search

oprudkyi / openshift-templates

OpenShift Origin templates, Mirror of https://gitlab.com/oprudkyi/openshift-templates/
MIT License
36 stars 26 forks source link

Deploying to openshift online? #1

Open kachkaev opened 7 years ago

kachkaev commented 7 years ago

Hi Oleksii and thanks for sharing your template!

I'm just starting with openshift and have decided to try and online version. The first thing I've decided to check is if it's possible to use the free tier as an external runner for my self-hosted gitlab instance. Just mechanically repeated all your nicely written steps but got this in the end:

screenshot from 2017-05-16 17-13-12

I suspect that the reason is that these commands did not run properly:

oc login -u system:admin
oc adm policy add-scc-to-user anyuid -z sa-gitlab-runner -n prj-gitlab-runner
oc adm policy add-scc-to-user anyuid -z sa-minio -n prj-gitlab-runner

(got Error from server (Forbidden): User "ABC" cannot get securitycontextconstraints at the cluster scope from OC)

Do you know if your template can be theoretically deployed to OpenShift online? Just curious what you think. I also believe that others like may stumble across your repo like me, so this issue can help them too.

oprudkyi commented 7 years ago

Hi,

theoretically sa-gitlab-runner service account can be run with builder/deployer permissions (that can be set in OpenShift Online) , though I really don't understand why it tries to create /var/lib/docker/volumes , i.e. gitlab runner there should just connect to kubernetes api and remotely manage tests.

as alternative (possible inconvenient) - it can be run locally but create testing containers (i.e. where actual test is run) via kubernetes API on the OpenShift Online https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/blob/master/docs/executors/kubernetes.md

kachkaev commented 7 years ago

Thanks for your reply @oprudkyi! Yeah, that idea with the remote kubernetes runner orchestration might have a chance to work too.

A funny thing is that right after I sent a comment to you I noticed a very relevant new blog post on gitlab: https://about.gitlab.com/2017/05/16/devops-containers-gitlab-openshift/

The video features a template similar to yours, so you might find it interesting. Hard to find it anywhere yet though; the source is here: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/f04b5c4443b3a98011577cdd7c9de766a287531e/docker/openshift/runner-template.yml

Their template does not work on OpenShift online too due to not being able to start a pod in a privileged mode.