Cloud Experts Documentation

Deploying a ROSA HCP cluster with Terraform

This content is authored by Red Hat experts, but has not yet been tested on every supported configuration.

This guide will walk you through deploying a ROSA HCP cluster using Terraform. This is a great way to get started with ROSA and to automate the deployment of your clusters.

Pre-requisites

  • You need the git binary installed on your machine. You can download it from the git websiteexternal link (opens in new tab) .

  • You need to have the terraform binary installed on your machine. You can download it from the Terraform websiteexternal link (opens in new tab) .

  • You need to have the jq binary installed on your machine. You can download it from the jq websiteexternal link (opens in new tab) .

  • You need to have the oc binary installed on your machine. You can download it from the OpenShift website .

  • You need to have the rosa binary installed on your machine. You can download it from the ROSA website .

  • You need to have an OpenShift Cluster Manager (OCM) account. You can sign up for an account on the OCM website .

  • Get an OCM API token. You can do this by logging into OCM and going to the API tokens page .

  • You need to log in to OCM and create a refresh token. You can do this by running the following command:

    rosa login
    

    Use the OCM API token you created in the previous step to log in.

HCP ROSA Cluster

  1. Clone down the terraform repository

    git clone --depth=1 https://github.com/rh-mobb/terraform-rosa.git
    cd terraform-rosa
    
  2. Save some environment variables

    Mac

    export TF_VAR_token="$(jq -r .refresh_token ~/Library/Application\ Support/ocm/ocm.json)"
    

    Linux

    export TF_VAR_token="$(jq -r .refresh_token ~/.config/ocm/ocm.json)"
    

    Note: You may want to customize some of these settings to match your needs. see the variables.tf file for options.

    export TF_VAR_cluster_name="$(whoami)-hcp"
    export TF_VAR_admin_password='Passw0rd12345!'
    export TF_VAR_developer_password=''
    export TF_VAR_private=false
    export TF_VAR_hosted_control_plane=true
    export TF_VAR_multi_az=true
    
  3. Create a Plan and Apply it

    terraform init && \
      terraform plan -out tf.plan && \
      terraform apply tf.plan
    

    If everything goes to plan, after about 20 minutes you should have a cluster available to use.

    Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
    
    Outputs:
    
    cluster_api_url = "https://api.pczarkow-virt.nga3.p3.openshiftapps.com:443"
    oidc_config_id = "2b607a5ufsjc51g41ul07k5vj12v7ivb"
    oidc_endpoint_url = "2b607a5ufsjc51g41ul07k5vj12v7ivb"
    private_subnet_azs = tolist([
      "us-east-1a",
    ])
    private_subnet_ids = tolist([
      "subnet-09adee841dd979fdb",
    ])
    public_subnet_azs = tolist([
      "us-east-1a",
    ])
    public_subnet_ids = tolist([
      "subnet-0dca7ed3cddf65d87",
    ])
    vpc_id = "vpc-0df19c93b93721ada"
    
  4. Log into OpenShift

    oc login $(terraform output -raw cluster_api_url) \
            --username admin --password $TF_VAR_admin_password
    

Interested in contributing to these docs?

Collaboration drives progress. Help improve our documentation The Red Hat Way.

Red Hat logo LinkedIn YouTube Facebook Twitter

Products

Tools

Try, buy & sell

Communicate

About Red Hat

We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Subscribe to our newsletter, Red Hat Shares

Sign up now
© 2023 Red Hat, Inc.