Last active
October 1, 2019 15:18
-
-
Save alainpham/6c16075b546fee6d607cb5a9df3f96f1 to your computer and use it in GitHub Desktop.
Install Openshift
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [OSEv3:children] | |
| masters | |
| nodes | |
| etcd | |
| [masters] | |
| ${IP} openshift_ip=${IP} openshift_schedulable=true | |
| [etcd] | |
| ${IP} openshift_ip=${IP} | |
| [nodes] | |
| ${IP} openshift_ip=${IP} openshift_node_labels='{ "region": "infra", "node-role.kubernetes.io/compute": "true", "node-role.kubernetes.io/master": "true" }' | |
| [OSEv3:vars] | |
| ansible_ssh_user=root | |
| enable_excluders=False | |
| enable_docker_excluder=False | |
| ansible_service_broker_install=False | |
| oreg_auth_user=${RHUSER} | |
| oreg_auth_password=${RHPWD} | |
| openshift_docker_insecure_registries=172.30.0.0/16 | |
| containerized=False | |
| os_sdn_network_plugin_name='redhat/openshift-ovs-subnet' | |
| openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability | |
| deployment_type=openshift-enterprise | |
| openshift_deployment_type=openshift-enterprise | |
| template_service_broker_selector={"region":"infra"} | |
| openshift_metrics_image_version="v${VERSION}" | |
| openshift_logging_image_version="v${VERSION}" | |
| openshift_logging_elasticsearch_proxy_image_version="v1.0.0" | |
| openshift_logging_es_nodeselector={"node-role.kubernetes.io/infra":"true"} | |
| logging_elasticsearch_rollout_override=false | |
| osm_use_cockpit=true | |
| openshift_metrics_install_metrics=true | |
| openshift_metrics_duration=1 | |
| openshift_logging_install_logging=false | |
| openshift_logging_es_memory_limit=1200M | |
| openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}] | |
| openshift_master_htpasswd_file='/etc/origin/master/htpasswd' | |
| openshift_public_hostname=console.${DOMAIN} | |
| openshift_master_default_subdomain=apps.${DOMAIN} | |
| openshift_master_api_port=${API_PORT} | |
| openshift_master_console_port=${API_PORT} | |
| # deactivate ansible service broker | |
| openshift_enable_service_catalog=false | |
| ansible_service_broker_install=false | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [OSEv3:children] | |
| masters | |
| nodes | |
| etcd | |
| [masters] | |
| ${IP} openshift_ip=${IP} openshift_schedulable=true | |
| [etcd] | |
| ${IP} openshift_ip=${IP} | |
| [nodes] | |
| ${IP} openshift_ip=${IP} openshift_schedulable=true openshift_node_group_name="node-config-all-in-one" | |
| [OSEv3:vars] | |
| ansible_ssh_user=root | |
| enable_excluders=False | |
| enable_docker_excluder=False | |
| ansible_service_broker_install=False | |
| oreg_auth_user=${RHUSER} | |
| oreg_auth_password=${RHPWD} | |
| containerized=False | |
| os_sdn_network_plugin_name='redhat/openshift-ovs-subnet' | |
| openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability | |
| deployment_type=openshift-enterprise | |
| openshift_deployment_type=openshift-enterprise | |
| template_service_broker_selector={"region":"infra"} | |
| openshift_metrics_image_version="v${VERSION}" | |
| openshift_logging_image_version="v${VERSION}" | |
| openshift_logging_elasticsearch_proxy_image_version="v1.0.0" | |
| openshift_logging_es_nodeselector={"node-role.kubernetes.io/infra":"true"} | |
| logging_elasticsearch_rollout_override=false | |
| osm_use_cockpit=true | |
| openshift_metrics_install_metrics=true | |
| openshift_metrics_duration=1 | |
| openshift_logging_install_logging=false | |
| openshift_logging_es_memory_limit=1200M | |
| openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}] | |
| openshift_master_htpasswd_file='/etc/origin/master/htpasswd' | |
| openshift_public_hostname=console.${DOMAIN} | |
| openshift_master_default_subdomain=apps.${DOMAIN} | |
| openshift_master_api_port=${API_PORT} | |
| openshift_master_console_port=${API_PORT} | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget https://gist.githubusercontent.com/alainpham/6c16075b546fee6d607cb5a9df3f96f1/raw/6b3fbed1f170303ede862d0adcbd153067a94b78/inventory.download | |
| wget https://gist.github.com/alainpham/6c16075b546fee6d607cb5a9df3f96f1/raw/8ee699e29a7094f4be5da07bc5eef3d4d98f71a0/vol.yaml | |
| yum update -y | |
| yum install -y wget git zile nano net-tools docker bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct openssl-devel httpd-tools NetworkManager python-cryptography python2-pip python-devel python-passlib java-1.8.0-openjdk-headless ansible | |
| export IP=${IP:="$(ip route get 8.8.8.8 | awk '{print $NF; exit}')"} | |
| echo $IP | |
| export DOMAIN=${DOMAIN:="$IP.nip.io"} | |
| #export DOMAIN=${DOMAIN:="$(curl -s ipinfo.io/ip).nip.io"} | |
| #export DOMAIN=ocp.loc | |
| export USERNAME=x | |
| export PASSWORD=XX | |
| export VERSION=${VERSION:="3.11"} | |
| export API_PORT=${API_PORT:="8443"} | |
| export RHUSER= | |
| export RHPWD= | |
| cat <<EOD > /etc/hosts | |
| 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 | |
| ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 | |
| ${IP} $(hostname) console console.${DOMAIN} | |
| EOD | |
| cat /etc/hosts | |
| systemctl restart docker | |
| systemctl enable docker | |
| if [ ! -f ~/.ssh/id_rsa ]; then | |
| ssh-keygen -q -f ~/.ssh/id_rsa -N "" | |
| cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys | |
| ssh -o StrictHostKeyChecking=no root@$IP "pwd" < /dev/null | |
| fi | |
| envsubst < inventory.download > inventory.ini | |
| mkdir -p /etc/origin/master/ | |
| touch /etc/origin/master/htpasswd | |
| htpasswd -b /etc/origin/master/htpasswd ${USERNAME} ${PASSWORD} | |
| git clone https://github.com/openshift/openshift-ansible.git -b release-${VERSION} --depth=1 | |
| ansible-playbook -i inventory.ini openshift-ansible/playbooks/prerequisites.yml | |
| ansible-playbook -i inventory.ini openshift-ansible/playbooks/deploy_cluster.yml | |
| oc adm policy add-cluster-role-to-user cluster-admin ${USERNAME} | |
| for i in `seq 1 200`; | |
| do | |
| DIRNAME="vol$i" | |
| mkdir -p /mnt/data/$DIRNAME | |
| chcon -Rt svirt_sandbox_file_t /mnt/data/$DIRNAME | |
| chmod 777 /mnt/data/$DIRNAME | |
| sed "s/name: vol/name: vol$i/g" vol.yaml > oc_vol.yaml | |
| sed -i "s/path: \/mnt\/data\/vol/path: \/mnt\/data\/vol$i/g" oc_vol.yaml | |
| oc create -f oc_vol.yaml | |
| echo "created volume $i" | |
| done | |
| rm oc_vol.yaml | |
| ansible-playbook -i inventory.ini openshift-ansible/playbooks/openshift-logging/config.yml | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: PersistentVolume | |
| metadata: | |
| name: vol | |
| spec: | |
| capacity: | |
| storage: 500Gi | |
| accessModes: | |
| - ReadWriteOnce | |
| - ReadWriteMany | |
| persistentVolumeReclaimPolicy: Retain | |
| hostPath: | |
| path: /mnt/data/vol |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment