openshift部署

  1. 30分钟安装部署OpenShift okd3.11 - 腾讯云开发者社区-腾讯云(配置openshift)
  2. 配置hosts(全部机器)
    192.168.10.119 devops01
192.168.10.209 devops02
192.168.10.153 devops03
192.168.10.26  devops04
192.168.10.26  ocp.ysx.run
  3. 配置免密(此处省略)
  4. 安装依赖包(全部机器)
    yum update -y 
yum install wget git net-tools bind-utils yum-utils
iptables-services bridge-utils bash-completion kexec-tools sos psacct docker-1.13.1 java-1.8.0-openjdk-headless patch httpd-tools -y   
reboot
  5. 下载openshift-ansible
    git clone https://github.com/openshift/openshift-ansible
cd openshift-ansible
git checkout release-3.11

    1. 安装openshift-ansible(下面是repo) 

      yum install -y openshift-ansible

      [centos-openshift-origin311]
name=CentOS OpenShift Origin
baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin311/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-testing]
name=CentOS OpenShift Origin Testing
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-debuginfo]
name=CentOS OpenShift Origin DebugInfo
baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-source]
name=CentOS OpenShift Origin Source
baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin311/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
  6. 安装epel源(全部机器都安装ansible)
    yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
yum -y --enablerepo=epel install ansible pyOpenSSL
  7. 配置docker存储 

    vim /etc/sysconfig/docker-storage-setup

    STORAGE_DRIVER=overlay2
DEVS=/dev/vdb
VG=docker-vg
CONTAINER_ROOT_LV_NAME=docker-lv
CONTAINER_ROOT_LV_SIZE=100%FREE
CONTAINER_ROOT_LV_MOUNT_PATH=/var/lib/docker
WIPE_SIGNATURES=true  #有时候磁盘上有数据,这个参数用于确认删除,值有true/false,true是强制删除

#终端执行docker-storage-setup
docker-storage-setup

       启动docker服务 systemctl enable docker && systemctl start docker

       启动NetworkManager systemctl start NetworkManager && systemctl enable NetworkManager

  8. 配置清单文件
    [OSEv3:children]
masters
nodes
etcd
lb

[OSEv3:vars]
ansible_ssh_user=root
openshift_deployment_type=origin #设置部署类型

openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]  #此变量设置 身份提供者
openshift_master_default_subdomain=ysx.run
os_firewall_use_firewalld=true
openshift_disable_check=disk_availability,memory_availability,docker_image_availability #禁用特定的预安装检查
openshift_clock_enabled=true  #是否启用网络时间协议

openshift_cluster_monitoring_operator_prometheus_storage_enabled=true
openshift_cluster_monitoring_operator_alertmanager_storage_enabled=true
openshift_cluster_monitoring_operator_prometheus_storage_capacity=2Gi
openshift_cluster_monitoring_operator_alertmanager_storage_capacity=2Gi

openshift_logging_es_pvc_dynamic=true
openshift_logging_es_pvc_size=2Gi
openshift_logging_es_nodeselector={"node-type":"infrastructure"} #安装群集日志记录时,还必须指定节点选择器

openshift_master_cluster_method=native  #部署多个主服务器时,此变量定义HA方法,支持native方法
openshift_master_cluster_hostname=ocp.ysx.run
openshift_master_cluster_public_hostname=ocp.ysx.run

[masters]
devops01
devops02
devops03

[etcd]
devops01
devops02
devops03

[lb]
devops04

[nodes]
devops0[1:3] openshift_node_group_name='node-config-all-in-one'
devops04     openshift_node_group_name='node-config-compute'
  9. 安装openshift
    1. openshix-ansible安装的时候要求selinux必须是enable状态,不能disable,否则检查不通过。可以在安装完集群之后再disable
    2. 开始部署
      nsible-playbook -i /etc/ansible/ocp-311 openshift-ansible/playbooks/prerequisites.yml  #执行安装前检查
ansible-playbook -i /etc/ansible/ocp-311 openshift-ansible/playbooks/deploy_cluster.yml #真正的安装集群
    3. 部署测试
      htpasswd -b /etc/origin/master/htpasswd admin admin
oc login -u system:admin
oc adm policy add-cluster-role-to-user cluster-admin admin
    4. 查看页面能否登陆
  10. 安装过程中可能遇到的问题
    1. customresourcedefinitions.apiextensions.k8s.io,\"servicemonitors.monitoring.coreos.com\" not found
      ifcfg-eth0中为NM_CONTROLLED=no。改为yes,重启系统(表示网卡允许用 NetworkManager 程序管理,它可以降低网络配置使用难度,便于管理无线网络、虚拟专用网等网络连接)
  11. 安装openshift外部镜像仓库(与docker仓库一致)
  12. 配置负载均衡(添加如下配置)
    frontend router80
    bind *:80
    default_backend router80
    mode tcp
    option tcplog

backend router80
    balance source
    mode tcp
    server      master0 192.168.10.119:80 check
    server      master1 192.168.10.209:80 check
    server      master2 192.168.10.153:80 check

frontend router443  
    bind *:443
    default_backend router443
    mode tcp
    option tcplog

backend router443
    balance source
    mode tcp
    server      master0 192.168.10.119:443 check
    server      master1 192.168.10.209:443 check
    server      master2 192.168.10.153:443 check
  13. 为内部镜像仓库做持久化
    1. 重新修改dc文件,添加持久卷
            containers:
          volumeMounts:
            - name: registry-storage
              mountPath: /registry
      volumes:
        - name: registry-storage
          persistentVolumeClaim:
            claimName: registry-storage
版权声明:本文为qq_27164239原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。