-
Notifications
You must be signed in to change notification settings - Fork 29
/
Copy pathopenshift-origin-from-source.txt
220 lines (167 loc) · 8.6 KB
/
openshift-origin-from-source.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
# Preparation
yum check-update
yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
yum -y --enablerepo=epel install ansible pyOpenSSL
yum install docker wget git net-tools bind-utils iptables-services bridge-utils bash-completion
systemctl enable docker
echo ' add --insecure-registry 172.30.0.0/16 to /etc/sysconfig/docker'
reboot
# Install portainer
docker run -d -p 9000:9000 -v "/var/run/docker.sock:/var/run/docker.sock" portainer/portainer
######################################################################
# Download openshift versi 1.5
mkdir /SOURCE
cd /SOURCE
wget https://github.com/openshift/origin/releases/download/v1.5.0-rc.0/openshift-origin-server-v1.5.0-rc.0-49a4a7a-linux-64bit.tar.gz
wget https://github.com/openshift/origin/releases/download/v1.5.0-rc.0/openshift-origin-client-tools-v1.5.0-rc.0-49a4a7a-linux-64bit.tar.gz
tar xvzf openshift-origin-client-tools-v1.5.0-rc.0-49a4a7a-linux-64bit.tar.gz
tar xvzf openshift-origin-server-v1.5.0-rc.0-49a4a7a-linux-64bit.tar.gz
ln -s /SOURCE/openshift-origin-server-v1.5.0-rc.0-49a4a7a-linux-64bit /SOURCE/openshift-origin-server
ln -s /SOURCE/openshift-origin-client-tools-v1.5.0-rc.0-49a4a7a-linux-64bit /SOURCE/openshift-origin-client-tools
ln -s /SOURCE/openshift-origin-client-tools/oc /usr/sbin/
ln -s /SOURCE/openshift-origin-server/openshift /usr/sbin/
#oc cluster up
cat > /etc/profile.d/openshift.sh << '__EOF__'
export OPENSHIFT=/SOURCE/openshift-origin-server
export OPENSHIFT_VERSION=v1.5.0
export PATH=$OPENSHIFT:$PATH
export KUBECONFIG=$OPENSHIFT/openshift.local.config/master/admin.kubeconfig
export CURL_CA_BUNDLE=$OPENSHIFT/openshift.local.config/master/ca.crt
__EOF__
chmod 755 /etc/profile.d/openshift.sh
. /etc/profile.d/openshift.sh
# optional: pre-fetch required docker images
docker pull openshift/origin-pod:$OPENSHIFT_VERSION
docker pull openshift/origin-sti-builder:$OPENSHIFT_VERSION
docker pull openshift/origin-docker-builder:$OPENSHIFT_VERSION
docker pull openshift/origin-deployer:$OPENSHIFT_VERSION
docker pull openshift/origin-docker-registry:$OPENSHIFT_VERSION
docker pull openshift/origin-haproxy-router:$OPENSHIFT_VERSION
./openshift start --write-config=openshift.local.config
chmod +r $OPENSHIFT/openshift.local.config/master/admin.kubeconfig
chmod +r $OPENSHIFT/openshift.local.config/master/openshift-registry.kubeconfig
chmod +r $OPENSHIFT/openshift.local.config/master/openshift-router.kubeconfig
sed -i 's/router.default.svc.cluster.local/openshift.yusufhadiwinata.cloud/' \
$OPENSHIFT/openshift.local.config/master/master-config.yaml
firewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --permanent --zone=public --add-port=8443/tcp
firewall-cmd --reload
#nohup ./openshift start &
cat > /etc/systemd/system/openshift-origin.service << '__EOF__'
[Unit]
Description=Origin Master Service
After=docker.service
Requires=docker.service
[Service]
Restart=always
RestartSec=10s
ExecStart=/SOURCE/openshift-origin-server/openshift start
WorkingDirectory=/SOURCE/openshift-origin-server
[Install]
WantedBy=multi-user.target
__EOF__
systemctl daemon-reload
systemctl enable openshift-origin
systemctl start openshift-origin
######################################################################
oc login -u system:admin -n default
# to create an admin user for management
oadm policy add-cluster-role-to-user cluster-admin admin
# Install the integrated registry
mkdir /SOURCE/openshift-registry
#chcon -Rt svirt_sandbox_file_t /SOURCE/openshift-registry
chown 1001.root /SOURCE/openshift-registry
oadm policy add-scc-to-user privileged -z registry
oadm registry --service-account=registry --mount-host=/SOURCE/openshift-registry
# Verify registry terinstall
oc get svc docker-registry
# Install router
oadm policy add-scc-to-user hostnetwork -z router
oadm router router --replicas=1 --service-account=router
# Cek status router
oc status
######################################################################
# Install Install the default image-streams
cd /SOURCE
git clone https://github.com/openshift/openshift-ansible.git
cd openshift-ansible/roles/openshift_examples/files/examples/latest/
for f in image-streams/image-streams-centos7.json; do cat $f | oc create -n openshift -f -; done
for f in db-templates/*.json; do cat $f | oc create -n openshift -f -; done
for f in quickstart-templates/*.json; do cat $f | oc create -n openshift -f -; done
# Install Tomcat dan JBOSS EAP Image
cd examples/latest/
for f in jws30-tomcat7-mysql-persistent-s2i.json jws30-tomcat7-postgresql-persistent-s2i.json jws30-tomcat8-mysql-persistent-s2i.json jws30-tomcat8-postgresql-persistent-s2i.json ; do cat $f | oc create -n openshift -f -; done
for f in jws30-tomcat7-mysql-persistent-s2i.json jws30-tomcat7-postgresql-persistent-s2i.json jws30-tomcat8-mysql-persistent-s2i.json jws30-tomcat8-postgresql-persistent-s2i.json ; do cat $f | oc create -n openshift -f -; done
for f in eap64-mysql-persistent-s2i.json eap64-postgresql-persistent-s2i.json eap70-mysql-persistent-s2i.json eap70-postgresql-persistent-s2i.json ; do cat $f | oc create -n openshift -f -; done
######################################################################
yum install nfs-utils -y
mkdir -p /home/data/pv0001 /home/data/pv0002 /home/data/pv0003 /home/data/pv0004 /home/data/pv0005 /home/data/pv0006 /home/data/pv0007 /home/data/pv0008 /home/data/pv0009 /home/data/pv0010 /home/data/pv0011 /home/data/pv0012 /home/data/pv0013 /home/data/pv0014 /home/data/pv0015
chmod 777 /home/data/ -R
cat > /etc/exports << '__EOF__'
/home/data/pv0001 *(rw,sync,no_root_squash)
/home/data/pv0002 *(rw,sync,no_root_squash)
/home/data/pv0003 *(rw,sync,no_root_squash)
/home/data/pv0004 *(rw,sync,no_root_squash)
/home/data/pv0005 *(rw,sync,no_root_squash)
/home/data/pv0006 *(rw,sync,no_root_squash)
/home/data/pv0007 *(rw,sync,no_root_squash)
/home/data/pv0008 *(rw,sync,no_root_squash)
/home/data/pv0009 *(rw,sync,no_root_squash)
/home/data/pv0010 *(rw,sync,no_root_squash)
/home/data/pv0011 *(rw,sync,no_root_squash)
/home/data/pv0012 *(rw,sync,no_root_squash)
/home/data/pv0013 *(rw,sync,no_root_squash)
/home/data/pv0014 *(rw,sync,no_root_squash)
/home/data/pv0015 *(rw,sync,no_root_squash)
__EOF__
systemctl start nfs
exportfs -r
showmount -e localhost
oc get pv
mkdir /SOURCE/persisten-volume-claim
cd /SOURCE/persisten-volume-claim
cat > /SOURCE/persisten-volume-claim/pv.yml << '__EOF__'
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv0001
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
nfs:
path: /home/data/pv0001
server: localhost
persistentVolumeReclaimPolicy: Recycle
__EOF__
oc create -f pv.yml
ecoh "ulangin pada pv0002, pv0003, dst"
# Setting up a volume group and LVM thin pool on user specified block device
echo DEVS=/dev/sda >> /etc/sysconfig/docker-storage-setup
echo VG=docker-vg >> /etc/sysconfig/docker-storage-setup
docker-storage-setup
pvs
vgs
lvs
systemctl restart docker
Jenkins
https://github.com/openshift/origin/blob/master/examples/jenkins/README.md
######################################################################
Jenkins
https://github.com/openshift/origin/blob/master/examples/jenkins/README.md
ln -s /SOURCE/openshift-origin-server/oadm /usr/sbin/
oadm policy add-scc-to-group anyuid system:authenticated
oc new-app sameersbn/redis
oc new-app --template=postgresql-persistent -p POSTGRESQL_USER='admin' -p POSTGRESQL_PASSWORD='redhat' -p POSTGRESQL_DATABASE='gitlab'
# Create database, user dan set admin sebagai Superuser
psql template1
CREATE USER admin WITH PASSWORD 'redhat';
CREATE DATABASE gitlab;
GRANT ALL PRIVILEGES ON DATABASE gitlab to admin;
ALTER USER admin WITH SUPERUSER;
oc new-app sameersbn/gitlab --name=gitlab-ce -e 'GITLAB_HOST=http://gitlab-devops.router.default.svc.cluster.local' -e 'DB_TYPE=postgres' -e 'DB_HOST=172.30.107.188' -e 'DB_PORT=5432' -e 'DB_NAME=gitlab' -e 'DB_USER=admin' -e 'DB_PASS=redhat' -e 'REDIS_HOST=172.30.171.135' -e 'REDIS_PORT=6379' -e 'GITLAB_SECRETS_DB_KEY_BASE=fRW8HBMgNG3k2HsKnzjtlq3lz2VQHgDKKfRTfsBZpZLMcPFhxknLhQbssgQ3X79P' -e 'SMTP_ENABLED=true' -e 'SMTP_HOST=139.59.99.66' -e 'SMTP_PORT=25' -e '[email protected]' -e 'GITLAB_SECRETS_SECRET_KEY_BASE=6lvFt6JFgTKWxG68cZs9376MN8sgTVfBn69ckKRxcPFg3PQDPV4stqk3VpL9gZmg' -e GITLAB_SECRETS_OTP_KEY_BASE='dhFHRgPchrh345xnmSV7J26Vw9x88GrM7FBDH5NmWRhpNBjR69HWLwJphJQz4fll'
oc volumes dc/gitlab-ce --add --claim-name=gitlab-log --mount-path=/var/log/gitlab -t persistentVolumeClaim --overwrite
oc volumes dc/gitlab-ce --add --claim-name=gitlab-data --mount-path=/home/git/data -t persistentVolumeClaim --overwrite