OpenShift 4.0 Installer on macOS

create-libvirt.sh

#/bin/bash

NAME="$1"
if [ -z "$NAME" ]; then
  echo "usage: create-libvirt.sh <name>"
  exit 1
fi

CLUSTER_DIR="$HOME/clusters/${NAME}"
if [ -d "$CLUSTER_DIR" ]; then
  echo "WARNING: cluster ${NAME} already exists at ${CLUSTER_DIR}"
fi

export PATH="$PATH:$PWD/bin"

export OPENSHIFT_INSTALL_BASE_DOMAIN=testing
export OPENSHIFT_INSTALL_CLUSTER_NAME=$NAME
export [email protected]
export OPENSHIFT_INSTALL_PASSWORD="jj13!!@"
export OPENSHIFT_INSTALL_PLATFORM=libvirt
export OPENSHIFT_INSTALL_SSH_PUB_KEY_PATH=$HOME/.ssh/id_rsa.pub
export OPENSHIFT_INSTALL_PULL_SECRET_PATH=/vagrant/quay-pull-secret.json
export OPENSHIFT_INSTALL_LIBVIRT_URI="qemu+tcp://192.168.122.1/system"
export OPENSHIFT_INSTALL_LIBVIRT_IMAGE="http://aos-ostree.rhev-ci-vms.eng.rdu2.redhat.com/rhcos/images/cloud/latest/rhcos-qemu.qcow2.gz"
openshift-install create cluster --log-level=debug --dir="$CLUSTER_DIR" 2>&1 | tee /tmp/installer.log

details.txt

[root@localhost qemu]# virsh --connect "qemu+tcp://192.168.122.1/system" list
 Id    Name                           State
----------------------------------------------------
 5     bootstrap                      running
 6     master0                        running
 7     testa-worker-0-rzftn           running

[root@testa-master-0 core]# oc get nodes                                                                                                                                                                        
NAME                   STATUS    ROLES     AGE       VERSION
testa-master-0         Ready     master    13m       v1.11.0+d4cacc0
testa-worker-0-rzftn   Ready     worker    2m        v1.11.0+d4cacc0

[root@testa-master-0 core]# oc get pods --all-namespaces
NAMESPACE                                NAME                                                              READY     STATUS              RESTARTS   AGE
default                                  registry-56ccf4dcc5-wfxhv                                         0/1       ContainerCreating   0          7m
kube-system                              kube-apiserver-r46sd                                              1/1       Running             0          15m
kube-system                              kube-controller-manager-flg8j                                     1/1       Running             0          15m
kube-system                              kube-dns-787c975867-8d4cn                                         3/3       Running             0          15m
kube-system                              kube-flannel-l9t4g                                                2/2       Running             3          4m
kube-system                              kube-flannel-x6dtk                                                2/2       Running             0          12m
kube-system                              kube-proxy-6xnv5                                                  1/1       Running             0          4m
kube-system                              kube-proxy-t99hd                                                  1/1       Running             0          15m
kube-system                              kube-scheduler-m56nl                                              1/1       Running             0          15m
kube-system                              metrics-server-5767bfc576-vd8ss                                   0/2       ContainerCreating   0          7m
kube-system                              pod-checkpointer-cd5nj                                            1/1       Running             0          15m
kube-system                              pod-checkpointer-cd5nj-testa-master-0                             1/1       Running             0          15m
kube-system                              tectonic-network-operator-g8j7t                                   1/1       Running             0          15m
openshift-apiserver                      apiserver-fj2rm                                                   1/1       Running             0          10m
openshift-cluster-api                    clusterapi-manager-controllers-6898dcd5d9-c584f                   2/2       Running             0          9m
openshift-cluster-api                    machine-api-operator-6876cb8c7c-vw4l4                             1/1       Running             0          13m
openshift-cluster-node-tuning-operator   cluster-node-tuning-operator-798dc7b787-c6m5d                     0/1       ContainerCreating   0          8m
openshift-cluster-samples-operator       cluster-samples-operator-d789dbd9b-f2xsf                          1/1       Running             0          7m
openshift-cluster-version                cluster-version-operator-fzwhm                                    1/1       Running             0          15m
openshift-console                        console-operator-6c879b4655-29zdh                                 0/1       ContainerCreating   0          7m
openshift-controller-manager             controller-manager-b5gdv                                          1/1       Running             0          10m
openshift-core-operators                 openshift-cluster-kube-apiserver-operator-77867dd47f-mnj28        1/1       Running             0          13m
openshift-core-operators                 openshift-cluster-kube-controller-manager-operator-7bbf776w27ph   1/1       Running             0          13m
openshift-core-operators                 openshift-cluster-kube-scheduler-operator-7bb466d6c7-rks42        1/1       Running             0          13m
openshift-core-operators                 openshift-cluster-openshift-apiserver-operator-7598b98cbc-ksqqz   1/1       Running             0          13m
openshift-core-operators                 openshift-cluster-openshift-controller-manager-operator-59wc7zr   1/1       Running             0          13m
openshift-core-operators                 openshift-service-cert-signer-operator-69995ffb-pszn4             1/1       Running             0          13m
openshift-csi-operator                   csi-operator-6c65999974-ft2zt                                     0/1       ContainerCreating   0          7m
openshift-image-registry                 cluster-image-registry-operator-675b9b9d56-k5jnn                  1/1       Running             0          7m
openshift-ingress                        default-http-backend-6985d557bb-b2jxl                             0/1       ContainerCreating   0          8m
openshift-ingress                        router-7cb9b69979-95nj8                                           0/1       ContainerCreating   0          7m
openshift-ingress                        tectonic-ingress-controller-operator-fcb9c6f4b-2pv5c              1/1       Running             0          9m
openshift-kube-apiserver                 apiserver-777dc999c6-vv52v                                        1/1       Running             1          11m
openshift-kube-controller-manager        controller-manager-79b6c98b79-crqq7                               1/1       Running             0          11m
openshift-kube-scheduler                 scheduler-7d4d8c4fff-clz6k                                        1/1       Running             0          11m
openshift-machine-config-operator        machine-config-controller-cff76dc7d-lbpzd                         1/1       Running             0          10m
openshift-machine-config-operator        machine-config-daemon-78zcm                                       1/1       Running             1          4m
openshift-machine-config-operator        machine-config-daemon-mf9xb                                       1/1       Running             0          9m
openshift-machine-config-operator        machine-config-operator-65987dd664-nln2l                          1/1       Running             0          13m
openshift-machine-config-operator        machine-config-server-krr8m                                       1/1       Running             0          10m
openshift-monitoring                     cluster-monitoring-operator-c5cd98654-dgm6h                       0/1       ContainerCreating   0          7m
openshift-operator-lifecycle-manager     catalog-operator-5c4889c5fc-2v8ks                                 1/1       Running             0          13m
openshift-operator-lifecycle-manager     olm-operator-657b94fc4c-rfp9d                                     1/1       Running             0          13m
openshift-operator-lifecycle-manager     package-server-85fd7c95c-kjbv8                                    0/1       ContainerCreating   0          13m
openshift-service-cert-signer            apiservice-cabundle-injector-cdc9699d7-dsbth                      1/1       Running             0          11m
openshift-service-cert-signer            configmap-cabundle-injector-586b98ddb8-d4k6s                      0/1       ContainerCreating   0          11m
openshift-service-cert-signer            service-serving-cert-signer-578f88cccf-fzv4q                      1/1       Running             0          11m
openshift-web-console                    webconsole-86f4f55644-sgn88                                       0/1       ContainerCreating   0          7m
tectonic-system                          kube-addon-operator-784b4b6c7-rz4ls                               1/1       Running             0          10m

provision.sh

#!/bin/bash
set -e
set -u
set -o pipefail

sudo yum install -y libvirt libvirt-devel libvirt-client git golang libvirt-daemon-kvm qemu-kvm

sudo sysctl net.ipv4.ip_forward=1
echo "net.ipv4.ip_forward = 1" | sudo tee /etc/sysctl.d/99-ipforward.conf
sudo sysctl -p /etc/sysctl.d/99-ipforward.conf

sudo bash -c 'cat >> /etc/polkit-1/rules.d/80-libvirt.rules' << EOF
polkit.addRule(function(action, subject) {
  if (action.id == "org.libvirt.unix.manage" && subject.local && subject.active && subject.isInGroup("vagrant")) {
      return polkit.Result.YES;
  }
});
EOF
sudo usermod --append --groups libvirt vagrant

sudo bash -c 'cat >> /etc/libvirt/libvirtd.conf' << EOF
listen_tls = 0
listen_tcp = 1
auth_tcp="none"
tcp_port = "16509"
EOF
sudo bash -c 'cat >> /etc/sysconfig/libvirtd' << EOF
LIBVIRTD_ARGS="--listen"
EOF
sudo bash -c 'cat >> /etc/modprobe.d/kvm.conf' << EOF
options kvm_intel nested=1
EOF
sudo modprobe -r kvm_intel
sudo modprobe kvm_intel nested=1
sudo systemctl restart libvirtd

# TODO: Make portable
sudo iptables -I INPUT -p tcp -s 192.168.122.0/24 -d 192.168.122.1 --dport 16509 -j ACCEPT -m comment --comment "Allow insecure libvirt clients"
sudo systemctl stop firewalld
sudo systemctl disable firewalld

sudo virsh pool-define /dev/stdin <<EOF
<pool type='dir'>
  <name>default</name>
  <target>
    <path>/var/lib/libvirt/images</path>
  </target>
</pool>
EOF
sudo virsh pool-start default
sudo virsh pool-autostart default

cat <<EOF > $HOME/.terraformrc
plugin_cache_dir = "$HOME/.terraform.d/plugin-cache"
EOF
GOBIN=~/.terraform.d/plugins go get -u github.com/dmacvicar/terraform-provider-libvirt

ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa

cat <<EOF >> $HOME/.bash_profile
export PATH="\$PATH:\$HOME/go/src/github.com/openshift/installer/bin"
EOF

git clone https://github.com/openshift/installer.git $HOME/go/src/github.com/openshift/installer
cd $HOME/go/src/github.com/openshift/installer
hack/get-terraform.sh
TAGS=libvirt_destroy hack/build.sh

Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|
  config.vm.box = "generic/fedora28"
  config.vm.network "public_network"
  config.vm.synced_folder ".", "/vagrant", type: "nfs"
  config.vm.provider "vmware_desktop" do |v|
    v.ssh_info_public = true
    v.vmx["numvcpus"] = "2"
    v.vmx["memsize"] = "8192"
    v.vmx["vhv.enable"] = "TRUE"
  end
end

@durandom, nope, but thanks for the tip, I'll check it out sometime. Since I've moved to GCP for nested libvirt installs I've not had much use for the resource-hungry native hypervisor solution, but I'll probably get back to it sometime soon out of sheer curiosoty.

I think that your vagrantfile is missing the command to execute this bsh script provision.sh ? @ironcladlou

Can we use natively libvirt on Macos to avoid to have yo use vagrant to install a Fedora box ?