最近一直在研究公司的容器云发展方向,调研了国内外相关的PaaS产品,并进行了比较。其中Redhat的OpenShift作为了一项研究内容,通过阅读《开源容器云OpenShift构建基于企业应用云平台》的书,再加之在东家公司也开始用这个框架作为基础开发自己的容器云,所以就开始深入的研究了该框架。首先是要对其进行评估了,搭建是必不可少的环境,下面就整理了一下cluster的部署方式及其中遇到的一些问题,留做以后进行查看。
1、准备部署环境信息配置,该环境使用的VMware虚拟机作为基础,一个master,两个node。
注:master的分区一定要注意,var至少要在30G以上,同时挂载的扩展盘(sdb)不要进行格式化。
2、设置每个vm的hostname(master),node节点要做master的域名解析,否则会按照node节点时会报错
hostnamectl set-hostname master.example.com
hostnamectl set-hostname node01.example.com
hostnamectl set-hostname node02.example.com
3、配置resolv,由于是直接联网进行部署,所以需要配置nameserver
vi /etc/resolv.conf
nameserver 114.114.114.114
4、安装安装OpenShift依赖软件包(全部节点)
yum install -y vim wget git net-tools build-utils iptables-services bridge-utils bash-completion bind-utils kexec-tools sos psacct atomic
5、安装容器引擎docker(全部节点),本例中使用的是docker 1.12.6
yum install -y docker-1.12.6
6、配置docker后端存储(全部节点),如果配置错误,后续安装会遇到很多问题,后面会有记录。
vim /etc/sysconfig/docker-storage-setup
DEVS=/dev/sdb
VG=docker-vg
执行docker-storage-setup,如果报错,可以执行rm -r /var/lib/docker/*,在次执行docker-storage-setup,安装完毕之后可以docker info查看后端存储。
systemctl enable docker
systemctl start docker
systemctl is-active docker
docker version
7、安装epel(master节点),因为OpenShift安装是以ansible为基础,要启用epel仓库。
yum install -y https://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
yum -y --enablerepo=epel install ansible pyOpenSSL
8、安装etcd(master节点),本次实验仅采用一个etcd,没有搭建集群
yum install -y etcd
systemctl enable etcd
systemctl start etcd
9、增加节点的域名解析(全部节点)
vim /etc/hosts
192.168.6.98 master.example.com
192.168.6.97 node01.example.com
192.168.6.96 node02.example.com
9、在master上生产ssh秘钥
ssh-keygen -f /root/.ssh/id_rsa -N ''
for host in master.example.com \
node01.example.com \
node02.example.com; \
do ssh-copy-id -i ~/.ssh/id_rsa.pub $host; \
done
10、更改Ansible的hosts配置t文件,Ansible的hosts配置文件也称为Ansible的Inventory,记录了Ansible需要操作的目标主机信息
mv /etc/ansible/hosts /etc/ansible/hosts.bak
vim /etc/ansible/hosts
# Create an OSEv3 group that contains the masters, nodes, and etcd groups
[OSEv3:children]
masters
nodes
etcd
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
# SSH user, this user should allow ssh based auth without requiring a password
ansible_ssh_user=root
# If ansible_ssh_user is not root, ansible_become must be set to true
#ansible_become=true
openshift_deployment_type=origin
openshift_release=3.7.0
openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability
openshift_template_service_broker_namespaces=['openshift','myproject']
# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvideropenshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]
# host group for masters
[masters]
master.example.com
# host group for etcd
[etcd]
master.example.com
# host group for nodes, includes region info
[nodes]
master.example.com openshift_schedulable=True openshift_node_labels="{'region': 'infra'}"
node01.example.com openshift_node_labels="{'region': 'primary', 'zone': 'east'}"
node02.example.com openshift_node_labels="{'region': 'primary', 'zone': 'west'}"
11、下载并安装ansible,直接到GitHub上下去源码,并切换3.7的分支进行执行安装
cd ~
git clone https://github.com/openshift/openshift-ansible #下载代码
cd openshift-ansible
git checkout -b release-3.7 remotes/origin/release-3.7 #切换分支
ansible-playbook ~/openshift-ansible/playbooks/byo/config.yml #执行安装
安装完毕之后可以执行oc get nodes查看cluster的列表和状态
后续配置待继续.....
遇到问题整理:
Q: Available disk space in\"/var\" (31.8 GB) is below minimum recommended (40.0 GB)
A: 系统var分区要大于40G
Q:Docker storage 配置报错
A:作为docker后端存储的设备(/dev/sdb)不能分区
Q:执行docker-storage-setup报错,
A:删除\rm -r /var/lib/docker/*重新执行
Q:/usr/bin/oc get node node02.example.com -o json -n default error from server(not found)或者FAILED-RETRY:verify that TSB is running 超时 或者TASK [openshift_manage_node : Wait for Node Registration]
A:到node上journalctl查看错误,检查是否配置master的域名解析