Starting an All-in-One Server
安装docker 1.13
参见我的docker blog
https://blog.csdn.net/zhixingheyi_tian/article/details/89374623
配置好代理
docker 上增加 insecure-registry
vi /etc/docker/daemon.json
{ "insecure-registries": ["172.30.0.0/16"] }
重启docker
systemctl daemon-reload
systemctl restart docker
设置OKD 相关环境
vim /etc/environment
no_proxy=.internal.example.com,10.0.0.1,10.0.0.2,10.0.0.3,.cluster.local,.svc,localhost,127.0.0.1,172.30.0.1,172.30.1.1,10.0.2.40,10.1.2.40
vim /etc/bashrc
export NO_PROXY=10.0.2.40,10.1.2.40,localhost,127.0.0.1,172.30.1.1,10.0.2.131,10.0.2.135,10.96.0.0/12,10.0.0.0/12,192.168.99.0/24,192.168.39.0/24,*.{}.com,10.239.47.*,*.sh.{}.com
启动OKD
oc cluster up --http-proxy='http://xxx:666' --https-proxy='http://xxx:666' --no-proxy=[.internal.example.com,10.0.0.1,10.0.0.2,10.0.0.3,.cluster.local,.svc,localhost,127.0.0.1,172.30.0.1,172.30.1.1,10.0.2.40,10.1.2.40]
检查
# kubectl cluster-info
Kubernetes master is running at https://127.0.0.1:8443
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
Error from server (Forbidden): services is forbidden: User "developer" cannot list services in the namespace "kube-system": no RBAC policy matched
# oc login -u system:admin
Logged into "https://127.0.0.1:8443" as "system:admin" using existing credentials.
You have access to the following projects and can switch between them with 'oc project <projectname>':
default
kube-dns
kube-proxy
kube-public
kube-system
* myproject
openshift
openshift-apiserver
openshift-controller-manager
openshift-core-operators
openshift-infra
openshift-node
openshift-service-cert-signer
openshift-web-console
Using project "myproject".
# kubectl cluster-info
Kubernetes master is running at https://127.0.0.1:8443
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
常用命令
# oc version
oc v3.11.0+0cbc58b
kubernetes v1.11.0+d4cacc0
features: Basic-Auth GSSAPI Kerberos SPNEGO
Server https://127.0.0.1:8443
kubernetes v1.11.0+d4cacc0
#oc config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: REDACTED
server: https://127.0.0.1:8443
name: 127-0-0-1:8443
contexts:
- context:
cluster: 127-0-0-1:8443
user: developer/127-0-0-1:8443
name: /127-0-0-1:8443/developer
- context:
cluster: 127-0-0-1:8443
user: xshen/127-0-0-1:8443
name: /127-0-0-1:8443/xshen
- context: