This document details how to bring up an OpenShift local cluster on Mac OSX. We also detail how to do the same under a proxied environment.
- Docker for Mac (stable). Note that this will also work with Docker Toolbox for Mac, however this is untested and could have issues with networking.
- Homebrew package manager for macOS. If you are installing from behind a proxy, use the script available at this gist.
The openshift-cli
can be installed via homebrew. This package provides us with the oc
binary.
brew install openshift-cli
Note that this will install the oc
command along with any other requirements it has.
If your network access is proxied, you will have to configure your environment variables so that brew can perform the installation. Note that there are upper and lower case versions of the environment variable names used; and additionally note that we disable SSL verification when retrieving via git+http.
PROXY_URI=http://${PROXY_HOST}:${PROXY_PORT}
# export proxy environment configurations
declare -x HTTP_PROXY="${PROXY_URI}"
declare -x HTTPS_PROXY="${PROXY_URI}"
declare -x http_proxy="${HTTP_PROXY}"
declare -x https_proxy="${HTTPS_PROXY}"
# ignore TLS issues when cloning from git
declare -x GIT_SSL_NO_VERIFY="1"
$ oc cluster status
Error: OpenShift cluster is not running
If you do not want to install the cli via brew, you can always download the client tools from the project release page. The OSX binaries would be named like openshift-origin-client-tools-$VERSION-$COMMIT_HASH-mac.zip
.
Once unpacked, you will have to place the binary in a location that is in the $PATH
environment variable. For example, /usr/local/bin
. Additionally, do note that you will require socat
available on the system. The easiest way to get this installed is via brew.
brew install socat
Prior to bringing the developer cluster up, a few docker daemon configuration changes are required to be made.
OpenShift cluster uses an internal registry for storing and retrieving image builds. This needs to be allowed by the daemon.
At the time of writing, the insecure registries are expected to be within the 172.30.0.0/16
CIDR.
This is only required if you within a proxied environment. Within the Docker preferences, under the Proxies tab; select Manual proxy configuration option. Populate both the Web Server (HTTP) and Secure Web Server (HTTPS) fields filled with your proxy details. For example, http://proxy.awesome-organization.com:10678
.
IMPORTANT It is required that the following value be added into the Bypass proxy settings for these Hosts & Domains field. Note that this is only required if you are not explicitly passing in the proxy when using oc cluster up
(see next section).
127.0.0.1,10.173.22.225,localhost,172.30.1.1,172.30.0.0/16,192.168.65.2
Note that the /32
private addreses in the list can change. It is preferred to only add the non static ones here and follow the instructions below.
If you have followed the above instructions, the following command should work fine.
oc cluster up
If you are running in a proxied envrionment; execute oc
with the following arguments.
PROXY_URI=http://${PROXY_HOST}:${PROXY_PORT}
oc cluster up --http-proxy=${PROXY_URI} --https-proxy=${PROXY_URI}
In this case the NO_PROXY environment variable within the openshift container is auto populated and overrides those listed in the daemon configuration.
This document was prepared for self-reference and is not polished or intended to explain issue background and or details of commands executed. A fair few references were involved in the making of this document. Some are upstream issues/commits, others are well written articles explaining the set up step by step. Big shout out to the contirbutors and the authors.