3.1 更新操作系统,yum安装基本组件并重启(每台机器上操作)
1.系统准备
centos7.8
2.系统分区
/home 10GB
/var 40GB
/ 40GB
/usr/bin/local 2GB
/temp 2GB
空余未分配的空间40GB,用于docker存储空间设置。
3.系统设置
3.1 更新操作系统,yum安装基本组件并重启(每台机器上操作)
# yum update -y
# yum install wget git net-tools bind-utils yum-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct
# reboot
3.2 安装docker(每台机器上操作)
# yum install docker-1.13.1 -y
3.3 配置docker存储(每台机器上操作)
# docker-storage-setup
3.4 启动docker(每台机器上操作)
# systemctl enable docker
# systemctl start docker
# systemctl is-active docker
3.5 拉取镜像(每台机器上操作)
# docker pull docker.io/openshift/origin-node:v3.11.0
# docker pull docker.io/openshift/origin-control-plane:v3.11.0
# docker pull docker.io/openshift/origin-haproxy-router:v3.11.0
# docker pull docker.io/openshift/origin-deployer:v3.11.0
# docker pull docker.io/openshift/origin-template-service-broker:v3.11.0
# docker pull docker.io/openshift/origin-pod:v3.11.0
# docker pull docker.io/openshift/origin-docker-registry:v3.11.0
# docker pull docker.io/openshift/origin-console:v3.11.0
# docker pull docker.io/openshift/origin-service-catalog:v3.11.0
# docker pull docker.io/openshift/origin-web-console:v3.11.0
# docker pull docker.io/tripleorocky/coreos-prometheus-operator:v0.2
# docker pull quay.io/coreos/prometheus-operator:v0.23.2
# docker pull docker.io/grafana/grafana:5.2.1
# docker pull quay.io/coreos/etcd:v3.2.22
# docker pull docker.io/openshift/oauth-proxy:v1.1.0
3.6 防火墙设置及端口开放(每台机器上操作)
3.6.1 设置默认区域,立即生效无需重启
# firewall-cmd --set-default-zone=trusted
3.6.2 加一个端口到trusted区域永久生效
# firewall-cmd --zone=trusted --add-port=9200/tcp --permanent
# firewall-cmd --zone=trusted --add-port=9300/tcp --permanent
# firewall-cmd --zone=trusted --add-port=9090/tcp --permanent
# firewall-cmd --zone=trusted --add-port=9100/tcp --permanent
# firewall-cmd --zone=trusted --add-port=8443/tcp --permanent
# firewall-cmd --zone=trusted --add-port=10250/tcp --permanent
# firewall-cmd --zone=trusted --add-port=8444/tcp --permanent
# firewall-cmd --zone=trusted --add-port=1936/tcp --permanent
3.7 Hosts设置(每台机器上操作)
在3台机器的/etc/hosts文件中都写入:
192.168.0.21 master01 master01.example.com
192.168.0.32 node01
192.168.0.43 node02
3.8 开启SELINUX(每台机器上操作)
修改/etc/selinux/config文件:
SELINUX=enforcing
SELINUXTYPE=targeted
4 master01系统设置
4.1 配置SSH免密互信(只在master01)
配置master01能够免密登录其他两台机器即可。在master01节点上操作:
# ssh-keygen #生成秘钥 一路回车
# ssh-copy-id master01
# ssh-copy-id node01 #回车,输入yes,登录
# ssh-copy-id node02 #回车,输入yes,登录
配置完成后记得检查master01是否能ssh免密登录到node01和node02
4.2 安装ansible
# wget https://releases.ansible.com/ansible/ansible-2.6.5.tar.gz
# tar fxz ansible-2.6.5.tar.gz && cd ansible-2.6.5
# python setup.py install
4.3 下载安装okd的playbook
# cd ~
# wget https://github.com/openshift/openshift-ansible/archive/release-3.11.zip
# unzip release-3.11.zip
4.4 修改ansible的hosts文件(在master01节点操作)
编辑/etc/ansible/hosts
未完成,待续。
参考:
[1] https://blog.csdn.net/qq_17305249/article/details/104474566
[2] https://blog.csdn.net/qq_16240085/article/details/86004707
[3] https://docs.okd.io/3.11/getting_started/administrators.html