系统 | CPU | 内存 | 硬盘 | IP |
---|---|---|---|---|
CentOS 7.6 1810 Mini | 4个双核CPU(8核) | 8G | 1个60G | 192.168.1.15 |
安装依赖包
# yum -y install wget
# yum -y install vim yum-utils lrzsz
# 配置docker源
# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# yum makecache fast
安装并配置Docker
# yum -y install docker-ce
# systemctl start docker
# systemctl enable docker
# cat<<EOF>> /etc/docker/daemon.json
{
"insecure-registries":["172.30.0.0/16"]
}
EOF
# systemctl daemon-reload
# systemctl restart docker
下载解压OpenShift
# wget https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-server-v3.11.0-0cbc58b-linux-64bit.tar.gz
# tar zxf openshift-origin-server-v3.11.0-0cbc58b-linux-64bit.tar.gz
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
tar: Ignoring unknown extended header keyword `LIBARCHIVE.xattr.security.selinux'
# 出现以上情况可以不予理会
# mv openshift-origin-server-v3.11.0-0cbc58b-linux-64bit openshift-v3.11.0
# cd openshift-v3.11.0/
# cp openshift oc kubectl /usr/local/bin/
防火墙放行端口
# firewall-cmd --permanent --new-zone dockerc
success
# firewall-cmd --permanent --zone dockerc --add-source 172.17.0.0/16
success
# firewall-cmd --permanent --zone dockerc --add-port 8443/tcp
success
# firewall-cmd --permanent --zone dockerc --add-port 53/udp
success
# firewall-cmd --permanent --zone dockerc --add-port 8053/udp
success
# firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 8443 -j ACCEPT
success
# firewall-cmd --reload
success
部署OpenShift
修改主机名(必须)
# hostnamectl set-hostname openshift-master
# 验证访问时会自动解析ip,所以hosts文件必须写
# vim /etc/hosts
192.168.1.15 openshift-master
开始部署
# oc cluster up --public-hostname=192.168.1.15 --skip-registry-check=true
# 命令中的ip为本机ip
# 该命令一开始会下载几个docker镜像供启动pod使用
# 然后使用这些镜像启动对应pod
当部署输出以下时,运行命令export KUBECONFIG=/root/openshift.local.clusterup/kube-apiserver/admin.kubeconfig
提前运行会报错
I1110 03:38:48.856767 22091 run_self_hosted.go:181] Waiting for the kube-apiserver to be ready ...
部署完成后的输出如下
# 结尾输出如下
ates/dancer quickstart" "sample-templates/jenkins pipeline ephemeral" "sample-templates/cakephp quickstart" "sample-templates/django quickstart" "sample-templates/nodejs quickstart" "sample-templates/rails quickstart" "sample-templates/sample pipeline"
I1110 03:03:37.015184 10985 interface.go:41] Finished installing "openshift-web-console-operator" "openshift-router" "sample-templates" "persistent-volumes" "centos-imagestreams" "openshift-image-registry"
Login to server ...
Creating initial project "myproject" ...
Server Information ...
OpenShift server started.
The server is accessible via web console at:
https://192.168.1.15:8443
You are logged in as:
User: developer
Password: <any value>
To login as administrator:
oc login -u system:admin
启动后的pod如下所示
# oc get pods --all-namespaces
NAMESPACE NAME READY STATUS AGE
default docker-registry-1-qxxn5 1/1 Running 7m
default persistent-volume-setup-9h56t 0/1 Completed 8m
default router-1-zfm4r 1/1 Running 7m
kube-dns kube-dns-2jc97 1/1 Running 11m
kube-proxy kube-proxy-75z49 1/1 Running 11m
kube-system kube-controller-manager-localhost 1/1 Running 11m
kube-system kube-scheduler-localhost 1/1 Running 10m
kube-system master-api-localhost 1/1 Running 10m
kube-system master-etcd-localhost 1/1 Running 10m
openshift-apiserver openshift-apiserver-f4qv9 1/1 Running 11m
openshift-controller-manager openshift-controller-manager-z7zrz 1/1 Running 8m
openshift-core-operators openshift-service-cert-signer-operator-6d477f986b-7h7vg 1/1 Running 11m
openshift-core-operators openshift-web-console-operator-664b974ff5-c97dv 1/1 Running 8m
openshift-service-cert-signer apiservice-cabundle-injector-8ffbbb6dc-v5w8c 1/1 Running 9m
openshift-service-cert-signer service-serving-cert-signer-668c45d5f-l8lhj 1/1 Running 9m
openshift-web-console webconsole-8689d7d5cc-6rl7r 1/1 Running 6m
OpenShift配置
命令行登录OpenShift
用户名:system
密码:admin
# oc login -u system:admin
使用网页登录OpenShift
访问https://192.168.1.15:8443
,使用以上的用户名密码登录
报错总结
oc命令无法使用
如果集群部署完成,使用oc命令报错如下
error: Missing or incomplete configuration info. Please login or point to an existing, complete config file:
1. Via the command-line flag --config
2. Via the KUBECONFIG environment variable
3. In your home directory as ~/.kube/config
To view or setup config directly use the 'config' command.
原因是无法找到配置文件,需要指定一个变量
export KUBECONFIG=/root/openshift.local.clusterup/kube-apiserver/admin.kubeconfig
该文件位置在解压后的目录中
api-server无法启动
如果api-server无法启动,则是镜像下载失败。网络问题
I1111 01:35:14.747299 9484 run_self_hosted.go:181] Waiting for the kube-apiserver to be ready ...
E1111 01:40:14.754390 9484 run_self_hosted.go:571] API server error: Get https://192.168.1.1:8443/healthz?timeout=32s: dial tcp 192.168.1.1:8443: connect: connection refused ()
Error: timed out waiting for the condition
config.json
部署命令运行过程中
E1110 03:24:24.108122 20716 helper.go:179] Reading docker config from /root/.docker/config.json failed: open /root/.docker/config.json: no such file or directory
此报错不影响部署
解决:
创建一个文件即可
# mkdir /root/.docker
# cat<<EOF>> /root/.docker/config.json
{
}
EOF
部署中断
如果oc命令部署中断是因为下载镜像,网络原因,或者等待资源启动time out
Error: timed out waiting for the condition
解决:
# oc cluster down
# 重新部署
# oc cluster up --public-hostname=192.168.1.15 --skip-registry-check=true