演示环境
https://okd.yycloud.site:8443/
涉及到的镜像列表如下,可提前拉取镜像,避免执行playbook过程中拉取镜像容易失败
| REPOSITORY |
TAG |
|
| docker.io/openshift/origin-pod |
v3.11 |
|
| docker.io/openshift/origin-node |
v3.11 |
|
| quay.io/openshift/origin-cluster-monitoring-operator |
v3.11 |
|
| docker.io/openshift/origin-control-plane |
v3.11 |
|
| docker.io/openshift/origin-haproxy-router |
v3.11 |
|
| docker.io/openshift/origin-deployer |
v3.11 |
|
| docker.io/openshift/origin-docker-registry |
v3.11 |
|
| quay.io/coreos/etcd |
v3.2.26 |
|
| docker.io/openshift/origin-web-console |
v3.11.0 |
|
| docker.io/cockpit/kubernetes |
latest |
|
| quay.io/coreos/prometheus-config-reloader |
v0.23.2 |
|
| quay.io/coreos/prometheus-operator |
v0.23.2 |
|
| docker.io/openshift/prometheus-alertmanager |
v0.15.2 |
|
| docker.io/openshift/prometheus-node-exporter |
v0.16.0 |
|
| docker.io/openshift/prometheus |
v2.3.2 |
|
| docker.io/grafana/grafana |
5.2.1 |
|
| quay.io/coreos/kube-rbac-proxy |
v0.3.1 |
|
| quay.io/coreos/kube-state-metrics |
v1.3.1 |
|
| docker.io/openshift/oauth-proxy |
v1.1.0 |
|
| quay.io/coreos/configmap-reload |
v0.0.1 |
0. 配置hostname
hostnamectl set-hostname {okd-master/node01}
1. 互信
192.168.201.100 okd-master.example.com
192.168.201.101 okd-node01.example.com
ssh-keygen
ssh-copy-id $host
2. 配置Yum源
强烈推荐配置阿里云的yum,已自动同步centos等yum,可在https://developer.aliyun.com/mirror/查一下有没有自己要的rpm
[base]
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[okd-origin311]
[centos-openshift-origin311]
name=Aliyun CentOS OpenShift Origin
baseurl=http://mirrors.aliyun.com/centos/7/paas/x86_64/openshift-origin311/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
yum clean all && yum makecache
3. 安装基础包
yum install wget git net-tools bind-utils yum-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct ansible pyOpenSSL
下载okd部署所需的playbook
wget -O ocp-ansible.tar.gz https://codeload.github.com/openshift/openshift-ansible/tar.gz/openshift-ansible-3.11.170-1
cp ocp-ansible.tar.gz /usr/share/ansible && cd /usr/share/ansible && tar -zxf ocp-ansible.tar.gz && mv openshift-ansible-openshift-ansible-3.11.170-1/ openshift-ansible
4. 配置ansible hosts 这个hosts比较简单,很多使用默认值
[OSEv3:children]
masters
nodes
etcd
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
# SSH user, this user should allow ssh based auth without requiring a password
ansible_ssh_user=root
# If ansible_ssh_user is not root, ansible_become must be set to true
#ansible_become=true
openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability
openshift_deployment_type=origin
# uncomment the following to enable htpasswd authentication; defaults to AllowAllPasswordIdentityProvider#
#openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_node_groups=[{'name': 'node-config-master', 'labels': ['node-role.kubernetes.io/master=true','node-role.kubernetes.io/infra=true']}, {'name': 'node-config-compute', 'labels': ['node-role.kubernetes.io/compute=true']}]
openshift_master_cluster_hostname=okd.yycloud.site
openshift_master_cluster_public_hostname=okd.yycloud.site
# host group for masters
[masters]
okd-master.example.com
# host group for etcd
[etcd]
okd-master.example.com
# host group for nodes, includes region info
[nodes]
okd-master.example.com openshift_node_group_name='node-config-master'
okd-node01.example.com openshift_node_group_name='node-config-compute'
5. 安装docker
yum install docker-1.13.1
6. 配置docker存储驱动为devicemapper,需另外一块磁盘,也可使用默认的overlay2
cat <<EOF > /etc/sysconfig/docker-storage-setup
DEVS=/dev/sdb
VG=docker-vg
EOF
docker-storage-setup
systemctl enable docker
systemctl start docker
7. 配置阿里云镜像加速服务
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://t65g57p1.mirror.aliyuncs.com"]
}
EOF
systemctl daemon-reload
systemctl restart docker
8. 预检
cd /usr/share/ansible/openshift-ansible
ansible-playbook playbooks/prerequisites.yml
9. 部署
ansible-playbook playbooks/deploy_cluster.yml
10. 异常卸载
ansible-playbook openshift-ansible/playbooks/adhoc/uninstall.yml
11. 步骤拆解,如果deploy_cluster失败,可根据表格分步执行剧本,避免重跑
