openshift 3.11 集羣安裝

• 本次安裝按照3 master和3 node 的架構來進行

master1:192.168.15.235  centos 7.6
master2:192.168.15.236  centos 7.6
master3:192.168.10.237  centos 7.6

1.在Router上 安裝ansible 方便3個master節點的批量安裝

#需要先安裝pip工具
方法1:
yum install python-pip     # 當該方法安裝提示沒有pip 安裝包時，請按方法2來安裝
方法2:
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python get-pip.py
2.編輯所有服務的hosts文件，先編輯Router服務器hosts，再通過ansible發送到3臺master
vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.15.235 www.oc.downtown8.com master1
192.168.15.236 master2.oc.downtown8.com master2
192.168.15.237 master3.oc.downtown8.com master3
# 編輯/etc/ansible/hosts 分爲master 和All組,Router
[master]
192.168.15.235
192.168.15.236
192.168.15.237
# 通過ansible 將hosts 文件發送到3臺master
ansible master -m copy -a"src=/etc/ansible/hosts dest=/etc/ansible/hosts"
3.安裝基礎包
ansible all -m shell -a"yum install wget git net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct atomic vim sshpass lrzsz wget telnet htop iotop iftop iptraf tofrodos lsof iperf tracerote policycoreutils-python pyOpenSSL python-lxml java-1.8.0-openjdk-headless python-passlib NetworkManager http-tools -y"
4.關閉firewall，開啓ipatables
ansible all -m shell -a"systemctl start iptables && systemctl enable iptables && iptables -F"
ansible all -m shell -a"systemctl start NetworkManager"
5. 安裝Docker,開啓docker服務自啓動，並啓動docker服務
ansible all -m shell -a"yum install docker-1.13.1 -y"
ansible all -m shell -a"systemctl enable docker"
ansible all -m shell -a"systemctl start docker"
啓動docker過程中可能會出現一個錯誤Error starting daemon: SELinux is not supported with the overlay2 graph driver on this kernel. Either boot into a newer kernel or disabl…nabled=false
解決方法有兩個，要麼啓動一個新內核，要麼就在docker配置文件裏面裏禁用selinux，—selinux-enabled=false
修改/etc/sysconfig/docker 爲下面格式
OPTIONS='--selinux-enabled=false --log-driver=journald --signature-verification=false --insecure-registry 172.30.0.0/16’

6.配置docker images 加速器，使用阿里雲源
tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://ykvm1unz.mirror.aliyuncs.com"]
}
EOF
ansible master -m copy -a"src=/etc/docker/daemon.json dest=/etc/docker/daemon.json"
重啓docker
ansible all -m shell -a "systemctl daemon-reload&&systemctl restart docker"
7.拉取openshfit-ansible （僅master執行）
git clone -b release-3.11 https://github.com/openshift/openshift-ansible
由於github訪問非常慢，所以可以自己搭一個**來加速，具體教程可以點擊一下鏈接
https://xeylon.com/server/140.html
8.修改/etc/sysctl.conf
vim /etc/sysctl.conf
net.ipv4.ip_forward = 0 改成 net.ipv4.ip_forward = 1

vim /etc/selinux/config
SELINUX=permissive
9.配置/etc/ansible/hosts 文件

[OSEv3:children]
masters
nodes
etcd

[OSEv3:vars]
ansible_ssh_user=root
deployment_type=origin
openshift_deployment_type=origin
openshift_release=v3.11
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login':'true','challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
openshift_master_htpasswd_file=/etc/origin/master/htpasswd
openshift_master_cluster_method=native
openshift_master_cluster_hostname=www.oc.cgs.com
openshift_master_cluster_public_hostname=www.oc.cgs.com
openshift_master_default_subdomain=oc.cgs.com
openshift_hosted_registry_cert_expire_days=36500
openshift_ca_cert_expire_days=36500
openshift_node_cert_expire_days=36500
openshift_master_cert_expire_days=36500
openshift_disable_check=memory_availability,disk_availability,package_availability,package_update,docker_image_availability,docker_storage_driver,docker_storage
openshift_hosted_router_selector='role=infra'
openshift_hosted_registry_selector='role=infra'
openshift_logging_install_logging=true
openshift_enable_service_catalog=true
template_service_broker_install=true

openshift_metrics_install_metrics=true
openshift_metrics_image_version=v3.11
openshift_metrics_cassandra_storage_type=dynamic
openshift_metrics_cassandra_storage_class_name=gluster01
openshift_metrics_cassandra_pvc_size=20Gi
openshift_metrics_cassandra_limits_memory=2Gi
openshift_metrics_cassandra_requests_memory=1Gi
openshift_metrics_cassandra_limits_cpu=500m
openshift_metrics_cassandra_requests_cpu=200m
openshift_metrics_hawkular_limits_cpu=500m
openshift_metrics_hawkular_requests_cpu=200m
openshift_metrics_hawkular_requests_memory=1Gi
openshift_metrics_hawkular_limits_memory=2Gi
openshift_metrics_heapster_limits_memory=256Mi
openshift_metrics_heapster_limits_cpu=200m
openshift_metrics_heapster_requests_memory=128Mi
openshift_metrics_heapster_requests_cpu=50m
openshift_metrics_duration=7
openshift_metrics_resolution=30s

[masters]
master1
master2
master3
[etcd]
master1
master2
master3
[nodes]
master1 openshift_node_group_name='node-config-master-infra'
master2 openshift_node_group_name='node-config-master-infra'
master3 openshift_node_group_name='node-config-master-infra'
node1 openshift_node_group_name='node-config-compute'
node2 openshift_node_group_name='node-config-compute'
node3 openshift_node_group_name='node-config-compute'

10.執行預安裝
ansible-playbook ~/openshift-ansible/playbooks/prerequisites.yml
11.安裝
ansible-playbook ~/openshift-ansible/playbooks/deploy_cluster.yml

12.用戶創建授權

htpasswd -cb /etc/origin/master/htpasswd admin "******"

oc adm policy add-role-to-user cluster-admin admin

oc adm policy add-cluster-role-to-user cluster-admin admin