Skip to content

Commit

Permalink
self-paced 101 edits
Browse files Browse the repository at this point in the history
  • Loading branch information
@mtspn
mtspn committed Sep 23, 2024
1 parent 9aa0c73 commit 8056ed3
Show file tree
Hide file tree
Showing 6 changed files with 103 additions and 58 deletions.
31 changes: 21 additions & 10 deletions 101-lab/content/00_overview.md
View file
Original file line number Diff line number Diff line change
@@ -1,31 +1,42 @@
# Overview
Welcome!


In these labs you will explore builds, deployments, as well as some common issues with storage provisioning.

These labs will focus on a single 2-tier application based on the popular open source chat utility, Rocket.Chat.

## Special Notes

The training is being delivered in a production Openshift Environment, using the BC Gov's 'Silver' cluster.

The training is being delivered in a production Openshift Environment.

You'll need an IDIR account to complete this course, so if you don't have one please contact your supervisor to arrange one before starting the course.

## Course Format

This course has been designed to be run _at your own pace_. The lab materials have been designed so that you generally follow the happy path for a simple two-tier deployment. There will be many intentional bugs along the way that will have you encounter real-life troubleshooting techniques!
We offer this course in two modes, 'live training' or 'self-paced'.

The course length can vary (based on scheduled). It was designed to be run over a period of a few days rather than just a day or two to have time for isolated touchpoints as well as to provide time for discussion. During that time __touch points__ will be scheduled with the cohort to talk about special topics and to assist in troubleshooting.
If you're attending the live training, we'll run through some background information in a 1-day workshop before the lab begins.

### This course is new!
For the self-paced training, you can view the slides and recordings of them being presented [here](https://docs.google.com/presentation/d/1VNxqtRRECNd4uzZZslpLsdKYYXN70Gpu-jCLCD1yF9Y/edit?usp=sharinghere).

This course has been completely redesigning and will more than likely have its fair share of bugs. If you have anything you longed for please make an [issue](https://github.com/BCDevOps/devops-platform-workshops/issues/new/choose) on github :)
The lab materials have been designed so that you generally follow the happy path for a simple two-tier deployment. There will be many intentional bugs along the way that will have you encounter real-life troubleshooting techniques.

## Who is this for?
__Please be aware the throughout the labs, you will be guided to make common mistakes, and then guide you on how to fix them.__

While we love the idea of everyone getting their hands onto Openshift. The individuals that will get the most value out of the workshop are members that will be performing active developement in Openshift. This includes Application Development as well as Operational Management. The course is __very technical__.
The live training has several live lab sessions scheduled for participants. These offer a chance to explore some additional topics, and to ask questions.

__Please be aware the throughout the labs, you will be guided to make common mistakes, and then guide you on how to fix them.__
### Lab channels

If you register for live training, a rocketchat channel will be created for your cohort. This can be found in the [channel directory](https://chat.developer.gov.bc.ca/directory/channels) and the course are named in this format, based on the starting date `ocp101-YYYY-MM-DD`.

For the self-paced training, please join the [#openshift-101-selfpaced](https://chat.developer.gov.bc.ca/channel/openshift-101-selfpaced) rocketchat channel.

### Problems

This course has been newly redesigned and is constantly evolving with OpenShift updates and changes to the way we work within BC Gov. If you find a problem, or have suggestions please make an [issue](https://github.com/BCDevOps/devops-platform-workshops/issues/new/choose) on github.

## Who is this for?

While we love the idea of everyone getting their hands onto Openshift, the individuals that will get the most value out of the workshop are members that will be performing active development in Openshift. This includes Application Development as well as Operational Management. The course is technical, but does have step-by-step instructions and video guides. The course is open to anyone working with the platform. People with roles such as product owners, data scientists, service designers and many others regularly complete this course.

Next page - [Setup](./01_adding_team_members.md)
27 changes: 17 additions & 10 deletions 101-lab/content/01_adding_team_members.md
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,26 @@
# Adding Team Members
# Adding team members

>Depending on the Lab Format, this section may have already been done. If you are not the 'devops' admins for the openshift 101 dev/tools projects you can check to see if you have access to the projects with `oc projects`. If you have access to the openshift 101 project you will see something like this.
## Namespace access (live training)

In the live training, we ask for volunteer admins to help grant access to the training namespaces for all other members of the lab. If you are not one of the 'devops' admins for the openshift 101 dev/tools projects you can check to see if you have access to the projects with the `oc projects` command in your terminal. If you have access to the openshift 101 project you will see something like this:
>```shell
>* ocp101-june-dev - OpenShift 101 (dev)
> ocp101-june-tools - OpenShift 101 (tools)
>* d8f105-dev - OpenShift 101 (dev)
> d8f105-tools - OpenShift 101 (tools)
>```
## Namespace access (self-paced training)
If you're doing the self-paced training, you can instead request a temporary project set in the [Product Registry](https://registry.developer.gov.bc.ca/private-cloud/products/all).
Make sure you're in the 'Private Cloud OpenShift' tab, then click 'Request a new product'.
Check the box to choose a 'temporary product set'. Please note, your project will be deleted after 30 days, so don't create this until right before you plan to start working on the lab.
You can skip the remaining steps in this section if you're doing the self paced lab, but take note of the instructions below for adding team members. You may need to do this in the future as people join your team and need access.
## Team Permissions
Once all projects have been created by the Platform Services team, the team admin
must navigate to each project and assign your users the appropriate permissions.
## Team Permissions (live training)
As a team, find each project and add the rest of the team members. Feel free to experiment with
the default roles.
When the lab begins, our volunteer admins will navigate to each project and assign everyone else the appropriate permissions.
<kbd>![](./images/01_projects.png)</kbd>
Expand All @@ -23,7 +30,7 @@ the default roles.
<kbd>![](./images/01_add_access.png)</kbd>
- Add each user based on their GitHub id. Please note that we are using SSO with GitHub login at the moment, don't forget the suffix `@github`!
- Add each user based on their GitHub id, granting 'edit' access. Please note that we are using SSO with GitHub login at the moment, don't forget the suffix `@github`!
<kbd>![](./images/01_edit.png)</kbd>
Expand Down
33 changes: 8 additions & 25 deletions 101-lab/content/01_setup.md
View file
Original file line number Diff line number Diff line change
@@ -1,26 +1,21 @@
# Lab Setup
Prior to working on labs, the Platform Services team will have created 2
projects:
- ocp101-tools: This namespace/project will have all of the builds related objects
- ocp101-dev: This namespace/project will have all the deployment related objects
# Lab Setup

One member from your group has been given administrative rights to the projects
and is responsible for adding all other members to each project.
Throughout the lab, we use two namespaces/projects:
- d8f105-tools: This namespace/project will have all of the builds related objects
- d8f105-dev: This namespace/project will have all the deployment related objects

NOTE: the actual name of the namespaces may vary, and `ocp101` may be a sequence of random characters.
If you're doing the self-paced training, use the `tools` and `dev` namespace that you created.

---
Assign yourself a unique name to be used during your application deployments.
**Do not copy the application names directly from the lab guides** as you are in a
shared environment with the rest of your team.

For example, if the lab says to create an application named `app1-[username]`, I
would create an app named `app1-stewartshea`.
For example, if the lab says to create an application named `app1-[username]`, I would create an app named `app1-stewartshea`. This follows for any commands written in square grackets throughout the lab.

## Lab Requirements
These labs will require access to the lab ocp environment:
- [Silver Web Console](https://console.apps.silver.devops.gov.bc.ca/)

Access requires an IDIR account. You can log in directly via IDIR (preferred), or alternatively if your github account is a member of the `bcgov` github organisation and linked to an IDIR, you can login with github.

## Installing OC

Expand All @@ -31,18 +26,7 @@ __If you have `oc`__ installed run `oc version`. It should look something like t
Client Version: openshift-clients-4.6.0-202006250705.p0-176-g5797eaeca
```

__If you do not have `oc` installed__ or your version is incorrect follow these instructions.

1. Option 1:
If you have access to the Openshift cluster you can simply download directly from the console
<kbd>![cluster download link](./images/01_setup_cli_tools.png)</kbd>

2. Option 2:
Alternatively, navigate to the [Openshift CLI Mirror](https://mirror.openshift.com/pub/openshift-v4/clients/ocp/) and download the version of `oc` that matches your operating system.

> For Linux/Mac users that may be working with multiple versions of `oc`, it is helpful to have both versions of `oc` (3.xx/4.xx) on your machine. You can create an `alias` to `oc 3.xx` instead of adding it to your path. This way you can utilize the different versions for different OpenShift environment.
3. Unpack `oc` into a place that is easily reference-able from a command line interface or add it to your `PATH`
__If you do not have `oc` installed__ or your version is incorrect follow these [instructions](https://developer.gov.bc.ca/docs/default/component/platform-developer-docs/docs/openshift-projects-and-access/install-the-oc-command-line-tool/).

## Login with OC command line

Expand All @@ -61,7 +45,6 @@ Alternatively, navigate to the [Openshift CLI Mirror](https://mirror.openshift.c

In addition, developers require GIT locally installed and must have a 2FA device to support access to GitHub.


## Command Line Interfaces

You will find many examples `commands` and _tricks_ that highly depend on your OS. These commands were developed on __unix__ based systems. Window's __Command Prompt__ will not work with these examples. You will need to either use __WSL__, __Powershell__, __Gitbash__, or similar.
Expand Down
2 changes: 1 addition & 1 deletion 101-lab/content/01b_web_console_overview.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# OCP 4 Web Console

If you have previous experience with Openshift (version 3.11) the web console is going to look very different
If you have previous experience with an old version of Openshift (version 3) the web console is going to look very different
to what you are used to.

## Highlights
Expand Down
62 changes: 53 additions & 9 deletions 101-lab/content/03_deployment.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -227,7 +227,7 @@ oc -n [-dev] set env deployment/rocketchat-[username] "MONGO_URL=mongodb://dbuse


#### STRETCH: Sensitive Configurations
> this is a stretch exercise, completing this section is not a requirement for the next section of the lab
> this step is a stretch exercise, completing this section is not a requirement for the next section of the lab
If you are feeling at odds with things like __dbpass__ being out in the open as an environment variable. That is a good thing! For demonstration purposes you are creating a `Single Value Env`. Sensitive information like passwords should be stored in a `Secret` and referenced as `envFrom`. In addition, you can also use the [Downward API](https://docs.openshift.com/container-platform/4.4/nodes/containers/nodes-containers-downward-api.html#nodes-containers-downward-api-container-secrets_nodes-containers-downward-api) to refer to the secret created by MongoDB.

Expand All @@ -248,12 +248,63 @@ brew install jq`
# Check environment variables configuration
oc -n [-dev] get deployment/rocketchat-[username] -o json | jq '.spec.template.spec.containers[].env'
```
## Network policies (self-paced training)

**Note: if you're doing the live training in the d8f105-dev and d8f105-tools namespaces, skip this step**
In your dev namespace, create the following network policies, replacing [-dev] with the name of your dev namespace.

```
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-from-openshift-ingress
namespace: [-dev]
spec:
podSelector: {}
ingress:
- from:
- namespaceSelector:
matchLabels:
network.openshift.io/policy-group: ingress
policyTypes:
- Ingress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-same-namespace
namespace: [-dev]
spec:
podSelector: {}
ingress:
- from:
- podSelector: {}
policyTypes:
- Ingress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: intra-namespace-comms
namespace: [-dev]
spec:
podSelector: {}
ingress:
- from:
- namespaceSelector:
matchLabels:
environment: tools
name: [licenseplate]
policyTypes:
- Ingress
```

You can do this by selecting your dev namespace in the web console. Click on the '+add' menu option. Paste the YAML above into window, and edit the namespace name and licenseplate to match your namespace. The licenseplate is the 6-digit alphanumeric part of the namespace name.

## Create a Route for your Rocket.Chat App
Your rocketchat application may already have a route created for it. If you were using `oc new-app` however, a route would not have been created by default.

### CLI

You can create a secure https route using:

```oc:cli
Expand Down Expand Up @@ -284,14 +335,9 @@ Alternatively, you can use the web console to create or manage routes.
- You can check this by killing the pod, waiting for the pod to redeploy and be `ready` and then visit your
Rocket Chat url.




<kbd>![](./images/03_deploy_pod_delete_01.png)</kbd>
<kbd>![](./images/03_deploy_pod_delete_02.png)</kbd>



### Adding a Healthcheck
A container that is marked `ready` when it is not is an indication of a lack of (or misconfigured) healthcheck.

Expand All @@ -300,10 +346,8 @@ You can add a healthcheck for `readiness` and `liveness`.
### Using cli
```oc:cli
oc -n [-dev] set probe deployment/rocketchat-[username] --readiness --get-url=http://:3000/ --initial-delay-seconds=15
```


### Summary

You added a __readiness__ check to the `rocketchat-[username]` deployment so that you no longer have a false positive of when the pod should be considered available. By default pods are considered to be 'ready' when the container starts up and the entrypoint script is running. This however is not useful for things like webservers or databases! Not only do you need the entrypoint script to run but you need to wait for the server to listen on a port.
Expand Down
6 changes: 3 additions & 3 deletions 101-lab/content/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

# Welcome to the Openshift 101 Lab

This lab has been designed as a do-it-at-your-own pace set of exercises. These exercsises are designed to support the material covered in the OpenShift 101 Workshop. Refer back to the [OpenShift 101 Workshop Slides](https://docs.google.com/presentation/d/1VNxqtRRECNd4uzZZslpLsdKYYXN70Gpu-jCLCD1yF9Y) as you work through the lab.
This lab has been designed as a do-it-at-your-own pace set of exercises. These exercises are designed to support the material covered in the OpenShift 101 Workshop. Refer back to the [OpenShift 101 Workshop Slides](https://docs.google.com/presentation/d/1VNxqtRRECNd4uzZZslpLsdKYYXN70Gpu-jCLCD1yF9Y) as you work through the lab.

During the lab period, you are provided a set of training namespaces in an OpenShift environment to perform your work. You are apart of a cohort! So share, collaborate, and problem solve together as you would if you were all apart of the same project team :)

Expand All @@ -14,7 +14,7 @@ The lab follows a continuous improvement model. This means we track suggestions,

## Get prepared for

- hands on exerecises using the tools that are commonly leveraged by teams when working on the platform
- hands on exercises using the tools that are commonly leveraged by teams when working on the platform
- running into issues as you debug the build and deployment of a RocketChat Application

## Unknown Territory
Expand All @@ -23,7 +23,7 @@ The OCP 101 Lab was initially delivered as a 2 day session pre-covid. The delive

## Touch Points and Support

You are not alone! The lab, when scheduled, has at least one touch point scheduled mid way to address any questions/concerns. There is also a RocketChat channel that will be created specifically for the scheduled lab to be used by the cohort and facilitators.
You are not alone! The lab for the live training has touch points scheduled along the way to address any questions/concerns. There is also a RocketChat channel that will be created specifically for the scheduled lab to be used by the cohort and facilitators.

## Table of Contents:

Expand Down

0 comments on commit 8056ed3

Please sign in to comment.