├── .gitignore ├── .gitattributes ├── common.sh ├── all.sh ├── oc-up.sh ├── README_CN.md ├── README.md ├── Vagrantfile ├── ansible-hosts ├── master.sh └── LICENSE /.gitignore: -------------------------------------------------------------------------------- 1 | .vagrant/ -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | ansible-hosts linguist-language=Ansible 2 | Vagrantfile linguist-language=Ruby -------------------------------------------------------------------------------- /common.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2017 Liu Hongyu 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | #=== FUNCTION ================================================================ 19 | # NAME: version 20 | # DESCRIPTION: Convert a version string to integer 21 | # PARAMETER 1: Version string 22 | #=============================================================================== 23 | function version() { 24 | echo "$@" | awk -F "." '{ printf("%01d%03d\n", $1, $2); }' 25 | } 26 | -------------------------------------------------------------------------------- /all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2017 Liu Hongyu 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | OPENSHIFT_RELEASE="$1" 18 | # bash -c 'echo "export TZ=Asia/Shanghai" > /etc/profile.d/tz.sh' 19 | 20 | setenforce 0 21 | sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config 22 | 23 | yum -y install docker 24 | usermod -aG dockerroot vagrant 25 | cat > /etc/docker/daemon.json < \(.*\)$'` 26 | if expr "$link" : '/.*' > /dev/null; then 27 | PRG="$link" 28 | else 29 | PRG=`dirname "$PRG"`/"$link" 30 | fi 31 | done 32 | 33 | # Get standard environment variables 34 | PRGDIR=`dirname "$PRG"` 35 | 36 | readonly openshift_release=`cat Vagrantfile | grep '^OPENSHIFT_RELEASE' | awk -F'=' '{print $2}' | sed 's/^[[:blank:]\"]*//;s/[[:blank:]\"]*$//'` 37 | 38 | . "$PRGDIR/common.sh" 39 | 40 | vagrant up 41 | vagrant provision --provision-with master-key,node01-key,node02-key 42 | # Fix permission issue on Windows host (#13) 43 | vagrant ssh master -c 'chmod 600 /home/vagrant/.ssh/*.key' 44 | 45 | if [ "$(version $openshift_release)" -gt "$(version 3.7)" ]; then 46 | vagrant ssh master \ 47 | -c 'ansible-playbook /home/vagrant/openshift-ansible/playbooks/prerequisites.yml && 48 | ansible-playbook /home/vagrant/openshift-ansible/playbooks/deploy_cluster.yml' 49 | else 50 | vagrant ssh master \ 51 | -c 'ansible-playbook /home/vagrant/openshift-ansible/playbooks/byo/config.yml' 52 | fi 53 | -------------------------------------------------------------------------------- /README_CN.md: -------------------------------------------------------------------------------- 1 | # OpenShift Vagrant 2 | 3 | [![Licensed under Apache License version 2.0](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) 4 | 5 | > **☞ 通知** 6 | > 7 | > 本项目即将进入维护阶段,OKD 版本支持将停留在 `RELEASE-3.11`。事实上,由于我所在的公司的技术选型的变化,我已经有一段时间没有再涉及到 OpenShift 相关的技术了。另外,我的时间和精力也有限。 8 | > 9 | > 不过仍然欢迎志同道合的程序猿持续性项本想贡献代码,希望这个项目能让你的工作轻松一点,有时间喝杯咖啡~ 10 | 11 | ## 概述 12 | 13 | `OpenShift Vagrant` 项目旨在通过针对目前 OKD 各个主流版本进行预配置的 `Vagrantfile` 文件,使开发者在本机快速搭建真正的 OKD 集群环境。 14 | 15 | ## 先决条件 16 | 17 | - 主机的内存至少 8GB(OKD `3.11` 需要 16GB) 18 | - 预装 Oracle VirtualBox (v5.1.30) 19 | - 预装 Vagrant (v2.0或更高) 20 | - 预装 Vagrant 插件 vagrant-hostmanager (v1.8.7) 21 | 22 | ## OKD 版本支持 23 | 24 | 目前本项目预配置且支持以下几个 OKD 主版本,他们是: 25 | 26 | - [OKD v3.11(默认配置)](https://github.com/openshift/origin/releases/tag/v3.11.0) 27 | - [OKD v3.10](https://github.com/openshift/origin/releases/tag/v3.10.0) 28 | - [OKD v3.9 ](https://github.com/openshift/origin/releases/tag/v3.9.0) 29 | - [OKD v3.7](https://github.com/openshift/origin/releases/tag/v3.7.2) 30 | - [OKD v3.6](https://github.com/openshift/origin/releases/tag/v3.6.1) 31 | 32 | 不过,支持以后的其他主版本也非常容易,只需要修改对应文件中的版本戳之后另存为新的文件即可。 33 | 34 | Vagrant 配置文件默认使用 OKD `3.11` 和 openshift-ansible `release-3.11` 分支做为集群安装部署的版本,不过您也可以很容易更改这个默认值,只需要调整以下两个变量即可: 35 | 36 | 1. `OPENSHIFT_RELEASE` 37 | 2. `OPENSHIFT_ANSIBLE_BRANCH` 38 | 39 | 调整时请注意 Origin 版本和 openshift-ansible 分支的对应关系,具体见下表: 40 | 41 | | OKD 版本 | openshift-ansible 分支 | 42 | | --- | --- | 43 | | 3.11.x | release-3.11 | 44 | | 3.10.x | release-3.10 | 45 | | 3.9.x | release-3.9 | 46 | | 3.7.x | release-3.7 | 47 | | 3.6.x | release-3.6 | 48 | 49 | 50 | ## 使用方法 51 | 52 | 在调整了对应的版本之后,接下来就可以准备启动 Vagrant 虚拟机和部署 OKD 集群了。 53 | 54 | Vagrant 会创建并启动三台 VirtualBox 虚拟机,网段由变量 `NETWORK_BASE` 指定。 具体信息如下表: 55 | 56 | | VM 节点 | 节点 IP | 角色 | 57 | | --- | --- | --- | 58 | | master | #{NETWORK_BASE}.101 | node, master, etcd | 59 | | node01 | #{NETWORK_BASE}.102 | node | 60 | | node02 | #{NETWORK_BASE}.103 | node | 61 | 62 | ### 启动 Vagrant 虚拟机 63 | 64 | ```bash 65 | $ vagrant up 66 | ``` 67 | 68 | ### 设置节点间互访的 SSH 秘钥 69 | 70 | ```bash 71 | $ vagrant provision --provision-with master-key,node01-key,node02-key 72 | ``` 73 | 74 | ### 安装并部署 OKD 集群 75 | 76 | 安装 Origin 3.7 或之前的版本时,运行以下命令: 77 | 78 | ```bash 79 | $ vagrant ssh master -c 'ansible-playbook /home/vagrant/openshift-ansible/playbooks/byo/config.yml' 80 | ``` 81 | 82 | 安装 Origin 3.8 以上版本时,运行以下命令: 83 | 84 | ```bash 85 | vagrant ssh master \ 86 | -c 'ansible-playbook /home/vagrant/openshift-ansible/playbooks/prerequisites.yml && 87 | ansible-playbook /home/vagrant/openshift-ansible/playbooks/deploy_cluster.yml' 88 | ``` 89 | 90 | ### `oc-up.sh` 91 | 92 | 以上三个启动步骤已经组织到一个 Shell 脚本中,您只需要在项目主目录执行以下命令既可完成所有启动步骤: 93 | 94 | ```bash 95 | $ ./oc-up.sh 96 | ``` 97 | 98 | ### 访问 Web Console 99 | 100 | 在浏览器中打开 https://master.example.com:8443/ ,若一切正常,您将会看见 Origin 的登陆页面。默认的登陆账户为 **admin/handhand** 101 | 102 | *Have fun with OKD and Vagrant :p* -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # OpenShift Vagrant | [中文](README_CN.md) 2 | 3 | [![Licensed under Apache License version 2.0](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) 4 | 5 | > **☞ Notice** 6 | > 7 | > This project will be at maintainance stage and the OKD version support remains on `RELEASE-3.11`. It's been a while that openshift isn't a part of my work life and I have no time to maintain compatibility with the next openshift releases. 8 | > 9 | > Any contributions are warmly welcomed at any time! I hope the project can make your life easy for a cup of coffee. 10 | 11 | ## Overview 12 | 13 | The `OpenShift Vagrant` project aims to make it easy to bring up a real OKD cluster by provisioning pre-configured `Vagrantfile` of several major releases of OKD on your local machine. 14 | 15 | ## Prerequisites 16 | 17 | - Host machine must have at least 8GB memory (16GB for OKD `3.11`) 18 | - Oracle VirtualBox installed on your host machine 19 | - Vagrant (2.0 or above) installed on your host machine 20 | - Vagrant plugin `vagrant-hostmanager` must be installed 21 | 22 | ## OKD Version Support 23 | 24 | Currently this project pre-configured and support the following major versions of the OKD: 25 | 26 | - [OKD v3.11 (default)](https://github.com/openshift/origin/releases/tag/v3.11.0) 27 | - [OKD v3.10](https://github.com/openshift/origin/releases/tag/v3.10.0) 28 | - [OKD v3.9](https://github.com/openshift/origin/releases/tag/v3.9.0) 29 | - [OKD v3.7](https://github.com/openshift/origin/releases/tag/v3.7.2) 30 | - [OKD v3.6](https://github.com/openshift/origin/releases/tag/v3.6.1) 31 | 32 | But, it's very easy to customize the respected ansible hosts file in order to support other incoming major versions. 33 | 34 | The `Vagrantfile` uses Origin `3.11` and openshift-ansible `release-3.11` branch by default. Feel free to adjust your versions by updating the following 2 variables in Vagrantfile: 35 | 36 | 1. `OPENSHIFT_RELEASE` 37 | 2. `OPENSHIFT_ANSIBLE_BRANCH` 38 | 39 | The following table lists the corresponding version relationships between Origin and openshift-ansible: 40 | 41 | | OKD version | openshift-ansible branch | 42 | | --- | --- | 43 | | 3.11.x | release-3.11 | 44 | | 3.10.x | release-3.10 | 45 | | 3.9.x | release-3.9 | 46 | | 3.7.x | release-3.7 | 47 | | 3.6.x | release-3.6 | 48 | 49 | 50 | ## Getting Started 51 | 52 | After adjusting your expected version information, now it's time to bring your cluster up and running. 53 | 54 | This Vagrantfile will create 3 VMs in VirtualBox and the network base will be specified by variable `NETWORK_BASE`. 55 | 56 | Checkout the table below for more details: 57 | 58 | | VM Node | Private IP | Roles | 59 | | --- | --- | --- | 60 | | master | #{NETWORK_BASE}.101 | node, master, etcd | 61 | | node01 | #{NETWORK_BASE}.102 | node | 62 | | node02 | #{NETWORK_BASE}.103 | node | 63 | 64 | ### Bring Vagrant Up 65 | 66 | ```bash 67 | $ vagrant up 68 | ``` 69 | 70 | ### Provisioning Private Keys 71 | 72 | ```bash 73 | $ vagrant provision --provision-with master-key,node01-key,node02-key 74 | ``` 75 | 76 | ### Install Origin Cluster Using Ansible 77 | 78 | Run the following command if you would like to install origin previous to **release-3.8**: 79 | 80 | ```bash 81 | $ vagrant ssh master -c 'ansible-playbook /home/vagrant/openshift-ansible/playbooks/byo/config.yml' 82 | ``` 83 | 84 | Run the following command for origin 3.8 or above: 85 | 86 | ```bash 87 | vagrant ssh master \ 88 | -c 'ansible-playbook /home/vagrant/openshift-ansible/playbooks/prerequisites.yml && 89 | ansible-playbook /home/vagrant/openshift-ansible/playbooks/deploy_cluster.yml' 90 | ``` 91 | 92 | ### `oc-up.sh` 93 | 94 | The above 3 steps have been grouped together as one script for you. To bring your cluster up, just use the following command: 95 | 96 | ```bash 97 | $ ./oc-up.sh 98 | ``` 99 | 100 | ### Open Web Console 101 | 102 | In browser of your host, open the following page: https://master.example.com:8443/ and you should see OpenShift Web Console login page. The default login account is **admin/handhand** 103 | 104 | *Have fun with OKD and Vagrant :p* -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | # 4 | # Copyright 2017 Liu Hongyu 5 | # 6 | # Licensed under the Apache License, Version 2.0 (the "License"); 7 | # you may not use this file except in compliance with the License. 8 | # You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | 19 | OPENSHIFT_RELEASE = "3.11" 20 | OPENSHIFT_ANSIBLE_BRANCH = "release-#{OPENSHIFT_RELEASE}" 21 | NETWORK_BASE = "192.168.160" 22 | INTEGRATION_START_SEGMENT = 101 23 | 24 | # All Vagrant configuration is done below. The "2" in Vagrant.configure 25 | # configures the configuration version (we support older styles for 26 | # backwards compatibility). Please don't change it unless you know what 27 | # you're doing. 28 | Vagrant.configure("2") do |config| 29 | # The most common configuration options are documented and commented below. 30 | # For a complete reference, please see the online documentation at 31 | # https://docs.vagrantup.com. 32 | 33 | # Every Vagrant development environment requires a box. You can search for 34 | # boxes at https://vagrantcloud.com/search. 35 | config.vm.box = "centos/7" 36 | config.vm.box_check_update = false 37 | 38 | # if Vagrant.has_plugin?('landrush') 39 | # config.landrush.enabled = true 40 | # config.landrush.tld = 'example.com' 41 | # config.landrush.guest_redirect_dns = false 42 | # end 43 | 44 | config.hostmanager.enabled = true 45 | config.hostmanager.manage_host = true 46 | config.hostmanager.ignore_private_ip = false 47 | 48 | config.vm.provision "shell", inline: <<-SHELL 49 | /vagrant/all.sh #{OPENSHIFT_RELEASE} 50 | SHELL 51 | 52 | config.vm.provider "virtualbox" do |vb| 53 | vb.memory = "2048" 54 | vb.cpus = "1" 55 | end 56 | 57 | # Define nodes 58 | (1..2).each do |i| 59 | config.vm.define "node0#{i}" do |node| 60 | node.vm.network "private_network", ip: "#{NETWORK_BASE}.#{INTEGRATION_START_SEGMENT + i}" 61 | node.vm.hostname = "node0#{i}.example.com" 62 | 63 | if "#{i}" == "1" 64 | node.hostmanager.aliases = %w(lb.example.com) 65 | end 66 | end 67 | end 68 | 69 | # Define master 70 | config.vm.define "master", primary: true do |node| 71 | node.vm.network "private_network", ip: "#{NETWORK_BASE}.#{INTEGRATION_START_SEGMENT}" 72 | # Fix hostname override issue https://github.com/eliu/openshift-vagrant/issues/10 73 | # node.vm.hostname = "master.example.com" 74 | node.hostmanager.aliases = %w(master.example.com etcd.example.com nfs.example.com) 75 | 76 | # 77 | # Memory of the master node must be allocated at least 2GB in order to 78 | # prevent kubernetes crashed-down due to 'out of memory' and you'll end 79 | # up with 80 | # "Unable to restart service origin-master: Job for origin-master.service 81 | # failed because a timeout was exceeded. See "systemctl status 82 | # origin-master.service" and "journalctl -xe" for details." 83 | # 84 | # See https://github.com/kubernetes/kubernetes/issues/13382#issuecomment-154891888 85 | # for mor details. 86 | # 87 | node.vm.provider "virtualbox" do |vb| 88 | vb.memory = "4096" 89 | end 90 | 91 | node.vm.provision "shell", inline: <<-SHELL 92 | # Setting hostname manually to prevent "Could not find csr for nodes" error 93 | # Issue: https://github.com/eliu/openshift-vagrant/issues/12 94 | # Workaround: https://bugzilla.redhat.com/show_bug.cgi?id=1625911#c43 95 | hostnamectl set-hostname master.example.com 96 | 97 | # Trick to acclerate the cloning speed from GitHub 98 | # echo "151.101.72.249 github.global.ssl.fastly.net" >> /etc/hosts 99 | # echo "192.30.253.113 github.com" >> /etc/hosts 100 | 101 | /vagrant/master.sh #{OPENSHIFT_RELEASE} #{OPENSHIFT_ANSIBLE_BRANCH} #{NETWORK_BASE} 102 | SHELL 103 | 104 | # Deploy private keys of each node to master 105 | if File.exist?(".vagrant/machines/master/virtualbox/private_key") 106 | node.vm.provision "master-key", type: "file", run: "never", source: ".vagrant/machines/master/virtualbox/private_key", destination: "/home/vagrant/.ssh/master.key" 107 | end 108 | 109 | if File.exist?(".vagrant/machines/node01/virtualbox/private_key") 110 | node.vm.provision "node01-key", type: "file", run: "never", source: ".vagrant/machines/node01/virtualbox/private_key", destination: "/home/vagrant/.ssh/node01.key" 111 | end 112 | 113 | if File.exist?(".vagrant/machines/node02/virtualbox/private_key") 114 | node.vm.provision "node02-key", type: "file", run: "never", source: ".vagrant/machines/node02/virtualbox/private_key", destination: "/home/vagrant/.ssh/node02.key" 115 | end 116 | end 117 | end 118 | -------------------------------------------------------------------------------- /ansible-hosts: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright 2017 Liu Hongyu 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | 17 | # Create an OSEv3 group that contains the masters and nodes groups 18 | [OSEv3:children] 19 | masters 20 | nodes 21 | etcd 22 | 23 | # Set variables common for all OSEv3 hosts 24 | [OSEv3:vars] 25 | # SSH user, this user should allow ssh based auth without requiring a password 26 | ansible_ssh_user=vagrant 27 | 28 | # If ansible_ssh_user is not root, ansible_become must be set to true 29 | ansible_become=true 30 | 31 | openshift_deployment_type=origin 32 | openshift_release='{{OPENSHIFT_RELEASE}}' 33 | 34 | # Specify an exact rpm version to install or configure. 35 | # WARNING: This value will be used for all hosts in RPM based environments, even those that have another version installed. 36 | # This could potentially trigger an upgrade and downtime, so be careful with modifying this value after the cluster is set up. 37 | #openshift_pkg_version=-{{OPENSHIFT_PKG_VERSION}} 38 | 39 | # uncomment the following to enable htpasswd authentication; defaults to DenyAllPasswordIdentityProvider 40 | openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'{{HTPASSWORD_FILENAME}}}] 41 | # Default login account: admin / handhand 42 | openshift_master_htpasswd_users={'admin': '$apr1$gfaL16Jf$c.5LAvg3xNDVQTkk6HpGB1'} 43 | 44 | openshift_disable_check=disk_availability,memory_availability,docker_storage,docker_image_availability 45 | openshift_docker_options=" --selinux-enabled --log-driver=journald --storage-driver=overlay --registry-mirror=http://4a0fee72.m.daocloud.io " 46 | 47 | # 48 | # Author's Note 49 | # 50 | # Disable service catalog and TSB install 51 | # These 2 component will lead to a failed install during tasks of Running Verification (120 tries) 52 | # This might happen only in China so far. The workaround is to enable VPN during the verification. 53 | # 54 | openshift_enable_service_catalog=false 55 | template_service_broker_install=false 56 | 57 | # openshift_hosted_manage_registry=false 58 | 59 | # OpenShift Router Options 60 | # Router selector (optional) 61 | # Router will only be created if nodes matching this label are present. 62 | # Default value: 'region=infra' 63 | # openshift_router_selector='node-role.kubernetes.io/infra=true' 64 | # openshift_registry_selector='node-role.kubernetes.io/infra=true' 65 | 66 | # default subdomain to use for exposed routes 67 | openshift_master_default_subdomain=openshift.example.com 68 | 69 | # host group for masters 70 | [masters] 71 | master.example.com openshift_ip={{NETWORK_BASE}}.101 openshift_host={{NETWORK_BASE}}.101 ansible_ssh_private_key_file="/home/vagrant/.ssh/master.key" 72 | 73 | # host group for etcd 74 | [etcd] 75 | master.example.com openshift_ip={{NETWORK_BASE}}.101 openshift_host={{NETWORK_BASE}}.101 ansible_ssh_private_key_file="/home/vagrant/.ssh/master.key" 76 | # 77 | # host group for nodes, includes region info 78 | # For openshift_node_labels strategies, the following reference links might be helpful 79 | # to understand why we choose this current solution: 80 | # - https://github.com/openshift/openshift-ansible#setup 81 | # - https://github.com/openshift/openshift-ansible#node-group-definition-and-mapping 82 | # - https://docs.okd.io/3.7/install_config/install/advanced_install.html#configuring-node-host-labels 83 | # - https://docs.okd.io/3.9/install_config/install/advanced_install.html#configuring-node-host-labels 84 | # - https://docs.okd.io/3.10/install/configuring_inventory_file.html#configuring-node-host-labels 85 | # 86 | # The default node selector for 87 | # release-3.9 ( or prev versions ): 'region=infra' 88 | # release-3.10: 'node-role.kubernetes.io/infra=true' 89 | # 90 | # But release-3.9 starts to enable node roles features. For backward compatibilities, we 91 | # override the default values of openshift_router_selector and openshift_registry_selector 92 | # from 'region=infra' to 'node-role.kubernetes.io/infra=true' 93 | # 94 | # @update on 2019/06/27 95 | # Somehow, the etcd is forced to deployed as container form, which caused 96 | # "Wait for control plane pods to appear" issue and resulted in failures at last. 97 | # For more details about this discussions, please visit: 98 | # https://github.com/eliu/openshift-vagrant/issues/10 99 | # Advice has been taken from the issue discussion above and thanks to @Voronenko ! 100 | # The trick is to add ansible variables "ontainerized=false etcd_ip={ip}" to force 101 | # master node use traditional way to install ECTD instead of containerization. 102 | # 103 | [nodes] 104 | master.example.com containerized=false etcd_ip={{NETWORK_BASE}}.101 openshift_ip={{NETWORK_BASE}}.101 openshift_host={{NETWORK_BASE}}.101 ansible_ssh_private_key_file="/home/vagrant/.ssh/master.key" openshift_schedulable=true {{NODE_GROUP_MASTER_INFRA}} 105 | node01.example.com openshift_ip={{NETWORK_BASE}}.102 openshift_host={{NETWORK_BASE}}.102 ansible_ssh_private_key_file="/home/vagrant/.ssh/node01.key" openshift_schedulable=true {{NODE_GROUP_COMPUTE}} 106 | node02.example.com openshift_ip={{NETWORK_BASE}}.103 openshift_host={{NETWORK_BASE}}.103 ansible_ssh_private_key_file="/home/vagrant/.ssh/node02.key" openshift_schedulable=true {{NODE_GROUP_COMPUTE}} 107 | -------------------------------------------------------------------------------- /master.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2017-present Liu Hongyu 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | OPENSHIFT_RELEASE="$1" 18 | OPENSHIFT_ANSIBLE_BRANCH="$2" 19 | NETWORK_BASE="$3" 20 | VAGRANT_HOME="/home/vagrant" 21 | 22 | # Sourcing common functions 23 | . /vagrant/common.sh 24 | 25 | #=== FUNCTION ================================================================ 26 | # NAME: install_packages 27 | # DESCRIPTION: Install all prerequisite packages 28 | # PARAMETER 1: None 29 | #=============================================================================== 30 | function install_packages() { 31 | yum -y install git net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct unzip 32 | if [[ "$(version ${OPENSHIFT_RELEASE})" -gt "$(version 3.7)" ]]; then 33 | yum -y install https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.6.6-1.el7.ans.noarch.rpm 34 | else 35 | yum -y install https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.5.9-1.el7.ans.noarch.rpm 36 | fi 37 | } 38 | 39 | #=== FUNCTION ================================================================ 40 | # NAME: calculate_host_vars 41 | # DESCRIPTION: Set host vars based on openshift release version 42 | # PARAMETER 1: None 43 | #=============================================================================== 44 | function calculate_host_vars() { 45 | # Pre-define all possible openshift node groups 46 | HTPASSWORD_FILENAME=", 'filename': '/etc/origin/master/htpasswd'" 47 | 48 | # Prevent error "provider HTPasswdPasswordIdentityProvider contains unknown keys filename" 49 | # when openshift version is 3.10 or above. 50 | if [[ "$(version ${OPENSHIFT_RELEASE})" -ge "$(version 3.10)" ]]; then 51 | NODE_GROUP_MASTER="openshift_node_group_name='node-config-master'" 52 | NODE_GROUP_INFRA="openshift_node_group_name='node-config-infra'" 53 | NODE_GROUP_COMPUTE="openshift_node_group_name='node-config-compute'" 54 | NODE_GROUP_MASTER_INFRA="openshift_node_group_name='node-config-master-infra'" 55 | NODE_GROUP_ALLINONE="openshift_node_group_name='node-config-all-in-one'" 56 | unset HTPASSWORD_FILENAME 57 | else 58 | NODE_GROUP_MASTER="openshift_node_labels=\"{'node-role.kubernetes.io/master': true}\"" 59 | NODE_GROUP_INFRA="openshift_node_labels=\"{'node-role.kubernetes.io/infra': true}\"" 60 | NODE_GROUP_COMPUTE="openshift_node_labels=\"{'node-role.kubernetes.io/compute': true}\"" 61 | NODE_GROUP_MASTER_INFRA="openshift_node_labels=\"{'node-role.kubernetes.io/infra': true, 'node-role.kubernetes.io/master': true}\"" 62 | NODE_GROUP_ALLINONE="openshift_node_labels=\"{'node-role.kubernetes.io/infra': true, 'node-role.kubernetes.io/master': true, 'node-role.kubernetes.io/compute': true}\"" 63 | fi 64 | } 65 | 66 | #=== FUNCTION ================================================================ 67 | # NAME: generate_ansible_hosts 68 | # DESCRIPTION: Genernate ansible host file into /etc/ansible/hosts 69 | # PARAMETER 1: None 70 | #=============================================================================== 71 | function generate_ansible_hosts() { 72 | calculate_host_vars 73 | cat /vagrant/ansible-hosts \ 74 | | sed "s~{{OPENSHIFT_RELEASE}}~${OPENSHIFT_RELEASE}~g" \ 75 | | sed "s~{{NETWORK_BASE}}~${NETWORK_BASE}~g" \ 76 | | sed "s~{{NODE_GROUP_MASTER}}~${NODE_GROUP_MASTER}~g" \ 77 | | sed "s~{{NODE_GROUP_INFRA}}~${NODE_GROUP_INFRA}~g" \ 78 | | sed "s~{{NODE_GROUP_COMPUTE}}~${NODE_GROUP_COMPUTE}~g" \ 79 | | sed "s~{{NODE_GROUP_MASTER_INFRA}}~${NODE_GROUP_MASTER_INFRA}~g" \ 80 | | sed "s~{{NODE_GROUP_ALLINONE}}~${NODE_GROUP_ALLINONE}~g" \ 81 | | sed "s~{{HTPASSWORD_FILENAME}}~${HTPASSWORD_FILENAME}~g" \ 82 | > /etc/ansible/hosts 83 | } 84 | 85 | #=== FUNCTION ================================================================ 86 | # NAME: setup_ssh 87 | # DESCRIPTION: Setup ssh with NO strict host key checking 88 | # PARAMETER 1: None 89 | #=============================================================================== 90 | function setup_ssh() { 91 | mkdir -p $VAGRANT_HOME/.ssh 92 | bash -c "echo 'Host *' >> $VAGRANT_HOME/.ssh/config" 93 | bash -c "echo 'StrictHostKeyChecking no' >> $VAGRANT_HOME/.ssh/config" 94 | chmod 600 $VAGRANT_HOME/.ssh/config 95 | } 96 | 97 | #=== FUNCTION ================================================================ 98 | # NAME: perform_setup 99 | # DESCRIPTION: Perform setup process 100 | # PARAMETER 1: None 101 | #=============================================================================== 102 | function perform_setup() { 103 | setup_ssh && generate_ansible_hosts 104 | } 105 | 106 | #=== FUNCTION ================================================================ 107 | # NAME: fetch_repo 108 | # DESCRIPTION: Fetch repo archive based on openshift release version 109 | # PARAMETER 1: None 110 | #=============================================================================== 111 | function fetch_repo() { 112 | echo "Downloading openshit-ansible repo (${OPENSHIFT_ANSIBLE_BRANCH}) ..." 113 | curl -sSL https://github.com/openshift/openshift-ansible/archive/${OPENSHIFT_ANSIBLE_BRANCH}.zip \ 114 | > $VAGRANT_HOME/${OPENSHIFT_ANSIBLE_BRANCH}.zip 115 | unzip ${OPENSHIFT_ANSIBLE_BRANCH}.zip -d $VAGRANT_HOME 116 | mv $VAGRANT_HOME/openshift-ansible-${OPENSHIFT_ANSIBLE_BRANCH} $VAGRANT_HOME/openshift-ansible 117 | } 118 | 119 | #=== FUNCTION ================================================================ 120 | # NAME: perform_chown 121 | # DESCRIPTION: Change all files and directories inside $VAGRANT_HOME 122 | # PARAMETER 1: None 123 | #=============================================================================== 124 | function perform_chown() { 125 | chown -R vagrant:vagrant $VAGRANT_HOME 126 | } 127 | 128 | #=== FUNCTION ================================================================ 129 | # NAME: main 130 | # DESCRIPTION: The main entrypoint of the script 131 | # PARAMETER 1: None 132 | #=============================================================================== 133 | function main() { 134 | install_packages 135 | perform_setup 136 | fetch_repo 137 | perform_chown 138 | } 139 | 140 | main $@ 141 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | --------------------------------------------------------------------------------