openshift 3.11安装

开源openshift确实很坑人,今天折腾了一天,晚上重新开始,终于有些眉目了!

本次安装使用环境

Hostname: master-openshift.example.com IP: 192.168.188.10 OS: centos74 Memory:32G CPU:2
Hostname: node-openshift.example.com IP: 192.168.188.20 OS: centos74 Memory:32G CPU:2
Disk1: 200G
Disk2:50G

一、 CentOS 7.4安装openshift 3.11参考资料

  • OpenShift官网:https://www.openshift.com/
  • Github:https://github.com/openshift/origin

主机设置

  • 安装CentOS7.4操作系统,本次选择“基础服务器”
  • 关闭防火墙
systemctl disable firewalld
systemctl  stop firewalld
  • 将selinux设置为permissive状态
vim /etc/sysconfig/selinux
SELINUX=permissive  #设置为permissive
  • 设置路由转发
vim /etc/sysctl.d/91-openshift.conf
        net.ipv4.ip_forward=1
  • 执行安装openshift前更新操作系统及安装必要的必要软件(master、node都需要执行)
192.168.188.10  master-openshift.example.com master 
192.168.188.20  master-openshift.example.com master 
  • 更新操作系统
yum update -y ;reboot
  • 安装软件
yum install  wget  git  net-tools  bind-utils yum-utils iptables-services bridge-utils \
 bash-completion  kexec-tools sos psacct   ansible pyOpenSSL -y

二、安装docker,所有节点都需要安装docker ,安装完成之后暂不启动docker

yum -y install  centos-release-openshift-origin311  docker
#需要在master、node2台机器执行
yum install  openshift-ansible.noarch -y
#只需要在master安装

三、配置docker存储,所有节点均需要执行

  • 需要机器上有可用的LVM卷组或者创建卷组
pvcreate /dev/sdb
vgcreate vg1  /dev/sdb
  • 配置docker存储配置文件/etc/sysconfig/docker-storage-setup
 echo VG=vg1  >> /etc/sysconfig/docker-storage-setup
  • 启动docker服务
systemctl restart docker 
systemctl enable docker 

-修改docker 镜像源,配置文件/etc/containers/registries.conf

registries = ['hub-mirror.c.163.com', 'docker.io']

-(可选)添加openshift3.11国内软件源

[centos-openshift-origin311]
name=CentOS OpenShift Origin
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-testing]
name=CentOS OpenShift Origin Testing
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin311/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-debuginfo]
name=CentOS OpenShift Origin DebugInfo
baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

[centos-openshift-origin311-source]
name=CentOS OpenShift Origin Source
baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin311/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS

四、配置SSH无密钥登录,需要在master节点配置

$ ssh-keygen
$ ssh-copy-id  [email protected]
$ ssh-copy-id  [email protected]

五、配置ansible hosts文件,配置如下vim /etc/ansible/hosts

[OSEv3:children]
masters
nodes
etcd

# Set variables common for all OSEv3 hosts
[OSEv3:vars]
# SSH user, this user should allow ssh based auth without requiring a password
ansible_ssh_user=root
openshift_deployment_type=origin
openshift_image_tag=v3.11
# If ansible_ssh_user is not root, ansible_become must be set to true
#ansible_become=true


# default selectors for router and registry services
# openshift_router_selector='node-role.kubernetes.io/infra=true'
# openshift_registry_selector='node-role.kubernetes.io/infra=true'

# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_disable_check=memory_availability,disk_availability,docker_image_availability

os_sdn_network_plugin_name=redhat/openshift-ovs-multitenant

# new 2018-11--5 14:40:00
# 方便访问使用,指定web console 端口为443以及域名
#openshift_master_api_port=443
#openshift_master_console_port=443
openshift_hosted_router_replicas=1
openshift_hosted_registry_replicas=1
openshift_master_cluster_hostname=master-openshift.example.com
openshift_master_cluster_public_hostname=master-openshift.example.com
openshift_master_default_subdomain=apps.example.com

openshift_master_cluster_method=native
openshift_public_ip=192.168.188.10
# false
ansible_service_broker_install=false
openshift_enable_service_catalog=false
template_service_broker_install=false
openshift_logging_install_logging=false

# registry passwd
#oreg_url=172.16.37.12:5000/openshift3/ose-${component}:${version}
#openshift_examples_modify_imagestreams=true

# docker config
#openshift_docker_additional_registries=172.16.37.12:5000,172.30.0.0/16
#openshift_docker_insecure_registries=172.16.37.12:5000,172.30.0.0/16
#openshift_docker_blocked_registries
openshift_docker_options="--log-driver json-file --log-opt max-size=1M --log-opt max-file=3"

# openshift_cluster_monitoring_operator_install=false
# openshift_metrics_install_metrics=true
# openshift_enable_unsupported_configurations=True
#openshift_logging_es_nodeselector='node-role.kubernetes.io/infra: "true"'
#openshift_logging_kibana_nodeselector='node-role.kubernetes.io/infra: "true"'
# host group for masters

[masters]
master-openshift.example.com

[etcd]
master-openshift.example.com

[nodes]
master-openshift.example.com  openshift_node_group_name='node-config-master'
node-openshift.example.com    openshift_node_group_name='node-config-compute'
#master-openshift.example.com  openshift_node_group_name='node-config-infra'

六、在master节点执行openshift安装命令

ansible-playbook /usr/share/ansible/openshift-ansible/playbooks/deploy_cluster.yml

七、创建openshift用户,在anisble 清单文件设置openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}],已经将登录验证方式改为http密码,只需要创建用户即可,不需要修改/etc/origin/master/master-config.yaml

$ htpasswd  -b  htpasswd  admin admin123

八、安装结束

  • 命令行校验
[root@master-openshift master]# oc get pods
NAME                           READY     STATUS      RESTARTS   AGE
php-1-build                     0/1       Completed   0          21m
php-1-qlndc                    1/1        Running       0          16m
pythonapp-1-build        0/1       Completed   0          47m
pythonapp-1-mcs95      1/1       Running       0          36m
pythonapp-1-rxf47        1/1       Running       0          40m
[root@master-openshift master]# 
  • 使用网页登录 https://master-openshift.example.com:8443,用户名admin,密码admin123

    openshift 3.11安装_第1张图片

    1.PNG

     

  • 命令行测试

[root@master-openshift master]# oc login https://master-openshift.example.com:8443 -u admin
Authentication required for https://master-openshift.example.com:8443 (openshift)
Username: admin
Password: 
Login successful.
You have one project on this server: "pythontraining"

Using project "pythontraining".

[root@master-openshift master]# oc new-project  demo
Now using project "demo" on server "https://master-openshift.example.com:8443".
You can add applications to this project with the 'new-app' command. For example, try:
    oc new-app centos/ruby-25-centos7~https://github.com/sclorg/ruby-ex.git
to build a new example application in Ruby.

[root@master-openshift master]# oc new-app  https://github.com/openshift/cakephp-ex.git  --name=demoapp1
--> Found image 4039444 (2 weeks old) in image stream "openshift/php" under tag "7.1" for "php"

    Apache 2.4 with PHP 7.1 
    ----------------------- 
    PHP 7.1 available as container is a base platform for building and running various PHP 7.1 applications and frameworks. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.

    Tags: builder, php, php71, rh-php71

    * The source repository appears to match: php
    * A source build using source code from https://github.com/openshift/cakephp-ex.git will be created
      * The resulting image will be pushed to image stream tag "demoapp1:latest"
      * Use 'start-build' to trigger a new build
    * This image will be deployed in deployment config "demoapp1"
    * Ports 8080/tcp, 8443/tcp will be load balanced by service "demoapp1"
      * Other containers can access this service through the hostname "demoapp1"

--> Creating resources ...
    imagestream.image.openshift.io "demoapp1" created
    buildconfig.build.openshift.io "demoapp1" created
    deploymentconfig.apps.openshift.io "demoapp1" created
    service "demoapp1" created
--> Success
    Build scheduled, use 'oc logs -f bc/demoapp1' to track its progress.
    Application is not exposed. You can expose services to the outside world by executing one or more of the commands below:
     'oc expose svc/demoapp1' 
    Run 'oc status' to view your app.
[root@master-openshift master]# oc logs -f bc/demoapp1
Cloning "https://github.com/openshift/cakephp-ex.git" ...
    Commit: c1b7cdc5ff9bc1f04ef3a3bda896d9b1456e0204 (Merge pull request #107 from liangxia/url)
    Author: Honza Horak 
    Date:   Mon Oct 15 10:09:08 2018 +0200
Using docker-registry.default.svc:5000/openshift/php@sha256:0940fdfa498704074783a9c5bda2f27c1b24b288357f27278c1824e2e025895a as the s2i builder image
---> Installing application source...
Found 'composer.json', installing dependencies using composer.phar...
Downloading https://getcomposer.org/installer, attempt 1/6
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  257k  100  257k    0     0  67134      0  0:00:03  0:00:03 --:--:-- 67130
All settings correct for using Composer
Downloading...
Composer (version 1.8.0) successfully installed to: /opt/app-root/src/composer.phar
Use it: php composer.phar
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Package operations: 74 installs, 0 updates, 0 removals
  - Installing cakephp/plugin-installer (1.1.0): Downloading (100%)
  - Installing aura/intl (3.0.0): Downloading (100%)
  - Installing symfony/yaml (v3.4.8): Downloading (100%)
  - Installing symfony/polyfill-mbstring (v1.7.0): Downloading (100%)
  - Installing psr/log (1.0.2): Downloading (100%)
  - Installing symfony/debug (v3.4.8): Downloading (100%)
  - Installing symfony/console (v3.4.8): Downloading (100%)
  - Installing symfony/filesystem (v3.4.8): Downloading (100%)
  - Installing symfony/config (v3.4.8): Downloading (100%)
  - Installing robmorgan/phinx (v0.8.1): Downloading (100%)
  - Installing psr/http-message (1.0.1): Downloading (100%)
....(此处省略)
> Cake\Composer\Installer\PluginInstaller::postAutoloadDump
> App\Console\Installer::postInstall
Created `/opt/app-root/src/logs` directory
Created `/opt/app-root/src/tmp` directory
Created `/opt/app-root/src/tmp/cache` directory
Created `/opt/app-root/src/tmp/cache/models` directory
Created `/opt/app-root/src/tmp/cache/persistent` directory
Created `/opt/app-root/src/tmp/cache/views` directory
Created `/opt/app-root/src/tmp/sessions` directory
Created `/opt/app-root/src/tmp/tests` directory
Permissions set on /opt/app-root/src/tmp/cache
Permissions set on /opt/app-root/src/tmp/cache/models
Permissions set on /opt/app-root/src/tmp/cache/persistent
Permissions set on /opt/app-root/src/tmp/cache/views
Permissions set on /opt/app-root/src/tmp/sessions
Permissions set on /opt/app-root/src/tmp/tests
Permissions set on /opt/app-root/src/tmp
Permissions set on /opt/app-root/src/logs
No Security.salt placeholder to replace.
=> sourcing 20-copy-config.sh ...
---> 08:10:11     Processing additional arbitrary httpd configuration provided by s2i ...
=> sourcing 00-documentroot.conf ...
=> sourcing 50-mpm-tuning.conf ...
=> sourcing 40-ssl-certs.sh ...
Pushing image docker-registry.default.svc:5000/demo/demoapp1:latest ...
Pushed 0/10 layers, 1% complete
Pushed 1/10 layers, 12% complete
Pushed 2/10 layers, 20% complete
Push successful

[root@master-openshift master]# oc get pods
NAME               READY     STATUS      RESTARTS   AGE
demoapp1-1-564m8   1/1       Running     0          3m
demoapp1-1-build   0/1       Completed   0          9m

[root@master-openshift master]# oc get dc
NAME       REVISION   DESIRED   CURRENT   TRIGGERED BY
demoapp1   1          1         1         config,image(demoapp1:latest)

[root@master-openshift master]# oc scale --replicas=10 dc demoapp1
deploymentconfig.apps.openshift.io/demoapp1 scaled

[root@master-openshift master]# oc get pods
NAME               READY     STATUS      RESTARTS   AGE
demoapp1-1-564m8   1/1       Running     0          3m
demoapp1-1-7twmv   1/1       Running     0          9s
demoapp1-1-bh8jg   1/1       Running     0          9s
demoapp1-1-build   0/1       Completed   0          9m
demoapp1-1-dbbz7   1/1       Running     0          9s
demoapp1-1-kpb4w   1/1       Running     0          9s
demoapp1-1-kvf76   1/1       Running     0          9s
demoapp1-1-m84nf   1/1       Running     0          9s
demoapp1-1-mw2bd   1/1       Running     0          9s
demoapp1-1-p5l7w   1/1       Running     0          9s
demoapp1-1-xbxz6   1/1       Running     0          9s

[root@master-openshift master]# oc scale --replicas=2 dc demoapp1
deploymentconfig.apps.openshift.io/demoapp1 scaled

[root@master-openshift master]# oc get pods
NAME               READY     STATUS        RESTARTS   AGE
demoapp1-1-564m8   1/1       Running       0          3m
demoapp1-1-bh8jg   0/1       Terminating   0          22s
demoapp1-1-build   0/1       Completed     0          9m
demoapp1-1-dbbz7   1/1       Terminating   0          22s
demoapp1-1-kpb4w   0/1       Terminating   0          22s
demoapp1-1-kvf76   1/1       Running       0          22s
demoapp1-1-mw2bd   0/1       Terminating   0          22s
demoapp1-1-xbxz6   0/1       Terminating   0          22s


[root@master-openshift master]# oc get pods
NAME               READY     STATUS      RESTARTS   AGE
demoapp1-1-564m8   1/1       Running     0          4m
demoapp1-1-build   0/1       Completed   0          9m
demoapp1-1-kvf76   1/1       Running     0          31s



 

你可能感兴趣的:(Docker)