-
Sub-task
-
Resolution: Done
-
Minor
-
None
-
None
-
None
-
Quality / Stability / Reliability
-
False
-
-
False
-
None
-
None
-
None
-
None
-
None
Description:
This task involves setting up a local environment to run the end-to-end (E2E) test suite against a live cluster. This is considered a good first issue to understand the testing process and cluster environment.
steps which i performed :
Jira Task: Install and Verify Zero Trust Workload Identity Manager on OpenShift Cluster
Description
This task outlines the end-to-end process of deploying a new OpenShift cluster on AWS, and then installing and verifying the Zero Trust Workload Identity Manager operator. The process involves downloading the necessary installer files, setting up authentication with a pull secret, running the cluster installation, and finally, installing and verifying the operator via the OpenShift web console and CLI.
Prerequisites
- Access to the cluster with cluster-admin privileges.
- Access to the OpenShift Container Platform web console.
- A Red Hat account to obtain the pull-secret.json file.
- An AWS account with appropriate permissions for cluster provisioning.
Step-by-Step Instructions
1. Prepare the Installer
- Create a new directory named installer.
- Download the OpenShift cluster package from one of the following URLs and save it to your installer directory:
- Navigate into the installer directory and untar the downloaded package:
tar -xvf ~/Downloads/openshift-install-linux-4.19.11.tar.gz
2. Obtain and Prepare the Pull Secret
- Create a new directory named keys inside the installer directory.
- Obtain your pull-secret.json or pull-secret.txt file from:
https://cloud.redhat.com/openshift/install/aws/installer-provisioned
- Place the pull-secret file into the keys directory.
- If the pull secret is new, obtain an API token from:
https://oauth-openshift.apps.ci.l2s4.p1.openshiftapps.com/oauth/token/request
- Log in to the OpenShift cluster using the oc login command from the installer directory. For example:
oc login --token=<your_token> --server=<your_server>
- Add the AWS keys to the pull secret by running:
oc registry login --to ~/keys/pull-secret.json
- Verify the contents of the pull secret with jq:
jq -c < ~/keys/pull-secret.json
3. Install the OpenShift Cluster
- From the installer directory, run the cluster creation command:
./openshift-install create cluster --dir aws
- When prompted, provide the following details:
-
- SSH Public Key: Leave as null
-
- Platform: aws
-
- Region: us-east-1
-
- Base Domain: qe.devcluster.openshift.com
-
- Cluster Name: sayadas-aws-osc (Note: This should be prefixed with your Karbaros ID as per instructions.)
-
- Pull Secret: This will automatically be taken from the keys directory.
4. Install the Operator via the Web Console
- Once the cluster is successfully installed, use the provided kubeconfig and kubeadmin credentials to log in to the OpenShift web console.
- Go to Operators > OperatorHub.
- In the filter box, type "Zero Trust Workload Identity Manager".
- Select the operator and choose the desired version from the drop-down list.
- Click Install.
5. Verify the Operator Installation
- Use the oc command-line tool to verify that the operator is running correctly.
- Run the following command:
oc get deployment -l name=zero-trust-workload-identity-manager -n zero-trust-workload-identity-manager
- The expected output should show that the deployment is ready, as in the example below:
{{NAME READY UP-TO-DATE AVAILABLE AGE
zero-trust-workload-identity-manager-controller-manager 1/1 1 1 18m}}
Labels: openshift, aws, ztwim, installer, operator-installation, qe-automation