Simplifying Disconnected/Airgapped On-Premises OpenShift Clusters Installation with the New Agent-based Installer

Agent-based Installer Overview

OpenShift Container Platform 4.12 release has added improvement for installing OpenShift clusters in disconnected or air-gapped environments by using agent-based installer. One common use case for Agent-based installer is On-Prem OpenShift Baremetal UPI cluster installations in disconnected or airgapped environment. Organizations prefer Baremetal over other platforms because of increased performance (no Virtualization overhead), heavy workload demands (AI/ML, GPU, device pass through etc.) and reduced cost (No Hypervisor software cost).

Agent-based installer leverages the advantages of the Assisted Installer hosted service in disconnected or air-gapped environments and generates a bootable ISO image containing all of the information required to deploy an OpenShift Container Platform cluster and simplifies the overall OpenShift Cluster deployment process in disconnected or airgapped environments.

The following platforms are supported:

• ???none
• ???baremetal
• ???vsphere

One of the key benefits it provides is in-place bootstrap and no extra node required for bootstrap. The Agent-based installation comprises a bootable ISO that contains the Assisted discovery agent and the Assisted Service. The Agent-based Installer also performs validation checks on user defined YAML files before the ISO is created. Once the validations are successful, the agent ISO is created.

You can install a disconnected/Airgapped OpenShift Container Platform cluster through the Agent based installer for the following topologies:

• ???A single-node OpenShift Container Platform cluster (SNO): A node that is both a master and worker.
• ???A three-node OpenShift Container Platform cluster : A compact cluster that has three master nodes that are also worker nodes.
• ???Highly available OpenShift Container Platform cluster (HA): Three master nodes with any number of worker nodes.

The Agent-based installation supports two input modes:

Preferred:

• ???install-config.yaml file
• ???agent-config.yaml file

Optional

• ???Zero Touch Provisioning (ZTP) manifests

In this blog, we will follow the Preferred method to deploy a three-node compact Baremetal OpenShift cluster in disconnected or air-gapped environments with baremetal platform and static networking. In next blog, I will expand the same OpenShift cluster by adding OpenShift Worker nodes using metal3 BareMetalHost resource.

Since we are doing a disconnected/airgapped installation so a mirror registry will be required and we have to include the image content source policy and certificates for our registry in the install-config.yaml file. We will use oc-mirror tools for setting up mirror registry on Bastion node. You can skip deploying this if you already have mirror registry in place for disconnected environments.

Agent-based Installer workflow

One of the control plane hosts runs the Assisted Service at the start of the boot process and eventually becomes the bootstrap host. This node is called the rendezvous host (node 0). The Assisted Service ensures that all the hosts meet the requirements and triggers an OpenShift Container Platform cluster deployment. All the nodes have the Red Hat Enterprise Linux CoreOS (RHCOS) image written to the disk. The non-bootstrap nodes reboot and initiate a cluster deployment. Once the nodes are rebooted, the rendezvous host reboots and joins the cluster. The bootstrapping is complete and the cluster is deployed.

Deploying cluster using Agent Based Installer

High Level Steps

• ???Deploy mirror registry for disconnected installation. (Optional, You can skip this step if already have a mirror registry in your environment)
• ???Prepare install-config.yaml and agent-config.yaml
• ???Generate Agent ISO image
• ???Boot Hosts using Agent ISO
• ???Watch progress for Cluster formation.

1. Deploy Mirror registry for Disconnected installation

First, let us deploy a mirror registry on Bastion node for disconnected installations. We need to install podman, buildah and skopeo tools on Bastion node prior configuring mirror registry.

[root@ocp-bastion ~]# useradd ocp-admin

[root@ocp-bastion ~]# dnf module install container-tools:4.0

[root@ocp-bastion ~]# podman version

Client:? ??? ?Podman Engine

Version: ??? ?4.0.2

API Version:? 4.0.2

Go Version:?? go1.18.4

Built: ??? ?Tue Aug 30 06:53:06 2022

OS/Arch:?? ?linux/amd64

[root@ocp-bastion ~]# buildah version

Version:??? ??? ?1.24.5

Go Version: ??? ?go1.18.4

Image Spec: ??? ?1.0.2-dev

Runtime Spec:?? ?1.0.2-dev

CNI Spec:?? ??? ?1.0.0

libcni Version:? v1.0.1

image Version:?? 5.19.3

Git Commit: ?? ?

Built:????? ??? ?Tue Aug 30 06:53:51 2022

OS/Arch:??? ??? ?linux/amd64

BuildPlatform:?? linux/amd64

[root@ocp-bastion ~]# skopeo -v

skopeo version 1.6.2-maintn        

1.1. Mirroring on a local host with mirror registry for Red Hat OpenShift

Download the mirror-registry.tar.gz package for the latest version of the mirror registry for Red Hat OpenShift found on the OpenShift console Downloads page.

[root@ocp-bastion ~]# su - ocp-admin

[ocp-admin@ocp-bastion ~]$ df -hT| grep registry

/dev/mapper/mirror--registry-mirror--registry--lv1 xfs? ??? ?400G? 2.9G? 397G?? 1% /mirror-registry

[ocp-admin@ocp-bastion mirror-registry]$ sudo mkdir registry-datadir registry-installdir

[ocp-admin@ocp-bastion mirror-registry]$ sudo chown ocp-admin:ocp-admin registry-installdir

[ocp-admin@ocp-bastion mirror-registry]$ cd registry-installdir/

[ocp-admin@ocp-bastion mirror-registry]$ wget -c 'https://developers.redhat.com/content-gateway/rest/mirror/pub/openshift-v4/clients/mirror-registry/latest/mirror-registry.tar.gz'

[ocp-admin@ocp-bastion registry-installdir]$ sudo ./mirror-registry install --quayHostname ocp-bastion.self.example.com --quayRoot /mirror-registry/registry-datadir/

?? __?? __

? /? \ /? \ ?? ?______?? _?? ?_ ?? ?__?? __?? __

?/ /\ / /\ \?? /? __? \ | |? | |?? /? \? \ \ / /

/ /? / /? \ \? | |? | | | |? | |? / /\ \? \?? /

\ \? \ \? / /? | |__| | | |__| | / ____ \? | |

?\ \/ \ \/ /?? \_? ___/? \____/ /_/?? ?\_\ |_|

? \__/ \__/ ??? ?\ \__

???????????? ??? ?\___\ by Red Hat

?Build, Store, and Distribute your Containers

?? ?

INFO[2023-01-24 14:56:40] Install has begun????????????????????? ??? ?

INFO[2023-01-24 14:56:40] Found execution environment at /mirror-registry/registry-installdir/execution-environment.tar

INFO[2023-01-24 14:56:43] Unpacking image archive from /mirror-registry/registry-installdir/image-archive.tar

INFO[2023-01-24 14:56:45] Loading pause image archive from pause.tar? ?

INFO[2023-01-24 14:56:46] Loading redis image archive from redis.tar? ?

INFO[2023-01-24 14:56:49] Loading postgres image archive from postgres.tar

INFO[2023-01-24 14:56:52] Loading Quay image archive from quay.tar?? ?

INFO[2023-01-24 14:57:40] Attempting to set SELinux rules on image archive

INFO[2023-01-24 14:57:40] Running install playbook. This may take some time. To see playbook output run the installer with -v (verbose) flag.

INFO[2023-01-24 14:57:40] Detected an installation to localhost? ??? ?




PLAY [Install Mirror Appliance] *******************************************************************************************************************************************************************

TASK [Gathering Facts] ****************************************************************************************************************************************************************************

ok: [[email protected]]

.

.

TASK [mirror_appliance : Creating init user at endpoint https://ocp-bastion.self.example.com:8443/api/v1/user/initialize] *************************************************************************

ok: [[email protected]]


PLAY RECAP ****************************************************************************************************************************************************************************************

[email protected] : ok=47?? changed=30?? unreachable=0?? ?failed=0?? ?skipped=12?? rescued=0?? ?ignored=0? ?


INFO[2023-01-24 14:59:11] Quay installed successfully, permanent data is stored in /mirror-registry/registry-datadir/

INFO[2023-01-24 14:59:11] Quay is available at https://ocp-bastion.self.example.com:8443 with credentials (init, XXXXX)        

Now with the release of OpenShift 4.11 the oc-mirror tools has official gone GA and with adds additional feature functionality. We will use oc-mirror plugin to mirror all required OpenShift Container Platform content and other images to your mirror registry by using a single tool.

[ocp-admin@ocp-bastion ~]$ mkdir mirror-registry-conf

[ocp-admin@ocp-bastion mirror-registry-config]$ wget -c 'https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable/oc-mirror.tar.gz'

[ocp-admin@ocp-bastion mirror-registry-config]$ tar zxvf oc-mirror.tar.gz

oc-mirror

[ocp-admin@ocp-bastion mirror-registry-config]$ chmod +x oc-mirror

[ocp-admin@ocp-bastion mirror-registry-config]$ sudo mv oc-mirror /usr/local/bin/        

1.2. Setting up credentials that allow images to be mirrored

Download your registry.redhat.io pull secret from the Red Hat OpenShift Cluster Manager and generate the base64-encoded user name and password or token for your mirror registry.

[ocp-admin@ocp-bastion mirror-registry-config]$ cat pull-secret | jq . > pull-secret.json

[ocp-admin@ocp-bastion mirror-registry-config]$ echo -n 'init:<registry password>'| base64 -w0
YYYYY

[ocp-admin@ocp-bastion mirror-registry-config]$ cat pull-secret.json

{

? "auths": {

?? ?"ocp-bastion.self.example.com:8443": {

? ?? ?"auth": "YYYYY",

? ?? ?"email": "[email protected]"

?? ?},

?? ?"cloud.openshift.com": {

? ?? ?"auth": "ZZZZZ",
.
.
??? }
? }
}
        

1.3. Mirror content using oc-mirror tool

Before you can use the oc-mirror plugin to mirror image sets, you must create an image set configuration file. This image set configuration file defines which OpenShift Container Platform releases, Operators, and other images to mirror, along with other configuration settings for the oc-mirror plugin.

[ocp-admin@ocp-bastion mirror-registry-config]$ cat imageset-config.yaml

kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v1alpha2
storageConfig:
? registry:
??? imageURL: ocp-bastion.self.example.com:8443/mirror/oc-mirror-metadata
??? skipTLS: false
mirror:
? platform:
??? channels:
??? - name: stable-4.12
????? type: ocp
? operators:
? - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.12
? additionalImages:
? - name: registry.redhat.io/ubi8/ubi:latest
? - name: registry.redhat.io/rhel8/support-tools:latest
? helm: {}

[ocp-admin@ocp-bastion mirror-registry-config]$ oc mirror --config=./imageset-config.yaml docker://ocp-bastion.self.example.com:844

Checking push permissions for ocp-bastion.self.example.com:8443

Creating directory: oc-mirror-workspace/src/publish

Creating directory: oc-mirror-workspace/src/v2

Creating directory: oc-mirror-workspace/src/charts

Creating directory: oc-mirror-workspace/src/release-signatures

No metadata detected, creating new workspace

Adding graph data

[ocp-admin@ocp-bastion mirror-registry-config]$ sudo dnf install /usr/bin/nmstatectl -y        

2. Prepare install-config.yaml and agent-config.yaml

2.1. install-config.yaml

This file specifies the cluster's configuration such as number of control plane and/or worker nodes, the API and ingress VIP, physical node MAC addresses and the cluster networking.

[ocp-admin@ocp-bastion agi-4.12.0]$ cat install-config.yaml

apiVersion: v1
baseDomain: ocpcluster.localnet
compute:
- architecture: amd64
? hyperthreading: Enabled
? name: worker
? replicas: 0
controlPlane:
? architecture: amd64
? hyperthreading: Enabled
? name: master
? replicas: 3
metadata:
? name: ocp-agi
networking:
? clusterNetwork:
? - cidr: 10.128.0.0/14
??? hostPrefix: 23
? machineNetwork:
? - cidr: 192.168.101.0/24
? networkType: OVNKubernetes
? serviceNetwork:
? - 172.30.0.0/16
platform:
? baremetal:
??? apiVIPs:
????? - 192.168.101.100
??? ingressVIPs:
????? - 192.168.101.101
??? hosts:
????? - name: master1.ocp-agi.ocpcluster.localnet
??????? role: master
??????? bootMACAddress: 52:54:00:e7:05:72
????? - name: master2.ocp-agi.ocpcluster.localnet
??????? role: master
??????? bootMACAddress: 52:54:00:95:fd:f3
????? - name: master3.ocp-agi.ocpcluster.localnet
??????? role: master
??????? bootMACAddress: 52:54:00:e8:b9:18
pullSecret: '{"auths":{"ocp-bastion.self.example.com:8443":{"auth":"<paste base64-encoded username/password for the mirror registry>","email":"[email protected]"}}}'
sshKey: '<paste id_ed25519.pub key> [email protected]'
imageContentSources:
- mirrors:
? - ocp-bastion.self.example.com:8443/openshift/release
? source: quay.io/openshift-release-dev/ocp-v4.0-art-dev
- mirrors:
? - ocp-bastion.self.example.com:8443/openshift/release-images
? source: quay.io/openshift-release-dev/ocp-release
additionalTrustBundle: |
? <paste mirror registry certificate>        

2.2. agent-config.yaml

In this file, we specify OpenShift node's configuration e.g. static networking, rootdeviceHints for agent to apply when nodes boot using Agent ISO.

[ocp-admin@ocp-bastion agi-4.12.0]$ cat agent-config.yaml

?apiVersion: v1alpha1
?kind: AgentConfig
?metadata:
?? name: ocp-agi
?rendezvousIP: 192.168.101.3
?hosts:
?? - hostname: master1.ocp-agi.ocpcluster.localnet
???? interfaces:
?????? - name: enp1s0
???????? macAddress: 52:54:00:e7:05:72
???? networkConfig:
?????? interfaces:
???????? - name: enp1s0
?????????? type: ethernet
?????????? state: up
?????????? mac-address: 52:54:00:e7:05:72
?????????? ipv4:
???????????? enabled: true
???????????? address:
?????????????? - ip: 192.168.101.3
???????????????? prefix-length: 24
???????????? dhcp: false
?????? dns-resolver:
???????? config:
?????????? server:
???????????? - 192.168.101.1
?????? routes:
???????? config:
?????????? - destination: 0.0.0.0/0
???????????? next-hop-address: 192.168.101.254
???????????? next-hop-interface: enp1s0
???????????? table-id: 254
?? - hostname: master2.ocp-agi.ocpcluster.localnet
???? interfaces:
?????? - name: enp1s0
???????? macAddress: 52:54:00:95:fd:f3
???? networkConfig:
?????? interfaces:
???????? - name: enp1s0
?????????? type: ethernet
?????????? state: up
?????????? mac-address: 52:54:00:95:fd:f3
?????????? ipv4:
???????????? enabled: true
???????????? address:
?????????????? - ip: 192.168.101.4
???????????????? prefix-length: 24
???????????? dhcp: false
?????? dns-resolver:
???????? config:
?????????? server:
???????????? - 192.168.101.1
?????? routes:
???????? config:
?????????? - destination: 0.0.0.0/0
???????????? next-hop-address: 192.168.101.254
???????????? next-hop-interface: enp1s0
???????????? table-id: 254
?? - hostname: master3.ocp-agi.ocpcluster.localnet
???? interfaces:
?????? - name: enp1s0
???????? macAddress: 52:54:00:e8:b9:18
???? networkConfig:
?????? interfaces:
???????? - name: enp1s0
?????????? type: ethernet
?????????? state: up
?????????? mac-address: 52:54:00:e8:b9:18
?????????? ipv4:
???????????? enabled: true
???????????? address:
?????????????? - ip: 192.168.101.5
???????????????? prefix-length: 24
???????????? dhcp: false
?????? dns-resolver:
???????? config:
?????????? server:
???????????? - 192.168.101.1
?????? routes:
???????? config:
?????????? - destination: 0.0.0.0/0
???????????? next-hop-address: 192.168.101.254
???????????? next-hop-interface: enp1s0
???????????? table-id: 254        

3. Generate Agent ISO image

Login into console.redhat.com/openshift and Go Clusters then Datacenter and then “Run agent-based installer locally”

Download OpenShift Installer and run it to create Agent ISO.

[ocp-admin@ocp-bastion agi-4.12.0]$ openshift-install --dir install-dir/ agent create image

WARNING Platform.Baremetal.ClusterProvisioningIP: 172.22.0.3 is ignored

WARNING Platform.Baremetal.ExternalBridge: baremetal is ignored

WARNING Platform.Baremetal.ExternalMACAddress: 52:54:00:3a:8b:a7 is ignored

WARNING Platform.Baremetal.ProvisioningBridge: provisioning is ignored

WARNING Platform.Baremetal.ProvisioningMACAddress: 52:54:00:9a:4a:c0 is ignored

WARNING Platform.Baremetal.ProvisioningNetworkCIDR: 172.22.0.0/24 is ignored

WARNING Platform.Baremetal.ProvisioningDHCPRange: 172.22.0.10,172.22.0.254 is ignored
.
.
.
WARNING The ImageContentSources configuration in install-config.yaml should have at-least one source field matching the releaseImage value quay.io/openshift-release-dev/ocp-release@sha256

INFO The rendezvous host IP (node0 IP) is 192.168.101.3

INFO Extracting base ISO from release payload?? ?

INFO Verifying cached file????????????????? ??? ?

INFO Using cached Base ISO /home/ocp-admin/.cache/agent/image_cache/coreos-x86_64.iso

INFO Consuming Install Config from target directory

INFO Consuming Agent Config from target directory

[ocp-admin@ocp-bastion agi-4.12.0]$ ls -l install-dir/

total 1183744

-rw-rw-r--. 1 ocp-admin ocp-admin 1212153856 Jan 26 03:14 agent.x86_64.iso

drwxr-x---. 2 ocp-admin ocp-admin??? ??? ?50 Jan 26 03:14 auth
        

4. Boot Hosts using Agent ISO

4.1. Booting master1 node:

As this is the first node we are booting with Agent ISO image so this becomes rendezvous host as explained earlier in Agent based installer workflow section in this blog.

4.2. Booting master2 & master3 nodes:

5. Watch Agent Bootstrap Progress

[ocp-admin@ocp-bastion agi-4.12.0]$ openshift-install --dir install-dir/ agent wait-for bootstrap-complete --log-level=info

INFO User input is required to continue cluster installation

WARNING Cluster validation: The Machine Network CIDR is undefined; the Machine Network CIDR can be defined by setting either the API or Ingress virtual IPs.

WARNING Cluster validation: The Cluster Machine CIDR? is different than the calculated CIDR 192.168.101.0/24.

WARNING Cluster validation: The cluster has hosts that are not ready to install.

WARNING Cluster validation: Clusters must have at most 3 dedicated masters. Please check your configuration and add or remove hosts as needed to meet the requirement.

WARNING Host master1.ocp-agi.ocpcluster.localnet validation: Host couldn't synchronize with any NTP server

WARNING Host master1.ocp-agi.ocpcluster.localnet: updated status from pending-for-input to insufficient (Host cannot be installed due to following failing validation(s): Host couldn't synchronize with any NTP server)

INFO Cluster is not ready for install. Check validations

INFO Cluster validation: The Machine Network CIDR is defined.

INFO Cluster validation: The Cluster Machine CIDR is equivalent to the calculated CIDR.

INFO Host 66890751-b18d-42d4-88da-92d1711f0655: Successfully registered

WARNING Host master2.ocp-agi.ocpcluster.localnet validation: Host couldn't synchronize with any NTP server

INFO Host 330268f7-b436-4a35-9625-319884fb0563: Successfully registered

WARNING Host master3.ocp-agi.ocpcluster.localnet validation: No connectivity to the majority of hosts in the cluster

WARNING Host master3.ocp-agi.ocpcluster.localnet validation: Host couldn't synchronize with any NTP server

WARNING Host master2.ocp-agi.ocpcluster.localnet validation: No connectivity to the majority of hosts in the cluster

WARNING Host master1.ocp-agi.ocpcluster.localnet validation: No connectivity to the majority of hosts in the cluster

WARNING Host master1.ocp-agi.ocpcluster.localnet: validation 'belongs-to-majority-group' failed

INFO Cluster validation: The cluster has a sufficient number of master candidates.

INFO Host master1.ocp-agi.ocpcluster.localnet validation: Host NTP is synced

INFO Host master1.ocp-agi.ocpcluster.localnet: validation 'ntp-synced' is now fixed

INFO Host master2.ocp-agi.ocpcluster.localnet validation: Host NTP is synced

INFO Host master2.ocp-agi.ocpcluster.localnet: validation 'ntp-synced' is now fixed

INFO Host master3.ocp-agi.ocpcluster.localnet validation: Host NTP is synced

INFO Host master3.ocp-agi.ocpcluster.localnet: validation 'ntp-synced' is now fixed

INFO Host master1.ocp-agi.ocpcluster.localnet validation: Host has connectivity to the majority of hosts in the cluster

INFO Host master2.ocp-agi.ocpcluster.localnet validation: Host has connectivity to the majority of hosts in the cluster

INFO Host master3.ocp-agi.ocpcluster.localnet validation: Host has connectivity to the majority of hosts in the cluster

INFO Host master3.ocp-agi.ocpcluster.localnet: updated status from insufficient to known (Host is ready to be installed)

INFO Cluster is ready for install?????????? ??? ?

INFO Cluster validation: All hosts in the cluster are ready to install.

INFO Preparing cluster for installation???? ??? ?

INFO Host master3.ocp-agi.ocpcluster.localnet: updated status from known to preparing-for-installation (Host finished successfully to prepare for installation)

INFO Host master2.ocp-agi.ocpcluster.localnet: updated status from preparing-for-installation to preparing-successful (Host finished successfully to prepare for installation)

INFO Host master3.ocp-agi.ocpcluster.localnet: New image status quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4949b93b3fd0f6b22197402ba22c2775eba408b53d30ac2e3ab2dda409314f5e. result: success. time: 2.04 seconds; size: 398.21 Megabytes; download rate: 204.62 MBps

INFO Host master3.ocp-agi.ocpcluster.localnet: updated status from preparing-for-installation to preparing-successful (Host finished successfully to prepare for installation)

INFO Host master1.ocp-agi.ocpcluster.localnet: New image status quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:4949b93b3fd0f6b22197402ba22c2775eba408b53d30ac2e3ab2dda409314f5e. result: success. time: 2.04 seconds; size: 398.21 Megabytes; download rate: 204.73 MBps

INFO Host master1.ocp-agi.ocpcluster.localnet: updated status from preparing-for-installation to preparing-successful (Host finished successfully to prepare for installation)

INFO Cluster installation in progress?????? ??? ?

INFO Host: master2.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk

INFO Host: master2.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk: 9%

INFO Host: master3.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk

INFO Host: master3.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk: 12%
.
.
INFO Host: master1.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk: 16%

INFO Host: master2.ocp-agi.ocpcluster.localnet, reached installation stage Rebooting
.
.
INFO Host: master1.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk: 30%
INFO Host: master1.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk: 38%
.
.
INFO Host: master3.ocp-agi.ocpcluster.localnet, reached installation stage Rebooting

INFO Host: master1.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk: 74%
.
.
INFO Host: master1.ocp-agi.ocpcluster.localnet, reached installation stage Writing image to disk: 100%

INFO Host: master1.ocp-agi.ocpcluster.localnet, reached installation stage Waiting for control plane: Waiting for masters to join bootstrap control plane

INFO Bootstrap Kube API Initialized???????? ??? ?

INFO Host: master2.ocp-agi.ocpcluster.localnet, reached installation stage Configuring

INFO Host: master3.ocp-agi.ocpcluster.localnet, reached installation stage Configuring

INFO Host: master1.ocp-agi.ocpcluster.localnet, reached installation stage Waiting for bootkube

INFO Host: master3.ocp-agi.ocpcluster.localnet, reached installation stage Done

INFO Host: master1.ocp-agi.ocpcluster.localnet, reached installation stage Waiting for controller: waiting for controller pod ready event

INFO Host: master1.ocp-agi.ocp cluster.localnet, reached installation stage Rebooting

INFO Bootstrap configMap status is complete ??? ?

INFO cluster bootstrap is complete

INFO Cluster is installed?????????????????? ??? ?

INFO Install complete!????????????????????? ??? ?

INFO To access the cluster as the system:admin user when using 'oc', run

INFO ?? ?export KUBECONFIG=/home/ocp-admin/ocpcluster-installdir/agi-4.12.0/install-dir/auth/kubeconfig

INFO Access the OpenShift web-console here: https://console-openshift-console.apps.ocp-agi.ocpcluster.localnet

INFO Login to the console with user: "kubeadmin", and password: "ZZZZZ"        

As we can see in above logs, master2 and master3?nodes were rebooted prior master1 by Agent.

Let us check the cluster nodes status and Console.

6. Conclusion

Using Agent-based Installer we can:-

• We can quickly deploy isolated OpenShift clusters on premise of any topology. Booting nodes with Bootable Agent ISO simplifies the cluster deployment process in disconnected environments.
• We can also install a cluster zero with OpenShift management components such as Red Hat Advanced Cluster Management for Kubernetes (ACM), GitOps, Quay, and components to support your other clusters.
• As we start with Hypershift, install the OpenShift cluster that will house the control planes for all the other clusters. It works in fully disconnected deployments.

One of the key benefit is in-place bootstrap, no extra node is required.

7. Reference links

• Mirroring images for a disconnected installation using the oc-mirror plugin
• Agent-based Installer workflow
• Validation checks before agent ISO creation
• Installing a OpenShift Container Platform cluster with the Agent-based Installer