Installing with an RPM package
Installing MicroShift with RPMs
Abstract
Chapter 1. Installing from an RPM package
You can install MicroShift from an RPM package on a machine with a supported version of Red Hat Enterprise Linux (RHEL).
1.1. Before installing MicroShift from an RPM package
Preparation of the host machine is recommended prior to installing MicroShift for memory configuration and FIPS mode.
1.1.1. Configuring volume groups
MicroShift uses the logical volume manager storage (LVMS) Container Storage Interface (CSI) plugin for providing storage to persistent volumes (PVs). LVMS relies on the Linux logical volume manager (LVM) to dynamically manage the backing logical volumes (LVs) for PVs. For this reason, your machine must have an LVM volume group (VG) with unused space in which LVMS can create the LVs for your workload’s PVs.
To configure a volume group (VG) that allows LVMS to create the LVs for your workload’s PVs, lower the Desired Size of your root volume during the installation of RHEL. Lowering the size of your root volume allows unallocated space on the disk for additional LVs created by LVMS at runtime.
1.1.2. Prepare for FIPS mode
If your use case requires running MicroShift containers in FIPS mode, you must install RHEL with FIPS enabled. After the worker machine is configured to run in FIPS mode, your MicroShift containers are automatically configured to also run in FIPS mode.
Because FIPS must be enabled before the operating system that your cluster uses starts for the first time, you cannot enable FIPS after you deploy a cluster.
Additional resources
1.2. Preparing to install MicroShift from an RPM package
Configure your RHEL machine to have a logical volume manager (LVM) volume group (VG) with sufficient capacity for the persistent volumes (PVs) of your workload.
Prerequisites
- The system requirements for installing MicroShift have been met.
- You have root user access to your machine.
- You have configured your LVM VG with the capacity needed for the PVs of your workload.
Procedure
- In the graphical installer under Installation Destination in the Storage Configuration subsection, select Custom → Done to open the dialog for configuring partitions and volumes. The Manual Partitioning window is displayed.
- Under New Red Hat Enterprise Linux 9.x Installation, select Click here to create them automatically.
- Select the root partition, /, reduce Desired Capacity so that the VG has sufficient capacity for your PVs, and then click Update Settings.
Complete your installation.
NoteFor more options on partition configuration, read the guide linked in the Additional information section for Configuring Manual Partitioning.
As a root user, verify the VG capacity available on your system by running the following command:
$ sudo vgs
Example output:
VG #PV #LV #SN Attr VSize VFree rhel 1 2 0 wz--n- <127.00g 54.94g
Additional resources
- Download the pull secret from the Red Hat Hybrid Cloud Console.
- Configuring MicroShift.
- For more options on partition configuration, read Configuring Manual Partitioning.
- For more information about resizing your existing LVs to free up capacity in your VGs, read Managing LVM Volume Groups.
- For more information about creating VGs and PVs, read Overview of logical volume management.
1.3. Installing MicroShift from an RPM package
Use the following procedure to install MicroShift from an RPM package.
Prerequisites
- The system requirements for installing MicroShift have been met.
- You completed the steps of preparing to install MicroShift from an RPM package.
Procedure
As a root user, enable the MicroShift repositories by running the following command:
$ sudo subscription-manager repos \ --enable rhocp-4.17-for-rhel-9-$(uname -m)-rpms \ --enable fast-datapath-for-rhel-9-$(uname -m)-rpmsInstall MicroShift by running the following command:
$ sudo dnf install -y microshift
-
Download your installation pull secret from the Red Hat Hybrid Cloud Console to a temporary folder, for example,
$HOME/openshift-pull-secret. This pull secret allows you to authenticate with the container registries that serve the container images used by MicroShift. To copy the pull secret to the
/etc/criofolder of your RHEL machine, run the following command:$ sudo cp $HOME/openshift-pull-secret /etc/crio/openshift-pull-secret
Make the root user the owner of the
/etc/crio/openshift-pull-secretfile by running the following command:$ sudo chown root:root /etc/crio/openshift-pull-secret
Make the
/etc/crio/openshift-pull-secretfile readable and writeable by the root user only by running the following command:$ sudo chmod 600 /etc/crio/openshift-pull-secret
If your RHEL machine has a firewall enabled, you must configure a few mandatory firewall rules. For
firewalld, run the following commands:$ sudo firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16
$ sudo firewall-cmd --permanent --zone=trusted --add-source=169.254.169.1
$ sudo firewall-cmd --reload
If the Volume Group (VG) that you have prepared for MicroShift used the default name rhel, no further configuration is necessary. If you have used a different name, or if you want to change more configuration settings, see the Configuring MicroShift section.
1.4. Starting and stopping MicroShift
After installing all of the RPM packages you need, learn to start and stop the MicroShift service.
1.4.1. Starting the MicroShift service
Use the following procedure to start the MicroShift service.
Prerequisites
- You have installed MicroShift from an RPM package.
Procedure
As a root user, start the MicroShift service by entering the following command:
$ sudo systemctl start microshift
Optional: To configure your RHEL machine to start MicroShift when your machine starts, enter the following command:
$ sudo systemctl enable microshift
Optional: To disable MicroShift from automatically starting when your machine starts, enter the following command:
$ sudo systemctl disable microshift
NoteThe first time that the MicroShift service starts, it downloads and initializes the container images for MicroShift. As a result, it can take several minutes for MicroShift to start the first time that the service is deployed. Boot time is reduced for subsequent starts of the MicroShift service.
1.4.2. Stopping the MicroShift service
Use the following procedure to stop the MicroShift service.
Prerequisites
- The MicroShift service is running.
Procedure
Enter the following command to stop the MicroShift service:
$ sudo systemctl stop microshift
Workloads deployed on MicroShift might continue running even after the MicroShift service has been stopped. Enter the following command to display running workloads:
$ sudo crictl ps -a
Enter the following commands to stop the deployed workloads:
$ sudo systemctl stop kubepods.slice
1.5. How to access the MicroShift cluster
Use the procedures in this section to access the MicroShift cluster by using the OpenShift CLI (oc).
- You can access the cluster from either the same machine running the MicroShift service or from a remote location.
- You can use this access to observe and administrate workloads.
-
When using the following steps, choose the
kubeconfigfile that contains the host name or IP address you want to connect to and place it in the relevant directory.
Additional resources
1.5.1. Accessing the MicroShift cluster locally
Use the following procedure to access the MicroShift cluster locally by using a kubeconfig file.
Prerequisites
-
You have installed the
ocbinary.
Procedure
Optional: to create a
~/.kube/folder if your Red Hat Enterprise Linux (RHEL) machine does not have one, run the following command:$ mkdir -p ~/.kube/
Copy the generated local access
kubeconfigfile to the~/.kube/directory by running the following command:$ sudo cat /var/lib/microshift/resources/kubeadmin/kubeconfig > ~/.kube/config
Update the permissions on your
~/.kube/configfile by running the following command:$ chmod go-r ~/.kube/config
Verification
Verify that MicroShift is running by entering the following command:
$ oc get all -A
1.5.2. Opening the firewall for remote access to the MicroShift cluster
Use the following procedure to open the firewall so that a remote user can access the MicroShift cluster. This procedure must be completed before a workstation user can access the cluster remotely.
For this procedure, user@microshift is the user on the MicroShift host machine and is responsible for setting up that machine so that it can be accessed by a remote user on a separate workstation.
Prerequisites
-
You have installed the
ocbinary. - Your account has cluster administration privileges.
Procedure
As
user@microshifton the MicroShift host, open the firewall port for the Kubernetes API server (6443/tcp) by running the following command:[user@microshift]$ sudo firewall-cmd --permanent --zone=public --add-port=6443/tcp && sudo firewall-cmd --reload
Verification
As
user@microshift, verify that MicroShift is running by entering the following command:[user@microshift]$ oc get all -A
1.5.3. Accessing the MicroShift cluster remotely
Use the following procedure to access the MicroShift cluster from a remote location by using a kubeconfig file.
The user@workstation login is used to access the host machine remotely. The <user> value in the procedure is the name of the user that user@workstation logs in with to the MicroShift host.
Prerequisites
-
You have installed the
ocbinary. -
The
user@microshifthas opened the firewall from the local host.
Procedure
As
user@workstation, create a~/.kube/folder if your Red Hat Enterprise Linux (RHEL) machine does not have one by running the following command:[user@workstation]$ mkdir -p ~/.kube/
As
user@workstation, set a variable for the hostname of your MicroShift host by running the following command:[user@workstation]$ MICROSHIFT_MACHINE=<name or IP address of MicroShift machine>
As
user@workstation, copy the generatedkubeconfigfile that contains the host name or IP address you want to connect with from the RHEL machine running MicroShift to your local machine by running the following command:[user@workstation]$ ssh <user>@$MICROSHIFT_MACHINE "sudo cat /var/lib/microshift/resources/kubeadmin/$MICROSHIFT_MACHINE/kubeconfig" > ~/.kube/config
NoteTo generate the
kubeconfigfiles for this step, see Generating additional kubeconfig files for remote access.As
user@workstation, update the permissions on your~/.kube/configfile by running the following command:$ chmod go-r ~/.kube/config
Verification
As
user@workstation, verify that MicroShift is running by entering the following command:[user@workstation]$ oc get all -A
