Skip to content

Getting Started with a deployment

  1. Prerequisites
  2. Installation
  3. Next steps

Prerequisites

For simplicity's sake, we will refer to a Zuul-based CI infrastructure that can be deployed with SF-Operator as a "Software Factory".

In order to deploy a Software Factory with the SF-Operator on an OpenShift cluster, you will need the following:

  1. The SF-Operator must be installed on the cluster. Ask your cluster admin whether it is the case or not; or if you are allowed to install it on the cluster, follow the Operator's installation steps in the documentation.
  2. A valid kubeconfig file, for a user with enough rights to create a namespace (optional) and enable privileged SCCs on the target namespace.

Installation

We recommend using a dedicated namespace to deploy your Software Factory. Furthermore, only one instance of a Software Factory must be deployed per namespace due to name and label collisions.

Note

Currently, the namespace must allow privileged containers to run. Indeed the zuul-executor container requires extra privileges because of bubblewrap.

Note

The zuul-executor deployment can be disabled via the CRD. Doing so the privileged SCC is not required. The zuul-executor component can be deployed externally to the control plane where privileged SCC is allowed. See the section External executor.

In this example we will create a dedicated namespace called sf. Then the next command below configure privileged access on this namespace; modify the command as needed if using a different namespace.

Note

Note that these commands might need to be run by a user with enough privileges to create and modify namespaces and policies.

kubectl create namespace sf
oc adm policy add-scc-to-user privileged system:serviceaccount:sf:default

Create a SoftwareFactory Custom Resource as a file named my-sf.yaml. Here is a minimal example that uses a default configuration; only the base FQDN for the services is mandatory:

apiVersion: sf.softwarefactory-project.io/v1
kind: SoftwareFactory
metadata:
  name: my-sf
  namespace: sf
spec:
  fqdn: "sfop.me"

then create the resource with:

kubectl -n sf create -f my-sf.yaml

After some time, a resource called my-sf will appear as READY: 

kubectl -n sf get sf
NAME    READY
my-sf   true

The sf-operator does not handle the Route/Ingresss installation.

The following resource can be applied in the namespace to setup a Route and redirects traffic to the gateway service.

apiVersion: route.openshift.io/v1
kind: Route
metadata:
  name: gateway
  namespace: sf
spec:
  host: sfop.me
  path: /
  port:
    targetPort: 8080
  to:
    Kind: Service
    name: gateway
  tls:
    insecureEdgeTerminationPolicy: Redirect
    termination: edge

On the "Route/Ingress" resource is up, here is the lists of available endpoints:

  • https://sfop.me/zuul
  • https://sfop.me/logs
  • https://sfop.me/nodepool/api/image-list
  • https://sfop.me/nodepool/builds

At that point you have successfully deployed a SoftwareFactory instance. You can access the Zuul Web UI at https://sfop.me/zuul.

Next steps

To finalize the deployment, you'll need to set up a config repository.