.1/8 ::1/128 ens18 UP 192.168.8.154/24 metric 100 fe80::4c07:9dff:fe1a:4001/64 virbr0 DOWN 192.168.122.1/24
Get OpenShift address.
$ crc ip
127.0.0.1
Install HAProxy.
$ sudo apt install haproxy
Update HAProxy configuration.
$ sudo tee -a /etc/haproxy/haproxy.cfg <<EOF frontend console-openshift-console-frontend mode tcp bind 192.168.8.154:6443 default_backend console-openshift-console-backend backend console-openshift-console-backend mode tcp server s1 127.0.0.1:6443 EOF
Restart HAProxy.
$ systemctl restart haproxy
Update your DNS server or hosts database file to include minimal set of required addresses.
192.168.8.154 console-openshift-console.apps-crc.testing 192.168.8.154 oauth-openshift.apps-crc.testing
Open https://console-openshift-console.apps-crc.testing address, ignore self-signed certificates and have fun.
Stop OpenShift Local.
$ crc stop
INFO Stopping kubelet and all containers... INFO Stopping the instance, this may take a few minutes... Stopped the instance
