【openshift教程-部署】【生产环境部署】
Published by Connor Xu
一、准备
tar zxf openshift-ansible-3.7.39-1.tar.gz
hosts文件
hosts
[OSEv3:children]
masters
nodes
etcd
#nfs
lb new_nodes #[nfs]
#openshift-harbor-0-b.hb2 [OSEv3:vars]
openshift_node_kubelet_args={'experimental-allowed-unsafe-sysctls': ['net.core.somaxconn']}
ansible_ssh_user=root
deployment_type=origin
#openshift_deployment_type=origin
openshift_release=v3.7
openshift_image_tag=v3.7.0
openshift_pkg_version=-3.7.0
openshift_logging_image_version=v3.7.0
openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability,package_version,package_availability
openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['uid'], 'email': ['mail'], 'name': ['uid'], 'preferredUsername': ['uid'
]}, 'bindDN': 'cn=Manager,dc=xxxx,dc=com', 'bindPassword': 'XXXXXXXXXX', 'ca': '', 'insecure': 'true', 'url': 'ldap://127.0.0.1:389/ou=TECH,o=xxxxx,dc=xxxx,dc=com?uid'}] openshift_enable_service_catalog=false
template_service_broker_install=false openshift_master_default_subdomain=apps.intra.xxxx.com
openshift_master_cluster_hostname=openshift.intra.xxxx.com
openshift_master_cluster_public_hostname=openshift.intra.xxxx.com debug_level=2
openshift_hosted_registry_replicas=3
openshift_docker_insecure_registries=registry.intra.xxxx.com
#openshift_hosted_registry_selector={ 'type': 'registry'}
openshift_hosted_registry_cert_expire_days=720
openshift_hosted_registry_storage_kind=nfs
openshift_hosted_registry_storage_access_modes=['ReadWriteMany']
openshift_hosted_registry_storage_nfs_directory=/data/exports
openshift_hosted_registry_storage_nfs_options='*(rw,root_squash)'
openshift_hosted_registry_storage_volume_name=registry
openshift_hosted_registry_storage_volume_size=50Gi openshift_metrics_install_metrics=true
openshift_metrics_storage_kind=nfs
openshift_metrics_storage_access_modes=['ReadWriteOnce']
openshift_metrics_storage_nfs_directory=/data/exports
openshift_metrics_storage_nfs_options='*(rw,root_squash)'
openshift_metrics_storage_volume_name=metrics
openshift_metrics_storage_volume_size=50Gi
openshift_metrics_image_version=v3.7
#openshift_metrics_storage_labels={'region': 'infra'} #openshift_hosted_router_selector={'type': 'router'}
#openshift_hosted_router_replicas=1 [masters]
openshift-master-0-b.hb2
openshift-master-1-c.hb2
openshift-master-2-d.hb2 [nodes]
openshift-master-0-b.hb2
openshift-master-1-c.hb2
openshift-master-2-d.hb2
openshift-services-1-b.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-b'}"
openshift-services-1-c.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-c'}"
openshift-services-1-d.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-d'}"
openshift-services-0-b.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-b'}"
openshift-services-0-c.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-c'}"
openshift-services-0-d.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-d'}"
openshift-base-0-b.hb2 openshift_node_labels="{'region' : 'infra' , 'type' : 'router', 'servicetype': 'base', 'zone': 'zone-b'}"
openshift-base-1-c.hb2 openshift_node_labels="{'region' : 'infra' , 'type' : 'registry', 'servicetype': 'base', 'zone': 'zone-c'}"
openshift-base-2-d.hb2 openshift_node_labels="{'region' : 'infra' , 'type' : 'registry', 'servicetype': 'base', 'zone': 'zone-d'}"
openshift-gateway-1-c.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'gateway', 'zone': 'zone-c'}"
openshift-gateway-0-b.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'gateway', 'zone': 'zone-b'}"
openshift-inf-0-c.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'inf', 'zone': 'zone-c'}"
openshift-inf-0-d.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'inf', 'zone': 'zone-d'}"
openshift-services-2-c.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-c'}"
#openshift-services-2-b.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-b'}"
openshift-services-3-b.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-b'}"
openshift-services-3-c.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-c'}"
openshift-services-4-c.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-c'}"
openshift-services-5-c.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-c'}"
openshift-services-4-b.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-b'}"
openshift-services-2-d.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-d'}"
openshift-services-3-d.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-d'}"
openshift-services-0-e.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-e'}"
openshift-services-1-e.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-e'}" #[new_nodes]
#openshift-services-4-b.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-b'}"
#openshift-services-2-d.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-d'}"
#openshift-services-3-d.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-d'}"
#openshift-services-0-e.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-e'}"
#openshift-services-1-e.hb2 openshift_node_labels="{'nodetype': 'node', 'servicetype': 'online', 'zone': 'zone-e'}" [etcd]
openshift-etcd-2-d.hb2
openshift-etcd-1-c.hb2
openshift-etcd-0-b.hb2 [lb]
|
二、安装依赖
所有机器上执行:
systemctl stop firewalld
systemctl disable firewalld
yum install -y wget git net-tools bind-utils iptables-services bridge-utils bash-completion curl vim openssl python-passlib conntrack-tools socat nfs-utils
yum install -y yum-utils device-mapper-persistent-data lvm2 docker-1.13.1
yum install -y NetworkManager
#pip uninstall -y urllib3
#yum install -y python-urllib3-1.10.2-3.el7.noarch
systemctl restart NetworkManager
systemctl enable NetworkManager
rm -rf /etc/docker/daemon.json
tee /etc/docker/daemon.json <<-'EOF'
{
}
EOF mkdir -p /data/docker
rm -rf /data/docker/*
rm -rf /var/lib/docker/
ln -s /data/docker /var/lib/
systemctl restart docker
pip install ansible==2.4.3.0 yum install -y cockpit cockpit-*
systemctl restart cockpit
systemctl enable cockpit.socket |
rpm包地址:
yum install -y conntrack-tools socat nfs-utils
yum localinstall -y origin-clients-3.7.0-1.0.7ed6862.x86_64.rpm
yum localinstall -y origin-3.7.0-1.0.7ed6862.x86_64.rpm
yum localinstall -y tuned-profiles-origin-node-3.7.0-1.0.7ed6862.x86_64.rpm
yum localinstall -y openvswitch-2.6.1-0.el7.x86_64.rpm
rpm -ivh origin-node-3.7.0-1.0.7ed6862.x86_64.rpm
rpm -ivh origin-master-3.7.0-1.0.7ed6862.x86_64.rpm
rpm -ivh origin-docker-excluder-3.7.0-1.0.7ed6862.noarch.rpm
rpm -ivh origin-excluder-3.7.0-1.0.7ed6862.noarch.rpm
rpm -ivh origin-sdn-ovs-3.7.0-1.0.7ed6862.x86_64.rpm
rm -rf /etc/origin/* |
mv /etc/origin/master /etc/origin/master.bk
mv /etc/origin/node /etc/origin/node.bk |
etcd集群上执行:
ssh -t openshift-etcd-0-b.hb2 'yum install -y etcd'
ssh -t openshift-etcd-1-c.hb2 'yum install -y etcd'
ssh -t openshift-etcd-2-d.hb2 'yum install -y etcd'
三、执行集群部署
ansible-playbook -i inventory/hosts openshift-ansible-openshift-ansible-3.7.39-1/playbooks/byo/config.yml
四、备注
执行完成后,添加router的环境变量(默认是30s超时,需要fix满足业务需求)
ROUTER_DEFAULT_CLIENT_TIMEOUT 120s
ROUTER_DEFAULT_SERVER_TIMEOUT 120s
