服务器信息
在阿里云买了个抢占式的服务器,地区为华南广州,系统为Ubuntu 20.04,8核16GB。
安装Docker
命令如下:
$ apt-get update -y
$ apt-get upgrade -y
$ apt-get install -y docker.io
安装成功后,检查一下版本:
$ docker version
Client:
Version: 20.10.7
API version: 1.41
Go version: go1.13.8
Git commit: 20.10.7-0ubuntu5~20.04.2
Built: Mon Nov 1 00:34:17 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server:
Engine:
Version: 20.10.7
API version: 1.41 (minimum version 1.12)
Go version: go1.13.8
Git commit: 20.10.7-0ubuntu5~20.04.2
Built: Fri Oct 22 00:45:53 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.5.5-0ubuntu3~20.04.1
GitCommit:
runc:
Version: 1.0.1-0ubuntu2~20.04.1
GitCommit:
docker-init:
Version: 0.19.0
GitCommit:
要修改Docker配置文件,让它可以使用私有的registry:
cat << EOF | sudo tee /etc/docker/daemon.json
{
"insecure-registries" : [ "172.30.0.0/16" ]
}
EOF
然后重启一下Docker即可:
systemctl restart docker
安装OpenShift
下载并解压对应的可执行文件:
# 下载
$ wget https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
# 解压
$ tar xvf openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
# 复制到bin目录
$ cp openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit/oc /usr/local/bin/
$ cp openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit/kubectl /usr/local/bin/
# 检查版本
$ oc version
oc v3.11.0+0cbc58b
kubernetes v1.11.0+d4cacc0
features: Basic-Auth GSSAPI Kerberos SPNEGO
启动集群,第一次需要比较长的时候,因为需要下载镜像:
$ oc cluster up
Getting a Docker client ...
Checking if image openshift/origin-control-plane:v3.11 is available ...
Creating shared mount directory on the remote host ...
Determining server IP ...
Checking if OpenShift is already running ...
Checking for supported Docker version (=>1.22) ...
Checking if insecured registry is configured properly in Docker ...
Checking if required ports are available ...
Checking if OpenShift client is configured properly ...
Checking if image openshift/origin-control-plane:v3.11 is available ...
Starting OpenShift using openshift/origin-control-plane:v3.11 ...
I0301 22:24:39.111730 51771 flags.go:30] Running "create-kubelet-flags"
I0301 22:24:39.541760 51771 run_kubelet.go:49] Running "start-kubelet"
I0301 22:24:39.624336 51771 run_self_hosted.go:181] Waiting for the kube-apiserver to be ready ...
I0301 22:25:30.631581 51771 interface.go:26] Installing "kube-proxy" ...
I0301 22:25:30.631597 51771 interface.go:26] Installing "kube-dns" ...
I0301 22:25:30.631604 51771 interface.go:26] Installing "openshift-service-cert-signer-operator" ...
I0301 22:25:30.631609 51771 interface.go:26] Installing "openshift-apiserver" ...
I0301 22:25:30.631624 51771 apply_template.go:81] Installing "openshift-apiserver"
I0301 22:25:30.631673 51771 apply_template.go:81] Installing "kube-dns"
I0301 22:25:30.631682 51771 apply_template.go:81] Installing "openshift-service-cert-signer-operator"
I0301 22:25:30.631689 51771 apply_template.go:81] Installing "kube-proxy"
I0301 22:25:31.680155 51771 interface.go:41] Finished installing "kube-proxy" "kube-dns" "openshift-service-cert-signer-operator" "openshift-apiserver"
I0301 22:29:04.695159 51771 run_self_hosted.go:242] openshift-apiserver available
I0301 22:29:04.695183 51771 interface.go:26] Installing "openshift-controller-manager" ...
I0301 22:29:04.695201 51771 apply_template.go:81] Installing "openshift-controller-manager"
I0301 22:29:05.924403 51771 interface.go:41] Finished installing "openshift-controller-manager"
Adding default OAuthClient redirect URIs ...
Adding registry ...
Adding router ...
Adding centos-imagestreams ...
Adding sample-templates ...
Adding persistent-volumes ...
Adding web-console ...
I0301 22:29:05.934015 51771 interface.go:26] Installing "openshift-image-registry" ...
I0301 22:29:05.934027 51771 interface.go:26] Installing "openshift-router" ...
I0301 22:29:05.934034 51771 interface.go:26] Installing "centos-imagestreams" ...
I0301 22:29:05.934039 51771 interface.go:26] Installing "sample-templates" ...
I0301 22:29:05.934045 51771 interface.go:26] Installing "persistent-volumes" ...
I0301 22:29:05.934050 51771 interface.go:26] Installing "openshift-web-console-operator" ...
I0301 22:29:05.934129 51771 interface.go:26] Installing "sample-templates/mongodb" ...
I0301 22:29:05.934141 51771 apply_list.go:67] Installing "centos-imagestreams"
I0301 22:29:05.934172 51771 apply_list.go:67] Installing "sample-templates/mongodb"
I0301 22:29:05.934145 51771 interface.go:26] Installing "sample-templates/mysql" ...
I0301 22:29:05.934296 51771 interface.go:26] Installing "sample-templates/cakephp quickstart" ...
I0301 22:29:05.934306 51771 interface.go:26] Installing "sample-templates/django quickstart" ...
I0301 22:29:05.934315 51771 interface.go:26] Installing "sample-templates/rails quickstart" ...
I0301 22:29:05.934326 51771 interface.go:26] Installing "sample-templates/mariadb" ...
I0301 22:29:05.934335 51771 interface.go:26] Installing "sample-templates/postgresql" ...
I0301 22:29:05.934343 51771 interface.go:26] Installing "sample-templates/dancer quickstart" ...
I0301 22:29:05.934351 51771 interface.go:26] Installing "sample-templates/nodejs quickstart" ...
I0301 22:29:05.934360 51771 interface.go:26] Installing "sample-templates/jenkins pipeline ephemeral" ...
I0301 22:29:05.934375 51771 interface.go:26] Installing "sample-templates/sample pipeline" ...
I0301 22:29:05.934409 51771 apply_list.go:67] Installing "sample-templates/sample pipeline"
I0301 22:29:05.934539 51771 apply_list.go:67] Installing "sample-templates/mysql"
I0301 22:29:05.934635 51771 apply_list.go:67] Installing "sample-templates/cakephp quickstart"
I0301 22:29:05.934722 51771 apply_list.go:67] Installing "sample-templates/dancer quickstart"
I0301 22:29:05.934724 51771 apply_list.go:67] Installing "sample-templates/nodejs quickstart"
I0301 22:29:05.934748 51771 apply_list.go:67] Installing "sample-templates/jenkins pipeline ephemeral"
I0301 22:29:05.934772 51771 apply_list.go:67] Installing "sample-templates/mariadb"
I0301 22:29:05.934796 51771 apply_list.go:67] Installing "sample-templates/django quickstart"
I0301 22:29:05.934815 51771 apply_list.go:67] Installing "sample-templates/rails quickstart"
I0301 22:29:05.934343 51771 apply_template.go:81] Installing "openshift-web-console-operator"
I0301 22:29:05.934826 51771 apply_list.go:67] Installing "sample-templates/postgresql"
I0301 22:29:08.010606 51771 interface.go:41] Finished installing "sample-templates/mongodb" "sample-templates/mysql" "sample-templates/cakephp quickstart" "sample-templates/django quickstart" "sample-templates/rails quickstart" "sample-templates/mariadb" "sample-templates/postgresql" "sample-templates/dancer quickstart" "sample-templates/nodejs quickstart" "sample-templates/jenkins pipeline ephemeral" "sample-templates/sample pipeline"
I0301 22:29:50.500686 51771 interface.go:41] Finished installing "openshift-image-registry" "openshift-router" "centos-imagestreams" "sample-templates" "persistent-volumes" "openshift-web-console-operator"
Login to server ...
Creating initial project "myproject" ...
Server Information ...
OpenShift server started.
The server is accessible via web console at:
https://127.0.0.1:8443
You are logged in as:
User: developer
Password: <any value>
To login as administrator:
oc login -u system:admin
登陆:
$ oc login -u system:admin
查看命令空间:
# oc get ns
NAME STATUS AGE
default Active 6m
kube-dns Active 6m
kube-proxy Active 6m
kube-public Active 6m
kube-system Active 6m
myproject Active 2m
openshift Active 3m
openshift-apiserver Active 6m
openshift-controller-manager Active 3m
openshift-core-operators Active 6m
openshift-infra Active 6m
openshift-node Active 3m
openshift-service-cert-signer Active 6m
openshift-web-console Active 3m
发现与kubectl差不多。
查看所有Pods如下:
$ oc get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default docker-registry-1-72zc5 1/1 Running 0 5m
default persistent-volume-setup-75s9s 0/1 Completed 0 6m
default router-1-nglvw 1/1 Running 0 6m
kube-dns kube-dns-zqs5d 1/1 Running 0 9m
kube-proxy kube-proxy-p75mh 1/1 Running 0 9m
kube-system kube-controller-manager-localhost 1/1 Running 0 9m
kube-system kube-scheduler-localhost 1/1 Running 0 9m
kube-system master-api-localhost 1/1 Running 0 8m
kube-system master-etcd-localhost 1/1 Running 0 8m
openshift-apiserver openshift-apiserver-4rwzd 1/1 Running 0 9m
openshift-controller-manager openshift-controller-manager-wvwkw 1/1 Running 0 6m
openshift-core-operators openshift-service-cert-signer-operator-6d477f986b-rkcww 1/1 Running 0 9m
openshift-core-operators openshift-web-console-operator-664b974ff5-vtwm8 1/1 Running 0 6m
openshift-service-cert-signer apiservice-cabundle-injector-8ffbbb6dc-6lkvl 1/1 Running 0 7m
openshift-service-cert-signer service-serving-cert-signer-668c45d5f-qjwkj 1/1 Running 0 7m
openshift-web-console webconsole-c877c8b45-m5hpx 1/1 Running 0 5m
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default docker-registry-1-72zc5 1/1 Running 0 5m
default persistent-volume-setup-75s9s 0/1 Completed 0 6m
default router-1-nglvw 1/1 Running 0 5m
kube-dns kube-dns-zqs5d 1/1 Running 0 8m
kube-proxy kube-proxy-p75mh 1/1 Running 0 8m
kube-system kube-controller-manager-localhost 1/1 Running 0 9m
kube-system kube-scheduler-localhost 1/1 Running 0 9m
kube-system master-api-localhost 1/1 Running 0 8m
kube-system master-etcd-localhost 1/1 Running 0 8m
openshift-apiserver openshift-apiserver-4rwzd 1/1 Running 0 8m
openshift-controller-manager openshift-controller-manager-wvwkw 1/1 Running 0 6m
openshift-core-operators openshift-service-cert-signer-operator-6d477f986b-rkcww 1/1 Running 0 8m
openshift-core-operators openshift-web-console-operator-664b974ff5-vtwm8 1/1 Running 0 6m
openshift-service-cert-signer apiservice-cabundle-injector-8ffbbb6dc-6lkvl 1/1 Running 0 7m
openshift-service-cert-signer service-serving-cert-signer-668c45d5f-qjwkj 1/1 Running 0 7m
openshift-web-console webconsole-c877c8b45-m5hpx 1/1 Running 0 5m
访问Dashboard
地址为:https://8.134.68.154:8443/console
但是访问会失败,会重定向到127.0.0.1,解决方案如下:
$ oc cluster down
$ rm -rf ./openshift.local.clusterup/
$ oc cluster up --public-hostname=8.134.68.154
重启后,再访问就可以了。
oc常用命令
# 登陆
oc login -u system -p admin https://8.134.68.154:8443
oc login -u developer -p pkslow https://8.134.68.154:8443
oc login -u=<username> -p=<password> --server=<your-openshift-server> --insecure-skip-tls-verify
# 切换project
oc project <myproject>
oc login -n <myproject>
# 创建资源
oc create -f myobject.yaml -n <myproject>
oc create configmap propsfilecm --from-file=application.properties
oc set volumes dc/myapp --add --overwrite=true --name=configmap-volume --mount-path=/data -t configmap --configmap-name=propsfilecm
oc create secret generic oia-secret --from-literal=username=myuser --from-literal=password=mypassword
oc set volumes dc/myapp --add --name=secret-volume --mount-path=/opt/app-root/ --secret-name=oia-secret
# 更新
oc patch svc mysvc --type merge --patch '{"spec":{"ports":[{"port": 8080, "targetPort": 5000 }]}}'
# 调试访问
oc exec <mypod> cat /opt/app-root/myapp.config
oc rsh <mypod
oc debug dc <mydc>
# 伸缩
oc scale dc <mydc> --replicas=5
oc autoscale dc/app-cli --min 2 --max 5 --cpu-percent=75
# 其它
oc whoami
oc status
oc logs pod <mypod>
oc get pods --all-namespaces
oc describe pod <mypod>
oc get services --sort-by=.metadata.name
oc delete all -l app=tomcat
oc delete pod <mypod> --grace-period=0
oc export bc,dc,is,svc --as-template=myapp.yaml
附
用到的Images:
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
openshift/origin-node v3.11 3f7a62b09e77 3 months ago 1.2GB
openshift/origin-control-plane v3.11 6608ab37a132 3 months ago 839MB
openshift/origin-haproxy-router v3.11 ecaa11886824 3 months ago 417MB
openshift/origin-deployer v3.11 d35bd5080535 3 months ago 390MB
openshift/origin-hyperkube v3.11 0cfb433fadc5 3 months ago 515MB
openshift/origin-cli v3.11 33db4aca59ae 3 months ago 390MB
openshift/origin-hypershift v3.11 9e866d795822 3 months ago 556MB
openshift/origin-pod v3.11 09e1f40f223e 3 months ago 267MB
openshift/origin-docker-registry v3.11 9dffb2abf1dd 3 years ago 310MB
openshift/origin-web-console v3.11 be30b6cce5fa 3 years ago 339MB
openshift/origin-service-serving-cert-signer v3.11 47dadf9d43b6 3 years ago 276MB