OpenShift 离线安装

离线安装 openshift 需要将安装过程中用的 rpm 包、docker image 以及 openshift-ansible 代码 在一台联网的机器上提前下载好。

本安装文档, 不包含 s2i 相关镜像和监控组件的离线安装。
本安装文档基于 RHEL 7.3,与 openshift 兼容的 docker rpm 包版本为 v1.9.1, 由于版本较老, api 与最新版本有出入,例如:不支持 digist 最为 tag。
如果使用 CentOS 则可安装最新版 docker。

联网设备下载所需软件

本节操作,需要在一台能联网的 RHEL7.3 系统(与安装 openshift 的目标机保持一致即可)上进行。

准备 RPM 包

搭建本地 YUM 源(假设 iso 挂载在 /mnt 目录)

cat > /etc/yum.repos.d/local.repo <<'eof'
[iso-repo]
name=Local iso repo
baseurl=file:///mnt/
enable=1
gpgcheck=0
eof

添加 openshift 相关 YUM 源

cat > /etc/yum.repos.d/openshift-ansible-centos-paas-sig.repo <<'eof'
[centos-openshift-origin]
name=CentOS OpenShift Origin
baseurl=http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS

[centos-openshift-origin-testing]
name=CentOS OpenShift Origin Testing
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS

[centos-openshift-origin-debuginfo]
name=CentOS OpenShift Origin DebugInfo
baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS

[centos-openshift-origin-source]
name=CentOS OpenShift Origin Source
baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin/
enabled=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
eof

添加 etcd 相关 YUM 源

cat > /etc/yum.repos.d/CentOS-Base.repo.repo <<'eof'
[extras]
name=CentOS-$releasever - Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra
baseurl=http://mirror.centos.org/centos/7.3.1611/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
eof

通过 yum 命令安装相关软件包时,可以选择 “d”(只下载、不安装),或者使用 --downloadonly 参数来获取相关的 rpm 及其全部依赖。

master 节点涉及的包

  • origin-master-1.5.1-1.el7.x86_64
  • origin-1.5.1-1.el7.x86_64
  • origin-node-1.5.1-1.el7.x86_64
  • origin-sdn-ovs-1.5.1-1.el7.x86_64
  • origin-clients-1.5.1-1.el7.x86_64
  • tuned-profiles-origin-node-1.5.1-1.el7.x86_64

node 节点涉及的包

  • origin-clients-1.5.1-1.el7.x86_64
  • origin-1.5.1-1.el7.x86_64
  • origin-node-1.5.1-1.el7.x86_64
  • origin-sdn-ovs-1.5.1-1.el7.x86_64
  • tuned-profiles-origin-node-1.5.1-1.el7.x86_64

etcd 涉及的包

  • etcd-3.1.9-1.el7

其他

  • docker
  • iproute
  • python-dbus
  • python-six
  • PyYAML
  • yum-utils
  • ansible

下载 rpm 包

yum install --downloadonly PyYAML ansible docker etcd-3.1.9-1.el7 iproute origin-1.5.1-1.el7.x86_64 origin-1.5.1-1.el7.x86_64 origin-clients-1.5.1-1.el7.x86_64 origin-clients-1.5.1-1.el7.x86_64 origin-master-1.5.1-1.el7.x86_64 origin-node-1.5.1-1.el7.x86_64 origin-node-1.5.1-1.el7.x86_64 origin-sdn-ovs-1.5.1-1.el7.x86_64 origin-sdn-ovs-1.5.1-1.el7.x86_64 python-dbus python-six tuned-profiles-origin-node-1.5.1-1.el7.x86_64 tuned-profiles-origin-node-1.5.1-1.el7.x86_64 yum-utils

下载的 rpm 位于/var/cache/yum/,可以使用如下命令,将 rpm 拷出备用:

mkdir rpms
find /var/cache/yum/ -iname '*.rpm' -exec cp {} rpms/ \;

位于本地 YUM 源中的 rpm 不会被下载,所以在安装 openshift 的目标机器上也需要搭建本地 YUM 源。

准备 docker images

安装 docker

yum install -y docker

安装过程涉及的 docker 镜像

  • docker.io/busybox:latest
  • docker.io/openshift/origin-haproxy-router:v1.5.1
  • docker.io/openshift/origin-deployer:v1.5.1
  • docker.io/openshift/origin-sti-builder:v1.5.1
  • docker.io/openshift/origin-pod:v1.5.1
  • docker.io/openshift/origin-docker-registry:v1.5.1
  • docker.io/cockpit/kubernetes:latest
  • docker.io/openshift/origin-metrics-cassandra:latest
  • docker.io/openshift/origin-metrics-hawkular-metrics:latest
  • docker.io/openshift/origin-metrics-heapster:latest

拉取镜像

 docker pull docker.io/busybox:latest docker.io/openshift/origin-haproxy-router:v1.5.1 docker.io/openshift/origin-deployer:v1.5.1 docker.io/openshift/origin-sti-builder:v1.5.1 docker.io/openshift/origin-pod:v1.5.1 docker.io/openshift/origin-docker-registry:v1.5.1 docker.io/cockpit/kubernetes:latest docker.io/openshift/origin-metrics-cassandra:latest docker.io/openshift/origin-metrics-hawkular-metrics:latest docker.io/openshift/origin-metrics-heapster:latest

将镜像导出为 tar 包

docker save -o oso1.5.1-images.tar docker.io/busybox:latest docker.io/openshift/origin-haproxy-router:v1.5.1 docker.io/openshift/origin-deployer:v1.5.1 docker.io/openshift/origin-sti-builder:v1.5.1 docker.io/openshift/origin-pod:v1.5.1 docker.io/openshift/origin-docker-registry:v1.5.1 docker.io/cockpit/kubernetes:latest docker.io/openshift/origin-metrics-cassandra:latest docker.io/openshift/origin-metrics-hawkular-metrics:latest docker.io/openshift/origin-metrics-heapster:latest

拉取 playbook 代码

git clone https://github.com/openshift/openshift-ansible

离线设备安装

将准备好的 rpm 包、镜像导出的 tar 包、playbook 代码 拷贝到所有目标机器。
本节相关操作,在需要安装 openshift 的设备上执行(离线环境)
本文档,以两节点 openshift 安装为示例。

安装 rpm

使用操作系统镜像,搭建本地 YUM 源

mount /dev/sr0 /mnt/

cat > /etc/yum.repos.d/local.repo <<'eof'
[iso-repo]
name=Local iso repo
baseurl=file:///mnt/
enable=1
gpgcheck=0
eof

安装 rpm 包

cd rpms
yum install ./*.rpm

删除 rpm 安装后生成的配置文件

 rm -rf /etc/origin/*

导入 docker 镜像

docker load -i ose3-images.tar

准备 playbook 代码

OpenShift-ansible 需要切换至于安装的 OpenShift 对应的版本,OpenShift v1.5.1 对应 OpenShift-ansible v3.5.1

cd openshift-ansible
git checkout openshift-ansible-3.5.1-1

注释掉< openshift-ansible home >/roles/openshift_repos/tasks/main.yaml 文件中的 “Configure origin yum repositories RHEL/CentOS” task,禁止生成 openshift yum repo 文件

[root@master openshift-ansible]# cat roles/openshift_repos/tasks/main.yaml
---
# TODO: Add flag for enabling EPEL repo, default to false

# TODO: Add subscription-management config, with parameters
#       for username, password, poolid(name), and official repos to
#       enable/disable. Might need to make a module that extends the
#       subscription management module to take a poolid and enable/disable the
#       proper repos correctly.

- assert:
    that: openshift_deployment_type in known_openshift_deployment_types
  when: not openshift.common.is_containerized | bool

- name: Ensure libselinux-python is installed
  package: name=libselinux-python state=present
  when: not openshift.common.is_containerized | bool

- name: Create any additional repos that are defined
  template:
    src: yum_repo.j2
    dest: /etc/yum.repos.d/openshift_additional.repo
  when: openshift_additional_repos | length > 0 and not openshift.common.is_containerized | bool
  notify: refresh cache

- name: Remove the additional repos if no longer defined
  file:
    dest: /etc/yum.repos.d/openshift_additional.repo
    state: absent
  when: openshift_additional_repos | length == 0 and not openshift.common.is_containerized | bool
  notify: refresh cache

- name: Configure origin gpg keys if needed
  copy:
    src: origin/gpg_keys/openshift-ansible-CentOS-SIG-PaaS
    dest: /etc/pki/rpm-gpg/
  notify: refresh cache
  when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora"
        and openshift_deployment_type == 'origin'
        and not openshift.common.is_containerized | bool
        and openshift_enable_origin_repo | default(true) | bool

#- name: Configure origin yum repositories RHEL/CentOS
#  copy:
#    src: origin/repos/openshift-ansible-centos-paas-sig.repo
#    dest: /etc/yum.repos.d/
#  notify: refresh cache
#  when: ansible_os_family == "RedHat" and ansible_distribution != "Fedora"
#        and openshift_deployment_type == 'origin'
#        and not openshift.common.is_containerized | bool
#        and openshift_enable_origin_repo | default(true) | bool

其他配置

在 /etc/hosts 中添加相关机器的域名解析

192.168.12.170 master.openshift.blabla.local
192.168.12.171 node.openshift.blabla.local

配置 ssh 无密码登录

ssh-keygen
ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.12.170
ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.12.171

安装 openshift

本小结操作,在 master 节点进行

在 /etc/ansible/hosts 中配置节点信息

# Create an OSEv3 group that contains the masters, nodes, and etcd groups
[OSEv3:children]
masters
nodes
etcd
 
# Set variables common for all OSEv3 hosts
[OSEv3:vars]
ansible_ssh_user=root
deployment_type=origin

[masters]
master.openshift.blabla.local
 
# host group for etcd
[etcd]
node.openshift.blabla.local
 
# host group for nodes, includes region info
[nodes]
master.openshift.blabla.local openshift_node_labels="{'region': 'infra', 'zone': 'default'}"
node.openshift.blabla.local openshift_node_labels="{'region': 'primary', 'zone': 'west'}"

ansible ping测试:

[root@master ~]#  ansible all -m ping
master.openshift.blabla.local | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}
node02.openshift.blabla.local | SUCCESS => {
    "changed": false, 
    "ping": "pong"
}

安装

ansible-playbook playbooks/byo/config.yml

执行 ansible-playbook 之前,务必确认各节点主机名是否正确

Links

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容