Code Monkey home page Code Monkey logo

ceshi's People

Watchers

avatar avatar

ceshi's Issues

openshift 集群安装部署(一)

openshift 集群安装部署(一)

一、主机准备

1、申请主机

类型 cpu 内存 主机名 IP地址
master节点 4核 16G master-openshift.idc.yst.com.cn 10.213.3.176
node节点-1 4核 8G node01-openshift.idc.yst.com.cn 10.213.3.177
node节点-2 4核 8G node02-openshift.idc.yst.com.cn 10.213.3.178
nfs服务器 10.213.3.176/177/178已挂载nfs服务器目录,挂载地址为:10.213.3.60:/data;挂载点为:/home/data 10.213.3.60

注,操作系统版本:CentOS 7.3 以上
官方系统要求参考文档

	[root@master ~]# cat /etc/redhat-release 
	CentOS Linux release 7.4.1708 (Core)

2 、 配置主机名(每个节点都需要操作)

master、node节点分别配置相应的主机名,以master为例

hostnamectl set-hostname master-openshift.idc.yst.com.cn

hostname -f的结果要跟hostname一样
hostnamectl --transient、hostnamectl --static、 hostnamectl --pretty
三个命令得出的结果要一致,如果不一致,则要自己设置下

hostnamectl set-hostname master-openshift.idc.yst.com.cn
hostnamectl --pretty set-hostname master-openshift.idc.yst.com.cn
hostnamectl --static set-hostname master-openshift.idc.yst.com.cn
hostnamectl --transient set-hostname master-openshift.idc.yst.com.cn

注,要为服务申请dns域名解析。提交变更单向运维申请域名

二、安装前预置

1、激活网络(每个节点都需要操作)

centos 的网络默认是没有激活,需要手动进行激活。如果网络未激活会导致后续安装失败。

1.1、打开NetworkManager

  • 查看网络状态
 [root@master ~]# systemctl show NetworkManager | grep ActiveState
 ActiveState=inactive
  • 设置开机启用 NetworkManager:
systemctl enable NetworkManager
  • 立即启动 NetworkManager:
systemctl start NetworkManager

1.2、激活网络

[root@master-openshift ~]# nmcli con show
名称     UUID                                  类型            设备    
docker0  0aea51a3-613d-4468-ac3a-92cc10fd22a8  bridge          docker0 
ens160   ea74cf24-c2a2-ecee-3747-a2d76d46f93b  802-3-ethernet  ens160 
nmcli con up ens160
nmcli con mod ens160 connection.autoconnect yes
systemctl restart NetworkManager

2、安装及配置软件包(每个节点都需要操作)

2.1 在所有节点上都要安装配置依赖的软件包

yum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion

安装完成后如图:
Alt text

2.2 在所有节点上都要docker

yum install -y docker

验证docker是否安装成功,如下:
Alt text

注意:安装时遇到 Docker daemon未启动的,执行启动命令:

service docker start

Docker daemon未启动如图:
Alt text

2.3 在所有节点上配置Docker 镜像服务器

选择**科技大学的镜像服务器进行加速(也可以选择诸如daocloud的加速器)。修改/etc/sysconfig/docker文件,在OPTIONS变量中追加参数

--registry-mirror=https://docker.mirrors.ustc.edu.cn --insecure-registry=172.30.0.0/16

配置文件如图:
Alt text

设置开机启动并启动Docker服务

systemctl enable docker
systemctl start docker

3、Master节点上相关配置

3.1 启用EPEL仓库以安装Ansible

yum -y install https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-10.noarch.rpm

确认 epel 仓库已经安装

Alt text

执行:

sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
yum -y --enablerepo=epel install ansible pyOpenSSL

3.2 配置master节点和node节点之间的互信

ansible 是基于agentles架构实现的,即不需要在远程的目标主机上预先安装agent程序。
ansible 对远程主机命令的执行依赖ssh等远程控制协议。因此将在master上执行ansible playbook 安装openshift,所以需要配置mater节点到哥哥node节点的互信,包括master到master的互信。

  • master节点上生成ssh密钥:
	ssh-keygen -f /root/.ssh/id_rsa -N ''

执行结果如下:
Alt text

  • 执行脚本:
for host in master-openshift.idc.yst.com.cn \
	node01-openshift.idc.yst.com.cn \
	node02-openshift.idc.yst.com.cn; \
do ssh-copy-id -i ~/.ssh/id_rsa.pub $host; \
done

执行过程:
Alt text

验证下是否添加成功(以node1为例):
Alt text

3.3 下载安装openshift 的ansible playbook

  • 下载
 wget https://github.com/openshift/openshift-ansible/archive/openshift-ansible-3.7.0-0.126.0.tar.gz
  • 解压
 tar zxvf openshift-ansible-3.7.0-0.126.0.tar.gz

3.4 单独安装etcd集群

安装单Master的Openshift集群可以不单独安装etcd。这里选择单独安装一个节点的etcd集群。

在实际的生产环境中,推荐配置含有3个或以上成员的etcd集群,保证高可用性。

	yum -y install etcd
	systemctl enable etcd # 使etcd自动启动
	systemctl start etcd

4、配置Ansible

  • 备份原有的hosts文件

      		mv -f /etc/ansible/hosts /etc/ansible/hosts.org

  • 配置hosts文件,文件在/etc/ansible/hosts
    参考openshift 官方配置文档

  • 配置文件如下:

# Create an OSEv3 group that contains the masters and nodes groups
[OSEv3:children]
masters
nodes
etcd

# Set variables common for all OSEv3 hosts
[OSEv3:vars]
# SSH user, this user should allow ssh based auth without requiring a password
ansible_ssh_user=root
openshift_deployment_type=origin
openshift_release=3.6.0
openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability

# uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider
openshift_master_identity_providers=[{'name':'htpasswd_auth','login':'true','challenge':'true','kind':'HTPasswdPasswordIdentityProvider','filename':'/etc/origin/master/htpasswd'}]

# host group for masters
[masters]
master-openshift.idc.yst.com.cn

# host group for nodes, includes region info
[nodes]
master-openshift.idc.yst.com.cn
node01-openshift.idc.yst.com.cn
node02-openshift.idc.yst.com.cn
node01-openshift.idc.yst.com.cn openshift_node_labels="{'region': 'infra', 'zone': 'east'}"
node02-openshift.idc.yst.com.cn openshift_node_labels="{'region': 'infra', 'zone': 'west'}"

[etcd]
master-openshift.idc.yst.com.cn

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.