shikaifeng / ceshi Goto Github PK
View Code? Open in Web Editor NEWLicense: Apache License 2.0
License: Apache License 2.0
类型 | cpu | 内存 | 主机名 | IP地址 |
---|---|---|---|---|
master节点 | 4核 | 16G | master-openshift.idc.yst.com.cn | 10.213.3.176 |
node节点-1 | 4核 | 8G | node01-openshift.idc.yst.com.cn | 10.213.3.177 |
node节点-2 | 4核 | 8G | node02-openshift.idc.yst.com.cn | 10.213.3.178 |
nfs服务器 | 10.213.3.176/177/178已挂载nfs服务器目录,挂载地址为:10.213.3.60:/data;挂载点为:/home/data | 10.213.3.60 |
注,操作系统版本:CentOS 7.3 以上
官方系统要求参考文档
[root@master ~]# cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
hostnamectl set-hostname master-openshift.idc.yst.com.cn
hostname -f的结果要跟hostname一样
hostnamectl --transient、hostnamectl --static、 hostnamectl --pretty
三个命令得出的结果要一致,如果不一致,则要自己设置下
hostnamectl set-hostname master-openshift.idc.yst.com.cn
hostnamectl --pretty set-hostname master-openshift.idc.yst.com.cn
hostnamectl --static set-hostname master-openshift.idc.yst.com.cn
hostnamectl --transient set-hostname master-openshift.idc.yst.com.cn
注,要为服务申请dns域名解析。提交变更单向运维申请域名
centos 的网络默认是没有激活,需要手动进行激活。如果网络未激活会导致后续安装失败。
[root@master ~]# systemctl show NetworkManager | grep ActiveState
ActiveState=inactive
systemctl enable NetworkManager
systemctl start NetworkManager
[root@master-openshift ~]# nmcli con show
名称 UUID 类型 设备
docker0 0aea51a3-613d-4468-ac3a-92cc10fd22a8 bridge docker0
ens160 ea74cf24-c2a2-ecee-3747-a2d76d46f93b 802-3-ethernet ens160
nmcli con up ens160
nmcli con mod ens160 connection.autoconnect yes
systemctl restart NetworkManager
yum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion
yum install -y docker
注意:安装时遇到 Docker daemon未启动的,执行启动命令:
service docker start
选择**科技大学的镜像服务器进行加速(也可以选择诸如daocloud的加速器)。修改/etc/sysconfig/docker文件,在OPTIONS变量中追加参数
--registry-mirror=https://docker.mirrors.ustc.edu.cn --insecure-registry=172.30.0.0/16
设置开机启动并启动Docker服务
systemctl enable docker
systemctl start docker
yum -y install https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-10.noarch.rpm
确认 epel 仓库已经安装
执行:
sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
yum -y --enablerepo=epel install ansible pyOpenSSL
ansible 是基于agentles架构实现的,即不需要在远程的目标主机上预先安装agent程序。
ansible 对远程主机命令的执行依赖ssh等远程控制协议。因此将在master上执行ansible playbook 安装openshift,所以需要配置mater节点到哥哥node节点的互信,包括master到master的互信。
ssh-keygen -f /root/.ssh/id_rsa -N ''
for host in master-openshift.idc.yst.com.cn \
node01-openshift.idc.yst.com.cn \
node02-openshift.idc.yst.com.cn; \
do ssh-copy-id -i ~/.ssh/id_rsa.pub $host; \
done
wget https://github.com/openshift/openshift-ansible/archive/openshift-ansible-3.7.0-0.126.0.tar.gz
tar zxvf openshift-ansible-3.7.0-0.126.0.tar.gz
安装单Master的Openshift集群可以不单独安装etcd。这里选择单独安装一个节点的etcd集群。
在实际的生产环境中,推荐配置含有3个或以上成员的etcd集群,保证高可用性。
yum -y install etcd
systemctl enable etcd # 使etcd自动启动
systemctl start etcd
备份原有的hosts文件
mv -f /etc/ansible/hosts /etc/ansible/hosts.org
配置hosts文件,文件在/etc/ansible/hosts
参考openshift 官方配置文档
配置文件如下:
# Create an OSEv3 group that contains the masters and nodes groups
[OSEv3:children]
masters
nodes
etcd
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
# SSH user, this user should allow ssh based auth without requiring a password
ansible_ssh_user=root
openshift_deployment_type=origin
openshift_release=3.6.0
openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability
# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider
openshift_master_identity_providers=[{'name':'htpasswd_auth','login':'true','challenge':'true','kind':'HTPasswdPasswordIdentityProvider','filename':'/etc/origin/master/htpasswd'}]
# host group for masters
[masters]
master-openshift.idc.yst.com.cn
# host group for nodes, includes region info
[nodes]
master-openshift.idc.yst.com.cn
node01-openshift.idc.yst.com.cn
node02-openshift.idc.yst.com.cn
node01-openshift.idc.yst.com.cn openshift_node_labels="{'region': 'infra', 'zone': 'east'}"
node02-openshift.idc.yst.com.cn openshift_node_labels="{'region': 'infra', 'zone': 'west'}"
[etcd]
master-openshift.idc.yst.com.cn
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.