Red Hat Summit 红帽全球峰会支持控制台(Console)开发人员开始试用联系人

4.5. 管理 control plane 机器

control plane 机器集为 control plane 机器提供管理功能,与为计算机器提供的计算机器集类似。集群上的 control plane 机器集的可用性和初始状态取决于您的云供应商和您安装的 OpenShift Container Platform 版本。如需更多信息,请参阅开始使用 control plane 机器集

4.5.1. 在集群中添加 control plane 节点
复制链接

在裸机基础架构上安装集群时,您可以手动扩展到 4 或 5 个 control plane 节点。此流程中的示例使用 node-5 作为新的 control plane 节点。

先决条件

  • 已安装一个带有至少三个 control plane 节点的健康集群。
  • 您已创建了单个 control plane 节点,您要作为安装后任务添加到集群中。

流程

  1. 输入以下命令为新的 control plane 节点检索待处理的证书签名请求(CSR): 

    $ oc get csr | grep Pending
    Copy to Clipboard Toggle word wrap

  2. 输入以下命令为 control plane 节点批准所有待处理的 CSR: 

    $ oc get csr -o go-template='{{range .items}}{{if not .status}}{{.metadata.name}}{{"\n"}}{{end}}{{end}}' | xargs --no-run-if-empty oc adm certificate approve
    Copy to Clipboard Toggle word wrap
    重要

    您必须批准 CSR 才能完成安装。

  3. 输入以下命令确认 control plane 节点处于 Ready 状态: 

    $ oc get nodes
    Copy to Clipboard Toggle word wrap
    注意

    在安装程序置备的基础架构中,etcd Operator 依赖于 Machine API 来管理 control plane 并确保 etcd 仲裁。然后,Machine API 使用 Machine CR 代表和管理底层 control plane 节点。

  4. 创建 BareMetalHostMachine CR,并将其链接到 control plane 节点的节点 CR。

    1. 使用唯一 .metadata.name 值创建 BareMetalHost CR,如下例所示: 

      apiVersion: metal3.io/v1alpha1
kind: BareMetalHost
metadata:
  name: node-5
  namespace: openshift-machine-api
spec:
  automatedCleaningMode: metadata
  bootMACAddress: 00:00:00:00:00:02
  bootMode: UEFI
  customDeploy:
    method: install_coreos
  externallyProvisioned: true
  online: true
  userData:
    name: master-user-data-managed
    namespace: openshift-machine-api
# ...
      Copy to Clipboard Toggle word wrap

    2. 输入以下命令应用 BareMetalHost CR: 

      $ oc apply -f <filename>
      1
      Copy to Clipboard Toggle word wrap
      1
      将 <filename> 替换为 BareMetalHost CR 的名称。

    3. 使用以下示例中所示的唯一 .metadata.name 值创建 Machine CR: 

      apiVersion: machine.openshift.io/v1beta1
kind: Machine
metadata:
  annotations:
    machine.openshift.io/instance-state: externally provisioned
    metal3.io/BareMetalHost: openshift-machine-api/node-5
  finalizers:
  - machine.machine.openshift.io
  labels:
    machine.openshift.io/cluster-api-cluster: <cluster_name>
      1 
      
    machine.openshift.io/cluster-api-machine-role: master
    machine.openshift.io/cluster-api-machine-type: master
  name: node-5
  namespace: openshift-machine-api
spec:
  metadata: {}
  providerSpec:
    value:
      apiVersion: baremetal.cluster.k8s.io/v1alpha1
      customDeploy:
        method: install_coreos
      hostSelector: {}
      image:
        checksum: ""
        url: ""
      kind: BareMetalMachineProviderSpec
      metadata:
        creationTimestamp: null
      userData:
        name: master-user-data-managed
# ...
      Copy to Clipboard Toggle word wrap
      1
      <cluster_name> 替换为特定集群的名称,如 test-day2-1-6qv96

    4. 运行以下命令来获取集群名称: 

      $ oc get infrastructure cluster -o=jsonpath='{.status.infrastructureName}{"\n"}'
      Copy to Clipboard Toggle word wrap

    5. 输入以下命令应用 Machine CR: 

      $ oc apply -f <filename>
      1
      Copy to Clipboard Toggle word wrap
      1
      <filename> 替换为 Machine CR 的名称。

    6. 通过运行 link-machine-and-node.sh 脚本链接 BareMetalHostMachineNode 对象:

      1. 将以下 link-machine-and-node.sh 脚本复制到本地机器中: 

        #!/bin/bash

# Credit goes to
# https://bugzilla.redhat.com/show_bug.cgi?id=1801238.
# This script will link Machine object
# and Node object. This is needed
# in order to have IP address of
# the Node present in the status of the Machine.

set -e

machine="$1"
node="$2"

if [ -z "$machine" ] || [ -z "$node" ]; then
    echo "Usage: $0 MACHINE NODE"
    exit 1
fi

node_name=$(echo "${node}" | cut -f2 -d':')

oc proxy &
proxy_pid=$!
function kill_proxy {
    kill $proxy_pid
}
trap kill_proxy EXIT SIGINT

HOST_PROXY_API_PATH="http://localhost:8001/apis/metal3.io/v1alpha1/namespaces/openshift-machine-api/baremetalhosts"

function print_nics() {
    local ips
    local eob
    declare -a ips

    readarray -t ips < <(echo "${1}" \
                         | jq '.[] | select(. | .type == "InternalIP") | .address' \
                         | sed 's/"//g')

    eob=','
    for (( i=0; i<${#ips[@]}; i++ )); do
        if [ $((i+1)) -eq ${#ips[@]} ]; then
            eob=""
        fi
        cat <<- EOF
          {
            "ip": "${ips[$i]}",
            "mac": "00:00:00:00:00:00",
            "model": "unknown",
            "speedGbps": 10,
            "vlanId": 0,
            "pxe": true,
            "name": "eth1"
          }${eob}
EOF
    done
}

function wait_for_json() {
    local name
    local url
    local curl_opts
    local timeout

    local start_time
    local curr_time
    local time_diff

    name="$1"
    url="$2"
    timeout="$3"
    shift 3
    curl_opts="$@"
    echo -n "Waiting for $name to respond"
    start_time=$(date +%s)
    until curl -g -X GET "$url" "${curl_opts[@]}" 2> /dev/null | jq '.' 2> /dev/null > /dev/null; do
        echo -n "."
        curr_time=$(date +%s)
        time_diff=$((curr_time - start_time))
        if [[ $time_diff -gt $timeout ]]; then
            printf '\nTimed out waiting for %s' "${name}"
            return 1
        fi
        sleep 5
    done
    echo " Success!"
    return 0
}
wait_for_json oc_proxy "${HOST_PROXY_API_PATH}" 10 -H "Accept: application/json" -H "Content-Type: application/json"

addresses=$(oc get node -n openshift-machine-api "${node_name}" -o json | jq -c '.status.addresses')

machine_data=$(oc get machines.machine.openshift.io -n openshift-machine-api -o json "${machine}")
host=$(echo "$machine_data" | jq '.metadata.annotations["metal3.io/BareMetalHost"]' | cut -f2 -d/ | sed 's/"//g')

if [ -z "$host" ]; then
    echo "Machine $machine is not linked to a host yet." 1>&2
    exit 1
fi

# The address structure on the host doesn't match the node, so extract
# the values we want into separate variables so we can build the patch
# we need.
hostname=$(echo "${addresses}" | jq '.[] | select(. | .type == "Hostname") | .address' | sed 's/"//g')

set +e
read -r -d '' host_patch << EOF
{
  "status": {
    "hardware": {
      "hostname": "${hostname}",
      "nics": [
$(print_nics "${addresses}")
      ],
      "systemVendor": {
        "manufacturer": "Red Hat",
        "productName": "product name",
        "serialNumber": ""
      },
      "firmware": {
        "bios": {
          "date": "04/01/2014",
          "vendor": "SeaBIOS",
          "version": "1.11.0-2.el7"
        }
      },
      "ramMebibytes": 0,
      "storage": [],
      "cpu": {
        "arch": "x86_64",
        "model": "Intel(R) Xeon(R) CPU E5-2630 v4 @ 2.20GHz",
        "clockMegahertz": 2199.998,
        "count": 4,
        "flags": []
      }
    }
  }
}
EOF
set -e

echo "PATCHING HOST"
echo "${host_patch}" | jq .

curl -s \
     -X PATCH \
     "${HOST_PROXY_API_PATH}/${host}/status" \
     -H "Content-type: application/merge-patch+json" \
     -d "${host_patch}"

oc get baremetalhost -n openshift-machine-api -o yaml "${host}"
        Copy to Clipboard Toggle word wrap

      2. 输入以下命令使脚本可执行: 

        $ chmod +x link-machine-and-node.sh
        Copy to Clipboard Toggle word wrap

      3. 输入以下命令运行脚本: 

        $ bash link-machine-and-node.sh node-5 node-5
        Copy to Clipboard Toggle word wrap
        注意

        第一个 node-5 实例代表计算机,第二个实例代表该节点。

验证

  1. 通过执行预先存在的 control plane 节点之一来确认 etcd 成员:

    1. 输入以下命令打开到 control plane 节点的远程 shell 会话: 

      $ oc rsh -n openshift-etcd etcd-node-0
      Copy to Clipboard Toggle word wrap

    2. 列出 etcd 成员: 

      # etcdctl member list -w table
      Copy to Clipboard Toggle word wrap

  2. 输入以下命令检查 etcd Operator 配置过程,直到完成为止。预期输出显示 PROGRESSING 栏下的 False

    $ oc get clusteroperator etcd
    Copy to Clipboard Toggle word wrap

  3. 运行以下命令确认 etcd 健康状况:

    1. 打开到 control plane 节点的远程 shell 会话: 

      $ oc rsh -n openshift-etcd etcd-node-0
      Copy to Clipboard Toggle word wrap

    2. 检查端点健康状况。预期输出对于端点显示 处于健康状态

      # etcdctl endpoint health
      Copy to Clipboard Toggle word wrap

  4. 输入以下命令验证所有节点是否已就绪。预期输出显示每个节点条目旁边的 Ready 状态。 

    $ oc get nodes
    Copy to Clipboard Toggle word wrap

  5. 输入以下命令验证集群 Operator 是否可用。预期输出列出了每个 Operator,并在每个列出的 Operator 旁边显示可用状态为 True

    $ oc get ClusterOperators
    Copy to Clipboard Toggle word wrap

  6. 输入以下命令验证集群版本是否正确: 

    $ oc get ClusterVersion
    Copy to Clipboard Toggle word wrap

    输出示例

    NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version   OpenShift Container Platform.5    True        False         5h57m   Cluster version is OpenShift Container Platform.5
    Copy to Clipboard Toggle word wrap

返回顶部
Red Hat logoGithubredditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。 了解我们当前的更新.

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

Theme

© 2025 Red Hat