A quick step by step guide to getting a local, single node OpenShift cluster up and running with the
oc CLI tools and Docker for Mac.
If you've been to https://github.com/openshift/origin#openshift-application-platform latetly and gazed at the simplicity of installing a local OpenShift Origin cluster simply by typing
oc cluster up, you'll no doubt want to try that out!
However, the current (as of August 21st, 2016) assumption is that you need Docker Toolbox installed for this to work. Only thing is, if you like living on the bleeding edge, you'll no doubt be running Docker for Mac.
So can we still use
oc cluster up? Yes, yes you can.
I use Homebrew for installing apps on Mac, so I will explain how to get the
oc CLI installed using
brew. First you need to install the unstable version of
oc, which at the time of writing is
1.3.0-alpha.3 (thanks to elyscape), with:
$ brew update $ brew install --devel openshift-cli
this will install the
go dependency if you don't have it already, pull the OpenShift source from GitHub and build the binaries.
You should now have
oc on your path:
$ oc version oc v1.3.0-alpha.3 kubernetes v1.3.0+507d3a7 features: Basic-Auth
Making sure you're Docker for Mac whale is snuggly nestled in your menu bar (I.e. Docker is running), execute the following:
$ oc cluster up
after some Docker image pulling, you will be greeted with this:
-- Checking OpenShift client ... OK -- Checking Docker client ... OK -- Checking for existing OpenShift container ... OK -- Checking for openshift/origin:v1.3.0-alpha.3 image ... Pulling image openshift/origin:v1.3.0-alpha.3 ... Pulled 3/3 layers, 100% complete Extracting Image pull complete -- Checking Docker daemon configuration ... FAIL Error: did not detect an --insecure-registry argument on the Docker daemon Solution: Ensure that the Docker daemon is running with the following argument: --insecure-registry 172.30.0.0/16 You can run this command with --create-machine to create a machine with the right argument.
Feeling a little insecure
172.30.0.0/16 to the insecure registries for our Docker daemon is as easy as ever. Click the whale, hit "Preferences":
172.30.0.0/16 to the insecure registries section under the "Advanced" tab:
hit "Apply and Restart" and wait for the Docker daemon to restart.
Good to go, let's try again:
$ oc cluster up -- Checking OpenShift client ... OK -- Checking Docker client ... OK -- Checking for existing OpenShift container ... OK -- Checking for openshift/origin:v1.3.0-alpha.3 image ... OK -- Checking Docker daemon configuration ... OK -- Checking for available ports ... OK -- Checking type of volume mount ... Using Docker shared volumes for OpenShift volumes -- Checking Docker version ... OK -- Creating host directories ... OK -- Finding server IP .. Using 192.168.1.3 as the server IP -- Starting OpenShift container ... FAIL Error: exec: "socat": executable file not found in $PATH
Update - 2016-08-31
socat error below should be fixed with this commit to the
openshift-cli formula. The commit adds
socat as a dependency and therefore
socat will be installed as part of the
So close! Apparently we need
socat though. No worries, simply install with
# don't need this anymore, see update ^ $ brew install socat
Let's give it one more try:
oc cluster up -- Checking OpenShift client ... OK -- Checking Docker client ... OK -- Checking for existing OpenShift container ... OK -- Checking for openshift/origin:v1.3.0-alpha.3 image ... OK -- Checking Docker daemon configuration ... OK -- Checking for available ports ... OK -- Checking type of volume mount ... Using Docker shared volumes for OpenShift volumes -- Checking Docker version ... OK -- Creating host directories ... OK -- Finding server IP ... Using 192.168.1.3 as the server IP -- Starting OpenShift container ... Creating initial OpenShift configuration Starting OpenShift using container 'origin' Waiting for API server to start listening OpenShift server started -- Installing registry ... OK -- Installing router ... OK -- Importing image streams ... OK -- Importing templates ... OK -- Login to server ... OK -- Creating initial project "myproject" ... OK -- Server Information ... OpenShift server started. The server is accessible via web console at: https://192.168.1.3:8443 You are logged in as: User: developer Password: developer To login as administrator: oc login -u system:admin
and there we have it, an OpenShift Origin cluster up and running.
You should be able to hit the OpenShift console at: https://localhost:8443/console/ * using the username and password
developer to login.
* or whatever server IP was designated when starting up. In my example above it would be
I need more power
By default the
developer user does not have cluster administration rights. Which is why we only see the one project
A developer needs admin rights, so let's give it to him using the
oc adm tool:
$ oc login -u system:admin $ oadm policy add-cluster-role-to-user cluster-admin developer $ -- OR -- $ oc adm policy add-cluster-role-to-user cluster-admin developer
First we login with the
admin user which has the correct privileges to grant the
cluster-admin role and then add that role to
developer. Now you should see all the projects and be able to poke around a bit:
That's it, have fun...
When you're done, don't forget to
oc cluster down.
This guide has been tested with these versions of Docker for Mac (1.12.0),
oc (v1.3.0-alpha.3) and OSX El Capitan (10.11.6).