Red Hat OpenShift for VMware overview
The Red Hat® OpenShift® for VMware® service deploys an Red Hat OpenShift cluster by using an automated deployment of the VMware SDDC (Software Defined Data Center) architecture. The Red Hat OpenShift components are deployed as virtual machines (VMs) or appliances by using VMware NSX® software-defined networking.
The Red Hat OpenShift version available for deployment is 4.15.
Review the following information before you install the Red Hat OpenShift for VMware service:
- Red Hat OpenShift for VMware cannot be installed on multiple VMware Cloud Foundation for Classic - Automated instances in a multisite configuration. Before you install Red Hat OpenShift for VMware on an instance, verify that the service is not installed on any other instances in the multisite configuration.
- Red Hat OpenShift for VMware is supported for VCF for Classic - Automated instances with VMware vSphere® 7.0 and VMware NSX-T™ 3.1 or later.
- Red Hat OpenShift for VMware is not supported for new deployments or for ordering post-deployment for VCF for Classic - Automated with NSX-V instances with vSphere 6.7.
Existing installations of Red Hat OpenShift for VMware can be used or deleted for vSphere 6.7 instances.
IBM Cloud® for VMware Solutions offers promotions for some add-on services. Promotional pricing offers a number of months at no cost for a service license, if the service has license charges. For more information, see Promotions for services.
The cluster consists of the following components:
- Three primary nodes
- Three worker nodes, all running Red Hat® CoreOS
- Two VMware NSX® VMs
- A Red Hat CoreOS template
- A bastion VM running CoreOS
For more information about the architecture, see Red Hat OpenShift architecture.
Technical specifications for Red Hat OpenShift for VMware
The following capacity requirements apply only if your VCF for Classic - Automated instance is using vSAN™ storage. If you are using NFS, a new 2-TB NFS data store, which is dedicated to Red Hat OpenShift, is ordered.
The solution topology has the following requirements:
- 9 CPUs
- 120 GB RAM
- 1,170 GB storage
For more information about resource requirements and capacity checking, see Resource requirements for services.
To successfully deploy Red Hat OpenShift for VMware on vCenter Server, you must have a Red Hat account and the pull secret key from your account. All Red Hat accounts have an associated pull secret, which you can retrieve by logging in to your Red Hat account. You must purchase Red Hat support entitlements through Red Hat and, if needed, send information for all Red Hat OpenShift support issues to Red Hat.
Selection of the target cluster for installation
During deployment and Day 2 operations, you are prompted for the cluster. You can install the service on the management cluster or any workload cluster.
Bastion details
The bastion VM contains an installation directory with the files and tools that are needed to manage and expand the Red Hat OpenShift cluster.
You can log in to the bastion VM by using SSH and the credentials that are provided on the Red Hat OpenShift for VMware service details page. To run commands as the root
user, use the command sudo -i
.
In addition, most commands for Red Hat OpenShift management must be run from the installation directory. You can change to the installation directory with the command cd /opt/ocpinstall
.
Any commands that require the openshift-install
, oc
, or kubeadmin
tools must reference the files that are located in the installation directory by prefixing the command name with ./
. For
example, ./oc whoami
instead of oc whoami
.
The Red Hat OpenShift-related files from the bastion include an SSH key, an installation configuration file, command-line tools, and a kubeconfig
file. The exact location of the installation configuration directory on the bastion
is shown on the service details page.
SSH key
The SSH key on the bastion is installed on all Red Hat OpenShift cluster VMs, which allows SSH login from the bastion into any cluster VM. The full path to the SSH key is displayed on the service details page. For security purposes, it is highly recommended that you generate a new SSH key and update the cluster VMs with the new key. For more information, see Changing the SSH key on the Red Hat OpenShift bastion VM.
When you log in to a cluster VM from the bastion, you must connect as the core
user as shown in the following example:
root@bastion# ssh core@control-plane0
High availability
The Red Hat OpenShift VMs are deployed with DRS rules to ensure that they are on physically separate hosts. If a host must be replaced or redeployed, you must adjust the preconfigured DRS rules before you proceed.
Installation configuration files
The installation configuration file install-config.yaml.bak
is located in the installation directory on the bastion. The file is a copy of the original install-config.yaml
file that was used by the openshift-install
program to generate the ignition files. The generated ignition files can also be found in the installation directory on the bastion.
The oc
and kubectl
command-line tools from the Red Hat OpenShift client software are on the bastion. The installer program, named openshift-install
, is used to install Red Hat OpenShift and can also be
used to generate fresh ignition files.
The bastion also holds a file that is named auth/kubeconfig
, needed for authentication. This file holds the initial kubeadmin credentials that are created during installation. Before you initially use the oc
or kubectl
tools, you must set the KUBECONFIG environment variable with the path to this file. For example, export KUBECONFIG=auth/kubeconfig
.
After that is done, any commands you run will be as the kubeadmin
user. You can verify the user account by running the following command:
./oc whoami
After you configure your authentication and any additional users, you no longer need to source this file, and you can log in as the user that you created.
Red Hat subscriptions
The Red Hat OpenShift cluster is associated with the Red Hat account from the pull secret that was provided during installation. To assign subscriptions or manage the cluster, you can view the cluster in the Red Hat portal under Systems or Clusters.
Assigning Red Hat subscriptions and entitlements to your Red Hat OpenShift cluster
-
Log in to your Red Hat OpenShift cluster web console.
-
Click Home > Dashboards. Make a note of the cluster ID that is displayed.
-
Click Administration > Cluster Settings.
-
Click OpenShift Cluster Manager under the channel, version, and update information.
- Ensure that the cluster ID that is displayed matches the cluster ID from step 2.
- If the cluster is not attached to a subscription, a message is displayed with a link that you can use to find this cluster in the Red Hat customer portal. Use the link to assign the appropriate subscription and entitlement to the cluster.
If you do not have enough subscriptions and entitlements, contact a Red Hat Sales representative.
For more information, see Red Hat OpenShift subscriptions information and known issues.
Configuring authentication
By default, the Red Hat OpenShift installer creates a kubeadmin
user that you can use to log in to the cluster. Create authentication backends or more users, as needed, for security purposes.
For more information about how to configure Red Hat OpenShift authentication, see the Red Hat OpenShift documentation.
Updating your Red Hat OpenShift cluster
For more information about updating Red Hat OpenShift, see the Red Hat OpenShift documentation.