OpenShift 離線安裝

離線安裝 openshift 需要將安裝過程中用的 rpm 包、docker image 以及 openshift-ansible 代碼 在一臺聯網的機器上提前下載好。

本安裝文檔, 不包含 s2i 相關鏡像和監控組件的離線安裝。
本安裝文檔基于 RHEL 7.3,與 openshift 兼容的 docker rpm 包版本為 v1.9.1, 由于版本較老, api 與最新版本有出入,例如:不支持 digist 最為 tag。
如果使用 CentOS 則可安裝最新版 docker。

聯網設備下載所需軟件

本節操作,需要在一臺能聯網的 RHEL7.3 系統(與安裝 openshift 的目標機保持一致即可)上進行。

準備 RPM 包

搭建本地 YUM 源(假設 iso 掛載在 /mnt 目錄)

cat > /etc/yum.repos.d/local.repo <<'eof'
[iso-repo]
name=Local iso repo
baseurl=file:///mnt/
enable=1
gpgcheck=0
eof

添加 openshift 相關 YUM 源

cat > /etc/yum.repos.d/openshift-ansible-centos-paas-sig.repo <<'eof'
[centos-openshift-origin]
name=CentOS OpenShift Origin
baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS

[centos-openshift-origin-testing]
name=CentOS OpenShift Origin Testing
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS

[centos-openshift-origin-debuginfo]
name=CentOS OpenShift Origin DebugInfo
baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS

[centos-openshift-origin-source]
name=CentOS OpenShift Origin Source
baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
eof

添加 etcd 相關 YUM 源

cat > /etc/yum.repos.d/CentOS-Base.repo.repo <<'eof'
[extras]
name=CentOS-$releasever - Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra
baseurl=http://mirror.centos.org/centos/7.3.1611/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
eof

通過 yum 命令安裝相關軟件包時,可以選擇 “d”(只下載、不安裝),或者使用 --downloadonly 參數來獲取相關的 rpm 及其全部依賴。

master 節點涉及的包

  • origin-master-1.5.1-1.el7.x86_64
  • origin-1.5.1-1.el7.x86_64
  • origin-node-1.5.1-1.el7.x86_64
  • origin-sdn-ovs-1.5.1-1.el7.x86_64
  • origin-clients-1.5.1-1.el7.x86_64
  • tuned-profiles-origin-node-1.5.1-1.el7.x86_64

node 節點涉及的包

  • origin-clients-1.5.1-1.el7.x86_64
  • origin-1.5.1-1.el7.x86_64
  • origin-node-1.5.1-1.el7.x86_64
  • origin-sdn-ovs-1.5.1-1.el7.x86_64
  • tuned-profiles-origin-node-1.5.1-1.el7.x86_64

etcd 涉及的包

  • etcd-3.1.9-1.el7

其他

  • docker
  • iproute
  • python-dbus
  • python-six
  • PyYAML
  • yum-utils
  • ansible

下載 rpm 包

yum install --downloadonly PyYAML ansible docker etcd-3.1.9-1.el7 iproute origin-1.5.1-1.el7.x86_64 origin-1.5.1-1.el7.x86_64 origin-clients-1.5.1-1.el7.x86_64 origin-clients-1.5.1-1.el7.x86_64 origin-master-1.5.1-1.el7.x86_64 origin-node-1.5.1-1.el7.x86_64 origin-node-1.5.1-1.el7.x86_64 origin-sdn-ovs-1.5.1-1.el7.x86_64 origin-sdn-ovs-1.5.1-1.el7.x86_64 python-dbus python-six tuned-profiles-origin-node-1.5.1-1.el7.x86_64 tuned-profiles-origin-node-1.5.1-1.el7.x86_64 yum-utils

下載的 rpm 位于/var/cache/yum/,可以使用如下命令,將 rpm 拷出備用:

mkdir rpms
find /var/cache/yum/ -iname '*.rpm' -exec cp {} rpms/ \;

位于本地 YUM 源中的 rpm 不會被下載,所以在安裝 openshift 的目標機器上也需要搭建本地 YUM 源。

準備 docker images

安裝 docker

yum install -y docker

安裝過程涉及的 docker 鏡像

  • docker.io/busybox:latest
  • docker.io/openshift/origin-haproxy-router:v1.5.1
  • docker.io/openshift/origin-deployer:v1.5.1
  • docker.io/openshift/origin-sti-builder:v1.5.1
  • docker.io/openshift/origin-pod:v1.5.1
  • docker.io/openshift/origin-docker-registry:v1.5.1
  • docker.io/cockpit/kubernetes:latest
  • docker.io/openshift/origin-metrics-cassandra:latest
  • docker.io/openshift/origin-metrics-hawkular-metrics:latest
  • docker.io/openshift/origin-metrics-heapster:latest

拉取鏡像

 docker pull docker.io/busybox:latest docker.io/openshift/origin-haproxy-router:v1.5.1 docker.io/openshift/origin-deployer:v1.5.1 docker.io/openshift/origin-sti-builder:v1.5.1 docker.io/openshift/origin-pod:v1.5.1 docker.io/openshift/origin-docker-registry:v1.5.1 docker.io/cockpit/kubernetes:latest docker.io/openshift/origin-metrics-cassandra:latest docker.io/openshift/origin-metrics-hawkular-metrics:latest docker.io/openshift/origin-metrics-heapster:latest

將鏡像導出為 tar 包

docker save -o oso1.5.1-images.tar docker.io/busybox:latest docker.io/openshift/origin-haproxy-router:v1.5.1 docker.io/openshift/origin-deployer:v1.5.1 docker.io/openshift/origin-sti-builder:v1.5.1 docker.io/openshift/origin-pod:v1.5.1 docker.io/openshift/origin-docker-registry:v1.5.1 docker.io/cockpit/kubernetes:latest docker.io/openshift/origin-metrics-cassandra:latest docker.io/openshift/origin-metrics-hawkular-metrics:latest docker.io/openshift/origin-metrics-heapster:latest

拉取 playbook 代碼

git clone https://github.com/openshift/openshift-ansible

離線設備安裝

將準備好的 rpm 包、鏡像導出的 tar 包、playbook 代碼 拷貝到所有目標機器。
本節相關操作,在需要安裝 openshift 的設備上執行(離線環境)
本文檔,以兩節點 openshift 安裝為示例。

安裝 rpm

使用操作系統鏡像,搭建本地 YUM 源

mount /dev/sr0 /mnt/

cat > /etc/yum.repos.d/local.repo <<'eof'
[iso-repo]
name=Local iso repo
baseurl=file:///mnt/
enable=1
gpgcheck=0
eof

安裝 rpm 包

cd rpms
yum install ./*.rpm

刪除 rpm 安裝后生成的配置文件

 rm -rf /etc/origin/*

導入 docker 鏡像

docker load -i ose3-images.tar

準備 playbook 代碼

OpenShift-ansible 需要切換至于安裝的 OpenShift 對應的版本,OpenShift v1.5.1 對應 OpenShift-ansible v3.5.1

cd openshift-ansible
git checkout openshift-ansible-3.5.1-1

注釋掉< openshift-ansible home >/roles/openshift_repos/tasks/main.yaml 文件中的 “Configure origin yum repositories RHEL/CentOS” task,禁止生成 openshift yum repo 文件

[root@master openshift-ansible]# cat roles/openshift_repos/tasks/main.yaml
---
# TODO: Add flag for enabling EPEL repo, default to false

# TODO: Add subscription-management config, with parameters
#       for username, password, poolid(name), and official repos to
#       enable/disable. Might need to make a module that extends the
#       subscription management module to take a poolid and enable/disable the
#       proper repos correctly.

- assert:
    that: openshift_deployment_type in known_openshift_deployment_types
  when: not openshift.common.is_containerized | bool

- name: Ensure libselinux-python is installed
  package: name=libselinux-python state=present
  when: not openshift.common.is_containerized | bool

- name: Create any additional repos that are defined
  template:
    src: yum_repo.j2
    dest: /etc/yum.repos.d/openshift_additional.repo
  when: openshift_additional_repos | length > 0 and not openshift.common.is_containerized | bool
  notify: refresh cache

- name: Remove the additional repos if no longer defined
  file:
    dest: /etc/yum.repos.d/openshift_additional.repo
    state: absent
  when: openshift_additional_repos | length == 0 and not openshift.common.is_containerized | bool
  notify: refresh cache

- name: Configure origin gpg keys if needed
  copy:
    src: origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS
    dest: /etc/pki/rpm-gpg/
  notify: refresh cache
  when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora"
        and openshift_deployment_type == 'origin'
        and not openshift.common.is_containerized | bool
        and openshift_enable_origin_repo | default(true) | bool

#- name: Configure origin yum repositories RHEL/CentOS
#  copy:
#    src: origin/repos/openshift-ansible-centos-paas-sig.repo
#    dest: /etc/yum.repos.d/
#  notify: refresh cache
#  when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora"
#        and openshift_deployment_type == 'origin'
#        and not openshift.common.is_containerized | bool
#        and openshift_enable_origin_repo | default(true) | bool    

其他配置

在 /etc/hosts 中添加相關機器的域名解析

192.168.12.170 master.openshift.blabla.local
192.168.12.171 node.openshift.blabla.local

配置 ssh 無密碼登錄

ssh-keygen
ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.12.170
ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.12.171

安裝 openshift

本小結操作,在 master 節點進行

在 /etc/ansible/hosts 中配置節點信息

# Create an OSEv3 group that contains the masters, nodes, and etcd groups
[OSEv3:children]
masters
nodes
etcd
 
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
ansible_ssh_user=root
deployment_type=origin

[masters]
master.openshift.blabla.local
 
# host group for etcd
[etcd]
node.openshift.blabla.local
 
# host group for nodes, includes region info
[nodes]
master.openshift.blabla.local openshift_node_labels="{'region': 'infra', 'zone': 'default'}"
node.openshift.blabla.local openshift_node_labels="{'region': 'primary', 'zone': 'west'}"

ansible ping測試:

[root@master ~]#  ansible all -m ping
master.openshift.blabla.local | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
node02.openshift.blabla.local | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

安裝

ansible-playbook playbooks/byo/config.yml

執行 ansible-playbook 之前,務必確認各節點主機名是否正確

Links

最后編輯于
?著作權歸作者所有,轉載或內容合作請聯系作者
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發布,文章內容僅代表作者本人觀點,簡書系信息發布平臺,僅提供信息存儲服務。

推薦閱讀更多精彩內容