红帽全球峰会11.6. 创建没有 AWS STS 的 ROSA 集群
设置环境并安装 Red Hat OpenShift Service on AWS 经典架构(ROSA)后,创建一个集群。
本文档论述了如何设置 ROSA 集群。另外,您可以使用 AWS PrivateLink 创建 ROSA 集群。
AWS 安全令牌服务(STS)是推荐的凭证模式,用于在 Red Hat OpenShift Service on AWS 经典架构上安装和与之交互,因为它提供了增强的安全性。
11.6.1. 创建集群
您可以使用 ROSA CLI (rosa)在 AWS 经典架构(ROSA)集群上创建 Red Hat OpenShift Service。
先决条件
您已在 AWS 经典架构上安装了 Red Hat OpenShift Service。
目前,ROSA 安装不支持 AWS 共享 VPC。
流程
您可以使用默认设置或使用互动模式指定自定义设置来创建集群。要在创建集群时查看其他选项,请输入
rosa create cluster --help命令。创建集群最多可能需要 40 分钟。
注意对于生产环境工作负载,建议使用多个可用区(AZ)。默认值为单个可用区。使用
--help来手动设置这个选项,或使用互动模式进行此设置。使用默认集群设置创建集群:
rosa create cluster --cluster-name=<cluster_name>
$ rosa create cluster --cluster-name=<cluster_name>Copy to Clipboard Copied! Toggle word wrap Toggle overflow 输出示例
I: Creating cluster with identifier '1de87g7c30g75qechgh7l5b2bha6r04e' and name 'rh-rosa-test-cluster1' I: To view list of clusters and their status, run `rosa list clusters` I: Cluster 'rh-rosa-test-cluster1' has been created. I: Once the cluster is 'Ready' you will need to add an Identity Provider and define the list of cluster administrators. See `rosa create idp --help` and `rosa create user --help` for more information. I: To determine when your cluster is Ready, run `rosa describe cluster rh-rosa-test-cluster1`.
I: Creating cluster with identifier '1de87g7c30g75qechgh7l5b2bha6r04e' and name 'rh-rosa-test-cluster1' I: To view list of clusters and their status, run `rosa list clusters` I: Cluster 'rh-rosa-test-cluster1' has been created. I: Once the cluster is 'Ready' you will need to add an Identity Provider and define the list of cluster administrators. See `rosa create idp --help` and `rosa create user --help` for more information. I: To determine when your cluster is Ready, run `rosa describe cluster rh-rosa-test-cluster1`.Copy to Clipboard Copied! Toggle word wrap Toggle overflow 使用互动提示创建集群:
rosa create cluster --interactive
$ rosa create cluster --interactiveCopy to Clipboard Copied! Toggle word wrap Toggle overflow 要配置网络 IP 范围,您可以使用以下默认范围。有关使用手动模式的更多信息,请使用
rosa create cluster --help | grep cidr命令。在交互模式中,会提示您输入设置。- 节点 CIDR: 10.0.0.0/16
- Service CIDR: 172.30.0.0/16
- Pod CIDR: 10.128.0.0/14
输入以下命令检查集群的状态。在集群创建过程中,输出中的
State字段将从pending过渡到installing,最后变为ready。rosa describe cluster --cluster=<cluster_name>
$ rosa describe cluster --cluster=<cluster_name>Copy to Clipboard Copied! Toggle word wrap Toggle overflow 输出示例
Copy to Clipboard Copied! Toggle word wrap Toggle overflow 注意如果安装失败,或者
State字段在 40 分钟后没有变为ready,请检查安装故障排除文档以了解更多详细信息。通过观察 OpenShift 安装程序日志来跟踪集群创建的进度:
rosa logs install --cluster=<cluster_name> --watch
$ rosa logs install --cluster=<cluster_name> --watchCopy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}