openshift 3.11 集群安装
- 本次安装按照3 master和3 node 的架构来进行
master1:192.168.15.235 centos 7.6
master2:192.168.15.236 centos 7.6
master3:192.168.10.237 centos 7.6
1.在Router上 安装ansible 方便3个master节点的批量安装
#需要先安装pip工具
方法1:
yum install python-pip # 当该方法安装提示没有pip 安装包时,请按方法2来安装
方法2:
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python get-pip.py
2.编辑所有服务的hosts文件,先编辑Router服务器hosts,再通过ansible发送到3台master
vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.15.235 www.oc.downtown8.com master1
192.168.15.236 master2.oc.downtown8.com master2
192.168.15.237 master3.oc.downtown8.com master3
# 编辑/etc/ansible/hosts 分为master 和All组,Router
[master]
192.168.15.235
192.168.15.236
192.168.15.237
# 通过ansible 将hosts 文件发送到3台master
ansible master -m copy -a"src=/etc/ansible/hosts dest=/etc/ansible/hosts"
3.安装基础包
ansible all -m shell -a"yum install wget git net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct atomic vim sshpass lrzsz wget telnet htop iotop iftop iptraf tofrodos lsof iperf tracerote policycoreutils-python pyOpenSSL python-lxml java-1.8.0-openjdk-headless python-passlib NetworkManager http-tools -y"
4.关闭firewall,开启ipatables
ansible all -m shell -a"systemctl start iptables && systemctl enable iptables && iptables -F"
ansible all -m shell -a"systemctl start NetworkManager"
5. 安装Docker,开启docker服务自启动,并启动docker服务
ansible all -m shell -a"yum install docker-1.13.1 -y"
ansible all -m shell -a"systemctl enable docker"
ansible all -m shell -a"systemctl start docker"
启动docker过程中可能会出现一个错误Error starting daemon: SELinux is not supported with the overlay2 graph driver on this kernel. Either boot into a newer kernel or disabl…nabled=false
解决方法有两个,要么启动一个新内核,要么就在docker配置文件里面里禁用selinux,—selinux-enabled=false
修改/etc/sysconfig/docker 为下面格式
OPTIONS='--selinux-enabled=false --log-driver=journald --signature-verification=false --insecure-registry 172.30.0.0/16’
6.配置docker images 加速器,使用阿里云源
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://ykvm1unz.mirror.aliyuncs.com"]
}
EOF
ansible master -m copy -a"src=/etc/docker/daemon.json dest=/etc/docker/daemon.json"
重启docker
ansible all -m shell -a "systemctl daemon-reload&&systemctl restart docker"
7.拉取openshfit-ansible (仅master执行)
git clone -b release-3.11 https://github.com/openshift/openshift-ansible
由于github访问非常慢,所以可以自己搭一个**来加速,具体教程可以点击一下链接
https://xeylon.com/server/140.html
8.修改/etc/sysctl.conf
vim /etc/sysctl.conf
net.ipv4.ip_forward = 0 改成 net.ipv4.ip_forward = 1
vim /etc/selinux/config
SELINUX=permissive
9.配置/etc/ansible/hosts 文件
[OSEv3:children]
masters
nodes
etcd
[OSEv3:vars]
ansible_ssh_user=root
deployment_type=origin
openshift_deployment_type=origin
openshift_release=v3.11
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login':'true','challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_master_htpasswd_file=/etc/origin/master/htpasswd
openshift_master_cluster_method=native
openshift_master_cluster_hostname=www.oc.cgs.com
openshift_master_cluster_public_hostname=www.oc.cgs.com
openshift_master_default_subdomain=oc.cgs.com
openshift_hosted_registry_cert_expire_days=36500
openshift_ca_cert_expire_days=36500
openshift_node_cert_expire_days=36500
openshift_master_cert_expire_days=36500
openshift_disable_check=memory_availability,disk_availability,package_availability,package_update,docker_image_availability,docker_storage_driver,docker_storage
openshift_hosted_router_selector='role=infra'
openshift_hosted_registry_selector='role=infra'
openshift_logging_install_logging=true
openshift_enable_service_catalog=true
template_service_broker_install=true
openshift_metrics_install_metrics=true
openshift_metrics_image_version=v3.11
openshift_metrics_cassandra_storage_type=dynamic
openshift_metrics_cassandra_storage_class_name=gluster01
openshift_metrics_cassandra_pvc_size=20Gi
openshift_metrics_cassandra_limits_memory=2Gi
openshift_metrics_cassandra_requests_memory=1Gi
openshift_metrics_cassandra_limits_cpu=500m
openshift_metrics_cassandra_requests_cpu=200m
openshift_metrics_hawkular_limits_cpu=500m
openshift_metrics_hawkular_requests_cpu=200m
openshift_metrics_hawkular_requests_memory=1Gi
openshift_metrics_hawkular_limits_memory=2Gi
openshift_metrics_heapster_limits_memory=256Mi
openshift_metrics_heapster_limits_cpu=200m
openshift_metrics_heapster_requests_memory=128Mi
openshift_metrics_heapster_requests_cpu=50m
openshift_metrics_duration=7
openshift_metrics_resolution=30s
[masters]
master1
master2
master3
[etcd]
master1
master2
master3
[nodes]
master1 openshift_node_group_name='node-config-master-infra'
master2 openshift_node_group_name='node-config-master-infra'
master3 openshift_node_group_name='node-config-master-infra'
node1 openshift_node_group_name='node-config-compute'
node2 openshift_node_group_name='node-config-compute'
node3 openshift_node_group_name='node-config-compute'
10.执行预安装
ansible-playbook ~/openshift-ansible/playbooks/prerequisites.yml
11.安装
ansible-playbook ~/openshift-ansible/playbooks/deploy_cluster.yml
12.用户创建授权
htpasswd -cb /etc/origin/master/htpasswd admin "******"
oc adm policy add-role-to-user cluster-admin admin
oc adm policy add-cluster-role-to-user cluster-admin admin