一,安装openshift前的准备工作
1,修改@H_301_14@master和@H_301_14@node节点的@H_301_14@hostname,然后在@H_301_14@/etc/hosts里面做下映射(@H_301_14@master和node节点都需要)
2,关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
vi /etc/sysconfig/selinux
将enforcing修改成@H_301_14@disabled,保存退出
sed-i'/SELINUX/s/enforcing/disabled/'/etc/selinux/config
修改完成后,重启虚拟机后的状态
4,安装系统依赖的基本组件
yum -y install wget openssl-devel gcc make python-devel openssl-devel kernel-devel graphviz kernel-debug-devel autoconf automake rpm-build redhat-rpm-config libtool git-core net-tools bind-utils bridge-utils bashcompletion
5,安装openvswitch,添加源
Vi /etc/yum.repos.d/naulinux-extras.repo
[naulinux-extras]
name=NauLinux Extras
baseurl=http://downloads.naulinux.ru/pub/NauLinux/7/$basearch/Extras/RPMS/
enabled=0
gpgcheck=1
gpgkey=http://downloads.naulinux.ru/pub/NauLinux/RPM-GPG-KEY-linux-ink
然后执行下面的安装命令,并启动openswitch
yum --enablerepo=naulinux-extras install openvswitch
systemctl enable openvswitch
systemctl start openvswitch
显示的状态如下所示:
6,安装ovs插件
tar-zxvf ovs-plugin.tar.gz,cp ovs-plugin/* /usr/bin
7,安装@H_301_14@docker
sudo tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/7/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF
yum install docker-engine -y
tar -zxvf docker-1.11.2.tgz,mv docker/* /usr/bin
修改docker systemd配置
docker.service、docker.socket拷贝至/etc/systemd/system
启动docker
systemctl start docker
systemctl status docker
二,部署系统
1,创建文件夹并解压系统包
mkdir /home/work && tar -zxvf poc-server.tar.gz
cd /home/work/poc-server/
cp poc/usr/bin/
cp oadm /usr/bin/
poc start --write-config=openshift.local.config
oadm create-node-config --certificate-authority=openshift.local.config/master/ca.crt --node-dir=openshift.local.config/{node_host} --node={node_host} --hostnames={node_host},{node_host_ip} --master=’https://{master_ip}:8443’
生成的node配置文件拷贝至@H_301_14@node节点
4,启动系统
启动master节点
nohup ./poc start master --config=openshift.local.config/master/master-config.yaml &
启动node节点
nohup ./poc start node --config=openshift.local.config/node/node-config.yaml &
5,在master节点上配置管理员账号
export POC_SERVER=/home/work/poc-server
ExportKUBECONFIG=$POC_SERVER/openshift.local.config/master/admin.kubeconfig
export CURL_CA_BUNDLE=/home/work/poc-server/openshift.local.config/master/ca.crt
oc login -u system:admin -n default
oadm policy add-cluster-role-to-user cluster-admin admin
查看节点状态
6,部署系统镜像
系统组件依赖
origin-deployer.tar.gz\origin-docker-registry.tar.gz\origin-haproxy-router.tar.gz\origin-sti-builder.tar.gz\origin-pod.tar.gz
对以上tar包,在@H_301_14@node节点分别执行@H_301_14@docker load < *.tar.gz
7,创建系统镜像仓库
在node节点创建@H_301_14@registry的挂载目录
mkdir /home/work/poc-registry && chown 1001:root /home/work/poc-registry
在master节点创建@H_301_14@service account,通过这个账号创建一个@H_301_14@registry
oc create serviceaccountregistry-n default
oadm policy add-scc-to-user privileged system:serviceaccount:default:registry
oadm registry --service-account=registry --mount-host=/home/work/poc-registry
使用oc get svc可以看到刚刚启动的@H_301_14@registry
8,push本地镜像到registry
登录docker registry:@H_301_14@docker login {registry_service_ip}:5000
用户名是:admin,密码需要@H_301_14@oc login后执行@H_301_14@oc whoami -t获取
docker tag: @H_301_14@docker tag {imageid} {registry_service_ip}:5000/default/weblogic:12.1.3
push镜像: docker push {registry_service_ip}:5000/default/weblogic:12.1.3
9,创建部署router
与部署registry类似,部署一个@H_301_14@router
oc create serviceaccount router -n default
oadm policy add-scc-to-user privileged system:serviceaccount:default:router
oadm router <router_name> --replicas=<number> --service-account=router
10,更改集群默认行为配置
默认的集群配置中,启动容器的uid是预先分配的,这种方式在启动需要指定@H_301_14@user启动的容器时会失败,通过如下命令修改:
oc edit scc restricted
runAsUser配置
配置为RunAsAny 不预先分配@H_301_14@uid 并且容器可以以任何@H_301_14@user启动
allowPrivilegedContainer 配置
true 允许特权容器启动
解压static_extensions.tar.gz
修改master-config.yaml
assetConfig
extensionScripts:
- /home/work/poc-server/openshift.local.config/statics/help-links.js
- /home/work/poc-server/openshift.local.config/statics/right-navigation.js
extensionStylesheets
- /home/work/poc-server/openshift.local.config/statics/logo.css
oauthConfig:
template:
login: /home/work/poc-server/openshift.local.config/statics/login.html
providerSelection: /home/work/poc-server/openshift.local.config/statics/provider-selection.html
重启master进程
访问https://{master_ip}:8443/console
所有需要的安装包和文件的下载地址在:
原文链接:https://www.f2er.com/centos/377986.html