Skip to content

Notes on CRC and Minishift

chalda edited this page May 11, 2021 · 2 revisions

OpenShift quick steps to run on local machine

How to start Red Hat Code Ready containers (crc)

  • OpenShift 4 download the Red Hat CodeReady Containers (crc) at https://cloud.redhat.com/openshift/install/crc/installer-provisioned

    • an account is needed as the secret is bound to the account

    • secret expires and new CRC is needed to be downloaded once a time

  • setup crc with crc setup (by default the .crc directory is created)

  • start crc with crc start (secret is needed to be handed off, the binary bundle under ~/.crc is unpacked)

    Note
    oc binary is at ~/.crc/bin/oc
    Note
    to delete previous crc installation completely try crc delete; crc cleanup (then crc setup is needed again)
  • setup crc to work with JBoss EAP registries and that could work with EAP QE OpenShift testsuite, the steps which are necessary are documented at ~/scripts/crc-setup-xpaasqe-testsuite (script authored by pkremens)

Note

The oc code completion can be installed with

yum -y install bash-completion
oc completion bash > /tmp/oc_completion
sudo cp /tmp/oc_completion /etc/bash_completion.d/
Note

To set more memory for crc crc config set memory 16384. To set more disk for crc crc config set disk-size 75. Both needs crc stop, delete (it seems needed for the disk-size) and start.

How to get WildFly docker images

WildFly S2I images and Operator is at https://quay.io/organization/wildfly

Note

Quickly download and start the WildFly just to test oc create deployment wildfly --image=wildfly/wildfly-centos7

oc get po
oc rsh <pod id>
oc log <pod id>
oc delete deploy --all

How to get WildFly Operator

The WildFly S2I Operator image is at quay.io/wildfly/wildfly-operator The setup for running WildFly Operator can be found at https://github.com/wildfly/wildfly-operator/

git clone https://github.com/wildfly/wildfly-operator/; cd wildfly-operator
# kubeadmin password is at ${HOME}/.crc/cache/crc_libvirt_${CRC_VERSION}/kubeadmin-password
build (master)]$ oc login -u kubeadmin -p ${KUBEADMIN_PASSWORD} https://api.crc.testing:6443
./build/run-openshift.sh
# the WildFly operator should be started now

When all the definition was uploaded and the operator was started by the run-openshift.sh script we can deploy the WildFly quickstart application to the cluster. The Operator consider existence of the application definition and start WildFly StatefulSet.

# verify that ./build/run-openshift.sh script was run
# go to place where go operator code is cloned
oc apply -f deploy/crds/quickstart-cr.yaml

Pushing specific WildFly image to CRC

Setup the CRC route to registry

oc login --token=$KUBEADMIN_TOKEN
# creating the route to registry
oc get route image-registry --namespace=openshift-image-registry || oc create route passthrough --service=image-registry --namespace=openshift-image-registry
# allow all authenticated users to pull from the registry
oc create clusterrolebinding image-puller-authenticated --clusterrole=system:image-puller --group=system:authenticated || true
# obtaining registry hostname
# registry is the most probably: image-registry-openshift-image-registry.apps-crc.testing:443
#  --> the YAML will refer to registry(!): image-registry.openshift-image-registry.svc:5000
REGISTRY=$(oc get route image-registry --namespace=openshift-image-registry --template={{.spec.host}}):443

For being able to push to CRC registry the docker on local machine has to permit pushing to it as to insecure registry

su -
# add the registry to insecure field of json (add the image-registry-openshift-image-registry.apps-crc.testing:443)
vim /etc/docker/daemon.json
sudo systemctl start docker
docker login -u $(oc whoami) -p $(oc whoami -t) image-registry-openshift-image-registry.apps-crc.testing:443 # content of $REGISTRY
(podman login -u $(oc whoami) -p $(oc whoami -t) image-registry-openshift-image-registry.apps-crc.testing:443 --tls-verify=false)
docker tag wildfly/wildfly-centos7:dev image-registry-openshift-image-registry.apps-crc.testing:443/$(oc project -q)/wildfly-centos7:dev
docker push image-registry-openshift-image-registry.apps-crc.testing:443/$(oc project -q)/wildfly-centos7:dev

If you change e.g. the deploy/crds/quickstart-cr.yaml then the applicationImage is with value "image-registry.openshift-image-registry.svc:5000/test/wildfly-centos7:dev".

Build own s2i image

WildFly

WildFly docker image is build at repository https://github.com/wildfly/wildfly-s2i. The README is nice and it should be good to go. To define some of the modules from a different location then use override.

cd wildfly-builder-image
# cekit -v build --overrides=dev-overrides.yaml docker
# cekit -v build docker

When using 'dev-overrides.yaml' it thows error that there is no 'maven-repo.zip'. It will be probably needed to build the WildFly from sources and use cekit-cache to add the zip of the maven repository to the process. The recommendation from Jean-Francois is to just change the image.yaml directly. Or you can use the script tools/build-s2i-image.sh which use the dev-overrides.yaml and you can use it to build your WFLY distribution to the s2i image.

OpenShift 3.x/MInishift

On OpenShift 3.x there is not used the WildFly Operator but older OpenShift template for deployment and s2i shell scripts for management (e.g. for transaction recovery). The OpenShift 3.x can be started locally with minishift (https://github.com/minishift/minishift/releases).

Starting minishift

  • download the latest release and unpack

  • run minishift start

  • consider changing the config of minishift with unsecure registries

    Minishift config
    minishift stop && minishift delete
    cat << EOF > ~/.minishift/config/config.json
    {
        "__vm_driver": "kvm",
        "_comment_for_xpaassqe_works_ADD___network-nameserver": [ "10.0.144.45" ],
        "cpus": 2,
        "disk-size": "75G",
        "insecure-registry": [
            "172.30.0.0/16",
            "172.30.1.1:5000",
            "127.0.0.0/8",
            "brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888",
            "docker-registry-default.192.168.99.100.nip.io:443",
            "docker-registry.engineering.redhat.com",
            "quay.io"
        ],
        "memory": "6000"
    }
    EOF
  • to access minishift internal registry from outside: minishift addon apply registry-route

For minishift to deploy the EAP s2i template go to template definitions at https://github.com/jboss-container-images/jboss-eap-7-openshift-image/tree/EAP_731_CR2/templates

Trouble of template is that the image stream is expected to be available at the imagestream of the local OpenShift directly. The EAP7 images (realased ones) are at registry.redhat.io/jboss-eap-7/eap73-openjdk8-openshift-rhel7 (https://catalog.redhat.com/software/containers/search?product_listings_names=JBoss Enterprise Application Platform 7)

To get the image to the internal repository we need to either import the image (oc import-image <image-name> --from=<image-name-with-repo> --confirm) or pull image with docker and then push it to repository. My way is more often the "push" one.

# setup bash to use the docker from the minishift
# this step could not be necessary if docker versions matches etc, but I usually need it
eval $(minishift docker-env); eval $(minishift oc-env)
# login to the minishift repo
docker login -u $(oc whoami) -p $(oc whoami -t) $(minishift openshift registry)
# pull images (maybe `docker login registry.redhat.io` would be necessary)
docker pull registry.redhat.io/jboss-eap-7/eap73-openjdk8-openshift-rhel7
docker pull registry.redhat.io/jboss-eap-7/eap73-openjdk8-runtime-openshift-rhel7
# tag them based on the name used in the `json` template (see evn variables EAP_IMAGE_NAME and EAP_RUNTIME_IMAGE_NAME)
docker tag registry.redhat.io/jboss-eap-7/eap73-openjdk8-openshift-rhel7 $(minishift openshift registry)/$(oc project -q)/jboss-eap73-openshift:7.3
docker tag registry.redhat.io/jboss-eap-7/eap73-openjdk8-runtime-openshift-rhel7 $(minishift openshift registry)/$(oc project -q)/jboss-eap73-runtime-openshift:7.3
# pushing to minishift registry
docker push $(minishift openshift registry)/$(oc project -q)/jboss-eap73-openshift:7.3
docker push $(minishift openshift registry)/$(oc project -q)/jboss-eap73-runtime-openshift:7.3

# then push the AMQ 72 as well...

Or (easiest and preferred way) is to define the image streams from the template

# EAP image streams
oc create -f https://raw.githubusercontent.com/jboss-container-images/jboss-eap-7-openshift-image/EAP_731_CR2/templates/eap73-image-stream.json
# AMQ image streams
oc create -f https://raw.githubusercontent.com/jboss-container-images/jboss-amq-7-broker-openshift-image/72-1.2.GA/amq-broker-7-image-streams.yaml

If images are created in the registry (or imported) we can create the template under minishift and make the application from it

oc create -f https://raw.githubusercontent.com/jboss-container-images/jboss-eap-7-openshift-image/EAP_731_CR2/templates/eap73-tx-recovery-s2i.json
oc new-app --template=eap73-tx-recovery-s2i -p IMAGE_STREAM_NAMESPACE=$(oc project -q)
Note
# starting different quickstart
oc new-app --template=eap73-tx-recovery-s2i -p IMAGE_STREAM_NAMESPACE=$(oc project -q) -p SOURCE_REPOSITORY_URL="https://github.com/jboss-developer/jboss-eap-quickstarts.git" -p SOURCE_REPOSITORY_REF="7.3.x-openshift" -p CONTEXT_DIR=kitchensink
# scaling
oc scale dc eap-app --replicas=1

Some Tip

docker exec -it `docker ps | grep wildfly | awk '{ print $1 }'` bash
docker exec -it `docker ps | grep wildfly | awk '{ print $1 }'` /opt/wildfly/bin/jboss-cli.sh -c --command='/subsystem=transactions:read-attribute(name=node-identifier, resolve-expressions=true)'