openshift 3.11 安装部署

openshift安装部署

1 环境准备(所有节点)

openshift 版本 v3.11
1.1 机器环境
ip              cpu  mem   hostname  OSsystem

192.168.1.130    4    16   master  CentOS7.6

192.168.1.132    2    4    node01  CentOS7.6

192.168.1.135    2    4    node02  CentOS7.6
1.2 免密码ssh登陆
ssh-keygen

ssh-copy-id 192.168.1.130

ssh-copy-id 192.168.1.132

ssh-copy-id 192.168.1.135
1.3 hosts解析
vim /etc/hosts

192.168.1.130 master

192.168.1.132 node01

192.168.1.135 node02

---------------------

scp -rp /etc/hosts 192.168.1.132:/etc/hosts

scp -rp /etc/hosts 192.168.1.135:/etc/hosts
1.4 selinux和关闭防火墙

#sed -i 's/SELINUX=.*/SELINUX=enforcing/' /etc/selinux/config

#sed -i 's/SELINUXTYPE=.*/SELINUXTYPE=targeted/' /etc/selinux/config

开放8443端口给openshift,api使用

/sbin/iptables -I INPUT -p tcp --dport 8443 -j ACCEPT &&\ service iptables save

1.2.3 安装需要的软件包

yum install -y wget git ntp net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct nfs-utils yum-utils docker NetworkManager

1.2.4 其他
sysctl net.ipv4.ip_forward=1

yum install pyOpenSSL httpd-tools -y

systemctl start NetworkManager

systemctl enable NetworkManager


配置镜像加速器
echo '{

   "insecure-registries": ["172.30.0.0/16"],

   "registry-mirrors": ["https://xxxxx.mirror.aliyuncs.com"]

}' >/etc/docker/daemon.json

systemctl daemon-reload && \

systemctl enable docker && \

systemctl restart docker
1.2.5 镜像下载
#master镜像列表(主节点)

echo 'docker.io/cockpit/kubernetes

docker.io/openshift/origin-haproxy-router

docker.io/openshift/origin-haproxy-router  

docker.io/openshift/origin-service-catalog

docker.io/openshift/origin-node

docker.io/openshift/origin-deployer

docker.io/openshift/origin-control-plane

docker.io/openshift/origin-control-plane

docker.io/openshift/origin-template-service-broker

docker.io/openshift/origin-pod

docker.io/cockpit/kubernetes

docker.io/openshift/origin-web-console

quay.io/coreos/etcd' >image.txt && \

while read line; do docker pull $line ; done<image.txt

#node镜像列表(两个node节点)

echo 'docker.io/openshift/origin-haproxy-router

docker.io/openshift/origin-node

docker.io/openshift/origin-deployer

docker.io/openshift/origin-pod

docker.io/ansibleplaybookbundle/origin-ansible-service-broker

docker.io/openshift/origin-docker-registry' >image.txt && \

while read line; do docker pull $line ; done<image.txt

2 配置ansible(主节点)

2.1 下载openshift-ansible代码

需要下载2.6.5版本的ansible

git clone -b release-3.11 https://github.com/openshift/openshift-ansible.git

wget https://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311/ansible-2.6.5-1.el7.noarch.rpm &&\

yum localinstall ansible-2.6.5-1.el7.noarch.rpm -y &&\

yum install -y etcd &&\

systemctl enable etcd &&\

systemctl start etcd
2.2 配置文件
[root@master ~]# cat /etc/ansible/hosts

[all]

# all下放所有机器节点的名称
master

node01

node02

[OSEv3:children]
#这里放openshfit的角色,这里有三个角色,master,node,etcd

masters

nodes

etcd

[OSEv3:vars]
#这里是openshfit的安装参数


#指定ansible使用ssh的用户为root
ansible_ssh_user=root


#指定方式为origin
openshift_deployment_type=origin


#指定版本为3.11
openshift_release=3.11


openshift_enable_service_catalog=false

openshift_clock_enabled=true

openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]

openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability

[masters]
#master角色的机器名称包含

master

[etcd]
#etcd角色的机器名称包含
master

[nodes]

node角色的机器名称包含
master openshift_node_group_name='node-config-all-in-one'

node01 openshift_node_group_name='node-config-compute'

node02 openshift_node_group_name='node-config-compute'

#openshift_enable_service_catalog=false

#openshift_hosted_registry_storage_kind=nfs

#openshift_hosted_registry_storage_access_modes=['ReadWriteMany']

#openshift_hosted_registry_storage_nfs_directory=/data/docker

#openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)'

#openshift_hosted_registry_storage_volume_name=registry

#openshift_hosted_registry_storage_volume_size=20Gi

# openshiftclock_enabled=true

# ansible_service_broker_install=false

3 使用ansible来进行安装

#安装前检查

ansible-playbook ~/openshift-ansible/playbooks/prerequisites.yml

#安装

ansible-playbook ~/openshift-ansible/playbooks/deploy_cluster.yml

#如需重新安装,先卸载

ansible-playbook ~/openshift-ansible/playbooks/adhoc/uninstall.yml

4 安装后配置(主节点)

4.1 配置nfs持久卷
yum install nfs-utils rpcbind -y

mkdir -p /data/v0{01..20} /data/{docker,volume,registry}

chmod -R 777 /data

vim /etc/exports

/data 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v001 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v002 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v003 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v004 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v005 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v006 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v007 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v008 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v009 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/v010 192.168.1.0/24(rw,sync,no_all_squash,no_root_squash)

/data/docker *(rw,sync,no_all_squash,no_root_squash)

systemctl restart rpcbind &&\

systemctl restart nfs && \

systemctl enable rpcbind &&\

systemctl enable nfs

exportfs -r

kubectl apply -f pv-01-10.yaml

配置文件参考章节最后 pv-01-10.yaml
4.2 创建openshift用户
oc login -u system:admin                                ##使用系统管理员用户登录

htpasswd -b /etc/origin/master/htpasswd admin 123456    ##创建用户

htpasswd -b /etc/origin/master/htpasswd dev dev         ##创建用户

oc login -u admin                                       ##使用用户登录

oc logout                                               ##退出当前用户
4.3 赋予创建的用户集群管理员权限
oc login -u system:admin &&\

oc adm policy add-cluster-role-to-user cluster-admin xxxxx
4.4 访问测试

需要添加hosts解析到本地电脑

192.168.1.130 master

192.168.1.132 node01

192.168.1.135 node02

账号密码是上面创建用户的账号密码

http://master:8443 admin/123456

5 其他配置

5.1 部署集群节点管理cockpit
yum install -y cockpit cockpit-docker cockpit-kubernetes &&\

systemctl start cockpit &&\

systemctl enable cockpit.socket &&\

iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 9090 -j ACCEPT

https://192.168.1.130:9090 账号密码是机器的ssh账号密码

5.2 命令补全
#kubectl 命令补全

mkdir -p /usr/share/bash-completion/kubernetes

kubectl completion bash >/usr/share/bash-completion/kubernetes/bash_completion

echo 'source /usr/share/bash-completion/kubernetes/bash_completion' >>~/.bash_profile

#oc 自动补全

mkdir -p /usr/share/bash-completion/openshift

oc completion bash >/usr/share/bash-completion/openshift/bash_completion

echo "source /usr/share/bash-completion/openshift/bash_completion" >> ~/.bash_profile

source ~/.bash_profile
5.3 openshift登录
#admin用户登陆openshift:用户名dev 密码:dev

oc login -n openshift

oc get svc -n default|grep docker-registry|awk '{print $3}'

#查看admin用户的token

oc whoami -t

#登录docker私库

docker login -u admin -p `oc whoami -t` docker-registry.default.svc:5000

通过观察service的docker-registry的IP

将svc添加每台主机的hosts做对应的解析
5.4 常用命令行操作
#master-restart api

#master-restart controllers

oc whoami -t                                            ###查看当前用户token

oc login https://master:8443 --token=`oc whoami -t`     ###使用用户token登录

oc get nodes                                            ###查看当前node节点状态

6 其他

6.1 pv-01-10.yaml文件
apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv001

  labels:

    name: pv001

    type: nfs

spec:

  nfs:

    path: /data/v001

    server: 192.168.1.130

  capacity:

    storage: 50Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv002

  labels:

    name: nfs-pv002

    type: nfs

spec:

  nfs:

    path: /data/v002

    server: 192.168.1.130

  capacity:

    storage: 50Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv003

  labels:

    name: nfs-pv003

    type: nfs

spec:

  nfs:

    path: /data/v003

    server: 192.168.1.130

  capacity:

    storage: 30Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv004

  labels:

    name: nfs-pv004

    type: nfs

spec:

  nfs:

    path: /data/v004

    server: 192.168.1.130

  capacity:

    storage: 30Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv005

  labels:

    name: nfs-pv005

    type: nfs

spec:

  nfs:

    path: /data/v005

    server: 192.168.1.130

  capacity:

    storage: 10Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv006

  labels:

    name: nfs-pv006

    type: nfs

spec:

  nfs:

    path: /data/v006

    server: 192.168.1.130

  capacity:

    storage: 10Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv007

  labels:

    name: nfs-pv007

    type: nfs

spec:

  nfs:

    path: /data/v007

    server: 192.168.1.130

  capacity:

    storage: 5Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv008

  labels:

    name: nfs-pv008

    type: nfs

spec:

  nfs:

    path: /data/v008

    server: 192.168.1.130

  capacity:

    storage: 5Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv009

  labels:

    name: nfs-pv009

    type: nfs

spec:

  nfs:

    path: /data/v009

    server: 192.168.1.130

  capacity:

    storage: 2Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

---

apiVersion: v1

kind: PersistentVolume

metadata:

  name: nfs-pv010

  labels:

    name: nfs-pv010

    type: nfs

spec:

  nfs:

    path: /data/v010

    server: 192.168.1.130

  capacity:

    storage: 2Gi

  accessModes:

    - ReadWriteMany

    - ReadWriteOnce

    - ReadOnlyMany

  persistentVolumeReclaimPolicy: Retain

openshift 3.11安装部署的更多相关文章

  1. openshift 3.11 安装部署

    openshift 3.11 安装部署 openshift安装部署 1 环境准备(所有节点) openshift 版本 v3.11 1.1 机器环境 ip cpu mem hostname OSsys ...

  2. tilecache2.11在windows apache2.22安装部署

    tilecache2.11在windows apache2.22安装部署 蔡建良 2013-09-03 一.安装环境 操作系统: Windows7 32位 Apache2.22 Python2.5 m ...

  3. CentOS下SparkR安装部署:hadoop2.7.3+spark2.0.0+scale2.11.8+hive2.1.0

    注:之前本人写了一篇SparkR的安装部署文章:SparkR安装部署及数据分析实例,当时SparkR项目还没正式入主Spark,需要自己下载SparkR安装包,但现在spark已经支持R接口,so更新 ...

  4. Kubernets二进制安装(11)之部署Node节点服务的kubelet

    集群规划 主机名 角色 IP地址 mfyxw30.mfyxw.com kubelet 192.168.80.30 mfyxw40.mfyxw.com kubelet 192.168.80.40 注意: ...

  5. ELK7.11.2版本安装部署及ElastAlert告警相关配置

    文档开篇,我还是要说一遍,虽然我在文档内容中也会说好多遍,但是希望大家不要嫌我墨迹: 请多看官方文档,请多看命令行报错信息,请多看日志信息,很多时候它们比百度.比必应.比谷歌有用: 请不要嫌麻烦,打开 ...

  6. Istio(二):在Kubernetes(k8s)集群上安装部署istio1.14

    目录 一.模块概览 二.系统环境 三.安装istio 3.1 使用 Istioctl 安装 3.2 使用 Istio Operator 安装 3.3 生产部署情况如何? 3.4 平台安装指南 四.Ge ...

  7. Oracle安装部署,版本升级,应用补丁快速参考

    一.Oracle安装部署 1.1 单机环境 1.2 Oracle RAC环境 1.3 Oracle DataGuard环境 1.4 主机双机 1.5 客户端部署 二.Oracle版本升级 2.1 单机 ...

  8. KVM安装部署

    KVM安装部署 公司开始部署KVM,KVM的全称是kernel base virtual machine,对KVM虚拟化技术研究了一段时间, KVM是基于硬件的完全虚拟化,跟vmware.xen.hy ...

  9. Linux平台oracle 11g单实例 + ASM存储 安装部署 快速参考

    操作环境:Citrix虚拟化环境中申请一个Linux6.4主机(模板)目标:创建单机11g + ASM存储 数据库 1. 主机准备 2. 创建ORACLE 用户和组成员 3. 创建以下目录并赋予对应权 ...

随机推荐

  1. easyUI验证框赋值

    下面来看看easyui的各种验证框赋值的方式: <input name="userId" id="userId" class="easyui-n ...

  2. css进阶 05-CSS的一些小知识

    05-CSS的一些小知识 #隐藏盒子的几种方式 隐藏盒子,有以下几种方式: (1)方式一: overflow:hidden; //隐藏盒子超出的部分   (2)方式二: display: none; ...

  3. 二、Electron + Webpack + Vue 搭建开发环境及打包安装

    目录 Webpack + Vue 搭建开发环境及打包安装 ------- 打包渲染进程 Electron + Webpack  搭建开发环境及打包安装 ------- 打包主进程 Electron + ...

  4. Flutter InkWell - Flutter每周一组件

    Flutter Inkwell使用详解 该文章属于[Flutter每周一组件]系列,其它组件可以查看该系列下的文章,该系列会不间断更新:所有组件的demo已经上传值Github: https://gi ...

  5. sqli-labs 18-19 --Header_injection

    sqli-labs 18 知识点 头部注入 报错注入 使用的函数: updatexml (XML_document, XPath_string, new_value); 第一个参数:XML_docum ...

  6. asp.net webapi 给字段赋初始值DefaultValue 解决前端传空字符串后台接受不是“”而是NULL

    /// <summary> /// 存储ID /// </summary> public Guid SaveID { get; set; } /// <summary&g ...

  7. Python之猜拳游戏

    第一次写这东西,主要是为了记录自己的学习历程,或者说是为了忘记的时候找回来看看. 今天是参加风变编程培训第10天.昨天晚上完成了第10关关底的猜拳小游戏. 要求:人和电脑轮流出拳.判断输赢. 给出列表 ...

  8. Sublime Text 2 强大的编辑功能

    多行编辑功能:1) 同时编辑多行 (Ctrl+Shift+L (Win) 或  Command+Shift+L (Mac))如要在选中的多行文本的最后面同时添加一个字符"a",先选 ...

  9. Java Tree 树 数据结构

    说到树结构就不得不回顾 链表结构 https://www.cnblogs.com/easyidea/p/13371863.html 如果链表结构中再多一个指针会是什么情况? 是不是像树根一样,这就是 ...

  10. 异步技巧之CompletableFuture

    摘自--https://juejin.im/post/5b4622df5188251ac9766f47 异步技巧之CompletableFuture 1.Future接口 1.1 什么是Future? ...