- Download
openshift-install
andoc
binaries from https://console.redhat.com/openshift/downloads. - Download installation pull secret from https://console.redhat.com/openshift/install/pull-secret.
- Run
openshift-install
and follow the instructions. When the cluster deployment completes, directions for accessing your cluster display in your terminal.
openshift-install create cluster --dir <installation_directory>
- Set the environment variable KUBECONFIG pointing to your
.kubeconfig
from the previous step.
export KUBECONFIG=PATH_TO_KUBECONFIG
NOTE: Detailed instructions how to install OpenShift cluster can be found under https://docs.openshift.com/container-platform/.
- By default OpenShift security rules do not allow running with privileged access. Below commands allow unprivileged users to run root level containers. Once conformance testing is completed, you should restore the default security rules.
oc adm policy add-scc-to-group privileged system:authenticated system:serviceaccounts
oc adm policy add-scc-to-group anyuid system:authenticated system:serviceaccounts
- Follow the test instructions
to run the conformance tests. You will need to add the
--dns-namespace=openshift-dns
and--dns-pod-labels=dns.operator.openshift.io/daemonset-dns=default
options sosonobuoy
can find the cluster DNS pods. Additionally, OpenShift cluster disables scheduling on control plane nodes in the default installation, so you need to pass--plugin-env=e2e.E2E_EXTRA_ARGS="--allowed-not-ready-nodes=3"
to inform testing framework it should take that into account.
hydrophone --conformance --conformance-image registry.k8s.io/conformance:v1.29.1 --extra-args="--allowed-not-ready-nodes=3"
- Once conformance testing is completed, restore the default security rules:
oc adm policy remove-scc-from-group anyuid system:authenticated system:serviceaccounts
oc adm policy remove-scc-from-group privileged system:authenticated system:serviceaccounts