1. 配置用户(在 Master 机器上操作)
安装 httpd-tools 并创建用户及密码
yum -y install httpd-tools;
htpasswd -cb /etc/origin/master/htpasswd redhat welcome1;
2. 配置二级域名(在 Master 机器上操作)
cp /etc/origin/master/master-config.yaml /etc/origin/master/master-config.yaml.bak.$(date "+%Y%m%d%H%M%S");
sed -i 's/.*subdomain.*/ subdomain: apps.example.com/' /etc/origin/master/master-config.yaml;
3. 重启 OpenShift,使上述修改生效(在 Master 机器上操作)
systemctl restart atomic-openshift-{master,node};
4. 添加 Router(在 Master 机器上操作)
Router 用于路由用户请求至具体服务。
oc project default;
oc label node node1.example.com infra="yes"
oc label node node2.example.com app="yes"
oadm router ose-router --replicas=1 \
--credentials='/etc/origin/master/openshift-router.kubeconfig' \
--images='registry.example.com:5000/openshift3/ose-${component}:${version}' \
--selector='infra=yes' --service-account=router ;
如果上述命令失败,使用 oc get event 查看错误信息,
然后运行以下命令执行清理工作:
oc delete dc ose-router;
oc delete svc ose-router;
oc delete pod ose-router-1-deploy;
然后再重试。
5. 添加内部 Docker Registry(在 Master 机器上操作)
内部 Docker Registry 用于存放 S2I 生成的镜像。
oadm registry --config=/etc/origin/master/admin.kubeconfig --service-account=registry --images='registry.example.com:5000/openshift3/ose-${component}:${version}'
如果上述命令失败,使用 oc get event 查看错误信息,检查所有机器的 /etc/sysconfig/docker 内容是否正确。
然后运行以下命令执行清理工作:
oc delete sa registry;
oc delete clusterrolebinding registry-registry-role;
oc delete dc docker-registry;
oc delete svc docker-registry;
oc delete pod docker-registry-1-deploy;
然后再重试。
6. 确认 Router 和 内部 Docker Registry 添加成功(在 Master 机器上操作)
oc get pods -o wide
输出如下:
NAME READY STATUS RESTARTS AGE IP NODE
docker-registry-1-krvma 1/1 Running 0 7m 10.128.0.4 node1.example.com
ose-router-1-cc24j 1/1 Running 0 9m 192.168.56.113 node1.example.com
7. 添加 Image Stream(在 Master 机器上操作)
oc get is -n openshift
输出如下:
NAME DOCKER REPO TAGS UPDATED
dotnet 172.30.98.122:5000/openshift/dotnet 1.0
fis-java-openshift registry.access.redhat.com/jboss-fuse-6/fis-java-openshift
fis-karaf-openshift registry.access.redhat.com/jboss-fuse-6/fis-karaf-openshift
jboss-amq-62 registry.access.redhat.com/jboss-amq-6/amq62-openshift
jboss-datagrid65-openshift registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift
jboss-datavirt63-openshift registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift
jboss-decisionserver62-openshift registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift
jboss-decisionserver63-openshift registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift
jboss-eap64-openshift registry.access.redhat.com/jboss-eap-6/eap64-openshift
jboss-eap70-openshift registry.access.redhat.com/jboss-eap-7/eap70-openshift
jboss-processserver63-openshift registry.access.redhat.com/jboss-processserver-6/processserver63-openshift
jboss-webserver30-tomcat7-openshift registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift
jboss-webserver30-tomcat8-openshift registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift
jenkins 172.30.98.122:5000/openshift/jenkins 2,1
mariadb 172.30.98.122:5000/openshift/mariadb 10.1
mongodb 172.30.98.122:5000/openshift/mongodb 2.4,3.2,2.6
mysql 172.30.98.122:5000/openshift/mysql 5.6,5.5
nodejs 172.30.98.122:5000/openshift/nodejs 4,0.10
perl 172.30.98.122:5000/openshift/perl 5.20,5.16
php 172.30.98.122:5000/openshift/php 5.6,5.5
postgresql 172.30.98.122:5000/openshift/postgresql 9.2,9.5,9.4
python 172.30.98.122:5000/openshift/python 3.3,2.7,3.5 + 1 more...
redhat-sso70-openshift registry.access.redhat.com/redhat-sso-7/sso70-openshift
ruby 172.30.98.122:5000/openshift/ruby 2.0,2.3,2.2
删除原有的 Image Stream
for i in $(oc get is -n openshift --no-headers|awk '{print $1}') ; do oc delete is $i -n openshift; done;
创建指向本地 Docker Registry 的 Image Stream
REDHAT_REG="registry.access.redhat.com";
PRIVATE_REG="registry.example.com:5000";
sed s/"${REDHAT_REG}"/"${PRIVATE_REG}"/g /usr/share/openshift/examples/image-streams/image-streams-rhel7.json |sed '/"creationTimestamp": null/a\\t,"annotations": {"openshift.io/image.insecureRepository": "true"}' |oc create -n openshift -f - ;
再次查看 Image Stream
oc get is -n openshift
输出如下:
NAME DOCKER REPO TAGS UPDATED
jenkins 172.30.98.122:5000/openshift/jenkins
mariadb 172.30.98.122:5000/openshift/mariadb 10.1
mongodb 172.30.98.122:5000/openshift/mongodb
mysql 172.30.98.122:5000/openshift/mysql 5.6,5.5
nodejs 172.30.98.122:5000/openshift/nodejs 4,0.10
perl 172.30.98.122:5000/openshift/perl 5.20,5.16
php 172.30.98.122:5000/openshift/php 5.6,5.5
postgresql 172.30.98.122:5000/openshift/postgresql
python 172.30.98.122:5000/openshift/python 3.5,3.4,3.3 + 1 more...
ruby 172.30.98.122:5000/openshift/ruby 2.3,2.2,2.0
可以看到有些 Image Stream 没有 Tag,需要导入 Image,这里试图导入列表中所有 Image
for i in $(oc get is -n openshift --no-headers|awk '{print $1}'); do oc import-image $i --insecure -n openshift;done
注意,不是所有的 image 都能导入成功,这个跟《OpenShift_022:离线安装 OCP 3.4 之 下载安装介质 》下载和导入的 image 有关。
如果没有该 Image,是无法成功导入 Image Stream 的。
并且,一个软件有很多版本的 Image,导入了哪个 Image,哪个 Image Stream Tag 才能导入成功。
比如 mysql 这个 Image 我只导入了 5.6 这个版本,在执行 oc import-image 时,会报告 5.6 成功导入,而 5.5 没有导入成功。
oc import-image mysql --insecure -n openshift
输出如下:
The import completed successfully.
Name: mysql
Namespace: openshift
Created: 33 minutes ago
Labels:
Annotations: openshift.io/display-name=MySQL
openshift.io/image.dockerRepositoryCheck=2017-01-20T09:46:04Z
Docker Pull Spec: 172.30.98.122:5000/openshift/mysql
Unique Images: 1
Tags: 3
5.6 (latest)
tagged from registry.example.com:5000/rhscl/mysql-56-rhel7:latest
will use insecure HTTPS or HTTP connections
Provides a MySQL 5.6 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.
Tags: mysql
* registry.example.com:5000/rhscl/mysql-56-rhel7:latest
9 minutes ago a2d6674acb2424d4caccd0fbf295c5cfa94f112980c8b6fb2965ef0e079588a0
5.5
tagged from registry.example.com:5000/openshift3/mysql-55-rhel7:latest
Provides a MySQL 5.5 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.5/README.md.
Tags: mysql
! error: Import failed (InternalError): Internal error occurred: Get https://registry.example.com:5000/v2/: EOF
32 minutes ago
8. 访问 OpenShift 控制台
https://master.example.com:8443 redhat/welcome1
安装 httpd-tools 并创建用户及密码
yum -y install httpd-tools;
htpasswd -cb /etc/origin/master/htpasswd redhat welcome1;
2. 配置二级域名(在 Master 机器上操作)
cp /etc/origin/master/master-config.yaml /etc/origin/master/master-config.yaml.bak.$(date "+%Y%m%d%H%M%S");
sed -i 's/.*subdomain.*/ subdomain: apps.example.com/' /etc/origin/master/master-config.yaml;
3. 重启 OpenShift,使上述修改生效(在 Master 机器上操作)
systemctl restart atomic-openshift-{master,node};
4. 添加 Router(在 Master 机器上操作)
Router 用于路由用户请求至具体服务。
oc project default;
oc label node node1.example.com infra="yes"
oc label node node2.example.com app="yes"
oadm router ose-router --replicas=1 \
--credentials='/etc/origin/master/openshift-router.kubeconfig' \
--images='registry.example.com:5000/openshift3/ose-${component}:${version}' \
--selector='infra=yes' --service-account=router ;
如果上述命令失败,使用 oc get event 查看错误信息,
然后运行以下命令执行清理工作:
oc delete dc ose-router;
oc delete svc ose-router;
oc delete pod ose-router-1-deploy;
然后再重试。
5. 添加内部 Docker Registry(在 Master 机器上操作)
内部 Docker Registry 用于存放 S2I 生成的镜像。
oadm registry --config=/etc/origin/master/admin.kubeconfig --service-account=registry --images='registry.example.com:5000/openshift3/ose-${component}:${version}'
如果上述命令失败,使用 oc get event 查看错误信息,检查所有机器的 /etc/sysconfig/docker 内容是否正确。
然后运行以下命令执行清理工作:
oc delete sa registry;
oc delete clusterrolebinding registry-registry-role;
oc delete dc docker-registry;
oc delete svc docker-registry;
oc delete pod docker-registry-1-deploy;
然后再重试。
6. 确认 Router 和 内部 Docker Registry 添加成功(在 Master 机器上操作)
oc get pods -o wide
输出如下:
NAME READY STATUS RESTARTS AGE IP NODE
docker-registry-1-krvma 1/1 Running 0 7m 10.128.0.4 node1.example.com
ose-router-1-cc24j 1/1 Running 0 9m 192.168.56.113 node1.example.com
7. 添加 Image Stream(在 Master 机器上操作)
oc get is -n openshift
输出如下:
NAME DOCKER REPO TAGS UPDATED
dotnet 172.30.98.122:5000/openshift/dotnet 1.0
fis-java-openshift registry.access.redhat.com/jboss-fuse-6/fis-java-openshift
fis-karaf-openshift registry.access.redhat.com/jboss-fuse-6/fis-karaf-openshift
jboss-amq-62 registry.access.redhat.com/jboss-amq-6/amq62-openshift
jboss-datagrid65-openshift registry.access.redhat.com/jboss-datagrid-6/datagrid65-openshift
jboss-datavirt63-openshift registry.access.redhat.com/jboss-datavirt-6/datavirt63-openshift
jboss-decisionserver62-openshift registry.access.redhat.com/jboss-decisionserver-6/decisionserver62-openshift
jboss-decisionserver63-openshift registry.access.redhat.com/jboss-decisionserver-6/decisionserver63-openshift
jboss-eap64-openshift registry.access.redhat.com/jboss-eap-6/eap64-openshift
jboss-eap70-openshift registry.access.redhat.com/jboss-eap-7/eap70-openshift
jboss-processserver63-openshift registry.access.redhat.com/jboss-processserver-6/processserver63-openshift
jboss-webserver30-tomcat7-openshift registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat7-openshift
jboss-webserver30-tomcat8-openshift registry.access.redhat.com/jboss-webserver-3/webserver30-tomcat8-openshift
jenkins 172.30.98.122:5000/openshift/jenkins 2,1
mariadb 172.30.98.122:5000/openshift/mariadb 10.1
mongodb 172.30.98.122:5000/openshift/mongodb 2.4,3.2,2.6
mysql 172.30.98.122:5000/openshift/mysql 5.6,5.5
nodejs 172.30.98.122:5000/openshift/nodejs 4,0.10
perl 172.30.98.122:5000/openshift/perl 5.20,5.16
php 172.30.98.122:5000/openshift/php 5.6,5.5
postgresql 172.30.98.122:5000/openshift/postgresql 9.2,9.5,9.4
python 172.30.98.122:5000/openshift/python 3.3,2.7,3.5 + 1 more...
redhat-sso70-openshift registry.access.redhat.com/redhat-sso-7/sso70-openshift
ruby 172.30.98.122:5000/openshift/ruby 2.0,2.3,2.2
删除原有的 Image Stream
for i in $(oc get is -n openshift --no-headers|awk '{print $1}') ; do oc delete is $i -n openshift; done;
创建指向本地 Docker Registry 的 Image Stream
REDHAT_REG="registry.access.redhat.com";
PRIVATE_REG="registry.example.com:5000";
sed s/"${REDHAT_REG}"/"${PRIVATE_REG}"/g /usr/share/openshift/examples/image-streams/image-streams-rhel7.json |sed '/"creationTimestamp": null/a\\t,"annotations": {"openshift.io/image.insecureRepository": "true"}' |oc create -n openshift -f - ;
再次查看 Image Stream
oc get is -n openshift
输出如下:
NAME DOCKER REPO TAGS UPDATED
jenkins 172.30.98.122:5000/openshift/jenkins
mariadb 172.30.98.122:5000/openshift/mariadb 10.1
mongodb 172.30.98.122:5000/openshift/mongodb
mysql 172.30.98.122:5000/openshift/mysql 5.6,5.5
nodejs 172.30.98.122:5000/openshift/nodejs 4,0.10
perl 172.30.98.122:5000/openshift/perl 5.20,5.16
php 172.30.98.122:5000/openshift/php 5.6,5.5
postgresql 172.30.98.122:5000/openshift/postgresql
python 172.30.98.122:5000/openshift/python 3.5,3.4,3.3 + 1 more...
ruby 172.30.98.122:5000/openshift/ruby 2.3,2.2,2.0
可以看到有些 Image Stream 没有 Tag,需要导入 Image,这里试图导入列表中所有 Image
for i in $(oc get is -n openshift --no-headers|awk '{print $1}'); do oc import-image $i --insecure -n openshift;done
注意,不是所有的 image 都能导入成功,这个跟《OpenShift_022:离线安装 OCP 3.4 之 下载安装介质 》下载和导入的 image 有关。
如果没有该 Image,是无法成功导入 Image Stream 的。
并且,一个软件有很多版本的 Image,导入了哪个 Image,哪个 Image Stream Tag 才能导入成功。
比如 mysql 这个 Image 我只导入了 5.6 这个版本,在执行 oc import-image 时,会报告 5.6 成功导入,而 5.5 没有导入成功。
oc import-image mysql --insecure -n openshift
输出如下:
The import completed successfully.
Name: mysql
Namespace: openshift
Created: 33 minutes ago
Labels:
Annotations: openshift.io/display-name=MySQL
openshift.io/image.dockerRepositoryCheck=2017-01-20T09:46:04Z
Docker Pull Spec: 172.30.98.122:5000/openshift/mysql
Unique Images: 1
Tags: 3
5.6 (latest)
tagged from registry.example.com:5000/rhscl/mysql-56-rhel7:latest
will use insecure HTTPS or HTTP connections
Provides a MySQL 5.6 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.6/README.md.
Tags: mysql
* registry.example.com:5000/rhscl/mysql-56-rhel7:latest
9 minutes ago a2d6674acb2424d4caccd0fbf295c5cfa94f112980c8b6fb2965ef0e079588a0
5.5
tagged from registry.example.com:5000/openshift3/mysql-55-rhel7:latest
Provides a MySQL 5.5 database on RHEL 7. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mysql-container/tree/master/5.5/README.md.
Tags: mysql
! error: Import failed (InternalError): Internal error occurred: Get https://registry.example.com:5000/v2/: EOF
32 minutes ago
8. 访问 OpenShift 控制台
https://master.example.com:8443 redhat/welcome1
没有评论:
发表评论