Sign up to the Arctiq Newsletter to stay up to date on the latest blogs, events and news
Subscribe to Newsletter
An outlined icon of an X
left arrow icon
Back to Blogs
May 1, 2020
Marek Anderson

Unleash Your Worker Nodes on OpenShift 4.3 and GCP

With the OpenShift Container Platform (OCP) release 4.1 in June 2019, Red Hat introduced Infrastructure MachineSets. These sets allow you to host only infrastructure components, such as:

  • The default router
  • The container image registry
  • The cluster metrics collection, or monitoring service
  • Cluster aggregated logging

An Infrastructure MachineSet consists of Machine resources (kind: Machine). These Machine resources spin up new virtual machines in your cloud.

Specific Kubernetes labels can be applied to these machines to move one or more of the above mentioned infrastructure components to run on only those machines.

The kicker: The infrastructure nodes do not count towards the number of subscriptions that are required to run the environment!

Unleashing Worker Nodes

Worker nodes in the OCP cluster must be covered by subscriptions and their primary purpose is to run your application workloads. To free resources from these worker nodes, which normally run the OCP infrastructure components, it is beneficial to move the infrastructure components to dedicated infrastructure nodes.

So let's get started.

Creating an Infrastructure MachineSet for Production

For a production-ready deployment, it is recommended to deploy three MachineSets at minimum to run infrastructure components. The aggregated logging solution, i.e., ElasticSearch, requires three instances that run on different nodes. Since each MachineSet is assigned to one availability zone of the (public) cloud provider only, deploy three MachineSets at minimum.

For demonstration purposes, we will limit the scope to only one MachineSet in the next section.

Defining the MachineSet Custom Resource for the Google Cloud Platform

Once your OCP cluster is deployed to your Google Cloud Platform (GCP) project, you can create your first MachineSet to move infrastructure components. Sidenote: OCP 4.3 supports the installer provisioned infrastructure (IPI) installation method to pre-existing Virtual Private Clouds (VPC) and subnets. Choose the GCP region in which you deployed your OCP4 cluster. Then, select a GCP zone within that region to deploy the MachineSet.

Note: Double-check that the GCP zone actually exists. I tried to deploy to us-east1-a, which does not exist ;-) Unfortunately, no logs or events revealed this to me. Instead, a kind colleague showed me the light.

Please find the YAML-file machineset1.yaml defining the MachineSet below. Change the following values according to your environment:

  • Replace the string myclus-khb5h with your OCP cluster ID
  • Replace region with the region your OCP cluster is in
  • Replace zone with an (existing ;-) ) GCP zone
  • Replace projectID with your GCP project ID
  • Replace serviceAccounts with your service account
  • The name must be unique in your OCP cluster

Now that the YAML-file is prepared, apply it to your cluster.

You can check that the resource is starting to be created.

Further insight on the creation process can be gained with oc describe. It is important to note the output should include the Status: and Events: section; if not, then there is likely an error with the YAML-file.

Now, the GCP console shows the new instance (see below).

{% include image name="ocp4_infrastructure_machinesets_gcp_console.png" position="center" size="XXL" alt="console" %} New infrastructure node

Moving the Container Image Registry

To free resources from the worker node, let's move the container image registry to the newly created infrastructure node.

Since the image registry resource already exists, we will edit the existing config/cluster object and add the infra nodeSelector to move the registry to our new infrastructure node.

Watch the resources being moved:

After a few moments, the original image-registry pod will be removed.

Getting Started

As you can see, after Infrastructure MachineSets have been created, exisiting OCP infrastructure components can be moved easily to the dedicated infrastructure nodes.

Next, try to move the cluster monitoring service, cluster aggregated logging, or the default router to your new infrastructure nodes.

You are now ready to apply this technique in your new and existing OCP4 clusters.

Interested in learning more about the OpenShift journey? //take the first step

Related Posts