Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge of "deployment of OpenShift-OKD3.10 basic environment". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Single master + double node

1. Host role division

# using dual network segment deployment 0 network segment is opesnshift internal communication IP,1 network segment is connected to public network communication address # mastermaster.example.com192.168.0.39 192.168.1.39#node1 node1.example.com192.168.0.40192.168.1.40#node2node2.example.com192.168.0.41192.168.1.41

two。 System initialization

2.1 enable SELinux

[root@master] # cat / etc/sysconfig/selinux # This file controls the state of SELinux on the system.# SELINUX= can take one of these three values:# enforcing-SELinux security policy is enforced.# permissive-SELinux prints warnings instead of enforcing.# disabled-No SELinux policy is loaded.SELINUX=enforcing# SELINUXTYPE= can take one of three two values:# targeted-Targeted processes are protected,# minimum-Modification of targeted policy. Only selected processes are protected. # mls-Multi Level Security protection.SELINUXTYPE=targeted

2.2 install the basic components

Yum install wget git net-tools bind-utils yum-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct-y

2.3 Update the operating system

Yum update-y reboot

2.4 configure ansible

# # install ansibleyum-y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpmsed-I-e "s / ^ enabled = 1/enabled=0/" / etc/yum.repos.d/epel.repoyum-y-- enablerepo=epel install ansible pyOpenSSL

# checkout install playbooks

Cd ~

Git clone https://github.com/openshift/openshift-ansible

Cd openshift-ansible

Git checkout release-3.10

2.5 set SSH secret-free login (master-> node)

# # ssh ssh-keygenfor host in master.example.com\ master.example.com\ node1.example.com\ node2.example.com;\ do ssh-copy-id-I ~ / .ssh/id_rsa.pub $host;\ done

3. Start deployment

3.1 Update hosts profile

[root@master ~] # cat / etc/ansible/ hosts [OSEv3: children] mastersnodesetcdnfs [OSEv3: vars] ansible_ssh_user=rootopenshift_deployment_type=origin

# skip host hardware information check openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availabilityopenshift_master_identity_providers= [{'name':'htpasswd_auth','login':'true','challenge':'true','kind':'HTPasswdPasswordIdentityProvider'] due to virtual machine deployment learning configuration }] openshift_master_default_subdomain=apps.test.example.comopenshift_deployment_type=originos_firewall_use_firewalld= true[masters] master.example.com[etcd] master.example.com[nodes] master.example.com openshift_node_group_name='node-config-master'node1.example.com openshift_node_group_name='node-config-compute'node2.example.com openshift_node_group_name='node-config-compute' [nfs] master.example.com

3.2 perform pre-installation detection

[root@master ~] # ansible-playbook openshift-ansible/playbooks/prerequisites.yml

3.3 formal installation

[root@master ~] # ansible-playbook openshift-ansible/playbooks/deploy_cluster.yml

4.FAQ

Slow downloading of Q1 Docker HUB image causes the execution of deploy script to fail # # change docker configuration file / etc/sysconfig/docker

Set domestic docker image repositories such as Ali Cloud acceleration

OPTIONS='-selinux-enabled=false-signature-verification=False-registry-mirror= https://c9ojlmr5.mirror.aliyuncs.com'

# need to restart docker

Systemctl restart docker

# images used by manual pull master and node

# master Image list

Docker.io/cockpit/kubernetes

Docker.io/openshift/origin-haproxy-router

Docker.io/openshift/origin-haproxy-router

Docker.io/openshift/origin-service-catalog

Docker.io/openshift/origin-node

Docker.io/openshift/origin-deployer

Docker.io/openshift/origin-control-plane

Docker.io/openshift/origin-control-plane

Docker.io/openshift/origin-template-service-broker

Docker.io/openshift/origin-pod

Docker.io/cockpit/kubernetes

Docker.io/openshift/origin-web-console

Quay.io/coreos/etcd

# node Image list

Docker.io/openshift/origin-haproxy-router

Docker.io/openshift/origin-node

Docker.io/openshift/origin-deployer

Docker.io/openshift/origin-pod

Docker.io/ansibleplaybookbundle/origin-ansible-service-broker

Docker.io/openshift/origin-docker-registry

Docker-registry.default.svc:5000/openshift/jenkins

When Q2 executes deploy, host dns causes failure to connect to the public network.

Temporary solution changes / etc/resolv.confecho nameserver 114.114.114.114 > > / etc/resolv.conf deployment of the OpenShift-OKD3.10 Base Environment ends here. Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.