如何在Ubuntu 19.04/18.04/16.04上设置OpenShift Origin(OKD)
如何在Ubuntu 19.04/18.04/16.04上安装OpenShift Origin? OpenShift Origin(OKD)是Red Hat OpenShift的开源实现。简而言之,它是为开发,部署和管理基于容器的应用程序而优化的Kubernetes社区分发。 Openshift为我们提供了一个自助服务平台,可以根据需要创建,修改和部署应用程序。
OpenShift旨在确保更快的开发和发布生命周期。本教程旨在指导我们完成在Ubuntu 18.04/16.04上单节点OpenShift Origin的安装。不建议将此设置用于生产。有关生产用途,请参考Openshift Origin Cluster安装。
在Ubuntu上安装Docker CE
单节点安装将在Docker容器中运行所有OKD服务。主机系统上需要Docker Engine运行时。
导入Docker GPG密钥
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add
导入后,将Docker APT存储库添加到Ubuntu 18.04系统。
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
现在已添加Docker存储库,运行以下命令以更新系统并在Ubuntu上安装Docker CE。
sudo apt update && sudo apt -y install docker-ce
验证Docker Engine安装。
$docker version Client: Version: 18.09.3 API version: 1.39 Go version: go1.10.8 Git commit: 774a1f4 Built: Thu Nov 28 06:53:11 2019 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 18.09.3 API version: 1.39 (minimum version 1.12) Go version: go1.10.8 Git commit: 774a1f4 Built: Thu Nov 28 05:59:55 2019 OS/Arch: linux/amd64 Experimental: false
将用户帐户添加到docker组。
sudo usermod -aG docker $USER
在Ubuntu 19.04/18.04/16.04上下载OpenShift Origin
下载OpenShift客户端实用程序(oc),该实用程序用于在Ubuntu上引导Openshift Origin。撰写本文时,最新版本是3.11.0。
wget https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
解压缩下载的文件。
tar xvf openshift-origin-client-tools*.tar.gz
切换到创建的文件夹,并将" kubectl"和" oc"二进制文件复制到"/usr/local/bin"目录。
cd openshift-origin-client*/ sudo mv oc kubectl /usr/local/bin/
验证OpenShift客户端实用程序的安装。
$oc version oc v3.11.0+0cbc58b kubernetes v1.11.0+d4cacc0 features: Basic-Auth GSSAPI Kerberos SPNEGO
允许使用不安全的Docker注册表。
cat << EOF | sudo tee /etc/docker/daemon.json
{
"insecure-registries" : [ "172.30.0.0/16" ]
}
EOF
添加文件后重新启动Docker服务。
sudo systemctl restart docker
启动OpenShift Origin多合一服务器
通过运行以下命令来启动OKD服务器:
$oc cluster up
上面的命令将:在本地接口127.0.0.1:8443上启动OKD集群侦听在/console(127.0.0.1:8443)上的所有接口上启动Web控制台启动Kubernetes系统组件,配置注册表,路由器,初始模板,和默认项目。
设置Openshift Origin时可以应用许多选项,请使用以下方法查看它们:
$oc cluster up --help
成功安装后,我们应该获得与以下类似的输出。
Login to server …
Creating initial project "myproject" …
Server Information …
OpenShift server started.
The server is accessible via web console at:
https://127.0.0.1:8443
You are logged in as:
User: developer
Password: <any value>
To login as administrator:
oc login -u system:admin
下面的示例使用自定义选项。
$oc cluster up --routing-suffix=<ServerPublicIP>.xip.io \ --public-hostname=<ServerPulicDNSName>
或者仅公开/私有IP
oc cluster up --public-hostname=192.168.10.10
OpenShift集群配置文件将位于openshift.local.clusterup /目录中。
要以管理员身份登录,请使用:
$oc login -u system:admin Logged into "https://116.203.125.128:8443" as "system:admin" using existing credentials. You have access to the following projects and can switch between them with 'oc project ': * default kube-dns kube-proxy kube-public kube-system myproject openshift openshift-apiserver openshift-controller-manager openshift-core-operators openshift-infra openshift-node openshift-service-cert-signer openshift-web-console Using project "default.
更改为"默认"项目:
oc project default
如果不存在,请部署OKD群集集成的容器镜像注册表。
$oc adm registry Docker registry "docker-registry" service exists
检查当前项目状态。
$oc status
In project default on server https://192.168.10.10:8443
svc/docker-registry - 172.30.1.1:5000
dc/docker-registry deploys docker.io/openshift/origin-docker-registry:v3.11
deployment #1 deployed about an hour ago - 1 pod
svc/kubernetes - 172.30.0.1:443 -> 8443
svc/router - 172.30.119.192 ports 80, 443, 1936
dc/router deploys docker.io/openshift/origin-haproxy-router:v3.11
deployment #1 deployed about an hour ago - 1 pod
View details with 'oc describe /' or list everything with 'oc get all'.
在OKD上创建项目
现在我们已经安装并可以正常运行OKD,我们可以通过部署测试项目来测试部署。切换到测试用户帐户。
$oc login Authentication required for https://116.203.125.128:8443 (openshift) Username: developer Password: developer Login successful.
确认登录是否成功。
$oc whoami developer
使用oc new-project命令创建一个新项目。
$oc new-project dev --display-name="Project1 - Dev" --description="My Dev Project"
在浏览器中访问管理控制台
OKD包括一个Web控制台,可用于创建和管理操作。该Web控制台可通过https在端口" 8443"上的服务器IP /主机名上访问。
https://<IP|Hostname>:8443/console
如果在尝试访问OpenShift Web控制台时重定向到https://127.0.0.1:8443/,请执行以下操作:
1.停止OpenShift集群
$oc cluster down
2.编辑OCP配置文件。
$nano ./openshift.local.clusterup/openshift-controller-manager/openshift-master.kubeconfig
找到线路服务器:https://127.0.0.1:8443,然后替换为:
server: https://serverip:8443
3.然后启动集群:
$oc cluster up
我们应该看到带有用户名和密码形式的OpenShift Origin窗口,类似于以下窗口:
登录:
Username: developer Password: developer
我们应该看到类似于以下内容的仪表板。
可以从Web控制台创建项目。
给它一个名称,可选的显示名称和描述。如果单击项目名称,则应该转到项目管理仪表板,其中可以浏览目录,部署镜像和导入YAML/JSON。
可以从CLI查看已部署项目的状态。
$oc login
$oc project <projectname>
$oc status
In project My Project (myproject) on server https://116.203.125.128:8443
svc/parksmap-katacoda - 172.30.144.250:8080
dc/parksmap-katacoda deploys istag/parksmap-katacoda:1.0.0
deployment #1 deployed 4 minutes ago - 1 pod
2 infos identified, use 'oc status --suggest' to see details.
在OpenShift Origin上部署测试应用程序
现在,我们可以在集群中部署测试应用程序。
1.登录到Openshift集群:
$oc login
Authentication required for https://https://127.0.0.1:8443 (openshift)
Username: developer
Password: developer
Login successful.
You don't have any projects. You can try to create a new project, by running
oc new-project
2.创建一个测试项目。
$oc new-project test-project
3.从Docker Hub注册表中标记应用程序镜像。
$oc tag --source=docker openshift/deployment-example:v2 deployment-example:latest Tag deployment-example:latest set to openshift/deployment-example:v2.
4.将应用程序部署到OpenShift。
$oc new-app deployment-example
--> Found image da61bb2 (3 years old) in image stream "test-project/deployment-example" under tag "latest" for "deployment-example"
* This image will be deployed in deployment config "deployment-example"
* Port 8080/tcp will be load balanced by service "deployment-example"
* Other containers can access this service through the hostname "deployment-example"
* WARNING: Image "test-project/deployment-example:latest" runs as the 'root' user which Jan not be permitted by your cluster administrator
--> Creating resources ...
deploymentconfig.apps.openshift.io "deployment-example" created
service "deployment-example" created
--> Success
Application is not exposed. You can expose services to the outside world by executing one or more of the commands below:
'oc expose svc/deployment-example'
Run 'oc status' to view your app.
5.显示应用程序部署状态。
$oc status
In project test-project on server https://127.0.0.1:8443
svc/deployment-example - 172.30.15.201:8080
dc/deployment-example deploys istag/deployment-example:latest
deployment #1 deployed about a minute ago - 1 pod
2 infos identified, use 'oc status --suggest' to see details.
6.获取服务详细信息。
$oc get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE deployment-example ClusterIP 172.30.15.201 8080/TCP 18m $oc describe svc deployment-example Name: deployment-example Namespace: test-project Labels: app=deployment-example Annotations: openshift.io/generated-by=OpenShiftNewApp Selector: app=deployment-example,deploymentconfig=deployment-example Type: ClusterIP IP: 172.30.15.201 Port: 8080-tcp 8080/TCP TargetPort: 8080/TCP Endpoints: 172.17.0.12:8080 Session Affinity: None Events: <none>
7.测试应用程序本地访问。
curl http://172.30.15.201:8080
8.显示窗格状态
$oc get pods NAME READY STATUS RESTARTS AGE deployment-example-1-vmf7t 1/1 Running 0 21m
9.允许外部访问该应用程序。
$oc expose service/deployment-example route.route.openshift.io/deployment-example exposed $oc get routes NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD deployment-example deployment-example-testproject.services.theitroad.local deployment-example 8080-tcp None
10.测试对应用程序的外部访问。
打开浏览器中显示的URL。
请注意,我在部署期间将* .services.theitroad.localpointing指向通配OpenShift源服务器IP地址的IP地址和路由后缀设置为services.theitroad.local。
11.删除测试申请
$oc delete all -l app=deployment-example pod "deployment-example-1-8n8sd" deleted replicationcontroller "deployment-example-1" deleted service "deployment-example" deleted deploymentconfig.apps.openshift.io "deployment-example" deleted route.route.openshift.io "deployment-example" deleted $oc get pods No resources found.
