OpenShift

Make sure the prerequisites for Ondat are satisfied before proceeding. Including the deployment of an etcd cluster and configuration of CRI-O PID limits.

For OpenShift upgrades, refer to the OpenShift platform page.

If you have installed OpenShift in AWS ensure that the requisite ports are opened for the worker nodes’ security group.

Make sure to add a Ondat licence after installing.

Ondat v2 supports OpenShift v4. For more information, see the OpenShift platform page.



OperatorHub

  1. Select the OperatorHub from the Catalog sub menu and search for Ondat

    install-0

    Choose between using the RedHat Market Place or the Community Operators installation.

  2. Select Ondat and click install

    install-1

  3. Select the install options

    install-2

    Make sure the Approval Strategy is set to Manual. So the Ondat Operator doesn’t upgrade versions without explicit approval.

  4. Start the approval procedure

    install-3

  5. Follow the approval link

    install-4

  6. Approve the installation

    install-5

  7. The Ondat Cluster Operator is installed along the required CRDs

    install-6

  8. Create a Secret in the openshift-operators project

    install-7

  9. Use the YAML options to create a secret containing the apiUsername and an apiPassword key. The username and password defined in the secret will be used to authenticate when using the Ondat CLI and GUI. For the communication between Ondat and OpenShift, the CSI credentials csiProvisionUsername, csiProvisionPassword, csiControllerPublishUsername, csiControllerPublishPassword, csiNodePublishUsername, csiNodePublishPassword are needed. Take note of which project you created the secret in.

    Input the Secret as YAML for simplicity.

    apiVersion: v1
    kind: Secret
    metadata:
      name: storageos-api
      namespace: openshift-operators
    type: "kubernetes.io/storageos"
    data:
      # echo -n '<secret>' | base64
      apiUsername: c3RvcmFnZW9z
      apiPassword: c3RvcmFnZW9z
      # CSI Credentials
      csiProvisionUsername: c3RvcmFnZW9z
      csiProvisionPassword: c3RvcmFnZW9z
      csiControllerPublishUsername: c3RvcmFnZW9z
      csiControllerPublishPassword: c3RvcmFnZW9z
      csiNodePublishUsername: c3RvcmFnZW9z
      csiNodePublishPassword: c3RvcmFnZW9z
      csiControllerExpandUsername: c3RvcmFnZW9z
      csiControllerExpandPassword: c3RvcmFnZW9z
    

    install-8

  10. Go to the “Installed Operators”

    install-9

    Verify that the Ondat Cluster Operator is installed

  11. Go to the “Ondat Cluster” section

    install-10

  12. Create the Ondat Cluster

    install-11

    A Ondat Cluster is defined using a Custom Resource Definition

  13. Create the Custom Resource

    The Ondat cluster resource describes the Ondat cluster that will be created. Parameters such as the secretRefName, the secretRefNamespace and the kvBackend.address are mandatory.

    Additional spec parameters are available on the Cluster Operator configuration page.

    apiVersion: "storageos.com/v1"
    kind: StorageOSCluster
    metadata:
      name: storageos
      namespace: openshift-operators
    spec:
      # Ondat Pods are in kube-system by default
      secretRefName: "storageos-api" # Reference the Secret created in the previous step
      secretRefNamespace: "openshift-operators"  # Namespace of the Secret created in the previous step
      k8sDistro: "openshift"
      kvBackend:
        address: 'storageos-etcd-client.etcd:2379' # Example address, change for your etcd endpoint
      # address: '10.42.15.23:2379,10.42.12.22:2379,10.42.13.16:2379' # You can set ETCD server ips
      resources:
        requests:
          memory: "512Mi"
          cpu: 1
      # nodeSelectorTerms:
      #   - matchExpressions:
      #     - key: "node-role.kubernetes.io/worker" # Compute node label will vary according to your installation
      #       operator: In
      #       values:
      #       - "true"
    

    install-12

  14. Verify that the Ondat Cluster Resource enters a running state.

    install-13

    It can take up to a minute to report the Ondat Pods ready

  15. Check the Ondat Pods in the kube-system project

    install-14

    A Status of 3/3 for the Daemonset Pods indicates that Ondat is bootstrapped successfully.

  16. License cluster

    A newly installed Ondat cluster does not include a licence. A cluster must be licensed within 24 hours of the installation. For more information, check the reference licence page.

    You can apply a Free Developer licence following the operations licensing page, or purchase a licence contacting [email protected].

Red Hat Marketplace

The installation of Ondat using the Red Hat Marketplace requires the Openshift cluster to be registered to the Marketplace Portal, including the roll out of the PullSecret in your cluster. Failure to do so will result in a image pull authentication failure with the Red Hat registry.

  1. Select the OperatorHub from the Catalog sub menu and search for Ondat.

    install-0

    Choose the RedHat Marketplace option.

  2. Select Ondat and click purchase. Note that Openshift needs to be registered with the Red Hat Marketplace portal.

    install-1

  3. Select the most suitable install option.

    install-2

    Project Edition is suitable for production workloads, Developer Edition for personal experimentation and evaluation.

  4. Specify the product configuration to fit your needs.

    install-3

  5. Navigate to your software within Red Hat Marketplace and install the Ondat software as specified in the image.

    install-4

  6. Install the Operator. Set the update approval strategy to Automatic to ensure that you always have the latest version of Ondat installed.

    install-5

  7. The Ondat Cluster Operator is installed into your specified cluster.

    install-6

  8. Create a Secret in the openshift-operators project

    install-7

  9. Use the YAML options to create a secret containing the apiUsername and an apiPassword key. The username and password defined in the secret will be used to authenticate when using the Ondat CLI and GUI. For the communication between Ondat and OpenShift, the CSI credentials csiProvisionUsername, csiProvisionPassword, csiControllerPublishUsername, csiControllerPublishPassword, csiNodePublishUsername, csiNodePublishPassword are needed. Take note of which project you created the secret in.

    Input the Secret as YAML for simplicity.

    apiVersion: v1
    kind: Secret
    metadata:
      name: storageos-api
      namespace: openshift-operators
    type: "kubernetes.io/storageos"
    data:
      # echo -n '<secret>' | base64
      apiUsername: c3RvcmFnZW9z
      apiPassword: c3RvcmFnZW9z
      # CSI Credentials
      csiProvisionUsername: c3RvcmFnZW9z
      csiProvisionPassword: c3RvcmFnZW9z
      csiControllerPublishUsername: c3RvcmFnZW9z
      csiControllerPublishPassword: c3RvcmFnZW9z
      csiNodePublishUsername: c3RvcmFnZW9z
      csiNodePublishPassword: c3RvcmFnZW9z
      csiControllerExpandUsername: c3RvcmFnZW9z
      csiControllerExpandPassword: c3RvcmFnZW9z
    

    install-8

  10. Go to Ondat in your “Installed Operators”

    install-9

    Verify that the Ondat Cluster Operator is installed

  11. Go to the “Ondat Cluster” section

    install-10

  12. Create the Ondat Cluster

    install-11

    A Ondat Cluster is defined using a Custom Resource Definition

  13. Create the Custom Resource

    The Ondat cluster resource describes the Ondat cluster that will be created. Parameters such as the secretRefName, the secretRefNamespace and the kvBackend.address are mandatory.

    Additional spec parameters are available on the Cluster Operator configuration page.

    apiVersion: "storageos.com/v1"
    kind: StorageOSCluster
    metadata:
      name: storageos
      namespace: openshift-operators
    spec:
      # Ondat Pods are in kube-system by default
      secretRefName: "storageos-api" # Reference the Secret created in the previous step
      secretRefNamespace: "openshift-operators"  # Namespace of the Secret created in the previous step
      k8sDistro: "openshift"
      kvBackend:
        address: 'storageos-etcd-client.etcd:2379' # Example address, change for your etcd endpoint
      # address: '10.42.15.23:2379,10.42.12.22:2379,10.42.13.16:2379' # You can set ETCD server ips
      resources:
        requests:
          memory: "512Mi"
          cpu: 1
      # nodeSelectorTerms:
      #   - matchExpressions:
      #     - key: "node-role.kubernetes.io/worker" # Compute node label will vary according to your installation
      #       operator: In
      #       values:
      #       - "true"
    

    install-12

  14. Verify that the Ondat Cluster Resource enters a running state.

    install-13

    It can take up to a minute to report the Ondat Pods ready

  15. Check the Ondat Pods in the kube-system project

    install-14

    A Status of 3/3 for the Daemonset Pods indicates that Ondat is bootstrapped successfully.

  16. License cluster

    A newly installed Ondat cluster does not include a licence. A cluster must be licensed within 24 hours of the installation. For more information, check the reference licence page.

    You can apply a Free Developer licence following the operations licensing page, or purchase a licence contacting [email protected].

Manual install

The Ondat Cluster Operator is a Kubernetes native application developed to deploy and configure Ondat clusters, and assist with maintenance operations. We recommend its use for standard installations.

The operator is a Kubernetes controller that watches the StorageOSCluster CRD. Once the controller is ready, a Ondat cluster definition can be created. The operator will deploy a Ondat cluster based on the configuration specified in the cluster definition.

 

Helm Note: If you want to use Helm to install Ondat, follow the Ondat Operator Helm Chart documentation.

Steps to install Ondat:

1. Install Ondat operator

Install the Ondat Cluster Operator using the following yaml manifest.

oc create -f https://github.com/storageos/cluster-operator/releases/download/v2.4.4/storageos-operator.yaml

Verify the Cluster Operator Pod Status

[[email protected]]# oc -n storageos-operator get pod
NAME                                         READY     STATUS    RESTARTS   AGE
storageoscluster-operator-68678798ff-f28zw   1/1       Running   0          3m

The READY 1/1 indicates that storageoscluster resources can be created.

2. Create a Secret

Before deploying a Ondat cluster, create a Secret defining the Ondat API Username and Password in base64 encoding. The API username and password are used to create the default Ondat admin account which can be used with the Ondat CLI and to login to the Ondat GUI. The CSI credentials are used to register the CSI accounts, so Kubernetes and Ondat communicate over an authenticated API.

apiVersion: v1
kind: Secret
metadata:
  name: "storageos-api"
  namespace: "storageos-operator"
  labels:
    app: "storageos"
type: "kubernetes.io/storageos"
data:
  # echo -n '<secret>' | base64
  apiUsername: c3RvcmFnZW9z
  apiPassword: c3RvcmFnZW9z
  # CSI Credentials
  csiProvisionUsername: c3RvcmFnZW9z
  csiProvisionPassword: c3RvcmFnZW9z
  csiControllerPublishUsername: c3RvcmFnZW9z
  csiControllerPublishPassword: c3RvcmFnZW9z
  csiNodePublishUsername: c3RvcmFnZW9z
  csiNodePublishPassword: c3RvcmFnZW9z
  csiControllerExpandUsername: c3RvcmFnZW9z
  csiControllerExpandPassword: c3RvcmFnZW9z

This example contains a default password, for production installations, use a unique, strong password.

You can define a base64 value by echo -n "mystring" | base64.

Make sure that the encoding of the credentials doesn’t have special characters such as ‘\n’. The echo -n ensures that a trailing new line is not appended to the string.

If you wish to change the default accounts details post-install please see Managing Users

3 Trigger a Ondat installation

This is a Cluster Definition example.

apiVersion: "storageos.com/v1"
kind: StorageOSCluster
metadata:
  name: "example-ondat"
  namespace: "storageos-operator"
spec:
  secretRefName: "storageos-api" # Reference from the Secret created in the previous step
  secretRefNamespace: "storageos-operator"  # Namespace of the Secret
  k8sDistro: "openshift"
  images:
    nodeContainer: "storageos/node:v2.4.4" # Ondat version
  kvBackend:
    address: 'storageos-etcd-client.storageos-etcd:2379' # Example address, change for your etcd endpoint
  # address: '10.42.15.23:2379,10.42.12.22:2379,10.42.13.16:2379' # You can set ETCD server ips
  resources:
    requests:
      memory: "512Mi"
      cpu: 1
#  nodeSelectorTerms:
#    - matchExpressions:
#      - key: "node-role.kubernetes.io/worker" # Compute node label will vary according to your installation
#        operator: In
#        values:
#        - "true"

Additional spec parameters are available on the Cluster Operator configuration page.

You can find more examples such as deployments referencing a external etcd kv store for Ondat in the Cluster Operator examples page.

Verify Ondat Installation

[[email protected]]# oc -n kube-system get pods -w
NAME                                    READY   STATUS    RESTARTS   AGE
storageos-csi-helper-5cf59b5b4-f5nwr    2/2     Running   0          3m
storageos-daemonset-75f6c               3/3     Running   0          3m
storageos-daemonset-czbqx               3/3     Running   0          3m
storageos-daemonset-zv4tq               3/3     Running   0          3m
storageos-scheduler-6d67b46f67-5c46j    1/1     Running   0          3m

The above command watches the Pods created by the Cluster Definition example. Note that pods typically take approximately 65 seconds to enter the Running Phase.

4. License cluster

Newly installed Ondat clusters must be licensed within 24 hours. Our developer license is free, and supports up to 5TiB of provisioned storage.

To obtain a license, follow the instructions on our licensing operations page.

First Ondat volume

If this is your first installation you may wish to follow the Ondat Volume guide for an example of how to mount a Ondat volume in a Pod.