Disconnected Install of OpenShift Origin (Single VM)

This article explains the technique for installing OpenShift Origin (open source) v3.6.1 on a single-VM in disconnected mode (i.e. no internet proxy).

Ref: The disconnected install of OpenShift Container Platform (enterprise) is documented here, which was a great help for finding this workaround.

Environment Setup

Linux VM – CentOS 7.x Minimal
– SELINUX Disabled
– Firewall Disabled

Export docker images on a DMZ host


# fetch openshift-origin images
docker pull openshift/origin-deployer:${OPENSHIFT_REL}
docker pull openshift/origin-docker-registry:${OPENSHIFT_REL}
docker pull openshift/origin-haproxy-router:${OPENSHIFT_REL}
docker pull openshift/origin-pod:${OPENSHIFT_REL}
docker pull openshift/origin-sti-builder:${OPENSHIFT_REL}
docker pull openshift/origin-docker-builder:${OPENSHIFT_REL}
docker pull centos:7

# export images
docker save -o openshift-origin-${OPENSHIFT_REL}-images.tar \
docker.io/openshift/origin-deployer:${OPENSHIFT_REL} \
docker.io/openshift/origin-docker-registry:${OPENSHIFT_REL} \
docker.io/openshift/origin-haproxy-router:${OPENSHIFT_REL} \
docker.io/openshift/origin-pod:${OPENSHIFT_REL} \
docker.io/openshift/origin-sti-builder:${OPENSHIFT_REL} \
docker.io/openshift/origin-docker-builder:${OPENSHIFT_REL} \

# verify - it should be ~1.8GB ; transfer it to target host (somehow!)
ls -hl openshift-origin-${OPENSHIFT_REL}-images.tar

Downalod origin-server binaries

# download origin-server
curl -fLOk https://github.com/openshift/origin/releases/download/${OPENSHIFT_REL}/openshift-origin-server-${OPENSHIFT_REL}-${OPENSHIFT_BLD}-linux-64bit.tar.gz
# verify - it should be ~109MB ; transfer it to target host (somehow!)
ls -hl openshift-origin-server-${OPENSHIFT_REL}-${OPENSHIFT_BLD}-linux-64bit.tar.gz

Prep target host

yum install -y docker git

cat > /etc/docker/daemon.json << '__EOF__'
  "insecure-registries" : [""]

systemctl start docker
systemctl enable docker

Import docker images on target host

from previously exported tarball

# verify - it should be ~1.8GB
ls -hl openshift-origin-${OPENSHIFT_REL}-images.tar
# import images
docker load --input openshift-origin-${OPENSHIFT_REL}-images.tar

Set environments

tee /etc/profile.d/openshift.sh << '__EOF__'
export OPENSHIFT_REL=v3.6.1
export OPENSHIFT_BLD=008f2d5
export OPENSHIFT=/opt/openshift-origin-${OPENSHIFT_REL}
export KUBECONFIG=$OPENSHIFT/openshift.local.config/master/admin.kubeconfig
export CURL_CA_BUNDLE=$OPENSHIFT/openshift.local.config/master/ca.crt

chmod 755 /etc/profile.d/openshift.sh
. /etc/profile.d/openshift.sh

Unpack binaries

from previously downloaded tarball

mkdir -p ${OPENSHIFT}
chmod 755 ${OPENSHIFT}

tar -zxvf openshift-origin-server-*.tar.gz --strip-components 1
rm -f openshift-origin-server-*.tar.gz

Generate config

./openshift start --write-config=openshift.local.config
# make it readbale by oc
chmod +r openshift.local.config/master/*.kubeconfig

Launch server

nohup ./openshift start --master-config=openshift.local.config/master/master-config.yaml --node-config=openshift.local.config/node-*/node-config.yaml &

Browse to URL: https://vm_ip_address:8443

Create admin user

oc login -u system:admin
oc project default

oc policy add-role-to-user cluster-admin admin

Install registry & router

mkdir /opt/openshift-registry
chcon -Rt svirt_sandbox_file_t /opt/openshift-registry
chown 1001.root /opt/openshift-registry
oadm policy add-scc-to-user privileged -z registry 
oadm registry --service-account=registry --mount-host=/opt/openshift-registry

oadm policy add-scc-to-user hostnetwork -z router
oadm router router --replicas=1

Validate that pods are up & running

[root@kube-osv3 ~]# oc get po -n default
NAME                         READY     STATUS    RESTARTS   AGE
po/docker-registry-1-q3692   1/1       Running   0          21m
po/router-1-7n48q            1/1       Running   0          21m

TODO: get imagestreams, build containers


Leave a Reply