搭建OKD 4.5集群
此文以OKD 4.5版本为例!
一、系统资源及组件规划
节点名称 | 系统名称 | CPU/内存/网卡 | 磁盘 | IP地址 | OS | 组件 |
---|---|---|---|---|---|---|
Bastion | bastion.okd.mengshicheng.io | 4C/8G/ens192 | 128G | 192.168.15.10 | CentOS7 | CoreDNS/HAProxy/ETCD/HTTP/Registry |
Bootstrap | bootstrap.okd.mengshicheng.io | 4C/8G/ens192 | 128G | 192.168.15.20 | CoreOS | Bootstrap |
Master | master.okd.mengshicheng.io | 4C/16G/ens192 | 128G | 192.168.15.30 | CoreOS | OpenShift-Master |
Worker1 | worker1.okd.mengshicheng.io | 4C/16G/ens192 | 128G | 192.168.15.31 | CoreOS | OpenShift-Worker |
Worker2 | worker2.okd.mengshicheng.io | 4C/16G/ens192 | 128G | 192.168.15.32 | CoreOS | OpenShift-Worker |
二、系统软件安装与设置
1、安装基本软件
yum -y install vim bind-utils
2、设置防火墙、SELinux
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
三、Bastion节点设置
1、设置SSH登陆
创建SSH密钥:
ssh-keygen -t rsa -b 4096 -N '' -f ~/.ssh/id_rsa
启动ssh-agent进程为后台任务:
eval "$(ssh-agent -s)"
将SSH私钥添加到ssh-agent:
ssh-add ~/.ssh/id_rsa
2、部署openshift-client
下载openshift-client二进制文件:
参考地址:https://github.com/openshift/okd
下载地址:https://github.com/openshift/okd/releases/download/4.5.0-0.okd-2020-10-15-235428/openshift-client-linux-4.5.0-0.okd-2020-10-15-235428.tar.gz
解压openshift-client二进制文件至系统目录:
tar -xf openshift-client-linux-4.5.0-0.okd-2020-10-15-235428.tar.gz
mv oc kubectl /usr/local/bin/
oc version
kubectl version
3、部署openshift-install
下载openshift-install二进制文件:
参考地址:https://github.com/openshift/okd
下载地址:https://github.com/openshift/okd/releases/download/4.5.0-0.okd-2020-10-15-235428/openshift-install-linux-4.5.0-0.okd-2020-10-15-235428.tar.gz
解压openshift-install二进制文件至系统目录:
tar -xf openshift-install-linux-4.5.0-0.okd-2020-10-15-235428.tar.gz
mv openshift-install /usr/local/bin/
openshift-install version
4、部署DNS
4.1 部署CoreDNS
下载CoreDNS二进制文件:
参考地址:https://github.com/coredns/coredns
下载地址:https://github.com/coredns/coredns/releases/download/v1.8.6/coredns_1.8.6_linux_amd64.tgz
解压CoreDNS二进制文件至系统目录:
tar -xf coredns_1.8.6_linux_amd64.tgz
mv coredns /usr/local/bin
创建CoreDNS用户:
useradd coredns -s /sbin/nologin
创建CoreDNS配置文件:
cat > /etc/systemd/system/coredns.service << EOF
[Unit]
Description=CoreDNS DNS server
Documentation=https://coredns.io
After=network.target
[Service]
User=coredns
LimitNPROC=512
LimitNOFILE=1048576
NoNewPrivileges=true
WorkingDirectory=~
PermissionsStartOnly=true
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile
ExecReload=/bin/kill -SIGUSR1
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
创建Corefile配置文件:
mkdir /etc/coredns
cat > /etc/coredns/Corefile << EOF
.:53 {
template IN A apps.okd.mengshicheng.io {
match .*apps\.okd\.mengshicheng\.io
answer "{{ .Name }} 60 IN A 192.168.15.10"
fallthrough
}
etcd {
path /skydns
endpoint http://localhost:2379
fallthrough
}
prometheus
cache 160
loadbalance
forward . 114.114.114.114
log
}
EOF
启动CoreDNS,并设置自启动:
systemctl start coredns
systemctl enable coredns
systemctl status coredns
验证CoreDNS:
dig +short apps.okd.mengshicheng.io @127.0.0.1
4.2 部署ETCD
yum -y install etcd
启动ETCD,并设置自启动:
systemctl start etcd
systemctl enable etcd
systemctl status etcd
4.3 设置DNS
添加本地DNS:
cat > /etc/resolv.conf << EOF
# Generated by NetworkManager
search okd.mengshicheng.io
nameserver 192.168.15.10
nameserver 114.114.114.114
EOF
chattr +i /etc/resolv.conf
添加域名解析:
export ETCDCTL_API=3
etcdctl put /skydns/io/mengshicheng/okd/api '{"host":"192.168.15.10", "ttl":60}'
etcdctl put /skydns/io/mengshicheng/okd/api-int '{"host":"192.168.15.10", "ttl":60}'
etcdctl put /skydns/io/mengshicheng/okd/registry '{"host":"192.168.15.10", "ttl":60}'
etcdctl put /skydns/io/mengshicheng/okd/etcd '{"host":"192.168.15.30", "ttl":60}'
etcdctl put /skydns/io/mengshicheng/okd/_tcp/_etcd-server-ssl/x1 '{"host":"etcd.okd.mengshicheng.io", "ttl":60, "priority":0, "weight":10, "port":2380}'
etcdctl put /skydns/io/mengshicheng/okd/bastion '{"host":"192.168.15.10", "ttl":60}'
etcdctl put /skydns/io/mengshicheng/okd/bootstrap '{"host":"192.168.15.20", "ttl":60}'
etcdctl put /skydns/io/mengshicheng/okd/master '{"host":"192.168.15.30", "ttl":60}'
etcdctl put /skydns/io/mengshicheng/okd/worker1 '{"host":"192.168.15.31", "ttl":60}'
etcdctl put /skydns/io/mengshicheng/okd/worker2 '{"host":"192.168.15.32", "ttl":60}'
查看域名解析:
etcdctl get --prefix /skydns
验证域名解析:
dig +short api.okd.mengshicheng.io @127.0.0.1
dig +short api-int.okd.mengshicheng.io @127.0.0.1
dig +short registry.okd.mengshicheng.io @127.0.0.1
dig +short etcd.okd.mengshicheng.io @127.0.0.1
dig +short -t SRV _etcd-server-ssl._tcp.okd.mengshicheng.io @127.0.0.1
dig +short bootstrap.okd.mengshicheng.io @127.0.0.1
dig +short master.okd.mengshicheng.io @127.0.0.1
dig +short worker1.okd.mengshicheng.io @127.0.0.1
dig +short worker2.okd.mengshicheng.io @127.0.0.1
5、部署HAProxy
yum -y install haproxy
创建HAProxy配置文件:
cat > /etc/haproxy/haproxy.cfg << EOF
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
listen stats
bind :9000
mode http
stats enable
stats uri /
monitor-uri /healthz
frontend openshift-api-server
bind *:6443
default_backend openshift-api-server
mode tcp
option tcplog
backend openshift-api-server
balance source
mode tcp
server bootstrap 192.168.15.20:6443 check
server master 192.168.15.30:6443 check
frontend machine-config-server
bind *:22623
default_backend machine-config-server
mode tcp
option tcplog
backend machine-config-server
balance source
mode tcp
server bootstrap 192.168.15.20:22623 check
server master 192.168.15.30:22623 check
frontend ingress-http
bind *:80
default_backend ingress-http
mode tcp
option tcplog
backend ingress-http
balance source
mode tcp
server master 192.168.15.30:80 check
server worker1 192.168.15.31:80 check
server worker2 192.168.15.32:80 check
frontend ingress-https
bind *:443
default_backend ingress-https
mode tcp
option tcplog
backend ingress-https
balance source
mode tcp
server master 192.168.15.30:443 check
server worker1 192.168.15.31:443 check
server worker2 192.168.15.32:443 check
EOF
启动HAProxy,并设置自启动:
systemctl start haproxy
systemctl enable haproxy
systemctl status haproxy
6、部署HTTP
yum -y install podman httpd httpd-tools
避免端口冲突,修改/etc/httpd/conf/httpd.conf配置文件,将80端口修改为8080端口:
启动HTTP,并设置自启动:
systemctl start httpd
systemctl enable httpd
systemctl status httpd
创建HTTP文件目录:
mkdir /var/www/html/{os,ign}
下载镜像文件:
参考地址:https://getfedora.org/en/coreos/download
下载地址:
https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/32.20200715.3.0/x86_64/fedora-coreos-32.20200715.3.0-metal.x86_64.raw.xz.sig
https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/32.20200715.3.0/x86_64/fedora-coreos-32.20200715.3.0-metal.x86_64.raw.xz
将镜像文件移动至/var/www/html/os:
mv /root/fedora-coreos-32.20200715.3.0-metal.x86_64.raw.xz /var/www/html/os/coreos.raw.xz
mv /root/fedora-coreos-32.20200715.3.0-metal.x86_64.raw.xz.sig /var/www/html/os/coreos.raw.xz.sig
7、部署Registry
创建Registry文件目录:
mkdir -p /opt/registry/{auth,certs,data}
cd /opt/registry/certs
自签发证书,域名为 registry.okd.mengshicheng.io:
openssl req -subj '/CN=registry.okd.mengshicheng.io/O=My Company Name LTD./C=US' -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout domain.key -out domain.crt
将自签名证书复制到默认信任证书路径:
cp /opt/registry/certs/domain.crt /etc/pki/ca-trust/source/anchors/
update-ca-trust extract
为镜像仓库生成密钥,用户名/密码:admin:admin:
htpasswd -bBc /opt/registry/auth/htpasswd admin admin
echo -n admin:admin | base64
创建Registry认证文件:
cat > /root/pull-secret.json << EOF
{
"auths":{
"registry.okd.mengshicheng.io:5000":{
"auth":"YWRtaW46YWRtaW4=",
"email":"mengshicheng@mengshicheng.io"
}
}
}
EOF
添加本地域名解析:
echo 192.168.15.10 registry.okd.mengshicheng.io >> /etc/hosts
创建本地Registry:
podman run --name okd-registry -p 5000:5000 -v /opt/registry/data:/var/lib/registry:z -v /opt/registry/auth:/auth:z -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd -v /opt/registry/certs:/certs:z -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key -d docker.io/library/registry:2
拉取镜像至本地Registry:
oc adm -a /root/pull-secret.json release mirror --from=quay.io/openshift/okd:4.5.0-0.okd-2020-10-15-235428 --to=registry.okd.mengshicheng.io:5000/openshift/okd --to-release-image=registry.okd.mengshicheng.io:5000/openshift/okd:4.5.0-0.okd-2020-10-15-235428
验证本地Registry:
curl -u admin:admin -k https://registry.okd.mengshicheng.io:5000/v2/_catalog
查看本地Registry镜像:
curl -u admin:admin -k https://registry.okd.mengshicheng.io:5000/v2/openshift/okd/tags/list
8、创建OpenShift启动文件
查看id_rsa.pub文件:
cat /root/.ssh/id_rsa.pub
查看domain.crt文件:
cat /opt/registry/certs/domain.crt
Registry密钥信息:
pullSecret: '{"auths":{"registry.okd.mengshicheng.io:5000": {"auth": "YWRtaW46YWRtaW4=","email": "mengshicheng@mengshicheng.io"}}}'
创建OKD安装文件,将id_rsa.pub、domain.crt和密钥信息添加至OKD安装文件:
mkdir /root/okdinstall
cat > /root/okdinstall/install-config.yaml << EOF
apiVersion: v1
baseDomain: mengshicheng.io
compute:
- hyperthreading: Enabled
name: worker
replicas: 0
controlPlane:
hyperthreading: Enabled
name: master
replicas: 1
metadata:
name: okd
networking:
clusterNetwork:
- cidr: 10.244.0.0/16
hostPrefix: 24
networkType: OpenShiftSDN
serviceNetwork:
- 10.96.0.0/16
platform:
none: {}
fips: false
pullSecret: '{"auths":{"registry.okd.mengshicheng.io:5000": {"auth": "YWRtaW46YWRtaW4=","email": "mengshicheng@mengshicheng.io"}}}'
sshKey: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHwoS3r84iR6W9OY+InHLCvkIY9G+28KJe5VObfUA8TadHwdlFTmAk20DMV1/aamY4cne56KzBanLbPJrTt231p1WlleYrMh7zSMn9ruj4qc5phlz8aMM5jzE0QS1ws+U4PNwUdusuKAMr7SEeBRGu/ZejeJL/g5DyMSrowJFwNLMWU5m3yLmZMvo9yySlUiibgK1+aK3MlhrwypaTmelPKoYamXpKOXcu0hL9xOD10swTnS1WDsuEIhzRk74/7jdDUhqo1oaAGeWT4a3/Hp/nS5NSWW6ygO6ltPNx4E1ocPKArIEcydiyhpodis3ZcDkyd6BrXSJmrtGN57Zy+RzJ7DXoCV3jrezI6UU8xe339iBiQt2bJjym/5XeYjKzIUL8jVGZD648Un8P8POt8v3BokHTOj6hUTqdGqymoTSCdhLOVTFRUIfjfdoN3t1lrtsI2fGDJFkfyFqK4mNj9t3aTsn/tN8eAjN4YoJ7j3Nuee9w+8q/6/SodOuajB2da0wneS6XSLY5RopnbloWhfBFxh5PwTDismDFT3rWtlhHtvcFDe6A60CVROsl+7+kO1IC/WQ7LleyttFd8WlcjyF9UPymIlQSprCND8oVDs+EqXYQfh0LybbKV2eERx5RkjuzcJ//Z0xEuz+XDZ8NHZ8uwr0tlCL2PZOFqHfp+gSPEw== root@bastion.okd.mengshicheng.io'
additionalTrustBundle: |
-----BEGIN CERTIFICATE-----
MIIDeTCCAmGgAwIBAgIJAOs5pyfwlnjeMA0GCSqGSIb3DQEBCwUAMFMxJTAjBgNV
BAMMHHJlZ2lzdHJ5Lm9rZC5tZW5nc2hpY2hlbmcuaW8xHTAbBgNVBAoMFE15IENv
bXBhbnkgTmFtZSBMVEQuMQswCQYDVQQGEwJVUzAeFw0yMTExMTkwMDM5NTBaFw0y
MjExMTkwMDM5NTBaMFMxJTAjBgNVBAMMHHJlZ2lzdHJ5Lm9rZC5tZW5nc2hpY2hl
bmcuaW8xHTAbBgNVBAoMFE15IENvbXBhbnkgTmFtZSBMVEQuMQswCQYDVQQGEwJV
UzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALguZP/aBkFpryNh/Au5
mlf4jvvB4Q+jmzqtYkfnI0c1VM3XceHtCmn9GpZdLMb/vrj5HQhjlLUegvU5YL+a
tLmT7k4ovWhMqlBdIvhOzunfTqu+5vh37hwGGMDOYt76JWngRJhuGTRvG5/y4x6j
eT7jl7zYw4ZxLSpsnrqmR9dMWjKV6PnfiqTVAMdExvhpVbp4V29rmWbDgSCxyJn7
aDyujcsncxjCSQyWzx6E26GF1Sdu7J/gaM6VHoGV/cCzO7wwEo/Y5FcX0Fdt/z7C
b74FIcjiVBV+s6a/gGIhWuGc9TZ5a5LY7CR5PrgOIzxZrT6QKPz/9ffkHBwv0Kqf
fLsCAwEAAaNQME4wHQYDVR0OBBYEFLpjAFF3dgBB3JZ+dQubRjmRBcTAMB8GA1Ud
IwQYMBaAFLpjAFF3dgBB3JZ+dQubRjmRBcTAMAwGA1UdEwQFMAMBAf8wDQYJKoZI
hvcNAQELBQADggEBAFSjuAqoLff6GXQRSxMyr/pK0jfUF4vrT8DqRM0Ckh+WgV1Y
oslHw0Qy/CBpQBH6pH7PocoLJMrjg5eour/TC8e7NiLTeruN6o0i0blthmkaxvPU
xhSlDxZEhbNVrtt/r27R4yvzWDQ02c1dRXpvPAu203vdOC1wnMpVs1eh7sZWPCCY
i/w/gBjQBe63SHlRsxrxo709xgCTTYlPnO3KNjqG5sk+UZywkQJz/3qchbBZXbdF
8lYunzHT9bQYO0QTN1zJ71kHRq3ugqjsEJekbQSeyMpLyF13xp8p0ClBrfOHZgMU
eTPooLqedCRwtn0A5BVTMRavCFe/Tn7ur0vu7FI=
-----END CERTIFICATE-----
imageContentSources:
- mirrors:
- registry.okd.mengshicheng.io:5000/openshift/okd
source: quay.io/openshift/okd
- mirrors:
- registry.okd.mengshicheng.io:5000/openshift/okd
source: quay.io/openshift/okd-content
EOF
注意:BEGIN CERTIFICATE内容前含两个空格
生成点火文件:
cp /root/okdinstall/install-config.yaml /tmp/install-config.yaml.bak
openshift-install create manifests --dir=/root/okdinstall
cp /tmp/install-config.yaml.bak /root/okdinstall/install-config.yaml
openshift-install create ignition-configs --dir=/root/okdinstall
cp /root/okdinstall/*.ign /var/www/html/ign/
chmod 755 /var/www/html/ign/*
添加oc和kubectl使用权限:
mkdir /root/.kube
cp /root/okdinstall/auth/kubeconfig ~/.kube/config
四、Bootstrap节点设置
1、部署Bootstrap节点
下载Bootstrap节点启动镜像文件:
参考地址:https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos
下载地址:https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos/4.5/latest/rhcos-installer.x86_64.iso
启动Bootstrap节点,按TAB键,输入启动参数:
ip=192.168.15.20::192.168.15.254:255.255.240.0:bootstrap.okd.mengshicheng.io:ens192:none nameserver=192.168.15.10 coreos.inst.install_dev=sda coreos.inst.image_url=http://192.168.15.10:8080/os/coreos.raw.xz coreos.inst.ignition_url=http://192.168.15.10:8080/ign/bootstrap.ign
通过Bastion节点ssh进入Bootstrap:
ssh -i ~/.ssh/id_rsa core@192.168.15.20
查看运行Pod:
sudo crictl pods
查看监听6443端口:
netstat -an | grep 6443
查看监听22623端口:
netstat -an | grep 22623
验证Bootstrap节点状态:
curl -k https://localhost:22623/config/master
如果有返回,则证明节点状态正常
五、Master节点设置
1、部署Master节点
下载Master节点启动镜像文件:
参考地址:https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos
下载地址:https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos/4.5/latest/rhcos-installer.x86_64.iso
启动Master节点,按TAB键,输入启动参数:
ip=192.168.15.30::192.168.15.254:255.255.240.0:master.okd.mengshicheng.io:ens192:none nameserver=192.168.15.10 coreos.inst.install_dev=sda coreos.inst.image_url=http://192.168.15.10:8080/os/coreos.raw.xz coreos.inst.ignition_url=http://192.168.15.10:8080/ign/master.ign
通过Bastion节点ssh进入Master:
ssh -i ~/.ssh/id_rsa core@192.168.15.30
在Master节点上添加oc和kubectl使用权限:
mkdir .kube
scp -rp root@192.168.15.10:/root/.kube/config ./.kube
单Master节点部署,需调整副本数:
sudo cat > etcd_quorum_guard.yaml << EOF
- op: add
path: /spec/overrides
value:
- kind: Deployment
group: apps/v1
name: etcd-quorum-guard
namespace: openshift-machine-config-operator
unmanaged: true
EOF
oc patch clusterversion version --type json -p "$(cat etcd_quorum_guard.yaml)"
oc scale --replicas=1 deployment/etcd-quorum-guard -n openshift-machine-config-operator
2、修改HAProxy
在Bastion节点上,查看Bootstrap日志:
openshift-install wait-for bootstrap-complete --log-level=debug --dir=/root/okdinstall
INFO It is now safe to remove the bootstrap resources
修改/etc/haproxy/haproxy.cfg文件,删除Bootstrap节点:
重启HAProxy:
systemctl restart haproxy
systemctl status haproxy
3、查看集群状态
在Bastion或Master节点上查看集群状态:
oc get pods --all-namespaces
oc get nodes
4、查看登录信息
在Bastion节点上查看集群状态:
openshift-install wait-for install-complete --log-level=debug --dir=/root/okdinstall
六、Worker节点设置
1、部署Worker节点
下载Worker节点启动镜像文件:
参考地址:https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos
下载地址:https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos/4.5/latest/rhcos-installer.x86_64.iso
启动Worker1节点,按TAB键,输入启动参数:
ip=192.168.15.31::192.168.15.254:255.255.240.0:worker1.okd.mengshicheng.io:ens192:none nameserver=192.168.15.10 coreos.inst.install_dev=sda coreos.inst.image_url=http://192.168.15.10:8080/os/coreos.raw.xz coreos.inst.ignition_url=http://192.168.15.10:8080/ign/worker.ign
启动Worker2节点,按TAB键,输入启动参数:
ip=192.168.15.32::192.168.15.254:255.255.240.0:worker2.okd.mengshicheng.io:ens192:none nameserver=192.168.15.10 coreos.inst.install_dev=sda coreos.inst.image_url=http://192.168.15.10:8080/os/coreos.raw.xz coreos.inst.ignition_url=http://192.168.15.10:8080/ign/worker.ign
通过Bastion节点ssh进入Worker1:
ssh -i ~/.ssh/id_rsa core@192.168.15.31
通过Bastion节点ssh进入Worker2:
ssh -i ~/.ssh/id_rsa core@192.168.15.32
2、批准证书签名请求
在Master节点上批准证书签名请求(CSR):
oc get csr
oc adm certificate approve xxx或者执行以下命令批准所有CSR:
oc get csr -o json | jq -r '.items[] | select(.status == {} ) | .metadata.name' | xargs oc adm certificate approve
oc get csr
oc get csr -o json | jq -r '.items[] | select(.status == {} ) | .metadata.name' | xargs oc adm certificate approve
oc get csr
单Worker节点部署,需调整副本数:
oc scale --replicas=1 ingresscontroller/default -n openshift-ingress-operator
oc scale --replicas=1 deployment/console -n openshift-console
oc scale --replicas=1 deployment/downloads -n openshift-console
oc scale --replicas=1 deployment/oauth-openshift -n openshift-authentication
oc scale --replicas=1 deployment/packageserver -n openshift-operator-lifecycle-manager
oc scale --replicas=1 deployment/prometheus-adapter -n openshift-monitoring
oc scale --replicas=1 deployment/thanos-querier -n openshift-monitoring
oc scale --replicas=1 statefulset/prometheus-k8s -n openshift-monitoring
oc scale --replicas=1 statefulset/alertmanager-main -n openshift-monitoring
3、查看集群状态
在Bastion或Master节点上查看集群状态:
oc get pods --all-namespaces
oc get nodes
七、登录OpenShift
修改客户端DNS:
登录信息通过如下命令查看:
openshift-install wait-for install-complete --log-level=debug --dir=/root/okdinstall