OpenShift-OKD3.10基础环境的部署
本篇内容介绍了"OpenShift-OKD3.10基础环境的部署"的有关知识,在实际案例的操作过程中,不少人都会遇到这样的困境,接下来就让小编带领大家学习一下如何处理这些情况吧!希望大家仔细阅读,能够学有所成!
单master + 双node
1.主机角色划分
#采用双网段部署 0 网段是opesnshift内部通信IP,1 网段是连接外网通信地址
#mastermaster.example.com192.168.0.39 192.168.1.39#node1 node1.example.com192.168.0.40192.168.1.40#node2node2.example.com192.168.0.41192.168.1.41
2.系统初始化
2.1 开启SELinux
[root@master ~]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system.# SELINUX= can take one of these three values:# enforcing - SELinux security policy is enforced.# permissive - SELinux prints warnings instead of enforcing.# disabled - No SELinux policy is loaded.SELINUX=enforcing# SELINUXTYPE= can take one of three two values:# targeted - Targeted processes are protected,# minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection.SELINUXTYPE=targeted
2.2 安装基础组件
yum install wget git net-tools bind-utils yum-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct -y
2.3 更新操作系统
yum update -y reboot
2.4 配置ansible
## install ansibleyum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpmsed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repoyum -y --enablerepo=epel install ansible pyOpenSSL
#checkout install playbooks
cd ~
git clone https://github.com/openshift/openshift-ansible
cd openshift-ansible
git checkout release-3.10
2.5 设置SSH免密登录(master -> node)
## ssh ssh-keygenfor host in master.example.com \ master.example.com \ node1.example.com \ node2.example.com; \do ssh-copy-id -i ~/.ssh/id_rsa.pub $host; \done
3.开始部署
3.1 更新hosts配置文件
[root@master ~]# cat /etc/ansible/hosts[OSEv3:children]mastersnodesetcdnfs[OSEv3:vars]ansible_ssh_user=rootopenshift_deployment_type=origin
#因采用虚拟机部署学习 配置此选项跳过主机硬件信息检查openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availabilityopenshift_master_identity_providers=[{'name':'htpasswd_auth','login':'true','challenge':'true','kind':'HTPasswdPasswordIdentityProvider',}]openshift_master_default_subdomain=apps.test.example.comopenshift_deployment_type=originos_firewall_use_firewalld=true[masters]master.example.com[etcd]master.example.com[nodes]master.example.com openshift_node_group_name='node-config-master'node1.example.com openshift_node_group_name='node-config-compute'node2.example.com openshift_node_group_name='node-config-compute'[nfs]master.example.com3.2 执行预安装检测
[root@master ~]# ansible-playbook openshift-ansible/playbooks/prerequisites.yml
3.3 正式安装
[root@master ~]# ansible-playbook openshift-ansible/playbooks/deploy_cluster.yml
4.FAQ
Q1 Docker HUB下载镜像缓慢导致执行deploy脚本失败##更改docker 的配置文件 /etc/sysconfig/docker
设置国内docker 镜像仓库例如阿里云加速
OPTIONS=' --selinux-enabled=false --signature-verification=False --registry-mirror=https://c9ojlmr5.mirror.aliyuncs.com'
#需要重启docker
systemctl restart docker
#手动pull master和node使用的images
#master镜像列表
docker.io/cockpit/kubernetes
docker.io/openshift/origin-haproxy-router
docker.io/openshift/origin-haproxy-router
docker.io/openshift/origin-service-catalog docker.io/openshift/origin-node
docker.io/openshift/origin-deployer
docker.io/openshift/origin-control-plane
docker.io/openshift/origin-control-plane
docker.io/openshift/origin-template-service-broker
docker.io/openshift/origin-pod
docker.io/cockpit/kubernetes
docker.io/openshift/origin-web-console
quay.io/coreos/etcd
#node镜像列表
docker.io/openshift/origin-haproxy-router
docker.io/openshift/origin-node
docker.io/openshift/origin-deployer
docker.io/openshift/origin-pod
docker.io/ansibleplaybookbundle/origin-ansible-service-broker
docker.io/openshift/origin-docker-registry
docker-registry.default.svc:5000/openshift/jenkins
Q2 执行deploy时主机dns导致连外网失败
临时解决方案更改/etc/resolv.confecho nameserver 114.114.114.114 >>/etc/resolv.conf
"OpenShift-OKD3.10基础环境的部署"的内容就介绍到这里了,感谢大家的阅读。如果想了解更多行业相关的知识可以关注网站,小编将为大家输出更多高质量的实用文章!
