This repository contains Ansible playbooks for UPI installation of OpenShift 4 on KVM.

It supports both OpenShift Container Platform 4(OCP4) and OKD 4 deployments.

Note: This configuration is for disposable test and does not support production use.

• Workstation (or call it base node, control node...), The machine that runs Ansible. It is typically your laptop.
  • Tested on Fedora
  • Ansible >= 2.11
  • This node is not mandatory. You can run the script on a single KVM host if you want.
• KVM host
  • RHEL >= 8.2
  • CPU with at least 4 cores
  • Memory with at least 80 GB
    • It will work with about 64 GB with memory overcommit, but we don't recommend it.
  • Check resource requirements for more details.

It can also be run with just the KVM host, without the workstation. (In that case, install Ansible on the KVM host)

$ sudo dnf install -y ansible

• Just install RHEL8
• Add ssh public key of the workstation to kvm host root user's .ssh/authorized_keys

Create your settings based on the samples. At least change the following settings are required .

• vars/config.yml
  • kvm_host:
    • ip: Your KVM host IP
    • if: Your KVM host IF name (e.g. enp2s0f0 )
  • openshift:
    • dist: Select the distribution to deploy ocp or okd
    • install_version: openshift-install and openshift-client version
    • coreos_version: CoreOS version
    • okd_*_sha256: (okd only) FOCS does not provide sha256sum.txt, so you have to check and input it yourself from the official website.
  • key:
    • pullsecret : Get form cloud.redhat.com
    • sshkey : Your ssh pub key
• inventory/hosts
  • [kvm_host] : Your KVM host IP (or localhost)

$ cp vars/config.yml.sample vars/config.yml
$ cp inventory/hosts.sample inventory/hosts

$ ansible-playbook ./main.yml

You cannot access directly to NAT network of libvirtd from your workstation. But you can access it using ssh port forwarding and socks5, for example.

[user@workstation] $ ssh root@KVM-HOST -ND 127.0.0.1:8888

Then add 127.0.0.1:8888 (socks5) to your browser's Proxy and access https://console-openshift-console.apps.test.lab.local. Depending on your browser, you may need to enable the RemoteDNS option.

Other ways, you can use sshuttle.

$ ansible-playbook ./03_cleanup.yml

If you use ansible-core, you may be missing some modules. In that case, please install the missing modules.

$ ansible-galaxy collection install ansible.posix
$ ansible-galaxy collection install community.general
$ ansible-galaxy collection install community.libvirt

This project started with inspiration from openshift-fast-install. ( the original version and the forked version )