Step‑by‑Step Guide to Deploying an OpenShift 3.11 Cluster with a Local Yum Repository and Docker Registry

The environment consists of two nodes (a master and a compute/infra node) running RHEL 7.4 with OpenShift Container Platform 3.11; no external DNS is used, so hostnames are resolved via /etc/hosts .

Static IP mappings are added to /etc/hosts for the master, node, infra and cluster entry points.

SELinux is set to enforcing mode by editing /etc/selinux/config and confirming the SELINUX=enforcing setting.

OpenShift RPM packages are extracted to /opt/repos/ and a local Yum repository is created with a /etc/yum.repos.d/ocp‑local.repo file that points to the extracted directories using the file:// protocol.

The repository is verified with yum repolist and the presence of OpenShift packages is checked via yum list | grep atomic‑openshift | wc -l .

Apache httpd is installed, configured to serve the repository at /opt/repos (Alias and Directory directives), and its listening port is changed to 81 to avoid conflict with the OpenShift router.

httpd is enabled and started, and its accessibility is confirmed with curl 172.16.37.12:81/repos/ .

The original repository file is renamed to ocp‑local.repo.bak1 and a new ocp.repo is created that points to the httpd server (e.g., http://172.16.37.12:81/repos/… ).

Password‑less SSH keys are generated with ssh-keygen and distributed to all nodes using a for loop with ssh-copy-id . Hostnames are updated on each node via hostnamectl set-hostname … .

iptables‑services are installed and the firewall is opened for ports 53, 5000, and 81 by appending rules to /etc/sysconfig/iptables and restarting the service.

All required base packages are installed on every node, including wget, git, net‑tools, bind‑utils, docker‑1.13.1, and others, followed by a full system update.

Docker is configured to use the private registry at 172.16.37.12:5000 by creating /etc/containers/registries.conf with search and insecure entries, then the file is distributed to all nodes.

Docker service is started and enabled on every host.

A private Docker distribution registry is installed ( docker‑distribution ), started, and enabled. Images are loaded from the OpenShift 3.11 tarball, retagged to point to the private registry, and pushed using shell pipelines that invoke docker tag and docker push .

OpenShift deployment is performed with the official Ansible playbooks: first the prerequisites are run ( ansible‑playbook …/prerequisites.yml ) and then the cluster is deployed ( ansible‑playbook …/deploy_cluster.yml ). An uninstall playbook is also provided.

After the cluster is up, an admin user is created with htpasswd -cb /etc/origin/master/htpasswd admin 123456 and granted cluster‑admin rights via oc adm policy add‑cluster‑role‑to‑user cluster‑admin admin . Access is verified by adding the master’s IP and domain to the client’s /etc/hosts and browsing to https://openshift‑cluster.test2.com:8443 .