Link Search Menu Expand Document

Deploying the Multicloud GitOps Pattern

Table of contents

  1. Prerequisites
  2. How to deploy
  3. Deploying the managed cluster applications
  4. Pattern Layout and Structure
  5. Uninstalling
  6. More reading
    1. General Hybrid Cloud Patterns reading
    2. Multicloud GitOps application demos

Prerequisites

  1. An OpenShift cluster ( Go to https://console.redhat.com/openshift/create ). See also sizing your cluster.
  2. (Optional) A second OpenShift cluster for mulitcloud demonstration or testing
  3. A github account (and a token for it with repos permissions, to read from and write to your forks)
  4. The helm binary, see https://helm.sh/docs/intro/install/

The use of this blueprint depends on having at least one running Red Hat OpenShift cluster. It is desirable to have a cluster for deploying the GitOps management hub assets and a seperate cluster(s) for the managed cluster(s).

If you do not have a running Red Hat OpenShift cluster you can start one on a public or private cloud by using Red Hat’s cloud service.

How to deploy

  1. Fork this repo on GitHub. It is necessary to fork because your fork will be updated as part of the GitOps and DevOps processes.

  2. Clone the forked copy of this repo.

    git clone git@github.com:your-username/multicloud-gitops.git

  3. (TBD UPDATE WITH VAULT OR CONJUR INFO) Create a local copy of the Helm values file that can safely include credentials

DO NOT COMMIT THIS FILE

You do not want to push personal credentials to GitHub.

   cp values-secret.yaml.template ~/values-secret.yaml
   vi ~/values-secret.yaml

  1. Customize the deployment for your cluster

    vi values-global.yaml
git add values-global.yaml
git commit values-global.yaml
git push
  2. Preview the changes 
    make show

  3. Login to your cluster using oc login or exporting the KUBECONFIG

    oc login

    or set KUBECONFIG to the path to your kubeconfig file. For example:

    export KUBECONFIG=~/my-ocp-env/hub/auth/kubconfig

  4. Apply the changes to your cluster

    make install

  5. Check the operators have been installed

    UI -> Installed Operators

  6. Obtain the ArgoCD urls and passwords

    The URLs and login credentials for ArgoCD change depending on the pattern name and the site names they control. Follow the instructions below to find them, however you choose to deploy the pattern.

    Display the fully qualified domain names, and matching login credentials, for all ArgoCD instances:

    ARGO_CMD=`oc get secrets -A -o jsonpath='{range .items[*]}{"oc get -n "}{.metadata.namespace}{" routes; oc -n "}{.metadata.namespace}{" extract secrets/"}{.metadata.name}{" --to=-\\n"}{end}' | grep gitops-cluster`
CMD=`echo $ARGO_CMD | sed 's|- oc|-;oc|g'`
eval $CMD

    The result should look something like:

    NAME                       HOST/PORT                                                                                         PATH      SERVICES                   PORT    TERMINATION            WILDCARD
hub-gitops-server          hub-gitops-server-industrial-edge-hub.apps.mycluster.mydomain.com          hub-gitops-server   https   passthrough/Redirect   None
# admin.password
2F6kgITU3DsparWyC

NAME                    HOST/PORT                                                                                   PATH   SERVICES                PORT    TERMINATION            WILDCARD
region-one-gitops-server      region-one-gitops-server-industrial-edge-region-one.apps.mycluster.mydomain.com          region-one-gitops-server   https   passthrough/Redirect   None
# admin.password
K4ctDIm3fH7ldhs8p

NAME                      HOST/PORT                                                                              PATH   SERVICES                  PORT    TERMINATION            WILDCARD
cluster                   cluster-openshift-gitops.apps.mycluster.mydomain.com                          cluster                   8080    reencrypt/Allow        None
kam                       kam-openshift-gitops.apps.mycluster.mydomain.com                              kam                       8443    passthrough/None       None
openshift-gitops-server   openshift-gitops-server-openshift-gitops.apps.mycluster.mydomain.com          openshift-gitops-server   https   passthrough/Redirect   None
# admin.password
WNklRCD8EFg2zK034

    The most important ArgoCD instance to examine at this point is multicloud-gitops-hub. This is where all the applications for the hub can be tracked.

  7. Check all applications are synchronised

Deploying the managed cluster applications

Once the management hub has been setup correctly and confirmed to be working, it is time to attach one or more managed clusters to the architecture (see diagrams below).

For instructions on deploying the edge please read the following document.

Pattern Layout and Structure

Uninstalling

Probably wont work

More reading

General Hybrid Cloud Patterns reading

For more general patterns documentation please refer to the hybrid cloud patterns docs here.

Multicloud GitOps application demos