21.2. bastion 가상 머신으로 OpenShift Container Platform 설치

절차

1. rhel-bastion 에 로그인합니다.

2. 다음 내용이 포함된 install_ocp.yaml 파일을 생성합니다.

   ---
   - name: Openshift on RHV
     hosts: localhost
     connection: local
     gather_facts: false
   
     vars_files:
       - vars.yaml
       - secure_vars.yaml
   
     pre_tasks:
       - ovirt_auth:
           url:      "{{ engine_url }}"
           username: "{{ engine_user }}"
           password: "{{ engine_password }}"
           insecure: "{{ engine_insecure }}"
           ca_file:  "{{ engine_cafile | default(omit) }}"
   
     roles:
       - role: openshift_ovirt
   
   - import_playbook: setup_dns.yaml
   - import_playbook: /usr/share/ansible/openshift-ansible/playbooks/prerequisites.yml
   - import_playbook: /usr/share/ansible/openshift-ansible/playbooks/openshift-node/network_manager.yml
   - import_playbook: /usr/share/ansible/openshift-ansible/playbooks/deploy_cluster.yml

3. 다음 내용이 포함된 setup_dns.yaml 파일을 생성합니다.

   - hosts: masters
     strategy: free
     tasks:
       - shell: "echo {{ ansible_default_ipv4.address }} {{ inventory_hostname }} etcd.{{ inventory_hostname.split('.', 1)[1] }} openshift-master.{{ inventory_hostname.split('.', 1)[1] }} openshift-public-master.{{ inventory_hostname.split('.', 1)[1] }} docker-registry-default.apps.{{ inventory_hostname.split('.', 1)[1] }} webconsole.openshift-web-console.svc registry-console-default.apps.{{ inventory_hostname.split('.', 1)[1] }} >> /etc/hosts"
         when: openshift_ovirt_all_in_one is defined | ternary((openshift_ovirt_all_in_one | bool), false)

4. 다음 콘텐츠를 포함하는 /etc/ansible/openshift_3_11.hosts Ansible 인벤토리 파일을 생성합니다.

   [workstation]
   localhost ansible_connection=local
   
   [all:vars]
   openshift_ovirt_dns_zone="{{ public_hosted_zone }}"
   openshift_web_console_install=true
   openshift_master_overwrite_named_certificates=true
   openshift_master_cluster_hostname="openshift-master.{{ public_hosted_zone }}"
   openshift_master_cluster_public_hostname="openshift-public-master.{{ public_hosted_zone }}"
   openshift_master_default_subdomain="{{ public_hosted_zone }}"
   openshift_public_hostname="{{openshift_master_cluster_public_hostname}}"
   openshift_deployment_type=openshift-enterprise
   openshift_service_catalog_image_version="{{ openshift_image_tag }}"
   
   [OSEv3:vars]
   # General variables
   debug_level=1
   containerized=false
   ansible_ssh_user=root
   os_firewall_use_firewalld=true
   openshift_enable_excluders=false
   openshift_install_examples=false
   openshift_clock_enabled=true
   openshift_debug_level="{{ debug_level }}"
   openshift_node_debug_level="{{ node_debug_level | default(debug_level,true) }}"
   osn_storage_plugin_deps=[]
   openshift_master_bootstrap_auto_approve=true
   openshift_master_bootstrap_auto_approver_node_selector={"node-role.kubernetes.io/master":"true"}
   osm_controller_args={"experimental-cluster-signing-duration": ["20m"]}
   osm_default_node_selector="node-role.kubernetes.io/compute=true"
   openshift_enable_service_catalog=false
   
   # Docker
   container_runtime_docker_storage_type=overlay2
   openshift_docker_use_system_container=false
   
   [OSEv3:children]
   nodes
   masters
   etcd
   lb
   
   [masters]
   [nodes]
   [etcd]
   [lb]

5. Red Hat Enterprise Linux KVM 게스트 이미지 다운로드 링크를 가져옵니다.

   1. Red Hat 고객 포털로 이동합니다. Red Hat Enterprise Linux 다운로드.
   2. Product Software(제품 소프트웨어 ) 탭에서 Red Hat Enterprise Linux KVM 게스트 이미지를 찾습니다.

   3. 지금 다운로드를 마우스 오른쪽 버튼으로 클릭하고 링크를 복사한 다음 저장합니다.

      bastion 가상 시스템을 생성할 때 복사한 링크를 사용하지 마십시오. 다운로드 링크는 시간에 민감하며 설치 플레이북을 실행하기 전에 복사해야 합니다.

6. 다음 콘텐츠를 사용하여 vars.yaml 파일을 생성하고 매개 변수 값을 업데이트합니다.

   ---
   # For detailed documentation of variables, see
   # openshift_ovirt: https://github.com/openshift/openshift-ansible/tree/master/roles/openshift_ovirt#role-variables
   # openshift installation: https://github.com/openshift/openshift-ansible/tree/master/inventory
   engine_url: https://<Manager_FQDN>/ovirt-engine/api 1
   engine_user: admin@internal
   engine_password: "{{ engine_password }}"
   engine_insecure: false
   engine_cafile: /etc/pki/ovirt-engine/ca.pem
   
   openshift_ovirt_vm_manifest:
     - name: 'master'
       count: 1
       profile: 'master_vm'
     - name: 'compute'
       count: 0
       profile: 'node_vm'
     - name: 'lb'
       count: 0
       profile: 'node_vm'
     - name: 'etcd'
       count: 0
       profile: 'node_vm'
     - name: infra
       count: 0
       profile: node_vm
   
   # Currently, only all-in-one installation (`openshift_ovirt_all_in_one: true`) is supported.
   # Multi-node installation (master and node VMs installed separately) will be supported in a future release.
   openshift_ovirt_all_in_one: true
   openshift_ovirt_cluster: Default
   openshift_ovirt_data_store: data
   openshift_ovirt_ssh_key: "{{ lookup('file', '/root/.ssh/id_rsa_ssh_ocp_admin.pub') }}"
   
   public_hosted_zone:
   # Uncomment to disable install-time checks, for smaller scale installations
   #openshift_disable_check: memory_availability,disk_availability,docker_image_availability
   
   qcow_url: <RHEL_KVM_guest_image_download_link> 2
   image_path: /var/tmp
   template_name: rhelguest7
   template_cluster: "{{ openshift_ovirt_cluster }}"
   template_memory: 4GiB
   template_cpu: 1
   template_disk_storage: "{{ openshift_ovirt_data_store }}"
   template_disk_size: 100GiB
   template_nics:
     - name: nic1
       profile_name: ovirtmgmt
       interface: virtio
   
   debug_vm_create: false
   wait_for_ip: true
   vm_infra_wait_for_ip_retries: 30
   vm_infra_wait_for_ip_delay: 20
   
   node_item: &node_item
     cluster: "{{ openshift_ovirt_cluster }}"
     template: "{{ template_name }}"
     memory: "8GiB"
     cores: "2"
     high_availability: true
     disks:
       - name: docker
         size: 15GiB
         interface: virtio
         storage_domain: "{{ openshift_ovirt_data_store }}"
       - name: openshift
         size: 30GiB
         interface: virtio
         storage_domain: "{{ openshift_ovirt_data_store }}"
     state: running
     cloud_init:
       root_password: "{{ root_password }}"
       authorized_ssh_keys: "{{ openshift_ovirt_ssh_key }}"
       custom_script: "{{ cloud_init_script_node | to_nice_yaml }}"
   
   openshift_ovirt_vm_profile:
     master_vm:
       <<: *node_item
       memory: 16GiB
       cores: "{{ vm_cores | default(4) }}"
       disks:
         - name: docker
           size: 15GiB
           interface: virtio
           storage_domain: "{{ openshift_ovirt_data_store }}"
         - name: openshift_local
           size: 30GiB
           interface: virtio
           storage_domain: "{{ openshift_ovirt_data_store }}"
         - name: etcd
           size: 25GiB
           interface: virtio
           storage_domain: "{{ openshift_ovirt_data_store }}"
       cloud_init:
         root_password: "{{ root_password }}"
         authorized_ssh_keys: "{{ openshift_ovirt_ssh_key }}"
         custom_script: "{{ cloud_init_script_master | to_nice_yaml }}"
     node_vm:
       <<: *node_item
     etcd_vm:
       <<: *node_item
     lb_vm:
       <<: *node_item
   
   cloud_init_script_node: &cloud_init_script_node
     packages:
       - ovirt-guest-agent
     runcmd:
       - sed -i 's/# ignored_nics =.*/ignored_nics = docker0 tun0 /' /etc/ovirt-guest-agent.conf
       - systemctl enable ovirt-guest-agent
       - systemctl start ovirt-guest-agent
       - mkdir -p /var/lib/docker
       - mkdir -p /var/lib/origin/openshift.local.volumes
       - /usr/sbin/mkfs.xfs -L dockerlv /dev/vdb
       - /usr/sbin/mkfs.xfs -L ocplv /dev/vdc
     mounts:
       - [ '/dev/vdb', '/var/lib/docker', 'xfs', 'defaults,gquota' ]
       - [ '/dev/vdc', '/var/lib/origin/openshift.local.volumes', 'xfs', 'defaults,gquota' ]
     power_state:
       mode: reboot
       message: cloud init finished - boot and install openshift
       condition: True
   cloud_init_script_master:
     <<: *cloud_init_script_node
     runcmd:
       - sed -i 's/# ignored_nics =.*/ignored_nics = docker0 tun0 /' /etc/ovirt-guest-agent.conf
       - systemctl enable ovirt-guest-agent
       - systemctl start ovirt-guest-agent
       - mkdir -p /var/lib/docker
       - mkdir -p /var/lib/origin/openshift.local.volumes
       - mkdir -p /var/lib/etcd
       - /usr/sbin/mkfs.xfs -L dockerlv /dev/vdb
       - /usr/sbin/mkfs.xfs -L ocplv /dev/vdc
       - /usr/sbin/mkfs.xfs -L etcdlv /dev/vdd
     mounts:
       - [ '/dev/vdb', '/var/lib/docker', 'xfs', 'defaults,gquota' ]
       - [ '/dev/vdc', '/var/lib/origin/openshift.local.volumes', 'xfs', 'defaults,gquota' ]
       - [ '/dev/vdd', '/var/lib/etcd', 'xfs', 'defaults,gquota' ]

   1

   관리자 시스템의 FQDN.

   2

   <qcow_url> 은 Red Hat Enterprise Linux KVM 게스트 이미지의 다운로드 링크입니다. Red Hat Enterprise Linux KVM 게스트 이미지 에는 이 플레이북에 필요한 cloud-init 패키지가 포함되어 있습니다. Red Hat Enterprise Linux를 사용하지 않는 경우, 이 플레이북을 실행하기 전에 cloud-init 패키지를 다운로드하여 수동으로 설치합니다.

7. OpenShift Container Platform을 설치합니다.

   # export ANSIBLE_ROLES_PATH="/usr/share/ansible/roles/:/usr/share/ansible/openshift-ansible/roles"
   # export ANSIBLE_JINJA2_EXTENSIONS="jinja2.ext.do"
   # ansible-playbook -i /etc/ansible/openshift_3_11.hosts install_ocp.yaml -e @vars.yaml -e @secure_vars.yaml --ask-vault-pass

8. 각 인프라 인스턴스에 대해 라우터의 DNS 항목을 만듭니다.
9. 라우터에서 애플리케이션에 트래픽을 전달할 수 있도록 라운드 로빈 라우팅을 구성합니다.
10. OpenShift Container Platform 웹 콘솔의 DNS 항목을 생성합니다.
11. 로드 밸런서 노드의 IP 주소를 지정합니다.