系统版本 主机IP 主机名
CentOS7 1810 192.168.2.4 master01.example.com
CentOS7 1810 192.168.2.5 node01.example.com
CentOS7 1810 192.168.2.6 node02.example.com
安装依赖,在所有节点上执行
所有节点 [root@master01 ~]# yum install wget git net-tools bind-utils iptables-services bridge-utils bash-completion -y [root@master01 ~]# rpm -ivh origin-docker-excluder-3.10.0-1.el7.git.0.0c4577e.noarch.rpm (下载地址:https://cbs.centos.org/koji/rpminfo?rpmID=140734) [root@master01 ~]# firewall-cmd --permanent --new-zone dockerc [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-source 172.17.0.0/16 [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 8443/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 53/udp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 8053/udp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 4789/udp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 53/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 443/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 10250/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 10010/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 2049/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 2049/udp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 2379/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 2380/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 9000/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 8444/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 9200/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 9300/tcp [root@master01 ~]# firewall-cmd --permanent --zone dockerc --add-port 1936/tcp [root@master01 ~]# yum update [root@master01 ~]# reboot
主节点安装依赖
主节点: [root@master01 ~]# yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm [root@master01 ~]# sed -i -e "/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo [root@master01 ~]# yum --enablerepo=epel install ansible pyOpenSSL -y
主节点修改/etc/ansible/hosts文件
[OSEv3:children] masters nodes etcd [OSEv3:vars] # SSH user, this user should allow ssh based auth without requiring a password ansible_ssh_user=root os_firewall_use_firewalld=True openshift_deployment_type=origin openshift_release=3.11.0 openshift_repos_enable_testing=true [masters] master01.example.com [etcd] master01.example.com [nodes] master01.example.com openshift_node_group_name='node-config-master' node01.example.com openshift_node_group_name='node-config-compute' node02.example.com openshift_node_group_name='node-config-compute' node01.example.com openshift_node_group_name='node-config-infra' node02.example.com openshift_node_group_name='node-config-infra'
拷贝公钥
[root@master01 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub master01.example.com [root@master01 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub node01.example.com [root@master01 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub node02.example.com
下载openshift-ansible压缩包
https://github.com/openshift/openshift-ansible/tree/release-3.11
进行部署,解决后进入该目录
[root@master01 openshift-ansible-openshift-ansible-3.11.123-1]# ansible-playbook playbooks/prerequisites.yml [root@master01 openshift-ansible-openshift-ansible-3.11.123-1]# ansible-playbook playbooks/deploy_cluster.yml
部署完成之后 ,所有的内部默认软件都是安装好的了
[root@master01 openshift-ansible-openshift-ansible-3.11.123-1]# oc get pods -n default NAME READY STATUS RESTARTS AGE docker-registry-1-qhccg 1/1 Running 0 14m registry-console-1-ddgwx 1/1 Running 0 14m router-1-ng6kn 1/1 Running 0 15m router-1-w7x29 1/1 Running 0 15m
[root@master01 openshift-ansible-openshift-ansible-3.11.123-1]# oc get nodes NAME STATUS ROLES AGE VERSION master01.example.com Ready master 20m v1.11.0+d4cacc0 node01.example.com Ready infra 15m v1.11.0+d4cacc0 node02.example.com Ready infra 15m v1.11.0+d4cacc0
[root@master01 openshift-ansible-openshift-ansible-3.11.123-1]# oc get is -n openshift NAME DOCKER REPO TAGS UPDATED dotnet docker-registry.default.svc:5000/openshift/dotnet 2.0,latest 16 minutes ago dotnet-runtime docker-registry.default.svc:5000/openshift/dotnet-runtime 2.1,latest,2.0 15 minutes ago httpd docker-registry.default.svc:5000/openshift/httpd 2.4,latest 16 minutes ago jenkins docker-registry.default.svc:5000/openshift/jenkins 1,2,latest 16 minutes ago mariadb docker-registry.default.svc:5000/openshift/mariadb 10.2,latest,10.1 16 minutes ago mongodb docker-registry.default.svc:5000/openshift/mongodb 2.6,3.2,3.4 + 3 more... 16 minutes ago mysql docker-registry.default.svc:5000/openshift/mysql 5.6,5.7,latest + 1 more... 16 minutes ago nginx docker-registry.default.svc:5000/openshift/nginx 1.10,1.12,1.8 + 1 more... 16 minutes ago nodejs docker-registry.default.svc:5000/openshift/nodejs 4,6,8 + 4 more... 15 minutes ago perl docker-registry.default.svc:5000/openshift/perl 5.16,5.20,5.24 + 2 more... 15 minutes ago php docker-registry.default.svc:5000/openshift/php latest,5.5,5.6 + 2 more... 15 minutes ago postgresql docker-registry.default.svc:5000/openshift/postgresql 9.4,9.5,9.6 + 3 more... 15 minutes ago python docker-registry.default.svc:5000/openshift/python latest,2.7,3.3 + 3 more... 15 minutes ago redis docker-registry.default.svc:5000/openshift/redis 3.2,latest 15 minutes ago ruby docker-registry.default.svc:5000/openshift/ruby 2.0,2.2,2.3 + 3 more... 15 minutes ago wildfly docker-registry.default.svc:5000/openshift/wildfly latest,10.0,10.1 + 5 more... 15 minutes ago