Red Hat OpenShift Installation on Azure

kapil rajyaguru
6 min readNov 22, 2021


Photo by Jared Erondu on Unsplash

There is no doubt about container technology on how important and beneficial it is. As a result, the majority of companies either use containers or experiment with them. Red Hat OpenShift is the leading enterprise Kubernetes platform that enables a cloud-like experience everywhere it’s deployed. Whether in the cloud, on-premise, or at the edge, Red Hat OpenShift gives you the ability to choose where you build, deploy, and run applications through a consistent experience. In addition, Red Hat OpenShift’s full-stack automated operations and self-service provisioning for developers lets teams work together more efficiently to move ideas from development to production.

Installation of Red Hat OpenShift is complex. However, public cloud service providers like AWS, Azure, IBM give you an option to run Red Hat OpenShift as a managed service. However, at times engineering teams would like to deploy the Red Hat OpenShift cluster by themselves. Because the installation is complex, I thought to write a blog in the simplest way possible to help you with the Red Hat OpenShift installation on Azure. I tried to keep the explanation short and simple in this blog to save reading time and focus on crucial installation steps.

The following is the Red Hat OpenShift installation workflow. In this tutorial, we will go through each activity to ensure the successful installation of the Red Hat OpenShift cluster in the Azure Platform.

Red Hat OpenShift Installation Workflow

Step 1 — Create bastion host. The bastion host could be your machine or a VM running in your Azure virtual network with internet access. For this exercise, I created a Ubuntu VM running on my windows 10 laptop. If you don’t know how to install an ubuntu VM on your Windows laptop, the link guides you with ubuntu deployment. Next, we will perform all the following steps on the bastion host except a login to the Azure portal and perform a few activities there.

Step 2 — After successfully deploying Ubuntu VM, run “sudo apt-get install update -y” on your ubuntu terminal to install the latest update.

Step 3 — Create a directory and switch to the directory by running the following commands

mkdir openshiftcd openshift

Step 4 — Run the following commands to download OpenShift-install and OC client.


Step 5 — Unzip OC client and Openshift-install and copy to /usr/local/sbin. After that delete .gz files from the openshift directory.

sudo tar -xvzf ./openshift-client-linux.tar.gzsudo tar -xvzf ./openshift-install-linux.tar.gzsudo cp oc /usr/local/sbinsudo cp openshift-install /usr/local/sbinrm *.gz

Step 6 — Create SSH Key and set up an SSH agent. We need to supply an SSH key during the OpenShift installation. Supplying SSH keys will ensure access to master and worker node post-installation if you need to perform any troubleshooting.

ssh-keygen -b 4096 -t rsa -N ‘’ -f ~/.ssh/id_rsaeval “$(ssh-agent -s)”ssh-add ~/.ssh/id_rsa

Step 7 — Download pull secret from —

  • If you don’t have a Red Hat account, then create one. Don’t worry; it is free.
  • If you already have an account, then log in using your user id and password.
  • Click “Cluster” on the left-hand sidebar and click “Create Cluster” on the right.
  • Scroll down and click “Azure” under “Run it yourself.”
  • Click “Installer-provisioned infrastructure.”
  • Click “Download pull secret.”

Step 8 — We will move to the Azure portal and Perform several activities. First, start with creating a service principal (SP) and copying the Client secret.

  • Log in to the Azure portal using your user id and password
  • In the portal, search for Azure Active Directory and click on it
  • Click “App registrations” under Manage in the left-hand side panel
  • Click “+ New Registration” and give Name and click “Register.
  • On the next screen, click “Certificate & Secret” under Manage in the left-hand side panel.
  • Click “+ New Client Secret,” Give a short description, select “Expiry duration,” and click “Add.
  • Copy secret under Value and store it in a safe place. This is the only time you will see the application secret.

Step 9 — Copy Tenant id, Application ID, and Subscription ID

  • Go Back to the “Default Directory” screen and copy “Tenant id” from the “Overview” page
  • Go to “App registrations” and copy the “Application (client) ID” of the service principal you created
  • Go to “Home” and click “Subscriptions,” and copy “Subscription ID.

Step 10 — Grant contributor and User access administrator access to Service principal

  • Click on your Subscription Name and click “Access Control (IAM)” from the left-hand sidebar.
  • Click “+ Add” and click “Add role assignment.
  • Under “Role Name,” select “Contributor,” and click next and click “+ Select members” enter the Service Principal name you created earlier and click “Select.” Now click “Review + assign
  • Perform the same steps as described above but this time under role name, click “User Access Administrator.

Step 11 — Create a Base domain. If you already have a base domain, then you can skip this step.

  • On the Azure portal menu or from the Home page, select Create a resource.
  • Enter Domain Services into the search bar, then choose Azure AD Domain Services from the search suggestions.
  • On the Azure AD Domain Services page, select Create. The Enable Azure AD Domain Services wizard is launched.
  • Select the Azure Subscription in which you would like to create the managed domain.
  • Select the Resource group to which the managed domain should belong. Choose to Create a new or select an existing resource group.

Step 12 — Azure Red Hat OpenShift requires a minimum of 40 cores to create and run an OpenShift cluster. Increase limits by VM series

Now you are all set to kick off your Red Hat OpenShift Installation.

Step 13 — Create Install-config by running the following command. Then, select appropriate options using keyboard arrow keys in response to the command.

./openshift-install create install-config --dir ~/openshift --log-level=debug |& tee install-config.log
  • Select the path of your SSH key
  • Select “Azure” as your platform
  • Enter Azure subscription id
  • Enter azure tenant id
  • Enter azure service principal client id
  • Enter azure service principal client secret
  • Select Region
  • Select Base Domain
  • Enter Cluster Name in lower case
  • Enter Pull Secret

In the end, you will receive a message with Install-Config created in “Path.”

Step 14 — Edit install-config to add master and worker node configuration as shown in the image below.

Nano install-config.YAML
  • Validate your install-config.yaml with the following image. Also, before you begin editing, make a copy of Install-config so that you have a backup always available if something goes wrong while editing.

After you finish editing, create another copy of install-config. Because during the installation, the installer will consume the install-config. If your installation fails, you will not have a copy of install-config, and you will have to create and edit again. So it is recommended to create a backup of your install copy by running

cp install-config.yaml install-config-org.yaml
Sample Install-Config.YAML file

Step 15 — Begin installation by running the following command

./openshift-install create cluster --dir ./ --log-level=debug |& tee create-cluster.lo
  • It will take around 40–50 min to install Red Hat OpenShift. So take a coffee/lunch/dinner break.

Step 16 — Post Installation tasks

  • Login to OpenShift web console using “kubeadmin” as a user id and password displayed at the end.
  • You can follow the instruction provided at this link to validate the successful installation of your cluster.

Step 17 — If your objective is to learn Red Hat OpenShift installation only and there is no further plan to use it, then you can destroy your cluster by executing the following command to avoid charges to your Azure subscription.

./openshift-install destroy cluster --dir ./

Important Links



kapil rajyaguru

Enabling Organizations with IT Transformation & Cloud Migrations | Principal CSM Architect at IBM, Ex-Microsoft, Ex-AWS. My opinions are my own.