Install Lagoon on OpenShift¶
Lagoon is not only capable of deploying into OpenShift, it actually runs in OpenShift. This creates the just tiny chicken-egg problem of how to install Lagoon on an OpenShift when there is no Lagoon yet. 🐣
Luckily, we can use the local development environment to kickstart another Lagoon in any OpenShift, running somewhere in the world.
Check the OpenShift Requirements before continuing.
This process consists of 4 main stages::
- Configure existing OpenShift.
- Configure and connect local Lagoon with OpenShift.
- Configure Installed Lagoon.
Configure existing OpenShift¶
This also works with the OpenShift provided via MiniShift that can be started via
In order to create resources inside OpenShift and push into the OpenShift Registry, Lagoon needs a Service Account within OpenShift (read more about Service Accounts).
Technically, Lagoon can use any Service Account and also needs no admin permissions. The only requirement is that the
self-provisioner role is given to the Service Account.
In this example we create the Service Account
lagoon in the OpenShift Project
- Make sure you have the
oc clitools already installed. If not, please see here.
- Log into OpenShift as an admin:
oc login <openshift console>
- Run the
- At the end of this script it will give you a
serviceaccounttoken. Keep that somewhere safe.
Configure and connect local Lagoon with OpenShift¶
In order to use a local Lagoon to deploy itself on an OpenShift, we need a subset of Lagoon running locally. We need to teach this local Lagoon how to connect to the OpenShift:
local-dev/api-data/01-populate-api-data.gql, in the
Lagoon Kickstart Objectssection:
[REPLACE ME WITH OPENSHIFT URL]- The URL to the OpenShift Console, without
consoleat the end.
[REPLACE ME WITH OPENSHIFT LAGOON SERVICEACCOUNT TOKEN]- The token of the lagoon service account that was shown to you during
- Build required images and start services:
This will do the following:
- Build all required Lagoon service images (this can take a while).
- Start all required Lagoon services.
- Wait 30 secs for all services to fully start.
- Trigger a deployment of the
lagoonsitegroup that you edited, which will cause your local lagoon to connect to the defined OpenShift and trigger a new deployment.
Show the logs of all local Lagoon services.
As soon as you see messages like
Build lagoon-1 runningin the logs, it's time to connect to your OpenShift and check the build. The URL you will use for that depends on your system, but it's probably the same as in
- Then you should see a new OpenShift Project called
[lagoon] develop, and in there a
Buildthat is running. On a local OpenShift you can find that under https://192.168.42.100:8443/console/project/lagoon-develop/browse/builds/lagoon?tab=history.
- If you see the build running, check the logs and see how the deployment system does its magic! This is your very first Lagoon deployment running! 🎉 Congrats!
- Short background on what is actually happening here:
- Your local running Lagoon (inside
docker-compose) received a deploy command for a project called
lagoonthat you configured.
- This project has defined to which OpenShift it should be deployed (one single Lagoon can deploy into multiple OpenShifts all around the world).
- The local running Lagoon service
openshiftBuildDeployconnects to this OpenShift and creates a new project, some needed configurations (ServiceAccounts, BuildConfigs, etc.) and triggers a new build.
- This build will run and deploy another Lagoon within the OpenShift it runs.
- As soon as the build is done, go to the
Application > Deploymentssection of the OpenShift Project, and you should see all the Lagoon DeploymentConfigs deployed and running. Also go to
Application > Routesand click on the generated route for
ui(for a local OpenShift this will be http://ui-lagoon-develop.192.168.42.100.xip.io/), if you get the Lagoon UI as result, you did everything correct, bravo! 🏆
Once Lagoon is install operational, you need to initialize OpendistroSecurity to allow Kibana multitenancy. This only needs to be run once in a new setup of Lagoon.
- Open a shell of an Elasticsearch pod in
Configure Installed Lagoon¶
We have a fully running Lagoon. Now it's time to configure the first project inside of it. Follow the examples in GraphQL API.