Openshift3.9部署手冊

說明:本文主要介紹通過Ansible來部署Openshift 3.9

一、準備

系統準備

節點類型 說明
Masters
物理主機或者虛擬機
系統:Fedora 21, CentOS 7.3, 7.4或者7.5
最少4vCPU
最少16GB內存
/var/最少40GB空間
/usr/local/bin最少1GB空間
容器臨時目錄最少1GB空間
?
Nodes
物理主機或者虛擬機
系統:Fedora 21, CentOS 7.3, 7.4或者7.5
NetworkManager版本1.0以上
最少1vCPU
最少8GB內存
/var/最少15GB空間
/usr/local/bin最少1GB空間
容器臨時目錄最少1GB空間
?
額外的etcd節點
最少20GB用來存儲etcd數據
?

注:在安裝時可以通過ansible_inventory的配置忽略以上系統要求
擴展:對于生產部署時,Master的配置要求計算規則如下:每1000個pods需要額外的1核CPU和1.5GB內存。因此如果要滿足支持2000個pods的話,Master節點需要在最低配置2核CPU和16GB內存的基礎上再加2核CPU和3GB內存,共4核CPU 19GB內存。

安裝準備

  1. 關閉防火墻及selinux

    systemctl disable firewalld
systemctl stop firewalld
sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
setenforce 0

  2. 更改yum源 base74 、 openshift-3.9 、 epel 、 updates 和 extras。

     #/etc/yum.repos.d/all.repo
[base]
name=CentOS-$releasever - Base
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/os/$basearch/
gpgcheck=0
[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/updates/$basearch/
gpgcheck=0
[extras]
name=CentOS-$releasever - Extras
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/extras/$basearch/
gpgcheck=0
[openshift-3.9]
name=Openshift 3.9
baseurl=http://mirrors.ustc.edu.cn/centos/$releasever/paas/$basearch/openshift-origin39/
gpgcheck=0
[epel]
name=Centos EPEL
baseurl=http://mirrors.ustc.edu.cn/epel/7/$basearch/
gpgcheck=0

    清除緩存

     yum makecache

二、安裝

  1. 安裝需要的軟件包

     yum install vim git ansible wget java-1.8.0-openjdk httpd-tools python-passlib docker -y

  2. 下載openshift ansible部署腳本

     git clone https://github.com/openshift/openshift-ansible.git -b release-3.9

  3. 禁用ansible腳本中的指定repo

     sed -i 's/enabled=1/enabled=0/g' ./roles/openshift_repos/templates/CentOS-OpenShift-Origin.repo.j2

  4. 設置hostsname
    a. 在 /etc/hosts 添加ip映射

    # /etc/hosts
192.168.2.3 openshift

    b. 更新本機hostname

     hostnamectl set-hostname --static openshift

  5. 設置本地ssh無密鑰登錄

     ssh-keygen -t rsa
 ssh-copy-id -i ~/.ssh/id_rsa.pub root@openshift
 #或將id_rsa.pub內容添加到~/.ssh/authorized_keys中

  6. 配置ansible hosts

    [OSEv3:children]
masters
nodes
etcd
nfs

[OSEv3:vars]
ansible_ssh_user=root
openshift_deployment_type=origin
deployment_type=origin
openshift_release=v3.9

#如果使用自己的鏡像的話/etc/sysconfig/docker中會添加ADD_REGISTRY='--add-registry harbor.apps.com'
#oreg_url=harbor.apps.com/openshift/origin-${component}:${version}
#system_images_registry=harbor.apps.com
#openshift_examples_modify_imagestreams=true
#openshift_docker_additional_registries=harbor.apps.com
#openshift_service_catalog_image_prefix=harbor.apps.com/openshift/origin-
#openshift_metrics_image_prefix=harbor.apps.com/openshift/origin-
#openshift_logging_image_prefix=harbor.apps.com/openshift/origin-
#ansible_service_broker_image_prefix=harbor.apps.com/openshift/origin-
#ansible_service_broker_etcd_image_prefix=harbor.apps.com/openshift/origin-
#openshift_metrics_image_version=v3.9

openshift_enable_service_catalog=false
template_service_broker_install=false
ansible_service_broker_install=false

openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login':'true','challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_master_htpasswd_file=/etc/origin/master/htpasswd
openshift_enable_unsupported_configurations=True
openshift_docker_options="-l warn --ipv6=false --insecure-registry=0.0.0.0/0 --registry-mirror=https://docker.mirrors.ustc.edu.cn --log-opt max-size=1M --log-opt max-file=3"
openshift_disable_check=memory_availability,disk_availability,package_availability,package_update,docker_image_availability,docker_storage_driver,docker_storage
openshift_master_default_subdomain=apps.openshift

openshift_metrics_install_metrics=true
openshift_hosted_metrics_public_url=https://hawkular-metrics.apps.openshift/hawkular/metrics

openshift_logging_install_logging=true
openshift_hosted_etcd_storage_kind=nfs
openshift_hosted_etcd_storage_nfs_options="*(rw,root_squash,sync,no_wdelay)"
openshift_hosted_etcd_storage_nfs_directory=/nfs-data 
openshift_hosted_etcd_storage_volume_name=etcd-vol2 
openshift_hosted_etcd_storage_access_modes=["ReadWriteOnce"]
openshift_hosted_etcd_storage_volume_size=1G
openshift_hosted_etcd_storage_labels={'storage': 'etcd'}

ansible_service_broker_image_prefix=registry.access.redhat.com/openshift3/ose-
ansible_service_broker_registry_url=registry.access.redhat.com
ansible_service_broker_registry_user=<user_name>
ansible_service_broker_registry_password=<password>
ansible_service_broker_registry_organization=<organization>

[masters]
openshift
[etcd]
openshift
[nfs]
openshift
[nodes]
openshift openshift_node_labels="{'region': 'infra', 'zone':'default'}" openshift_schedulable=true

  7. 如果要修改為自己的鏡像倉庫的話,還需要更改幾個yaml文件

    # roles/openshift_web_console/defaults/main.yml(去掉docker.io/)
openshift_web_console_image_dict:
    origin:
        prefix: "openshift/origin-"
        version: "{{ openshift_image_tag }}"
        image_name: "web-console"

  8. 執行安裝腳本

    ansible-playbook playbooks/prerequisites.yml
ansible-playbook playbooks/deploy_cluster.yml

  9. 創建管理員賬號

    htpasswd -b /etc/origin/master/htpasswd admin admin
oc adm policy add-cluster-role-to-user cluster-admin admin

三、展示

首頁展示
項目主頁展示
鏡像倉庫頁展示

參考文章
Openshift 3.9官方高級安裝手冊

最后編輯于
?著作權歸作者所有,轉載或內容合作請聯系作者
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發布,文章內容僅代表作者本人觀點,簡書系信息發布平臺,僅提供信息存儲服務。

推薦閱讀更多精彩內容