| Version 6 (modified by yuna, 8 years ago) (diff) |
|---|
OpenShift?
デバッグノウハウ
診断
# oc adm diagnostics
サービスの状態確認
# oc status -v
Podの状態、ログ確認
# oc get pods # oc logs <Pod名>
コンテナの状態、ログ確認
# docker ps --alll # docker log <コンテナ名>
イメージのプッシュ(内部レジストリ)
■内部レジストリのURL確認
[root@os-master1 ~]# oc login -u system:admin
Logged into "https://os-master1.local:8443" as "system:admin" using existing credentials.
You have access to the following projects and can switch between them with 'oc project <projectname>':
* common
default
kube-public
kube-service-catalog
kube-system
logging
management-infra
openshift
openshift-infra
openshift-node
Using project "common".
[root@os-master1 ~]# oc get svc -n default
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
docker-registry 172.30.207.150 <none> 5000/TCP 3d
kubernetes 172.30.0.1 <none> 443/TCP,53/UDP,53/TCP 3d
registry-console 172.30.108.12 <none> 9000/TCP 3d
router 172.30.164.49 <none> 80/TCP,443/TCP,1936/TCP 3d
■イメージのタグを作成
# docker tag docker.io/nginx:latest 172.30.207.150:5000/common/nginx:latest
■一般ユーザ(not system:admin)権限でログインしなおす
# oc login
Authentication required for https://os-master1.local:8443 (openshift)
Username: admin
Password:
Login successful.
You have one project on this server: "common"
Using project "common".
■レジストリにログイン
# docker login -u $(oc whoami) -p $(oc whoami -t) 172.30.207.150:5000
Login Succeeded
■プッシュ
# docker push 172.30.207.150:5000/common/nginx:latest
イメージのプッシュ(外部レジストリ)
OpenShiftにログイン
[root@os-master1 ~]# oc login
Authentication required for https://os-master1.local:8443 (openshift)
Username: admin
Password:
Login successful.
You don't have any projects. You can try to create a new project, by running
oc new-project <projectname>
イメージをアップロードするプロジェクトを作成
[root@os-master1 ~]# oc new-project common
Now using project "common" on server "https://os-master1.local:8443".
You can add applications to this project with the 'new-app' command. For example, try:
oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-ex.git
レジストリにログイン
[root@os-master1 ~]# docker login -u $(oc whoami) -p $(oc whoami -t) docker-registry-default.router.default.svc.cluster.local
Login Succeeded
イメージのプッシュ
[root@os-master1 ~]# docker push docker-registry-default.router.default.svc.cluster.local/common/nginx:latest
The push refers to a repository [docker-registry-default.router.default.svc.cluster.local/common/nginx]
a103d141fc98: Pushed
73e2bd445514: Pushed
2ec5c0a4cb57: Pushed
latest: digest: sha256:926b086e1234b6ae9a11589c4cece66b267890d24d1da388c96dd8795b2ffcfb size: 948
OpenShift? Originのインストール
# yum install -y epel-release
(必要であれば)
# yum install -y docker
(OpenShift 3.5相当のOpenShift Originを使う場合)
# curl -k --location -O https://github.com/openshift/origin/releases/download/v1.5.1/openshift-origin-server-v1.5.1-7b451fc-linux-64bit.tar.gz
(OpenShift 3.6rc0相当のOpenShiftを利用する場合)
# curl -k --location -O https://github.com/openshift/origin/releases/download/v3.6.0-rc.0/openshift-origin-server-v3.6.0-rc.0-98b3d56-linux-64bit.tar.gz
# tar zxvf openshift-origin-server-*.tar.gz
# sudo mv openshift-* /opt/openshift
# firewall-cmd --permanent --add-port=8443/tcp
(firewalldが動作していれば)
# setenforce 0
# systemctl enable docker
# systemctl stop dnsmasq
# systemctl disable dnsmasq
(dnsmasqが動いていれば)
■下記のファイルの該当箇所を編集
○/etc/sysconfig/docker-storage
STORAGE_DRIVER='-s overlay2'
○/etc/sysconfig/docker
#OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
OPTIONS='--log-driver=journald --signature-verification=false'
○/etc/sysconfig/docker-network
DOCKER_NETWORK_OPTIONS='-dns 8.8.8.8'
○/etc/selinux/config
#SELINUXTYPE=enforcing
SELINUXTYPE=permissiv
■Docker / OpenShift実行
# systemctl restart docker
# cd /opt/openshift
# /opt/openshift/openshift start >& /var/log/openshift-console.log &
設定ファイルのパーミッション修正
# chmod +r "/opt/openshift/openshift.local.config/master/admin.kubeconfig"
■OpenShiftの利用
下記の環境変数を設定
export KUBECONFIG=/opt/openshift/openshift.local.config/master/admin.kubeconfig
export CURL_CA_BUNDLE=/opt/openshift/openshift.local.config/master/ca.crt
export PATH=/opt/openshift:${PATH}
$ oc login
※ ユーザadmin/パスワードadminでログインできれば成功
