Deploy Oracle Blockchain Platform Enterprise Edition on Azure Red Hat OpenShift
You can install Oracle Blockchain Platform Enterprise Edition on Azure Red Hat OpenShift. OpenShift is Red Hat's enterprise Kubernetes platform that enhances standard Kubernetes with a suite of tools for building, deploying, and managing containerized applications at scale. Azure Red Hat OpenShift is a fully managed OpenShift service on Microsoft Azure.
The instructions in this topic are a guideline suggesting how you might deploy Oracle Blockchain Platform Enterprise Edition on Azure Red Hat OpenShift. Before actually attempting this, particularly for production environments, you should familiarize yourself with the Azure Red Hat OpenShift documentation which supersedes any information in this topic.
- Azure Red Hat OpenShift: About Azure Red Hat OpenShift
- Azure Red Hat OpenShift documentation: Azure Red Hat OpenShift documentation
Create a Red Hat OpenShift Cluster on Microsoft Azure
Recommended minimum specifications for your Azure Red Hat OpenShift Cluster.
Create a Azure Red Hat OpenShift cluster using the Azure documentation as a guide: Create an Azure Red Hat OpenShift cluster
You'll need to create the following:
- Control plane VMs: three Standard_D8s_v3
- Worker node VMs: four Standard_D4s_v3
- Generate a Red Hat pull secret.
Install Oracle Blockchain Platform Enterprise Edition
The images needed for Oracle Blockchain Platform deployment are stored in a Docker repository before being pushed to the Microsoft Azure VMs. We recommend installing from a Cloud Linux VM that's as geographically as close as possible to the region where your software will be installed. Local storage for the Docker images should be approximately 100GB.
- Open your OpenShift cluster console.
- Select
kube:adminthenCopy login command. You'll be prompted for your user ID and password.Click Display Token. Copy the Log in with this token command and paste it in the OpenShift command-line interface.$ oc login --token=<token> --server=<openshift_cluster_url> - Verfiy that you're connected to OpenShift.
This command should return the list of master and worker nodes and their status.oc get nodes - Set the istio profile. You must have completed the steps in Install Istio before running the following commands.
istioctl install --set profile=openshift --set values.pilot.env.ENABLE_TLS_ON_SIDECAR_INGRESS=true --set components.cni.enabled=true --set values.cni.repair.deletePods="true" - Download Oracle Blockchain Platform: Oracle Blockchain Platform.
- Extract the zip package and find the
runmescript for OpenShift. - Update the
runme-input.yamlfile with the required values. The following examplerunme-input.yamlfile can be used as reference:
In the previous example, the variables are defined as shown in the following list:imageRegistryConfiguration: registry: <container_registry_name.azurecr.io> imageTagPrefix: <container-image-repository-prefix.azurecr.io/bcs-k8s-dev > username: <container-registry-username> imageReleaseVersion: 24.1.3-20240723083137 # storageClassName should be set to create a dynamic persistent volume. If empty, default storageClass is used. controlPlaneStorage: storageClassName: # Example 500Mi, 5Gi size: 10Gi parentDomainName: example.com #imagePullTimeout: Use this field to customize the wait time (in seconds) for pulling the required container images from the repository. Default is 1800 seconds. imagePullTimeout: 1800imageRegistryConfiguration.registry: Container registry server to use.imageRegistryConfiguration.imageTagPrefix: Container base repository path with the registry, where the images will be pushed to and pulled from. Example:registryname.azurecr.io/obpee/bcsimageRegistryConfiguration.username: Container registry login user name. For Azure it is the container registry token.imageReleaseVersion- Oracle Blockchain Platform Enterprise Edition release versioncontrolPlaneStorage.storageClassName: Kubernetes storage class to use for PVC (PersistentVolumeClaim). If empty, the defaultstorageClassis usedcontrolPlaneStorage.size: PVC size for Blockchain Platform Manager (control plane) servicesparentDomainName: Domain name to use for Blockchain Platform Manager services. Example:example.comimagePullTimeout: Image pull wait timeout in seconds during Oracle Blockchain Platform Enterprise Edition installation. Default is 1800 seconds.
- Open
runme_openshift.shin an editor, and comment out the following two lines:openshift_status_checkcheck_software_exists "crc"
- Run
runme_openshift.shand complete the steps as prompted:
The prompts you'll encounter:chmod +x runme_openshift.sh ./runme_openshift.sh --publish-images # The publish-images option uploads the containers to the container image registry specified in runme-input.yaml # Running the script without this option pulls images you've already pre-uploaded from the repository specified in runme-input.yaml- Enter OpenLDAP admin password - This will be used by Blockchain Platform Manager and users will be created on this OpenLDAP server.
- Enter Control Plane Admin password - This password will be for the Oracle Blockchain Platform admin user and will be used for first time log in into the Blockhain Platform Manager console.
- Enter the registry login password for the user specified in
run-input.yaml- This is used to connect to the container repository. - The script installs the following services under the
obp-cpnamespace:control-planeopenldapobp-auth-serverobp-operatorhlf-operator
- Get the Istio ingress gateway service's external IP address:
kubectl get svc/istio-ingressgateway -n istio-system - Add the following line as required to one of these files on the host used to connect to the Blockchain Platform Manager console:
- Linux or macOS:
/etc/hosts - Windows:
C:\Windows\system32\drivers\etc\hosts
where<public_svc_ip> controlplane.<parentDomainName> openldap.<parentDomainName> auth.<parentDomainName><public_svc_ip>is the public, external IP address from the previous step. - Linux or macOS:
Postrequisites
You're now ready to log on to the Oracle Blockchain Platform for the first time and provision an instance.