centos7.7 安装 OKD 3.11

访问量:1618 创建时间:2020-04-13

openshift有企业版和社区版的区别，OKD为openshift的社区版。 OKD官方网站为：OKD官网地址 OKD官方文档地址官方文档地址 openshift的官网：openshift官网 openshift官方文档：官方文档地址

OKD3.11 与4版本差距巨大，也无法从3版本升级到4版本。

环境

IP	系统版本	节点功能
192.168.0.125	CentOS Linux release 7.7.1908 (Core)	okd-master
192.168.0.126	CentOS Linux release 7.7.1908 (Core)	okd-node1
192.168.0.127	CentOS Linux release 7.7.1908 (Core)	okd-node2
192.168.0.128	CentOS Linux release 7.7.1908 (Core)	okd-node3

安装前准备

配置语言为英文

localectl set-locale LANG=en_US.utf8
reboot

开启selinux（...操作省略）
设置sysctl.conf

[root@okd-master ~]# sysctl net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
[root@okd-master ~]# echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf

关闭防火墙，启用iptables(8443为管理web console的监听端口)

systemctl stop firewalld.service
systemctl disable firewalld.service
yum install iptables-services
/sbin/iptables -I INPUT -p tcp --dport 8443 -j ACCEPT
service iptables save
systemctl restart iptables.service 
systemctl enable iptables.service

安装依赖包

yum install -y wget git ntp net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct nfs-utils yum-utils docker NetworkManager

配置docker源

cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}
systemctl daemon-reload
systemctl enable docker
systemctl restart docker
systemctl is-active docker

配置aliyun centos7 yum源

可以将repo文件中的http修改为https

mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

安装ansible,推荐版本>=2.6.5,不要用最新的2.9.6会安装失败,缺少的依赖包请根据自己的情况yum安装

wget https://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311/ansible-2.6.5-1.el7.noarch.rpm
rpm -ivh ansible-2.6.5-1.el7.noarch.rpm

配置/etc/hosts

cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.125 okd-master
192.168.0.126 okd-node1
192.168.0.127 okd-node2
192.168.0.128 okd-node3

设置hostname 根据自己情况设置(这里只展示okd-master机器设置)

hostnamectl set-hostname okd-master

配置免密登陆

ssh-keygen
ssh-copy-id -i .ssh/id_rsa.pub root@okd-master
ssh-copy-id -i .ssh/id_rsa.pub root@okd-node1
ssh-copy-id -i .ssh/id_rsa.pub root@okd-node2
ssh-copy-id -i .ssh/id_rsa.pub root@okd-node3

配置ansible的hosts文件

[root@okd-master ~]# cat okd.hosts  | grep -v '^#'
[OSEv3:children]
masters
nodes
etcd

[OSEv3:vars]
ansible_ssh_user=root
openshift_deployment_type=origin
openshift_image_tag=v3.11
ansible_become=true

openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_disable_check=memory_availability,disk_availability,docker_image_availability

os_sdn_network_plugin_name=redhat/openshift-ovs-multitenant

openshift_hosted_router_replicas=1
openshift_hosted_registry_replicas=1
openshift_master_cluster_hostname=okd-master
openshift_master_cluster_public_hostname=okd-master
openshift_master_default_subdomain=okd-master

openshift_master_cluster_method=native
openshift_public_ip=192.168.0.125

ansible_service_broker_install=false
openshift_enable_service_catalog=false
template_service_broker_install=false
openshift_logging_install_logging=false

openshift_docker_options="--log-driver json-file --log-opt max-size=1M --log-opt max-file=3"

[masters]
okd-master

[etcd]
okd-master

[nodes]
okd-master openshift_node_group_name='node-config-master'
okd-node1 openshift_node_group_name='node-config-compute'
okd-node1 openshift_node_group_name='node-config-infra'
okd-node2 openshift_node_group_name='node-config-compute'
okd-node2 openshift_node_group_name='node-config-infra'
okd-node3 openshift_node_group_name='node-config-compute'
okd-node3 openshift_node_group_name='node-config-infra'

测试ansible

[root@okd-master ~]# ansible -i okd.hosts  nodes --user=root -m copy -a 'src=/etc/hosts dest=/etc/hosts'

下载ansible安装文件

git clone -b release-3.11 https://github.com/openshift/openshift-ansible.git

安装前检查

cp okd.hosts /etc/ansible/hosts
ansible-playbook openshift-ansible/playbooks/prerequisites.yml

修改open-shift的yum源

[root@okd-master ~]# cat /etc/yum.repos.d/CentOS-OpenShift-Origin311.repo 
[centos-openshift-origin311]
name=CentOS OpenShift Origin

# 这里改成阿里云的源
baseurl=https://mirrors.aliyun.com/centos/7/paas/x86_64/openshift-origin311/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-testing]
name=CentOS OpenShift Origin Testing
baseurl=https://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-debuginfo]
name=CentOS OpenShift Origin DebugInfo
baseurl=https://debuginfo.centos.org/centos/7/paas/x86_64/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-source]
name=CentOS OpenShift Origin Source
baseurl=https://vault.centos.org/centos/7/paas/Source/openshift-origin311/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

开始安装：

[root@okd-master ~]# ansible-playbook openshift-ansible/playbooks/deploy_cluster.yml
……………省略部分输出………………
PLAY RECAP *******************************************************************************************************************
localhost                  : ok=11   changed=0    unreachable=0    failed=0   
okd-master                 : ok=542  changed=202  unreachable=0    failed=0   
okd-node1                  : ok=124  changed=37   unreachable=0    failed=0   
okd-node2                  : ok=124  changed=37   unreachable=0    failed=0   
okd-node3                  : ok=124  changed=37   unreachable=0    failed=0   

INSTALLER STATUS *********************************************************************************************************************
Initialization               : Complete (0:00:35)
Health Check                 : Complete (0:00:09)
Node Bootstrap Preparation   : Complete (0:04:47)
etcd Install                 : Complete (0:01:06)
Master Install               : Complete (0:05:38)
Master Additional Install    : Complete (0:00:54)
Node Join                    : Complete (0:01:17)
Hosted Install               : Complete (0:01:13)
Cluster Monitoring Operator  : Complete (0:09:03)
Web Console Install          : Complete (0:01:43)
Console Install              : Complete (0:01:48)
#没有failed表示安装成功
#如需重新安装，先卸载（重装不卸载会重复启动相同功能的组件）
#ansible-playbook ~/openshift-ansible/playbooks/adhoc/uninstall.yml
#安装后查看集群节点
#[root@okd-master ~]# oc get nodes

添加账号密码

[root@okd-master ~]# htpasswd -cb /etc/origin/master/htpasswd admin okd123456
Adding password for user admin
[root@okd-master ~]# oc adm policy add-cluster-role-to-user cluster-admin admin
Warning: User 'admin' not found
cluster role "cluster-admin" added: "admin"

#在浏览器中访问：
# https://okd-master:8443/     admin   okd123456

至此基本安装完成

<< 上一章节

下一章节 >>

登陆评论: 使用GITHUB登陆