openshift 3.11 安装部署
openshift 3.11 安装部署
1 环境准备(所有节点)
1.1 机器环境
ip cpu mem hostname OSsystem
192.168.1.130 4 16 master CentOS7.6
192.168.1.132 2 4 node01 CentOS7.6
192.168.1.135 2 4 node02 CentOS7.61.2 免密码ssh登陆
ssh-keygen
ssh-copy-id 192.168.1.130
ssh-copy-id 192.168.1.132
ssh-copy-id 192.168.1.1351.3 hosts解析
vim /etc/hosts
192.168.1.130 master
192.168.1.132 node01
192.168.1.135 node02
---------------------
scp -rp /etc/hosts 192.168.1.132:/etc/hosts
scp -rp /etc/hosts 192.168.1.135:/etc/hosts1.4 selinux和关闭防火墙
#sed -i 's/SELINUX=.*/SELINUX=enforcing/' /etc/selinux/config#sed -i 's/SELINUXTYPE=.*/SELINUXTYPE=targeted/' /etc/selinux/config
开放8443端口给openshift,api使用/sbin/iptables -I INPUT -p tcp --dport 8443 -j ACCEPT &&\ service iptables save
1.2.3 安装需要的软件包
yum install -y wget git ntp net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct nfs-utils yum-utils docker NetworkManager
1.2.4 其他
sysctl net.ipv4.ip_forward=1
yum install pyOpenSSL httpd-tools -y
systemctl start NetworkManager
systemctl enable NetworkManager
配置镜像加速器
echo '{
"insecure-registries": ["172.30.0.0/16"],
"registry-mirrors": ["https://xxxxx.mirror.aliyuncs.com"]
}' >/etc/docker/daemon.json
systemctl daemon-reload && \
systemctl enable docker && \
systemctl restart docker1.2.5 镜像下载
#master镜像列表(主节点)
echo 'docker.io/cockpit/kubernetes
docker.io/openshift/origin-haproxy-router
docker.io/openshift/origin-haproxy-router
docker.io/openshift/origin-service-catalog
docker.io/openshift/origin-node
docker.io/openshift/origin-deployer
docker.io/openshift/origin-control-plane
docker.io/openshift/origin-control-plane
docker.io/openshift/origin-template-service-broker
docker.io/openshift/origin-pod
docker.io/cockpit/kubernetes
docker.io/openshift/origin-web-console
quay.io/coreos/etcd' >image.txt && \
while read line; do docker pull $line ; done<image.txt
#node镜像列表(两个node节点)
echo 'docker.io/openshift/origin-haproxy-router
docker.io/openshift/origin-node
docker.io/openshift/origin-deployer
docker.io/openshift/origin-pod
docker.io/ansibleplaybookbundle/origin-ansible-service-broker
docker.io/openshift/origin-docker-registry' >image.txt && \
while read line; do docker pull $line ; done<image.txt2 配置ansible(主节点)
2.1 下载openshift-ansible代码
需要下载2.6.5版本的ansible
git clone -b release-3.11 https://github.com/openshift/openshift-ansible.git
wget https://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311/ansible-2.6.5-1.el7.noarch.rpm &&\
yum localinstall ansible-2.6.5-1.el7.noarch.rpm -y &&\
yum install -y etcd &&\
systemctl enable etcd &&\
systemctl start etcd2.2 配置文件
[root@master ~]# cat /etc/ansible/hosts
[all]
# all下放所有机器节点的名称
master
node01
node02
[OSEv3:children]
#这里放openshfit的角色,这里有三个角色,master,node,etcd
masters
nodes
etcd
[OSEv3:vars]
#这里是openshfit的安装参数
#指定ansible使用ssh的用户为root
ansible_ssh_user=root
#指定方式为origin
openshift_deployment_type=origin
#指定版本为3.11
openshift_release=3.11
openshift_enable_service_catalog=false
openshift_clock_enabled=true
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability
[masters]
#master角色的机器名称包含
master
[etcd]
#etcd角色的机器名称包含
master
[nodes]
node角色的机器名称包含
master openshift_node_group_name='node-config-all-in-one'
node01 openshift_node_group_name='node-config-compute'
node02 openshift_node_group_name='node-config-compute'
#openshift_enable_service_catalog=false
#openshift_hosted_registry_storage_kind=nfs
#openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
#openshift_hosted_registry_storage_nfs_directory=/data/docker
#openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)'
#openshift_hosted_registry_storage_volume_name=registry
#openshift_hosted_registry_storage_volume_size=20Gi
# openshiftclock_enabled=true
# ansible_service_broker_install=false3 使用ansible来进行安装
#安装前检查ansible-playbook ~/openshift-ansible/playbooks/prerequisites.yml
#安装ansible-playbook ~/openshift-ansible/playbooks/deploy_cluster.yml
#如需重新安装,先卸载ansible-playbook ~/openshift-ansible/playbooks/adhoc/uninstall.yml
4 安装后配置(主节点)
4.1 配置nfs持久卷
yum install nfs-utils rpcbind -y
mkdir -p /data/v0{01..20} /data/{docker,volume,registry}
chmod -R 777 /data
vim /etc/exports
/data 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v001 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v002 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v003 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v004 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v005 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v006 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v007 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v008 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v009 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/v010 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)
/data/docker *(rw,sync,no_all_squash,no_root_squash)
systemctl restart rpcbind &&\
systemctl restart nfs && \
systemctl enable rpcbind &&\
systemctl enable nfs
exportfs -r
kubectl apply -f pv-01-10.yaml
配置文件参考章节最后 pv-01-10.yaml4.2 创建openshift用户
oc login -u system:admin ##使用系统管理员用户登录
htpasswd -b /etc/origin/master/htpasswd admin 123456 ##创建用户
htpasswd -b /etc/origin/master/htpasswd dev dev ##创建用户
oc login -u admin ##使用用户登录
oc logout ##退出当前用户4.3 赋予创建的用户集群管理员权限
oc login -u system:admin &&\
oc adm policy add-cluster-role-to-user cluster-admin xxxxx4.4 访问测试
需要添加hosts解析到本地电脑
192.168.1.130 master
192.168.1.132 node01
192.168.1.135 node02账号密码是上面创建用户的账号密码
http://master:8443 admin/123456
5 其他配置
5.1 部署集群节点管理cockpit
yum install -y cockpit cockpit-docker cockpit-kubernetes &&\
systemctl start cockpit &&\
systemctl enable cockpit.socket &&\
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 9090 -j ACCEPThttps://192.168.1.130:9090 账号密码是机器的ssh账号密码
5.2 命令补全
#kubectl 命令补全
mkdir -p /usr/share/bash-completion/kubernetes
kubectl completion bash >/usr/share/bash-completion/kubernetes/bash_completion
echo 'source /usr/share/bash-completion/kubernetes/bash_completion' >>~/.bash_profile
#oc 自动补全
mkdir -p /usr/share/bash-completion/openshift
oc completion bash >/usr/share/bash-completion/openshift/bash_completion
echo "source /usr/share/bash-completion/openshift/bash_completion" >> ~/.bash_profile
source ~/.bash_profile5.3 openshift登录
#admin用户登陆openshift:用户名dev 密码:dev
oc login -n openshift
oc get svc -n default|grep docker-registry|awk '{print $3}'
#查看admin用户的token
oc whoami -t
#登录docker私库
docker login -u admin -p `oc whoami -t` docker-registry.default.svc:5000
通过观察service的docker-registry的IP
将svc添加每台主机的hosts做对应的解析5.4 常用命令行操作
#master-restart api
#master-restart controllers
oc whoami -t ###查看当前用户token
oc login https://master:8443 --token=`oc whoami -t` ###使用用户token登录
oc get nodes ###查看当前node节点状态6 其他
6.1 pv-01-10.yaml文件
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv001
labels:
name: pv001
type: nfs
spec:
nfs:
path: /data/v001
server: 192.168.1.130
capacity:
storage: 50Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv002
labels:
name: nfs-pv002
type: nfs
spec:
nfs:
path: /data/v002
server: 192.168.1.130
capacity:
storage: 50Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv003
labels:
name: nfs-pv003
type: nfs
spec:
nfs:
path: /data/v003
server: 192.168.1.130
capacity:
storage: 30Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv004
labels:
name: nfs-pv004
type: nfs
spec:
nfs:
path: /data/v004
server: 192.168.1.130
capacity:
storage: 30Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv005
labels:
name: nfs-pv005
type: nfs
spec:
nfs:
path: /data/v005
server: 192.168.1.130
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv006
labels:
name: nfs-pv006
type: nfs
spec:
nfs:
path: /data/v006
server: 192.168.1.130
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv007
labels:
name: nfs-pv007
type: nfs
spec:
nfs:
path: /data/v007
server: 192.168.1.130
capacity:
storage: 5Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv008
labels:
name: nfs-pv008
type: nfs
spec:
nfs:
path: /data/v008
server: 192.168.1.130
capacity:
storage: 5Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv009
labels:
name: nfs-pv009
type: nfs
spec:
nfs:
path: /data/v009
server: 192.168.1.130
capacity:
storage: 2Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv010
labels:
name: nfs-pv010
type: nfs
spec:
nfs:
path: /data/v010
server: 192.168.1.130
capacity:
storage: 2Gi
accessModes:
- ReadWriteMany
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Retainopenshift 3.11 安装部署的更多相关文章
- openshift 3.11安装部署
openshift 3.11 安装部署 openshift安装部署 1 环境准备(所有节点) openshift 版本 v3.11 1.1 机器环境 ip cpu mem hostname OSsys ...
- tilecache2.11在windows apache2.22安装部署
tilecache2.11在windows apache2.22安装部署 蔡建良 2013-09-03 一.安装环境 操作系统: Windows7 32位 Apache2.22 Python2.5 m ...
- CentOS下SparkR安装部署:hadoop2.7.3+spark2.0.0+scale2.11.8+hive2.1.0
注:之前本人写了一篇SparkR的安装部署文章:SparkR安装部署及数据分析实例,当时SparkR项目还没正式入主Spark,需要自己下载SparkR安装包,但现在spark已经支持R接口,so更新 ...
- Kubernets二进制安装(11)之部署Node节点服务的kubelet
集群规划 主机名 角色 IP地址 mfyxw30.mfyxw.com kubelet 192.168.80.30 mfyxw40.mfyxw.com kubelet 192.168.80.40 注意: ...
- ELK7.11.2版本安装部署及ElastAlert告警相关配置
文档开篇,我还是要说一遍,虽然我在文档内容中也会说好多遍,但是希望大家不要嫌我墨迹: 请多看官方文档,请多看命令行报错信息,请多看日志信息,很多时候它们比百度.比必应.比谷歌有用: 请不要嫌麻烦,打开 ...
- Istio(二):在Kubernetes(k8s)集群上安装部署istio1.14
目录 一.模块概览 二.系统环境 三.安装istio 3.1 使用 Istioctl 安装 3.2 使用 Istio Operator 安装 3.3 生产部署情况如何? 3.4 平台安装指南 四.Ge ...
- Oracle安装部署,版本升级,应用补丁快速参考
一.Oracle安装部署 1.1 单机环境 1.2 Oracle RAC环境 1.3 Oracle DataGuard环境 1.4 主机双机 1.5 客户端部署 二.Oracle版本升级 2.1 单机 ...
- KVM安装部署
KVM安装部署 公司开始部署KVM,KVM的全称是kernel base virtual machine,对KVM虚拟化技术研究了一段时间, KVM是基于硬件的完全虚拟化,跟vmware.xen.hy ...
- Linux平台oracle 11g单实例 + ASM存储 安装部署 快速参考
操作环境:Citrix虚拟化环境中申请一个Linux6.4主机(模板)目标:创建单机11g + ASM存储 数据库 1. 主机准备 2. 创建ORACLE 用户和组成员 3. 创建以下目录并赋予对应权 ...
随机推荐
- OO UNIT 1 个人单元总结
面向对象课程--第一单元个人总结 作业分析 第一次作业 概要 本次作业主要对简单幂函数的多项式进行求导计算,要点在于对输入字符串的处理,利用正则表达式匹配即可,并且需要对输出表达式的长度进行优化. 度 ...
- Python写的微服务如何融入Spring Cloud体系?
前言 在今天的文章中小码哥将会给大家分享一个目前工作中遇到的一个比较有趣的案例,就是如何将Python写的微服务融入到以Java技术栈为主的Spring Cloud微服务体系中?也许有朋友会有疑问,到 ...
- 000 - 准备工作ADB wifi连接多台鸿蒙设备进行调试
首先将两台鸿蒙设备插入电脑的usb上 查看两台鸿蒙设备的deviceid C:\Users\Administrator>adb devices * daemon not running; sta ...
- Leedcode算法专题训练(双指针)
算法思想 双指针 167. 两数之和 II - 输入有序数组 双指针的典型用法 如果两个指针指向元素的和 sum == target,那么得到要求的结果: 如果 sum > target,移动较 ...
- HarmonyOS开发者看过来,HDD上海站传递的重要信息都在这里
4月17日,颇有HarmonyOS年度总结性质的HarmonyOS开发者日活动上海站正式开始. 活动中,华为消费者业务AI与智慧全场景业务部副总裁段孟对HarmonyOS生态建设的最新进展做了发言,并 ...
- 10. Vue-Vue 的{{}}、v-html、v-text
{{ }} 将元素当成纯文本输出 v-html v-html会将元素当成HTML标签解析后输出 v-text v-text会将元素当成纯文本输出 代码: <!DOCTYPE html> & ...
- 前端进阶(1)Web前端性能优化
前端进阶(1)Web前端性能优化 Web前端性能优化, 不仅能够改善站点的用户体验,并且能够节省相当的资源利用.下面将从1)服务器.2)html内容.3)css. 4)javascript. 5)图片 ...
- C#中普通缓存的使用
缓存的概念及优缺点在这里就不多做介绍,当然缓存包含多种有普通缓存.客户端缓存.DNS缓存.反向代理缓存以及分布式缓存等等.今天主要聊一聊C#通过编码来实现普通的缓存.话不多说直接上代码. 一.首先,新 ...
- php异常及错误信息捕获并记录日志实现方法全解析
php异常处理 什么是异常? PHP 5 提供了一种新的面向对象的错误处理方法.异常处理用于在指定的错误(异常)情况发生时改变脚本的正常流程.这种情况称为异常. 当异常被触发时,通常会发生: 当前代码 ...
- Python简易远控(单线程版)
1. 技术:管道通信,流文件处理,socket基础 2. Tips: 默认IP:127.0.0.1 默认端口:7676 3. 代码样例: 服务端: #!/usr/bin/env python # en ...