OCP - HackMD

--- tags: OCP --- # OCP ## CentOS - Openshift Original 環境安裝 * ### [CentOS-詳細安裝步驟(Openshift and Docker)](https://wiki.centos.org/zh-tw/SpecialInterestGroup/PaaS/OpenShift-Quickstart) ## windows - Openshift Original 環境安裝 * ### [docker desktop install 官網載點](https://docs.docker.com/docker-for-windows/install/) * ### [docker desktop install(附圖)](https://ithelp.ithome.com.tw/articles/10209242) * ### [oc command install 官方教學](https://www.openshift.com/blog/installing-oc-tools-windows) ![](https://i.imgur.com/U2EHkz8.jpg) ## Docker Image #### [撰寫DockerFile Run in Local](https://cwhu.medium.com/docker-tutorial-101-c3808b899ac6) #### [Docker 基本指令](https://medium.com/@VisonLi/docker-%E5%85%A5%E9%96%80-%E7%AD%86%E8%A8%98-part-2-91e4dfa2b365) ``` ----------- DockerFile 範例 (NodeJS) ------------ FROM node:14 WORKDIR /usr/src/CNSLine COPY package*.json ./ RUN npm install #If you are building your code for production #RUN npm ci --only=production #Bundle app source COPY . . EXPOSE 5022 CMD [ "node", "index.js" ] ``` ## Docker 常用 * ### 先檢查Docker Desktop 是否Start * ### 修改Docker Engine (環境設置) ![](https://i.imgur.com/QkkozX3.png) ``` { "builder": { "gc": { "defaultKeepStorage": "20GB", "enabled": true } }, "debug": false, "experimental": false, "features": { "buildkit": true }, "insecure-registries": [ "192.168.50.11" =========> [Harbor IP] ], "registry-mirrors": [] } ``` ### 創建Image ` $ docker build . -t [Image Name] ` ### 查看Image ` $ docker images ` ### Delete Image ` $ docker rmi [ image Name ] ` ### 查看目前起哪些container ` $ docker ps -a ` ### Stop container ` $ docker stop [ containerID ] ` ### 刪除 container ` $ docker rm [ containerID ] ` ### 登入 Harbor ` $ docker login [ HarborIP ] ` ### Tag image ` $ docker tag [ imageID ] [ HarborIP ]/[ Name ]/[ Project Name ] ` ### image Push ` $ docker push [ HarborIP ]/[ Name ]/[ Project Name ] ` ### Run Image On Localhost ` $ docker run -p [ PortInDockerFile ]:[ PortInDockerFile ] -it [ ImageID ] ` ------ ## Openshift Container ### Localhost 環境設置 ``` -------- C:\Windows\System32\drivers\etc\hosts --------- # OCP 10.255.78.14 console-openshift-console.apps.ocp.syc.com [必要] 10.255.78.14 oauth-openshift.apps.ocp.syc.com [必要] 10.255.78.14 downloads-openshift-console.apps.ocp.syc.com 10.255.78.14 api.ocp.syc.com [必要] 10.255.78.14 linebotinocp.com 10.255.78.14 linebotoutocp.com 10.255.78.14 linebotcnsocp.com ``` ### 指令 ---- ### 指令-Login #### 登入 <command> ``` $ oc login -u [userName] -p [userPassword] https://[網址]:6443 <ex> $ oc login -u kevin -p kevin12345 https://api.ocp.syc.com:6443 ``` #### 登入 <Token> ``` 1. 登入網頁版 2. 點選登入者 3. Copy Login Command ``` #### 查看現在Project ``` $ oc project ``` ### 指令-Node 資訊 #### 查詢此Cluster的所有Node ``` $ oc get nodes <ex Output> NAME STATUS ROLES AGE VERSION master.example.com Ready master 7h v1.13.4+b626c2fe1 node1.example.com Ready worker 7h v1.13.4+b626c2fe1 node2.example.com Ready worker 7h v1.13.4+b626c2fe1 ------------------------------- $ oc get nodes -o wide ===========> 所有Node的詳細訊息 <ex Output> NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME compute0.ocp.syc.com Ready worker 22d v1.18.3+002a51f 10.255.83.54 <none> Red Hat Enterprise Linux CoreOS 45.82.202008101249-0 (Ootpa) 4.18.0-193.14.3.el8_2.x86_64 cri-o://1.18.3-9.rhaos4.5.gitd047b0a.el8 compute1.ocp.syc.com Ready worker 22d v1.18.3+002a51f 10.255.83.55 <none> Red Hat Enterprise Linux CoreOS 45.82.202008101249-0 (Ootpa) 4.18.0-193.14.3.el8_2.x86_64 cri-o://1.18.3-9.rhaos4.5.gitd047b0a.el8 compute2.ocp.syc.com Ready worker 9d v1.18.3+002a51f 10.255.83.93 <none> Red Hat Enterprise Linux CoreOS 45.82.202008101249-0 (Ootpa) 4.18.0-193.14.3.el8_2.x86_64 cri-o://1.18.3-9.rhaos4.5.gitd047b0a.el8 compute3.ocp.syc.com Ready worker 9d v1.18.3+002a51f 10.255.83.94 <none> Red Hat Enterprise Linux CoreOS 45.82.202008101249-0 (Ootpa) 4.18.0-193.14.3.el8_2.x86_64 cri-o://1.18.3-9.rhaos4.5.gitd047b0a.el8 compute4.ocp.syc.com Ready worker 9d v1.18.3+002a51f 10.255.83.95 <none> Red Hat Enterprise Linux CoreOS 45.82.202008101249-0 (Ootpa) 4.18.0-193.14.3.el8_2.x86_64 cri-o://1.18.3-9.rhaos4.5.gitd047b0a.el8 master0.ocp.syc.com Ready master 22d v1.18.3+002a51f 10.255.83.51 <none> Red Hat Enterprise Linux CoreOS 45.82.202008101249-0 (Ootpa) 4.18.0-193.14.3.el8_2.x86_64 cri-o://1.18.3-9.rhaos4.5.gitd047b0a.el8 master1.ocp.syc.com Ready master 22d v1.18.3+002a51f 10.255.83.52 <none> Red Hat Enterprise Linux CoreOS 45.82.202008101249-0 (Ootpa) 4.18.0-193.14.3.el8_2.x86_64 cri-o://1.18.3-9.rhaos4.5.gitd047b0a.el8 ``` #### 查詢指定 Node 相關訊息 ``` $ oc describe node [Node Name] <ex Output> Name: compute3.ocp.syc.com Roles: worker Labels: beta.kubernetes.io/arch=amd64 ==========> 指定Node 需要用到 beta.kubernetes.io/os=linux kubernetes.io/arch=amd64 kubernetes.io/hostname=compute3.ocp.syc.com kubernetes.io/os=linux node-role.kubernetes.io/worker= node.openshift.io/os_id=rhcos Annotations: machineconfiguration.openshift.io/currentConfig: rendered-worker-e243752ad8d20ec187d724cba1f4397e machineconfiguration.openshift.io/desiredConfig: rendered-worker-e243752ad8d20ec187d724cba1f4397e machineconfiguration.openshift.io/reason: machineconfiguration.openshift.io/state: Done volumes.kubernetes.io/controller-managed-attach-detach: true CreationTimestamp: Tue, 15 Jun 2021 16:56:18 +0800 Taints: <none> Unschedulable: false Lease: HolderIdentity: compute3.ocp.syc.com AcquireTime: <unset> RenewTime: Fri, 25 Jun 2021 14:56:03 +0800 Conditions: Type Status LastHeartbeatTime LastTransitionTime Reason Message ---- ------ ----------------- ------------------ ------ ------- MemoryPressure False Fri, 25 Jun 2021 14:53:26 +0800 Tue, 22 Jun 2021 11:53:52 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available DiskPressure False Fri, 25 Jun 2021 14:53:26 +0800 ......... ``` ### 指令-創建 Secret #### 創建 Secret ``` $ oc create secret docker-registry --docker-server=[ HarborIP ] --docker-username=[ Harbor UserName ] --docker-password=[ Harbor PWD ] [ Secret Name ] ``` ### 指令-YAML檔撰寫(Deployment) #### 撰寫YAML 設定檔 ``` ------------ linebotCNS 創Deployments (指定workerNode) ------------ apiVersion: apps/v1 kind: Deployment metadata: name: cnslinebot labels: name: cnslinebot spec: replicas: 1 ===================> 指定运行的 Pod 副本數量 selector: matchLabels: app: cnslinebot ===============> | | template: 需相同 metadata: 否則會被API拒絕 labels: | app: cnslinebot ===============> | spec: #serviceAccountName: cnslinebot nodeSelector: =============================> 指定Node kubernetes.io/hostname: compute2.ocp.syc.com imagePullSecrets: - name: harbor-secret-linebotcns containers: - name: cnslinebot image: 192.168.50.11/kevin/cnslinebot ports: - name: cnslinebot containerPort: 5022 protocol: TCP ``` ### 指令-創建 Pod or Deployment #### 創建 <a style="color: red">Pod</a> ``` $ oc create -f [ YAML路徑檔 ] ``` #### 創建 <a style="color: red">Deployments</a> ``` $ oc apply -f [ YAML路徑檔 ] ``` * ### 指令-Deployment - ReplicaSet ( 個別 pod ) #### 查看當前被創建的 <a style="color: red">ReplicaSet</a> ``` $ oc get rs <ex Output> NAME DESIRED CURRENT READY AGE cnslinebot-7c7c8bb499 1 1 1 7d20h ``` #### 查看ReplicaSet 狀態 & 資訊 ``` $ oc describe rs/[ RS Name ] <ex> $ oc describe rs/cnslinebot-7c7c8bb499 [ Output ] Name: cnslinebot-7c7c8bb499 Namespace: cnslinebot Selector: app=cnslinebot,pod-template-hash=7c7c8bb499 Labels: app=cnslinebot pod-template-hash=7c7c8bb499 Annotations: deployment.kubernetes.io/desired-replicas: 1 deployment.kubernetes.io/max-replicas: 2 deployment.kubernetes.io/revision: 1 Controlled By: Deployment/cnslinebot Replicas: 1 current / 1 desired Pods Status: 1 Running / 0 Waiting / 0 Succeeded / 0 Failed Pod Template: Labels: app=cnslinebot pod-template-hash=7c7c8bb499 Containers: cnslinebot: Image: 192.168.50.11/kevin/cnslinebot Port: 5022/TCP Host Port: 0/TCP Environment: <none> Mounts: <none> Volumes: <none> Events: <none> ``` ### 指令-取得 Pod or Deployment #### 取得Deployments ``` $ oc get deploy <Output> NAME READY UP-TO-DATE AVAILABLE AGE cnslinebot 1/1 1 1 7d21h ``` #### 取得Pod ``` $ oc get pods <Output> NAME READY STATUS RESTARTS AGE cnslinebot-7c7c8bb499-xf6nn 1/1 Running 0 7d21h ``` ### 指令-Pod 運行詳細資訊 (YAML) #### 取得Pod 運行的YAML ``` $ oc get pods [ Pod Name ] -o yaml <ex Output> apiVersion: v1 kind: Pod metadata: creationTimestamp: "2020-02-12T07:06:16Z" generateName: frontend- labels: tier: frontend name: frontend-b2zdv namespace: default ownerReferences: ===========> Pods ReplicaSet 的信息被设置在此階層 - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: ReplicaSet name: frontend uid: f391f6db-bb9b-4c09-ae74-6a1f77f3d5cf ... ``` ### 指令-發佈 Pod or Deployment 於網頁 #### <a style="color: red">Expose Pod</a> AS Service ``` $ oc expose pod [ PodName ] --name=[ ServiceName ] ``` #### <a style="color: red">Expose Deployment</a> AS Service ``` $ oc expose deploy [ Deployment Name ] ``` ### 指令-取得Service #### 取得Service ``` $ oc get svc ``` ## Red Hat Advance Cluster Management ( 1223 ) ## 參考 #### [Deployment vs DeploymentConfig](https://ithelp.ithome.com.tw/articles/10245045) #### [Deployments ( ReplicaSet ) & Pod - YAML 創建說明](https://kubernetes.io/zh/docs/concepts/workloads/controllers/replicaset/) #### [Expose the Service to create the Route](https://docs.openshift.com/container-platform/3.4/dev_guide/expose_service/expose_internal_ip_service.html#exposing-service) #### [Node資訊詳細說明](https://docs.openshift.com/container-platform/4.1/nodes/nodes/nodes-nodes-viewing.html)