Adding an application on an OpenShift project
- Plan ahead on how to organize your applications in projects. For example or a project for each application. A single application can run more than one container.
- An application can be added to OpenShift from a Dockerfile or Quay.io.
- It is very advisable to place all yaml files to version control, they ensure fast deployment if something unexpected happens.
Adding from a Dockerfile
OpenShift web-console: Developer → +Add (or from the + symbol in the top right if the YAML file exists, in which case no other steps are needed) → From Dockerfile
The instructions below assume that all possible menus are opened, a more condensed version can be foud here: Creating a BuildConfig
| Form item | Explanation |
|---|---|
| Git repo url | e.g https://version.helsinki.fi/project/application_name |
| Git type | Choose for your repository (NOTE! with version.helsinki.fi the type is ‘Other’) |
| Git reference | branch, tag or commit (can later be changed by editing the BuildConfig yaml) |
| Context dir | Root folder for your application and usually the directory for your Dockerfile, for example /client |
| Source secret | check below |
Source Secret
- If your repository is secret:
- Create a SSH-key for your deployment DO NOT USE YOUR OWN KEYS HERE – THE PRIVATE PART OF THE KEY IS GIVEN AS PROJECT SECRET INSIDE THE CLUSTER! CREATE A NEW KEY FOR FOR THIS AND ONLY THIS
- ssh-keygen -t rsa -b 4098 -q -N '' -C project-deploy -f project-deploy$ ls project-deploy* project-deploy project-deploy.pub
Place the public key with read access in your repository as a deploy key:
- GitLab: repository sidebar → “Settings” → “Repository” → “Deploy keys” → “Expand” → descriptive name, copy and paste the contents of your key public key in the text field and choose “Add key”
- Web-console → Developer perspective → “+Add” → (make sure you are in the right project) → “From Dockerfile” → fill the form→ “Create”
- Under “Show advanced git options” you can find the option to give SSH-key as a secret (“Source Secret” → “Select Secret Name” → “Create New Secret” → “Auth type” → “SSH Key”). Use this if your repository is secret.
| Dockerfile path | The path to the Dockerfile from “Context dir”, if the Dockerfile is in root, only the name is required |
| Application | If you want to connect parts of your application together, choose from the list or create new. This will give them labels that the UI uses to group things from the same application together |
| Resource | Either Deployment or DeploymentConfig, information to help you choose. |
Create a Route to the Application
If you want the application to be visible to the internet, either only to helsinki.fi network or to everyone, checkmark this
| Hostname | If you want your url to be somehting specific, ask for CNAME forwarding and certificates with the instructions here, can be left empty. |
| Path | Instructions |
| Target Port | Port for traffic, OpenShift can route traffic between containers if the ports are correct. The lowest port number that is allowed is 1024. |
Secure Route
If you are not using a custom hostname and you wish to use the certificates provided by the cluster (browser complaints about untrusted network without these), checkmark this and choose
- TLS termination: Edge
- Insecure traffic: Redirect,
or edit these settings later from the Route yaml according to the instructions here.
Health Checks
More options for tracking the state of your application.
- OpenShift - Monitoring application health by using health checks
- https://console-openshift-console.apps.ocp-prod-0.k8s.it.helsinki.fi/quickstart
Build Configuration
- Configure a webhook trigger: Creates a webhook
- Automatically build a new Image when the Builder Image changes: Builder Images
- Launch the first build when the build configuration is created:
- Environment variables (build and runtime): Possible environment variables for your application
- Can be added one by one or from a ConfigMap or Secret file
Deployment
- Auto deploy when new Image is available: for example a new commit or an update for the base-Image
- Environment variables (runtime only): If part of the environment variables are only needed during application runtime, they can be added here
- Can be added one by one or from a ConfigMap or Secret file
Scaling
How many copies of your application should exist at all times (NOTE! Increases processor usage).
Resource Limit
Minimum and maximum resource usages for you application (NOTE! The maximums in the order form can not be bypassed with these values).
Labels
A tag added to all resources related to this application, can be used to search/filter files and processes.
Local Development
If you want to run OpenShift locally, check these instructions.