UnixArena

OpenShift 4.x – Single node cluster setup using RedHat CRC

By 3 Comments

How to set up Red Hat Openshift 4.x in Desktop/Laptop? Are you looking for a cost-effective solution to get the OCP 4.x lab environment? If yes, then this article is for you. Kubernetes is growing at a rapid pace and organizations are started using microservices more and more. When it comes to Kubernetes, Openshift stands out with its enterprise capabilities and security. Red Hat is now an IBM company that keeps on improving the products and installation setup of openshift. OCP 4.x installation is completely different from OCP 3.x. In OCP 4.x, they have moved away from ansible-based deployment, and it ships with installer binary. This binary has the capabilities to spin up the openshift environment in ON-PREM and Cloud directly.

OCP 4.x offers multiple ways to set up the single node cluster. In this article, we will be looking to the “Code Ready Containers (CRC)” to have local openshift instances for testing and local development.

CodeReady Containers is the quickest way to get started building OpenShift clusters. It is designed to run on a local computer to simplify setup and testing and emulate the cloud development environment locally with all of the tools needed to develop container-based applications. Whatever your programming language, CRC will host your application. CodeReady Containers brings a minimal, preconfigured OpenShift 4.x cluster to your local PC without the need for a server-based infrastructure. With CodeReady Containers (CRC), you can create microservices, build them into images, and run them in Kubernetes-hosted containers, right on your laptop or desktop running Linux, macOS, or Windows 10. 

Is it possible to use AWS EC2 or Azure Virtual machine to set up CRC?

kindly note, CRC requires Intel-VT/AMD-v technology on the processor and it works only with x86 based processors. At present, it doesn’t support the Apple Mac M1 chip. CRC environment can’t be hosted in Amazon EC2 or Azure Virtual Machine since those are already virtualized instances. Basically, CRC doesn’t support nested virtualized environments. Cloud bare-metal instances support CRC but it is a very costly solution for a personal LAB environment.

Requirements

The general requirements for CodeReady Containers are:

  • OS: CentOS 8x/RHEL 8x/Fedora (latest 2 releases)
  • Download: pull-secret
  • Login: Red Hat Account

The physical requirements include: (VM specs)

  • Four virtual CPUs (vCPUs)
  • 9-10 GB of memory (RAM)
  • 40 GB of storage space
  • Enable VT-x in hypervisor settings. Intel-VT/AMD-v must be enabled in the system BIOS first.

Example:

Intel VT-x - OCP4 - Single Node Cluster
Intel VT-x – OCP4 – Single Node Cluster

Installation

Here is the step-by-step process to start the openshift single node cluster on your workstation.

1. Install VMware workstation(Licensed)/ VMware workstation player (Free for personal use). If you are familiar with virtual box, you can use that as well.

2. Download Red Hat 8.5 minimal boot ISO. Ensure you have a Red Hat developer account for subscription registration.

3. Create a new virtual machine as per the specs given above. Once the VM is created, install Red Hat 8.x on that VM. Ensure that system is registered with Red Hat. 

+-------------------------------------------+
    Installed Product Status
+-------------------------------------------+
Product Name:   Red Hat Enterprise Linux for x86_64
Product ID:     479
Version:        8.5
Arch:           x86_64
Status:         Subscribed
Status Details:
Starts:         03/17/2022
Ends:           05/16/2022

[lingesh@okd4 ~]$

4. Once the installation is completed, log in with a normal user and download CRC. 

[lingesh@okd4 ~]$ mkdir crc
[lingesh@okd4 ~]$ cd crc/
[lingesh@okd4 crc]$ wget https://mirror.openshift.com/pub/openshift-v4/clients/crc/latest/crc-linux-amd64.tar.xz
--2022-03-18 09:59:48--  https://mirror.openshift.com/pub/openshift-v4/clients/crc/latest/crc-linux-amd64.tar.xz
Resolving mirror.openshift.com (mirror.openshift.com)... 52.85.187.62, 52.85.187.66, 52.85.187.121, ...
Connecting to mirror.openshift.com (mirror.openshift.com)|52.85.187.62|:443... connected.
HTTP request sent, awaiting response... 307 Temporary Redirect
Saving to: ‘crc-linux-amd64.tar.xz’

crc-linux-amd64.tar.xz                                      100%[=============================================>]  22.75M  1.22MB/s    in 16s

2022-03-18 10:00:08 (1.39 MB/s) - ‘crc-linux-amd64.tar.xz’ saved [23853556/23853556]

[lingesh@okd4 crc]$

5. Untar the binaries and move the “crc” binary to “/home/USER_HOME/crc” directory. 

[lingesh@okd4 crc]$ tar -xvf crc-linux-amd64.tar.xz
crc-linux-2.0.1-amd64/
crc-linux-2.0.1-amd64/LICENSE
crc-linux-2.0.1-amd64/crc
[lingesh@okd4 crc]$ ls -lrt
total 23296
drwxr-xr-x. 2 lingesh lingesh       32 Mar 14 07:54 crc-linux-2.0.1-amd64
-rw-rw-r--. 1 lingesh lingesh 23853556 Mar 14 08:51 crc-linux-amd64.tar.xz
[lingesh@okd4 crc]$ mv crc-linux-2.0.1-amd64/crc .
[lingesh@okd4 crc]$ ls -lrt
total 96576
-rwxr-xr-x. 1 lingesh lingesh 75037110 Mar 14 07:54 crc
-rw-rw-r--. 1 lingesh lingesh 23853556 Mar 14 08:51 crc-linux-amd64.tar.xz
drwxr-xr-x. 2 lingesh lingesh       21 Mar 18 10:00 crc-linux-2.0.1-amd64
[lingesh@okd4 crc]$ rm -rf crc-linux-*

6. Make the “crc” binary executable. 

[lingesh@okd4 crc]$ chmod +x crc
[lingesh@okd4 crc]$ export PATH=$PATH:/home/lingesh/crc

7. Set up the cluster. 

[lingesh@okd4 ~]$ crc setup
INFO Using bundle path /home/lingesh/.crc/cache/crc_libvirt_4.10.3_amd64.crcbund                                                                                                                                                             le
INFO Checking if running as non-root
INFO Checking if running inside WSL2
INFO Checking if crc-admin-helper executable is cached
INFO Checking for obsolete admin-helper executable
INFO Checking if running on a supported CPU architecture
INFO Checking minimum RAM requirements
INFO Checking if crc executable symlink exists
INFO Checking if Virtualization is enabled
INFO Checking if KVM is enabled
INFO Checking if libvirt is installed
INFO Checking if user is part of libvirt group
INFO Checking if active user/process is currently part of the libvirt group
INFO Checking if libvirt daemon is running
INFO Checking if a supported libvirt version is installed
INFO Checking if crc-driver-libvirt is installed
INFO Checking crc daemon systemd service
INFO Checking crc daemon systemd socket units
INFO Setting up crc daemon systemd socket units
INFO Checking if systemd-networkd is running
INFO Checking if NetworkManager is installed
INFO Checking if NetworkManager service is running
INFO Checking if /etc/NetworkManager/conf.d/crc-nm-dnsmasq.conf exists
INFO Writing Network Manager config for crc
INFO Using root access: Writing NetworkManager configuration to /etc/NetworkMana                                                                                                                                                             ger/conf.d/crc-nm-dnsmasq.conf
INFO Using root access: Changing permissions for /etc/NetworkManager/conf.d/crc-                                                                                                                                                             nm-dnsmasq.conf to 644
INFO Using root access: Executing systemctl daemon-reload command
INFO Using root access: Executing systemctl reload NetworkManager
INFO Checking if /etc/NetworkManager/dnsmasq.d/crc.conf exists
INFO Writing dnsmasq config for crc
INFO Using root access: Writing NetworkManager configuration to /etc/NetworkMana                                                                                                                                                             ger/dnsmasq.d/crc.conf
INFO Using root access: Changing permissions for /etc/NetworkManager/dnsmasq.d/c                                                                                                                                                             rc.conf to 644
INFO Using root access: Executing systemctl daemon-reload command
INFO Using root access: Executing systemctl reload NetworkManager
INFO Checking if libvirt 'crc' network is available
INFO Setting up libvirt 'crc' network
INFO Checking if libvirt 'crc' network is active
INFO Starting libvirt 'crc' network
INFO Checking if CRC bundle is extracted in '$HOME/.crc'
INFO Checking if /home/lingesh/.crc/cache/crc_libvirt_4.10.3_amd64.crcbundle exists
INFO Getting bundle for the CRC executable
INFO Downloading crc_libvirt_4.10.3_amd64.crcbundle
3.02 GiB / 3.02 GiB [--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 2.13 MiB p/s
INFO Uncompressing /home/lingesh/.crc/cache/crc_libvirt_4.10.3_amd64.crcbundle
crc.qcow2: 12.51 GiB / 12.51 GiB [--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00%
oc: 117.14 MiB / 117.14 MiB [-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00%
Your system is correctly setup for using CodeReady Containers. Use 'crc start' to start the instance
[lingesh@okd4 ~]$

8. Download pull secret from the Redhat portal.

CRC Pull secret
CRC Pull secret

9. Start the cluster using the downloaded pull secret. I have copied the pull secret from the portal and created the file manually. 

[lingesh@okd4 ~]$ vi pull_secret
[lingesh@okd4 ~]$ crc start -p ~/pull_secret
INFO Checking if running as non-root
INFO Checking if running inside WSL2
INFO Checking if crc-admin-helper executable is cached
INFO Checking for obsolete admin-helper executable
INFO Checking if running on a supported CPU architecture
INFO Checking minimum RAM requirements
INFO Checking if crc executable symlink exists
INFO Checking if Virtualization is enabled
INFO Checking if KVM is enabled
INFO Checking if libvirt is installed
INFO Checking if user is part of libvirt group
INFO Checking if active user/process is currently part of the libvirt group
INFO Checking if libvirt daemon is running
INFO Checking if a supported libvirt version is installed
INFO Checking if crc-driver-libvirt is installed
INFO Checking crc daemon systemd socket units
INFO Checking if systemd-networkd is running
INFO Checking if NetworkManager is installed
INFO Checking if NetworkManager service is running
INFO Checking if /etc/NetworkManager/conf.d/crc-nm-dnsmasq.conf exists
INFO Checking if /etc/NetworkManager/dnsmasq.d/crc.conf exists
INFO Checking if libvirt 'crc' network is available
INFO Checking if libvirt 'crc' network is active
INFO Loading bundle: crc_libvirt_4.10.3_amd64...
INFO Creating CodeReady Containers VM for OpenShift 4.10.3...
INFO Generating new SSH Key pair...
INFO Generating new password for the kubeadmin user
INFO Starting CodeReady Containers VM for OpenShift 4.10.3...
INFO CodeReady Containers instance is running with IP 192.168.130.11
INFO CodeReady Containers VM is running
INFO Updating authorized keys...
INFO Check internal and public DNS query...
INFO Check DNS query from host...
INFO Verifying validity of the kubelet certificates...
INFO Starting OpenShift kubelet service
INFO Waiting for kube-apiserver availability... [takes around 2min]
INFO Adding user's pull secret to the cluster...
INFO Updating SSH key to machine config resource...
INFO Waiting for user's pull secret part of instance disk...
INFO Changing the password for the kubeadmin user
INFO Updating cluster ID...
INFO Updating root CA cert to admin-kubeconfig-client-ca configmap...
INFO Starting OpenShift cluster... [waiting for the cluster to stabilize]
INFO 4 operators are progressing: image-registry, network, openshift-controller-manager, service-ca
INFO 4 operators are progressing: image-registry, network, openshift-controller-manager, service-ca
INFO 4 operators are progressing: image-registry, network, openshift-controller-manager, service-ca
INFO 4 operators are progressing: image-registry, network, openshift-controller-manager, service-ca
INFO 3 operators are progressing: image-registry, openshift-controller-manager, service-ca
INFO 2 operators are progressing: image-registry, openshift-controller-manager
INFO 2 operators are progressing: image-registry, openshift-controller-manager
INFO Operator openshift-controller-manager is progressing
INFO Operator openshift-controller-manager is progressing
INFO Operator openshift-controller-manager is progressing
INFO 2 operators are progressing: authentication, openshift-controller-manager
INFO Operator openshift-controller-manager is progressing
INFO Operator openshift-controller-manager is progressing
INFO All operators are available. Ensuring stability...
INFO Operators are stable (2/3)...
INFO Operators are stable (3/3)...
INFO Adding crc-admin and crc-developer contexts to kubeconfig...
Started the OpenShift cluster.

The server is accessible via web console at:
  https://console-openshift-console.apps-crc.testing

Log in as administrator:
  Username: kubeadmin
  Password: xRkvx-pAu3P-5G66Y-JcZH8

Log in as user:
  Username: developer
  Password: developer

Use the 'oc' command line interface:
  $ eval $(crc oc-env)
  $ oc login -u developer https://api.crc.testing:6443
[lingesh@okd4 ~]$

11. Setup the environment for the “oc” command. 

[lingesh@okd4 ~]$ crc oc-env
export PATH="/home/lingesh/.crc/bin/oc:$PATH"
# Run this command to configure your shell:
# eval $(crc oc-env)
[lingesh@okd4 ~]$ eval $(crc oc-env)

12. Login to the cluster using the oc command. 

[lingesh@okd4 ~]$ oc login -u kubeadmin -p xRkvx-pAu3P-5G66Y-JcZH8 https://api.crc.testing:6443
Login successful.

You have access to 64 projects, the list has been suppressed. You can list all projects with 'oc projects'

Using project "default".
[lingesh@okd4 ~]$

13. Check the running nodes and cluster version. 

[lingesh@okd4 crc]$ oc get nodes
NAME                 STATUS   ROLES           AGE   VERSION
crc-jw57j-master-0   Ready    master,worker   11d   v1.23.3+e419edf

[lingesh@okd4 crc]$ oc cluster-info
Kubernetes control plane is running at https://api.crc.testing:6443

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
[lingesh@okd4 crc]$

We have successfully set up a single node openshift cluster on the local workstation / Laptop using the hypervisors.

Openshift Web-GUI

is it possible to access the feature-rich Openshift web GUI on CRC environment ? yes. You can access it by following the steps.

1. Run the following command to launch the GUI. 

[lingesh@okd4 ~]$ crc console
Opening the OpenShift Web Console in the default browser...
[lingesh@okd4 ~]$

2. Here is the OCP 4 GUI interface.

Red Hat Openshift console OCP4
Red Hat Openshift console OCP4

To find your OCP credentials, run the following command on the terminal. 

[lingesh@okd4 ~]$ crc console --credentials
To login as a regular user, run 'oc login -u developer -p developer https://api.crc.testing:6443'.
To login as an admin, run 'oc login -u kubeadmin -p xRkvx-pAu3P-5G66Y-JcZH8 https://api.crc.testing:6443'
[lingesh@okd4 ~]$

3. I have logged in using kubeadmin.

OCP4 console
OCP4 console

Known Errors:

1. While running crc setup, if you get the following error, then it’s likely you have switched to the user using “su – ” command.

[lingesh@okd4 ~]$
[root@okd4 ~]# su – lingesh
[lingesh@okd4 ~]$ crc setup
INFO Using bundle path /home/lingesh/.crc/cache/crc_libvirt_4.10.3_amd64.crcbundle
INFO Checking if running as non-root
Executing systemctl action failed: exit status 1: Failed to connect to bus: No such file or directory

2. If “crc setup “returns an error like “You need to enable virtualization on BIOS” , then you are trying to setup crc on,

  1. Cloud instances
  2. Older Machine which doesn’t comes with virtualization technology on the processors.
  3. Intel-VT / AMD-v is disabled on the BIOS. 
[ec2-user@ip-172-31-46-0 crc]$ crc setup
CodeReady Containers is constantly improving and we would like to know more about usage (more details at https://developers.redhat.com/article/tool-data-collection)
Your preference can be changed manually if desired using 'crc config set consent-telemetry <yes/no>'
Would you like to contribute anonymous usage statistics? [y/N]: y
Thanks for helping us! You can disable telemetry with the command 'crc config set consent-telemetry no'.
INFO Using bundle path /home/ec2-user/.crc/cache/crc_libvirt_4.10.3_amd64.crcbundle 
INFO Checking if running as non-root              
INFO Checking if running inside WSL2              
INFO Checking if crc-admin-helper executable is cached 
INFO Caching crc-admin-helper executable          
INFO Using root access: Changing ownership of /home/ec2-user/.crc/bin/crc-admin-helper-linux 
INFO Using root access: Setting suid for /home/ec2-user/.crc/bin/crc-admin-helper-linux 
INFO Checking for obsolete admin-helper executable 
INFO Checking if running on a supported CPU architecture 
INFO Checking minimum RAM requirements            
INFO Checking if crc executable symlink exists    
INFO Creating symlink for crc executable          
INFO Checking if Virtualization is enabled        
INFO Setting up virtualization                    
You need to enable virtualization in BIOS
[ec2-user@ip-172-31-46-0 crc]$

3. Unable to start the cluster using “crc start” .

Error starting machine: Error in driver during machine start: unexpected libvirt status 3 : machine in the unknown state: getting ip during machine start

Check “libvirtd” status. 

[root@okd4 ~]# systemctl status libvirtd
● libvirtd.service - Virtualization daemon
   Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2022-03-29 20:14:54 IST; 2h 33min ago
     Docs: man:libvirtd(8)
           https://libvirt.org
 Main PID: 1441 (libvirtd)
    Tasks: 21 (limit: 32768)
   Memory: 60.4M
   CGroup: /system.slice/libvirtd.service
           ├─1441 /usr/sbin/libvirtd --timeout 120
           ├─1807 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
           ├─1808 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
           ├─1878 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/crc.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper
           └─1879 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/crc.conf --leasefile-ro --dhcp-script=/usr/libexec/libvirt_leaseshelper

Mar 29 20:20:33 okd4 libvirtd[1441]: End of file while reading data: Input/output error

The above errors show that “crc” is unable to read/write on the filesystem. Check the system filesystem utilization. 

[root@okd4 cache]# df -h
Filesystem                  Size  Used Avail Use% Mounted on
devtmpfs                    4.8G     0  4.8G   0% /dev
tmpfs                       4.8G     0  4.8G   0% /dev/shm
tmpfs                       4.8G  9.7M  4.8G   1% /run
tmpfs                       4.8G     0  4.8G   0% /sys/fs/cgroup
/dev/mapper/rhel_okd4-root   35G   35G  296K 100% /
/dev/nvme0n1p1             1014M  215M  800M  22% /boot
tmpfs                       976M   12K  976M   1% /run/user/42
tmpfs                       976M   32K  976M   1% /run/user/1000
[root@okd4 cache]#

In this case, we can see that the root filesystem is full and requires cleanup.

4. Openshift is showing “starting” but API doesn’t respond to any of the “oc” commands. I am facing this issue whenever I use to hibernate the host.

[lingesh@okd4 ~]$ crc status
CRC VM:          Running
OpenShift:       Starting (v4.10.3)
Podman:
Disk Usage:      22.47GB of 32.74GB (Inside the CRC VM)
Cache Usage:     16.83GB
Cache Directory: /home/lingesh/.crc/cache
[lingesh@okd4 ~]$

To resolve this issue, Stop the CRC with a force flag.

[lingesh@okd4 ~]$ crc stop --force
INFO Stopping kubelet and all containers...
INFO Stopping the instance, this may take a few minutes...
Stopped the instance
[lingesh@okd4 ~]$

Reboot the host operating system. 

[lingesh@okd4 ~]$ sudo reboot
[lingesh@okd4 ~]$
Remote side unexpectedly closed network connection

Start the CRC with debug flag. 

[lingesh@okd4 ~]$ crc start --log-level debug
DEBU CodeReady Containers version: 2.0.1+bf3b1a6
DEBU OpenShift version: 4.10.3
DEBU Podman version: 3.4.4
DEBU Running 'crc start'
DEBU Total memory of system is 16573595648 bytes
WARN A new version (2.11.0) has been published on https://developers.redhat.com/content-gateway/file/pub/openshift-v4/clients/crc/2.11.0/crc-linux-amd64.tar.xz
DEBU Checking file: /home/lingesh/.crc/machines/crc/.crc-exist
DEBU Found binary path at /home/lingesh/.crc/bin/crc-driver-libvirt
DEBU Launching plugin server for driver libvirt
DEBU Plugin server listening at address 127.0.0.1:44615
DEBU () Calling .GetVersion
DEBU Using API Version 1
DEBU () Calling .SetConfigRaw

Hope this article is informative to you. If so, please share it with your professional network.

Reader Interactions

Comments

  1. Sree says

    Hi Lingesh,

    I have followed the same process n number of times, every time it is failing with below error

    INFO Starting CRC VM for openshift 4.14.12…
    Error starting machine: Error in driver during machine start: Unable to determine VM’s IP address, did it fail to boot?
    [centos@centosstream8 crc]$

    Reply

  2. angelo says

    hi I follewed the above steps
    on my local pc I installed vmware workstation
    here created a VM with iso downloaded from redhat portal
    registered VM
    Got my results as expected :

    The server is accessible via web console at:
    https://console-openshift-console.apps-crc.testing

    Log in as administrator:
    Username: kubeadmin
    Password: xxxxxxxxxxxxxxxxxxxxxxxxx

    Log in as user:
    Username: developer
    Password: xxxxxxxxxx

    Use the ‘oc’ command line interface:
    $ eval $(crc oc-env)
    $ oc login -u developer https://api.crc.testing:6443

    but now the problem is that I can ping console-openshift-console.apps-crc.testing and its IP from inside VM but not from my local pc
    then I cant browse console from ie my chrome
    How can I solve it?
    thanks you

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *