Demo: OpenShift in the edge with AWS Local Zones

This is the reference for a demo of deploying an OpenShift cluster on the edge of AWS Cloud with Local Zones. Summary of the Epic SPLAT-365.

Table Of Contents:

• Epic Overview
• Part 1: AWS Local Zones overview
• Part 2: Day-2 - Extend OpenShift compute nodes to Local Zones
• Part 3: Day-0 - Install OpenShift cluster in existing VPC with Local Zones
• Part 4: Day-0 demo - Installing OpenShift
  • Demo script
• Next Steps
• References

Epic overview and goals

• Understand how we can use Local Zones in OCP
• Understand the benefits
• Provide the steps
• Create on the Product documentation how to install the OCP cluster in existing VPC with Local Zone subnets
• Eventually public a blog in the Hybrid Cloud with the results

Part 1: AWS Local Zones overview

• Product landing page
• Limitations
  • Resources are Limited and more expensive
  • Current limitation
    • EBS type should be gp2
    • Instance Type
    • NLB is not supported
    • Nat Gateway is not supported
• Example Architecture
• Local Zones are designed specially to compute nodes
  • Using existing VPC only
  • Current options to install OCP:
    • Day-2
    • Day-0

Part 2: Day-2 - Extend OpenShift compute nodes to Local Zones

• Summary of tasks:

  • SPLAT-526: Day-2 research
  • SPLAT-558: ALB Operator using in Day-2

• Steps to use compute nodes in Local Zones (Day-2):

  • Opt in the Availability Zone Group
  • Create the subnet
  • Associate the Route Table
  • Choose the correct gateway (IGW or NatGW*)
  • Create the MachineSet for nodes in the Local Zone
    • Creating the edge label
    • Set the node as unscheduled
  • Create the machine
• Benchmark results review

Part 3: Day-0 - Install OpenShift cluster in existing VPC with Local Zones

• Summary of tasks:

  • SPLAT-557: Day-0 research

• Steps to install a cluster in the existing network with compute nodes in Local Zones (Day-0)

  • Create VPC and resources
  • Create the Local Zone subnet
    • tag as unmanaged
  • Create the install-config.yaml specifying the subnets to install a cluster
  • Create the MachineSet manifest on installer install dir
    • Creating the edge label
    • Set the node as unscheduled
  • Create a cluster

Part 4: Day-0 demo - Installing OpenShift

• Day-0 installation
  • oc aws-zone plugin used automates the install steps
  • play demo
• AWS Console:
  • Zone Groups configurations
  • VPC and network resources
  • Local Zone subnet
    • Subnet tag unmanaged
    • public route table
  • Compute resources

Demo script: quick install using plugin

# install the plugin
curl -s https://raw.githubusercontent.com/mtulio/mtulio.labs/article-ocp-aws-lz-plugin/labs/oc-plugins/oc-aws_zone -o ${HOME}/bin/oc-aws_zone

chmod u+x ${HOME}/bin/oc-aws_zone

# read the help
oc aws-zone

# create a cluster
CLUSTER_NAME=lzdemo \
    VERSION=4.11.2 \
    CLUSTER_REGION=us-east-1 \
    ZONE_GROUP_NAME=us-east-1-nyc-1a \
    VPC_CIDR='10.0.0.0/16' \
    ZONE_CIDR='10.0.128.0/20' \
    BASE_DOMAIN='devcluster.openshift.com' \
    INSTANCE_TYPE=c5d.2xlarge \
    PULL_SECRET_FILE=${HOME}/.openshift/pull-secret-latest.json \
    SSH_PUB_KEY_FILE=${HOME}/.ssh/id_rsa.pub \
    oc aws-zone create-all

export KUBECONFIG=${PWD}/auth/kubeconfig

# review the installation
oc get clusteroperators

# check the machine
oc get machines -n openshift-machine-api

# checke the edge node
oc get nodes -l node-role.kubernetes.io/edge=''

# destroy the cluster
oc aws-zone destroy-all

Next steps

• Public the steps of Installing a cluster in existing VPC with Local Zone subnets in the Product Documentation
• Installer supports it natively:
  • Create MachineSets for the "edge" nodes
  • Create the network resources
• Current issues:
  • Ingress subnet discovery
    • Bug on KCM

References

• Install OpenShift in the cloud edge with AWS Local Zones
• OpenShift: Installing a cluster on AWS into an existing VPC
• AWS Local Zones
• Extend kubectl with plugins