Install OpenShift in Fedora 31 with Container Development Kit CDK 3.11

CDK is the Container Developer Toolkit from Red Hat. It allows to setup RHEL based OpenShift.

The guide I followed is at:

https://developers.redhat.com/products/cdk/overview

The guide does not mention that you can install CDK in Fedora as it does specifically mention that supports installation in RHEL, macOS and Windows.

For this you will need to meet the following prerequisites:

  • KVM with libvirtd service or
  • VirtualBox (In my case, libvirtd was broken so I tested with Oracle VirtualBox 6.1.4)
  • RedHat Developer Subscription

The first step is to download minishift version for OpenShift: cdk-3.11.0-1-minishift-linux-amd64

Rename this file to minishift and then run:

minishift setup-cdk 

Then with the start option.

minishift start --memory 12G
minishift start with 12GB
minishift start. Continuation…
minishift start. Continuation
minishift start. Note instructions to log into console.

Launch console

minishift console
Launching console…

Then you will be able to log into cluster

minishift console after logging with developer user

The catalog looks impressive to me.

Please, note that:

CDK installs a single node OpenShift cluster. The version deployed is 3.11.157, this versions uses Kubernetes 1.11.

The latest version for Openshift is 4.3 and the latest version for Kubernetes is 1.17. (As March 2020). Openshift 4.3, however, uses Kubernetes 1.16.Apparently there is no CDK for OpenShift 4.x. It looks to me that the way to install a Development Environment is by using Red Hat Code Ready Containers.

https://www.openshift.com/try

Openshift vs Kubernetes

I want to describe the challenges one have to face when learning kubernetes. It turns out that is not that easy to describe what kubernetes is.

After digging a little bit the internet, I wanted to try kubernetes. The number of options available is outrageous. By chance, I opted to use Red Hat Open Container Kit. I learned this is a streamlined version of OpenShift which is the enterprise version of kubernetes from redhat.

Red Hat Open Container also is a streamlined version for minishift.

minishift will create a VM with kubernetes and docker setup for you. You have two options to setup minishift with virtualization. Either you use VirtualBox driver or kvm/libvirt. I wanted to use kvm/libvirt in my laptop with Fedora 31. I realized libvirtd is broken in my fedora 31 setup. So I was forced to use Virtual Box driver.

I also noticed this version of CDK only supports openshift 3 while RH is already in Openshift v4.

What I found confusing is the use of docker in CDK. While RedHat is pushing the use of cri-o and podman instead of docker. Add to the confusion the okd project.

Anyway I think is a little bit oudated the use of CDK, but let’s give it a try as it looks as a good start to learn about kubernetes.

I found this link which helped me to understand better:

https://cloudowski.com/articles/10-differences-between-openshift-and-kubernetes/

So the first step is to download cdk-3.11.0-1-minishift-linux-amd64

openshift console command launching web console after logging with developer user

Protocol Buffers in go

If you want to get started quickly with Google Protocol Buffers in the Go Programming Language lets follow the guide from

https://developers.google.com/protocol-buffers/docs/gotutorial

First we download from GitHub protocolbuf project:

git clone https://github.com/protocolbuffers/protobuf.git

Then we setup our Go project.

mkdir -p ~/protobuf/src/github.com/protocolbuffers/protobuf/examples/

From git repo, locate examples folder

cd ~/GIT/protobuf/examples

Then copy the source code to our Go project:

cp Makefile ~/protobuf/src/github.com/protocolbuffers/protobuf/examples
cp *go ~/protobuf/src/github.com/protocolbuffers/protobuf/examples
cp *proto ~/protobuf/src/github.com/protocolbuffers/protobuf/examples

Setup the GOHOME variable

export GOPATH=~/protobuf

Then we install protobuf protoc compiler: Download protoc from following location then unzip in your preferred folder

https://github.com/protocolbuffers/protobuf/releases

For instance I unzip into my protoc folder:

Unzipping protoc compiler

Update your path to locate protoc

export PATH=~/protoc/bin:$PATH

Then we install go plugin

go get -u github.com/golang/protobuf/protoc-gen-go

Update your path to locate protoc-gen-go. (Installed in previous step by go get)

export PATH=~/protobuf/bin:$PATH

This is the go project setup, now lets build the tutorial.

Go to examples folder

cd ~/protobuf/src/github.com/protocolbuffers/protobuf/examples
make clean
make go
Building Go Tutorial

Running the sample

Adding records
Listing records

Create gcp YouTube api key for mpsyt

After running mpsyt for a while, I started to face an issue with the latest branch:

Looking for “Tiesto” media

The following error was coming up when trying to search:

Error fetching data. Possible network issue.
Youtube Error 403: The request cannot be completed because you have exceeded your quota.


No results from search comman

Then, looking into mpsyt github repo you can find there the solution:

https://github.com/mps-youtube/mps-youtube/wiki/Troubleshooting

You will need to create from Google Cloud Platform key to access YouTube v3 API.

Go to GCP console, from your project create an API key for YouTube V3:

GCP console. YouTube Data API v3

Once you generate API v3, (I selected one for cli), I updated mpsyt client with the new key:

set api_key command inside mpsyt

Voila, now I’m able to use mpsyt downloder again to access my favorite stuff:

Migrating my docker containers to podman

In older posts, I showed how to create wordpress personal blog with docker. In particular, this website is hosted in my laptop using docker containers hosted in Fedora. Everything was good until I updated Fedora to version 31. Long story short, I was not able to start my containers with Fedora 31. The reason is that docker does not support cgroups v2. A new feature incorporated in latest kernels for Fedora 31. In order to star my containers the only available solution at this time is to revert kernel to use cgroups v1.

I’ll talk about control groups or cgroups in next post. Now, I’ll describe what I had to do migrate this web site from docker to podman.

The simple idea to remove docker daemon to manage containers sounds good to me, for that reason, and because I like new developments I would prefer to stay with original kernel setup in Fedora 31.

I have to be honest, in order to have this migration to work I relied on 2 laptops. Both with Fedora 31, but the one hosting docker with the change in kernel to switch to the use of cgroups v1. I needed a running docker version of my wordpress installation in order to migrate images.

So, I decided to migrate my wordpress website using docker with Fedora 31 and cgroups v1 to a new computer with Fedora 31 cgroups v2 and podman.

The theory is simple, as showed in samples from podman guides. In practice, I did face some issues:

From the machine running docker:

save mysql docker cotainer as a tar file

save wordpress docker container as a tar file

save volumes from linux filesystem used by mysql and wordpress db.

From the machine with podman:

copy tar files for container and volumes to machine

load images with podman.

create new containers from images

start containers.

The list of steps is really simple. However, the one big issue I faced was starting wordpress image in podman. The container will not start under podman because the http server inside docker image is using port 80. podman won’t be able to start this container because this restriction.

What I had to do was to go back to docker image for wordpress, edit the apache config files to change port from 80 to 8080. Save the container as a new image and then import this image to podman.

There are 2 ways to export a docker container, as a container or as an image. I selected the method for image then I create a container starting from the image.

Look at the current state of my docker containers in fedora 31 after I change kernel setup to use cgroups v1:

docker ps
Current containers

These are my old containers hosting this wordpress blog. Beware here, look at the ports section and notice how host port 80 is mapped to container port 80. If we export this container as is, this won’t be correctly handled by podman. Actually, podman will complain that container is using privileged port 80 and as podman is not run with root privileges you will not be able to launch the wordpress container hosting apache httpd with podman.

Let me show with images this scenario. Before this, lets migrate wordpressdb container. You take your container and then by using save or export docker commands you create a tar file. STOP here, you need to decide if you want to export a container or an image. Notice, that if you export an image then you need to import the image in podman and create a container from image. If you export a container from docker then you will import a container as well in podman.

For my mariadb container I would use both options, but for wordpress container hosting apache as well I will need to use the import/export image option.

docker save -o /tmp/wordpress.img wordpress

Note that we are saving the image wordpress as a tar file. The wordpress parameter is the name or the image.

Creating tar of image

Now lets move to computer with podman, in this machine we will use tar file and backup of volume to migrate image.

Rules to pronounce french

There are 23 consonant sounds.

Il y a 23 sons de consonnes.

Er zijn 23 – geluiden.

There are 16 vowel sounds. Il y a 16 sons de voyelles. Er zijn 16 -geluiden. Es gibt 16 Vokaletone.

We only need 3 new consonant sounds and 10 new vowel sounds.

NG – aGNeaux – lamb

R – Roue – wheel

u – hUit

a – patte – leg/paw/hoof

i

long i – smiling, like see y, fini, si.

y

like u – like see with rounded lips

chute, rue, tu

u

like double oo in boot

coup, clown, roue

e

like play

marcher, chez, pied

o

like o u

jeuner, queue, ceux

o

haut, tot, so

Rules to pronounce correctly dutch

a – short a.

When a syllable containing a ends with a consonant. i.e. kat, kat-en.

aa – long a.

Of course, when a syllable contains aa. i.e. raam.

or a not followed by a constant. i.e. ra-men.

e – short e.

i.e. gek.

ee – long e.

Sounds like long e with smiling mouth. i.e. veel.

Exception een. double e sounds like short e.

Een with long sound is the number one in dutch. (Één).

i – short i. i.e. kip

ie – long i. i.e. lief

o – short o. i.e. bos.

oo – long o. i.e. boom.

u – short u. oh bus

uu – long u. i.e. muur u francersa

Diptongs:

ei

ij

exception: termination lijk. Sounds like luck in english.

moeilijk, duidelijk, gemakkelijk, lelijk

ou – au . Sounds like au. i.e. koud. pauze

oe = u. i.e. koe, mou

ui – Sound like oui. i.e. huis

eu- e francesa

leuk

Other sounds:

b at end sounds like p. i.e.

d at end sounds like t. i.e.

s+j. sch i.e. meisje girl

mongod server under the hood

In the previous post I built mongodb from source. We have an image file from Fedora in elf format with debug information embedded in file.

I already have the code, so use your favorite editor to browse the code. In my case I use VisualStudio code:

I will load the mongod executable with gdb:

Provide initial arguments to mongod with gdb:

set args –dbpath=/home/albertop/mongodb

set breakpoint at main:

then run the beast:

Step the source code. the main() function is embedded in db.cpp file. This file has the entry point for mongod service.

One interesting point is that the thread to serve client request is launched here, the main logic for this thread is contained in transport_layer_asio.cpp file.

Set a breakpoint in start method from this file:

Install mongodb from git in Fedora 29

Although the usual method to install mongodb in Fedora is by using official Fedora repo, I’ll install mongodb from official mongodb github repo.

git clone https://github.com/mongodb/mongo.git

Make sure you have python3 from Fedora, in my case I disabled use of Anaconda.

pip3 install -r etc/pip/compile-requirements.txt

This will install python3 dependencies in your system. Beware of following errors:

gcc: error: /usr/lib/rpm/redhat/redhat-hardened-cc1: No such file or directory
error: command 'gcc' failed with exit status 1

Use dnf search to look for missing packages.

install sudo dnf install redhat-rpm-config-118-1.fc29.noarch

Python.h missing:

psutil/_psutil_common.c:9:10: fatal error: Python.h: No such file or directory
#include
^~~~~~
compilation terminated.
error: command 'gcc' failed with exit status 1

Again, use dnf search to look for Python.h

sudo dnf install python3-devel-3.7.3-1.fc29.x86_64
sudo dnf install scons
sudo dnf install python3-scons
 sudo dnf install g++

Now, use scons.py, this script is similar to unix build tools automake/autoconf:

python3 buildscripts/scons.py [mongo | all ]

Fix errors from scons stage:

Traceback (most recent call last):
File "src/mongo/base/generate_error_codes.py", line 45, in
from Cheetah.Template import Template
ModuleNotFoundError: No module named 'Cheetah'

Cheetah was installed at beginning but not found because I was using python3 from Anaconda installation. I removed Anaconda from my path.

Install this package:

sudo dnf install gcc-aarch64-linux-gnu-8.1.1-3.fc29.x86_64

After fixing all build errors you will get mongod binary:

Skipping ranlib for thin archive build/opt/mongo/db/commands/libstandalone.a
Linking build/opt/mongo/mongod
Install file: "build/opt/mongo/mongod" as "mongod"
scons: done building targets.

Beware that using “all” parameter will create mongod, mongo. mongos and mongo-tests. Together, 200 GB will be used by this build.

If you want to install only mongod server:

python3 buildscripts/scons.py mongod

Note that this build will create fedora binary with debug information. That’s ok because next post will walk-through mongod source code.

Add VPN to docker container

Your docker container tries to get access to external VPN.

The docker container will use bridge to talk to host or other containers by default.

It looks like default bridge defaults to localhost so for our case we are going to map new bridge to IP address assigned by VPN.

"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},