使用CodeReady容器设置本地OpenShift 4.3群集
时间:2020-02-23 14:31:49 来源:igfitidea点击:
我们是否正在寻找一种在笔记本电脑中设置本地OpenShift 4群集的简便方法? Red Hat CodeReady容器使我们可以在本地便携式计算机或者台式计算机上运行最小的OpenShift 4.2或者更高版本的集群。这仅应用于开发和测试目的。并提供单独的教程以用于设置生产OpenShift 4集群。
RedHat CodeReady Containers是常规的OpenShift安装,具有以下显着区别:它使用一个既充当主节点又充当工作节点的节点。默认情况下,禁用machine-config和monitoring运算符。由于相同的原因,目前没有升级到OpenShift较新版本的路径。由于技术限制,CodeReady Containers集群是短暂的,需要从头开始重新创建OpenShift实例正在虚拟机中运行,这可能会导致其他一些差异,尤其是与外部网络的关系。
最低系统要求
CodeReady容器要求以下最低硬件和操作系统要求。
4个虚拟CPU(vCPU)8 GB内存35 GB存储空间
CodeReady容器可以在Linux,Windows和macOS上运行,但是此设置已在CentOS 7/8和Fedora 31上进行了测试。CodeReady容器作为Red Hat Enterprise Linux虚拟机提供,该虚拟机支持Linux,macOS和Microsoft的本机管理程序。
安装所需的软件包
CodeReady Containers要求在安装主机系统之前先将libvirt和NetworkManager软件包安装在主机系统上。
------- Fedora --------- sudo dnf install NetworkManager qemu-kvm libvirt virt-install sudo systemctl enable --now libvirtd ------ CentOS 7 -------- sudo yum -y install qemu-kvm libvirt virt-install bridge-utils NetworkManager sudo systemctl enable --now libvirtd ------ Ubuntu --------- sudo apt install qemu-kvm libvirt-daemon libvirt-daemon-system network-manager
安装CodeReady容器
从下面的URL下载最新的CRC二进制文件。
wget https://mirror.openshift.com/pub/openshift-v4/clients/crc/latest/crc-linux-amd64.tar.xz
解压缩下载的CodeReady容器档案。
tar xvf crc-linux-amd64.tar.xz
将二进制文件放入$PATH中。
cd crc*/ sudo cp crc /usr/local/bin
通过检查软件版本来确认安装。
$crc version crc version: 1.7.0+fa7e558 OpenShift version: 4.3.1 (embedded in binary)
要查看crc命令帮助页面,请运行:
$crc --help
CodeReady Containers is a tool that manages a local OpenShift 4.x cluster optimized for testing and development purposes
Usage:
crc [flags]
crc [command]
Available Commands:
config Modify crc configuration
console Open the OpenShift Web Console in the default browser
delete Delete the OpenShift cluster
help Help about any command
ip Get IP address of the running OpenShift cluster
oc-env Add the 'oc' binary to PATH
setup Set up prerequisites for the OpenShift cluster
start Start the OpenShift cluster
status Display status of the OpenShift cluster
stop Stop the OpenShift cluster
version Print version information
Flags:
-f, --force Forcefully perform an action
-h, --help help for crc
--log-level string log level (e.g. "debug | info | warn | error") (default "info")
部署CodeReady Containers虚拟机。
运行crc setup命令为CodeReady Containers虚拟机设置主机操作系统。
$crc setup
安装程序将在安装前检查安装要求。
INFO Checking if running as non-root INFO Caching oc binary INFO Setting up virtualization INFO Setting up KVM INFO Installing libvirt service and dependencies INFO Adding user to libvirt group INFO Enabling libvirt INFO Starting libvirt service INFO Will use root access: start libvirtd service INFO Checking if a supported libvirt version is installed INFO Installing crc-driver-libvirt INFO Removing older system-wide crc-driver-libvirt INFO Setting up libvirt 'crc' network INFO Starting libvirt 'crc' network INFO Checking if NetworkManager is installed INFO Checking if NetworkManager service is running INFO Writing Network Manager config for crc INFO Will use root access: write NetworkManager config in /etc/NetworkManager/conf.d/crc-nm-dnsmasq.conf INFO Will use root access: execute systemctl daemon-reload command INFO Will use root access: execute systemctl stop/start command INFO Writing dnsmasq config for crc INFO Will use root access: write dnsmasq configuration in /etc/NetworkManager/dnsmasq.d/crc.conf INFO Will use root access: execute systemctl daemon-reload command INFO Will use root access: execute systemctl stop/start command INFO Unpacking bundle from the CRC binary
安装完成后,运行以下命令以在笔记本计算机中启动OpenShift群集。
$crc start INFO Checking if running as non-root INFO Checking if oc binary is cached INFO Checking if Virtualization is enabled INFO Checking if KVM is enabled INFO Checking if libvirt is installed INFO Checking if user is part of libvirt group INFO Checking if libvirt is enabled INFO Checking if libvirt daemon is running INFO Checking if a supported libvirt version is installed INFO Checking if crc-driver-libvirt is installed INFO Checking if libvirt 'crc' network is available INFO Checking if libvirt 'crc' network is active INFO Checking if NetworkManager is installed INFO Checking if NetworkManager service is running INFO Checking if /etc/NetworkManager/conf.d/crc-nm-dnsmasq.conf exists INFO Checking if /etc/NetworkManager/dnsmasq.d/crc.conf exists ? Image pull secret [? for help] *
请注意,在安装过程中需要有效的OpenShift用户请求密码。可以从cloud.redhat.com上的"在笔记本电脑上安装:Red Hat CodeReady容器"页面的"拉出秘密"部分复制或者下载拉出秘密。
在提示时粘贴拉动秘密,然后集群设置将继续。
INFO Extracting bundle: crc_libvirt_4.3.1.crcbundle ... INFO Creating CodeReady Containers VM for OpenShift 4.3.1... INFO Verifying validity of the cluster certificates ... INFO Check internal and public DNS query ... INFO Copying kubeconfig file to instance dir ... INFO Adding user's pull secret and cluster ID ... INFO Starting OpenShift cluster ... [waiting 3m] INFO Then you can access it by running 'oc login -u developer -p developer https://api.crc.testing:6443' INFO To login as an admin, username is 'kubeadmin' and password is UMeRe-hBQAi-JJ4Bi-8ynRD INFO INFO You can now run 'crc console' and use these credentials to access the OpenShift web console Started the OpenShift cluster WARN The cluster might report a degraded or error state. This is expected since several operators have been disabled to lower the resource usage. For more information, please consult the documentation
成功设置后,将打印访问详细信息和凭据。
INFO Then you can access it by running 'oc login -u developer -p developer https://api.crc.testing:6443' INFO To login as an admin, username is 'kubeadmin' and password is UMeRe-hBQAi-JJ4Bi-8ynRD INFO You can now run 'crc console' and use these credentials to access the OpenShift web console
为了能够访问集群,请首先通过运行来设置环境。
$crc oc-env export PATH="/home/jmutai/.crc/bin:$PATH" eval $(crc oc-env)
运行终端中打印的命令,或者将其添加到~/.bashrc或者~/.zshrc文件中,然后进行源下载。
$vim ~/.bashrc export PATH="~/.crc/bin:$PATH" eval $(crc oc-env) -- Then source -- $source ~/.bashrc
使用打印出的命令以管理员身份登录:
$oc login -u kubeadmin -p UMeRe-hBQAi-JJ4Bi-8ynRD https://api.crc.testing:6443 The server uses a certificate signed by an unknown authority. You can bypass the certificate check, but any data you send to the server could be intercepted by others. Use insecure connections? (y/n): y Login successful. You have access to 53 projects, the list has been suppressed. You can list all projects with 'oc projects' Using project "default".
确认集群设置。
$oc cluster-info
Kubernetes master is running at https://api.crc.testing:6443
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
$oc get nodes
NAME STATUS ROLES AGE VERSION
crc-2n9vw-master-0 Ready master,worker 5d13h v1.14.6+6ac6aa4b0
$oc config view
apiVersion: v1
clusters:
- cluster:
insecure-skip-tls-verify: true
server: https://api.crc.testing:6443
name: api-crc-testing:6443
- cluster:
certificate-authority: /home/jmutai/.minikube/ca.crt
server: https://192.168.39.35:8443
name: minikube
contexts:
- context:
cluster: api-crc-testing:6443
user: developer/api-crc-testing:6443
name: /api-crc-testing:6443/developer
- context:
cluster: api-crc-testing:6443
namespace: default
user: kube:admin/api-crc-testing:6443
name: default/api-crc-testing:6443/kube:admin
- context:
cluster: minikube
user: minikube
name: minikube
current-context: default/api-crc-testing:6443/kube:admin
kind: Config
preferences: {}
users:
- name: developer/api-crc-testing:6443
user:
token: Pvqjq-b5HkV9UQtOYH8P9yOtm17MrOUVs-eaiSeQqXA
- name: kube:admin/api-crc-testing:6443
user:
token: LDrdGJMUpPUAxtg0IvWynedbtSBLjs8S2S6kdpvbMU8
- name: minikube
user:
client-certificate: /home/jmutai/.minikube/client.crt
client-key: /home/jmutai/.minikube/client.key
要查看集群运算符:
$oc get clusteroperators NAME VERSION AVAILABLE PROGRESSING DEGRADED SINCE authentication 4.3.1 True False False 23d cloud-credential 4.3.1 True False False 23d cluster-autoscaler 4.3.1 True False False 23d console 4.3.1 True False False 23d dns 4.3.1 True False False 16m image-registry 4.3.1 True False False 23d ingress 4.3.1 True False False 23d insights 4.3.1 True False False 23d kube-apiserver 4.3.1 True False False 23d kube-controller-manager 4.3.1 True False False 23d kube-scheduler 4.3.1 True False False 23d machine-api 4.3.1 True False False 23d machine-config 4.3.1 True False False 23d marketplace 4.3.1 True False False 15m monitoring 4.3.1 True False False 23d network 4.3.1 True False False 23d node-tuning 4.3.1 True False False 16m openshift-apiserver 4.3.1 True False False 23d openshift-controller-manager 4.3.1 True False False 10m openshift-samples 4.3.1 True False False 23d operator-lifecycle-manager 4.3.1 True False False 23d operator-lifecycle-manager-catalog 4.3.1 True False False 23d operator-lifecycle-manager-packageserver 4.3.1 True False False 15m service-ca 4.3.1 True False False 23d service-catalog-apiserver 4.3.1 True False False 23d service-catalog-controller-manager 4.3.1 True False False 23d storage 4.3.1 True False False 23d
访问OpenShift集群
我们可以从CLI或者通过在Web浏览器上打开OpenShift 4.x控制台来访问本地部署的OpenShift集群。
$oc login -u developer -p developer https://api.crc.testing:6443
The server uses a certificate signed by an unknown authority.
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): y
Login successful.
You don't have any projects. You can try to create a new project, by running
oc new-project <projectname>
以管理员身份访问:
$oc login -u kubeadmin -p UMeRe-hBQAi-JJ4Bi-8ynRD https://api.crc.testing:6443 Login successful. You have access to 51 projects, the list has been suppressed. You can list all projects with 'oc projects' Using project "default".
要从默认的Web浏览器打开控制台,请运行:
$crc console
使用先前打印的凭据登录。
在那里,我们正在运行一个集群。
停止OpenShift集群
要停止OpenShift集群,请运行以下命令:
$crc stop Stopping the OpenShift cluster, this Jan take a few minutes... Stopped the OpenShift cluster
可以通过运行以下命令随时启动虚拟机:
$crc start INFO Checking if running as non-root INFO Checking if oc binary is cached INFO Checking if Virtualization is enabled INFO Checking if KVM is enabled INFO Checking if libvirt is installed INFO Checking if user is part of libvirt group INFO Checking if libvirt is enabled INFO Checking if libvirt daemon is running INFO Checking if a supported libvirt version is installed INFO Checking if crc-driver-libvirt is installed INFO Checking if libvirt 'crc' network is available INFO Checking if libvirt 'crc' network is active INFO Checking if NetworkManager is installed INFO Checking if NetworkManager service is running INFO Checking if /etc/NetworkManager/conf.d/crc-nm-dnsmasq.conf exists INFO Checking if /etc/NetworkManager/dnsmasq.d/crc.conf exists INFO Starting CodeReady Containers VM for OpenShift 4.2.8... INFO Verifying validity of the cluster certificates ... INFO Check internal and public DNS query ... INFO Starting OpenShift cluster ... [waiting 3m] INFO INFO To access the cluster, first set up your environment by following 'crc oc-env' instructions INFO Then you can access it by running 'oc login -u developer -p developer https://api.crc.testing:6443' INFO To login as an admin, username is 'kubeadmin' and password is UMeRe-hBQAi-JJ4Bi-8ynRD INFO ...
删除CodeReady Containers虚拟机
如果要删除现有的CodeReady Containers虚拟机,请运行:
$crc delete
此命令将删除CodeReady容器虚拟机。
