[go: up one dir, main page]
Scribd
Upload
66 views6 pages

Cách Cài OKD

This document provides instructions for installing OKD, an open source version of Kubernetes from Red Hat. The steps include: 1. Configuring networking and firewall rules, installing packages like DNS, HAProxy and httpd server. 2. Downloading and extracting the OKD client and installation files. 3. Creating an install directory and config files. 4. Generating ignition configs and installing them on machines to bootstrap the cluster. 5. Approving certificates, checking cluster status and configuring persistent storage. 6. Accessing the OpenShift web console once the cluster is available.

Uploaded by

huan le
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
66 views6 pages

Cách Cài OKD

This document provides instructions for installing OKD, an open source version of Kubernetes from Red Hat. The steps include: 1. Configuring networking and firewall rules, installing packages like DNS, HAProxy and httpd server. 2. Downloading and extracting the OKD client and installation files. 3. Creating an install directory and config files. 4. Generating ignition configs and installing them on machines to bootstrap the cluster. 5. Approving certificates, checking cluster status and configuring persistent storage. 6. Accessing the OpenShift web console once the cluster is available.

Uploaded by

huan le
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Cách cài OKD

echo 1 > /proc/sys/net/ipv4/ip_forward

yum update -y

sudo dnf install -y epel-release

sudo dnf update -y

sudo systemctl restart

cd

git clone https://github.com/cragr/okd4_files.git

cd okd4_files

sudo dnf -y install bind bind-utils

sudo cp named.conf /etc/named.conf

sudo cp named.conf.local /etc/named/

sudo mkdir /etc/named/zones

sudo cp db* /etc/named/zones

sudo systemctl enable named

sudo systemctl start named

sudo systemctl status named

sudo firewall-cmd --permanent --add-port=53/udp

sudo firewall-cmd --reload

sudo systemctl restart NetworkManager

sudo dnf install haproxy -y

sudo cp haproxy.cfg /etc/haproxy/haproxy.cfg

sudo setsebool -P haproxy_connect_any 1

sudo systemctl enable haproxy

sudo systemctl start haproxy

sudo systemctl status haproxy

sudo firewall-cmd --permanent --add-port=6443/tcp

sudo firewall-cmd --permanent --add-port=22623/tcp


sudo firewall-cmd --permanent --add-service=http

sudo firewall-cmd --permanent --add-service=https

sudo firewall-cmd --reload

sudo dnf install -y httpd

sudo sed -i 's/Listen 80/Listen 8080/' /etc/httpd/conf/httpd.conf

sudo setsebool -P httpd_read_user_content 1

sudo systemctl enable httpd

sudo systemctl start httpd

sudo firewall-cmd --permanent --add-port=8080/tcp

sudo firewall-cmd --reload

wget https://github.com/openshift/okd/releases/download/4.10.0-0.okd-2022-07-09-073606/
openshift-install-linux-4.10.0-0.okd-2022-07-09-073606.tar.gz

wget https://github.com/openshift/okd/releases/download/4.10.0-0.okd-2022-07-09-073606/
openshift-client-linux-4.10.0-0.okd-2022-07-09-073606.tar.gz

tar -zxvf openshift-client-linux-4.10.0-0.okd-2022-07-09-073606.tar.gz

tar -zxvf openshift-install-linux-4.10.0-0.okd-2022-07-09-073606.tar.gz

sudo mv kubectl oc openshift-install /usr/local/bin/

oc version

openshift-install version

ssh-keygen

cd

mkdir install_dir

cp okd4_files/install-config.yaml ./install_dir

vim ./install_dir/install-config.yaml

cp ./install_dir/install-config.yaml ./install_dir/install-config.yaml.bak

openshift-install create manifests --dir=install_dir/

sed -i 's/mastersSchedulable: true/mastersSchedulable: False/' install_dir/manifests/cluster-scheduler-


02-config.yml

openshift-install create ignition-configs --dir=install_dir/

sudo mkdir /var/www/html/okd4


sudo cp -R install_dir/* /var/www/html/okd4/

sudo chown -R apache: /var/www/html/

sudo chmod -R 755 /var/www/html/

openshift-install coreos print-stream-json | grep '\.iso[^.]' # sau đó tải bản iso mới nhất khi list ra được
boot các máy theo worker master bootstrap trên mỗi máy chạy lệnh

sudo coreos-installer install --ignition-url=http://<HTTP_server>/<node_type>.ign <device> --ignition-


insecure

Ví dụ node bootstrap

coreos-installer install --ignition-url=http://192.168.x.x/okd4/bootstrap.ign /dev/sda --ignition-insecure

node master

coreos-installer install --ignition-url=http://192.168.x.x/okd4/master.ign /dev/sda --ignition-insecure

node worker

coreos-installer install --ignition-url=http://192.168.x.x/okd4/worker.ign /dev/sda --ignition-insecure

ở 1 terminal khác chạy lệnh

openshift-install --dir=111/ wait-for bootstrap-complete --log-level=debug

remove the bootstap thì tắt serserver bootstrap đi khi có thông báo như hình

đợi tầm 30 đến 50 phút thì cụm okd sẽ run lên ok sau đó remove server bootstrap ra khỏi haproxy

sudo sed '/ okd4-bootstrap /s/^/#/' /etc/haproxy/haproxy.cfg

sudo systemctl reload haproxy

export KUBECONFIG=~/install_dir/auth/kubeconfig

oc whoami

oc get nodes

oc get csr
wget -O jq https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64

chmod +x jq

sudo mv jq /usr/local/bin/

jq –version

oc get csr -ojson | jq -r '.items[] | select(.status == {} ) | .metadata.name' | xargs oc adm certificate


approve # lệnh này dung để approve các cert đang pendding của okd

oc get clusteroperators # check các thành phần đang start của cụm okd

Khi nào cột available true hết là run thành cồn cụm okd. Phần này thường đợi khá lâu

cat install_dir/auth/kubeadmin-password # lấy pass log in console của okd

link login

https://console-openshift-console.apps.lab.okd.local/

user kubeadmin pass là cái vừa lấy ở trên

cài persitance volume cho okd ở 1 máy làm storage


sudo dnf install -y nfs-utils

sudo systemctl enable nfs-server rpcbind

sudo systemctl start nfs-server rpcbind

sudo mkdir -p /var/nfsshare/registry

sudo chmod -R 777 /var/nfsshare

sudo chown -R nobody:nobody /var/nfsshare

echo '/var/nfsshare 192.168.1.0/24(rw,sync,no_root_squash,no_all_squash,no_wdelay)' | sudo tee


/etc/exports

sudo setsebool -P nfs_export_all_rw 1

sudo systemctl restart nfs-server

sudo firewall-cmd --permanent --zone=public --add-service mountd

sudo firewall-cmd --permanent --zone=public --add-service rpc-bind

sudo firewall-cmd --permanent --zone=public --add-service nfs

sudo firewall-cmd –reload

config lại okd để nhận persitance volume

oc create -f okd4_files/registry_pv.yaml

oc get pv

oc edit configs.imageregistry.operator.openshift.io
Sửa lại như ảnh

oc get pv

Check lại persitant volum ntn là ok

You might also like