Cloud Experts Documentation

Deploying a ROSA HCP cluster with Terraform

Last edited
Published
Authors
Paul Czarkowski
Tags: hcp ROSA terraform

This content is authored by Red Hat experts, but has not yet been tested on every supported configuration.

This guide will walk you through deploying a ROSA cluster using Terraform. This is a great way to get started with ROSA and to automate the deployment of your clusters.

Pre-requisites

  • You need the git binary installed on your machine. You can download it from the git websiteexternal link (opens in new tab) .

  • You need to have the terraform binary installed on your machine. You can download it from the Terraform websiteexternal link (opens in new tab) .

  • You need to have the jq binary installed on your machine. You can download it from the jq websiteexternal link (opens in new tab) .

  • You need to have the oc binary installed on your machine. You can download it from the OpenShift website .

  • You need to have the rosa binary installed on your machine. You can download it from the ROSA website .

  • You need to have an OpenShift Cluster Manager (OCM) account. You can sign up for an account on the OCM website .

  • Get an OCM API token. You can do this by logging into OCM and going to the API tokens page .

  • You need to log in to OCM and create a refresh token. You can do this by running the following command:

    Copy
    rosa login

    Use the OCM API token you created in the previous step to log in.

HCP ROSA Cluster

  1. Clone down the terraform repository

    Copy
    git clone --depth=1 https://github.com/rh-mobb/terraform-rosa.git
cd terraform-rosa

  2. Save some environment variables

    Note: You may want to customize some of these settings to match your needs. see the variables.tf file for options.

    Copy
    export TF_VAR_token="$(jq -r .refresh_token ~/.config/ocm/ocm.json)"
export TF_VAR_cluster_name="$(whoami)-hcp"
export TF_VAR_admin_password='Passw0rd12345!'
export TF_VAR_developer_password=''
export TF_VAR_private=false
export TF_VAR_ocp_version=4.15.11
export TF_VAR_hosted_control_plane=true
export TF_VAR_multi_az=true

  3. Create a Plan and Apply it

    Copy
    terraform init

terraform plan -out tf.plan

terraform apply tf.plan

    If everything goes to plan, after about 20 minutes you should have a cluster available to use.

    Copy
    Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Outputs:

cluster_api_url = "https://api.pczarkow-virt.nga3.p3.openshiftapps.com:443"
oidc_config_id = "2b607a5ufsjc51g41ul07k5vj12v7ivb"
oidc_endpoint_url = "2b607a5ufsjc51g41ul07k5vj12v7ivb"
private_subnet_azs = tolist([
  "us-east-1a",
])
private_subnet_ids = tolist([
  "subnet-09adee841dd979fdb",
])
public_subnet_azs = tolist([
  "us-east-1a",
])
public_subnet_ids = tolist([
  "subnet-0dca7ed3cddf65d87",
])
vpc_id = "vpc-0df19c93b93721ada"

  4. Log into OpenShift

    Copy
    oc login $(terraform output -raw cluster_api_url) \
        --username admin --password $TF_VAR_admin_password

Interested in contributing to these docs?

Collaboration drives progress. Help improve our documentation The Red Hat Way.

GitHub Edit this page
Red Hat logo LinkedIn YouTube Facebook

About Red Hat

We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Subscribe to our newsletter, Red Hat Shares

Sign up now © 2023 Red Hat, Inc.