본문 바로가기
CLOUD/Openshift

OCP 4.10.23 설치(openshift) - 5. infra node

1000maru 2022. 8. 27. 13:41
반응형
•Monitoring 과 Prometheus, ingress pod를 이동시킵니다.
•Taint and tolerations 사용
•Taint 설정 -> comfigmap 설정 -> configmap.yaml 작성 -> mcp 생성 -> mc 생성

 

 

openshift 자동완성 기능을 활성화 합니다.

oc completion bash | sudo tee /etc/bash_completion.d/openshift > /dev/null

 

secret 생성

htpasswd -bBc /root/htpasswd admin new1234!

oc create secret generic htpass-secret --from-file=htpasswd=/root/htpasswd -n openshift-config

oc edit oauth cluster
spec: <---—- 아래 내용 추가 ——-->
  identityProviders:
  - htpasswd:
      fileData:
        name: htpass-secret
    mappingMethod: claim
    name: ocp41023
    type: HTPasswd

oc adm policy add-cluster-role-to-user cluster-admin admin

 

 

테스트

oc login -u admin -p 'new1234!' https://api.maru.ocp4.com:6443

 

 

pod 위치 확인

oc get pod -n openshift-ingress -o wide
oc get pod -n openshift-monitoring -o wide

 

label 설정

oc label node infra01.maru.ocp4.com node-role.kubernetes.io/infra=""
oc label node infra01.maru.ocp4.com node-role.kubernetes.io/worker-
oc label node infra02.maru.ocp4.com node-role.kubernetes.io/infra=""
oc label node infra02.maru.ocp4.com node-role.kubernetes.io/worker-
oc get node -owide

 

ingresscontroller 수정(eidt으로 수정해도 됨)

oc patch ingresscontroller default -n openshift-ingress-operator --type=merge --patch='{"spec":{"nodePlacement":{"nodeSelector": {"matchLabels":{"node-role.kubernetes.io/infra":""}}}}}'

 

 

taint 설정

oc adm taint node infra01.maru.ocp4.com infra=reserved:NoSchedule
oc adm taint node infra01.maru.ocp4.com infra=reserved:NoExecute   
oc adm taint node infra02.maru.ocp4.com infra=reserved:NoSchedule
oc adm taint node infra02.maru.ocp4.com infra=reserved:NoExecute

 

node selector 추가

oc patch ingresscontroller default -n openshift-ingress-operator --type=merge --patch='{"spec":{"nodePlacement": {"nodeSelector": {"matchLabels": {"node-role.kubernetes.io/infra": ""}},"tolerations": [{"effect":"NoSchedule","key": "infra","value": "reserved"},{"effect":"NoExecute","key": "infra","value": "reserved"}]}}}'
oc patch config cluster --type=merge --patch='{"spec":{"nodeSelector": {"node-role.kubernetes.io/infra": ""},"tolerations": [{"effect":"NoSchedule","key": "infra","value": "reserved"},{"effect":"NoExecute","key": "infra","value": "reserved"}]}}'

 

comfigmap yaml file 생성

cat <<EOF>> monitoring.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: cluster-monitoring-config
  namespace: openshift-monitoring
data:
  config.yaml: |
    alertmanagerMain:
      nodeSelector:
        node-role.kubernetes.io/infra: ""
      tolerations:
      - key: infra
        value: reserved
        effect: NoSchedule
      - key: infra
        value: reserved
        effect: NoExecute
    prometheusK8s:
      nodeSelector:
        node-role.kubernetes.io/infra: ""
      tolerations:
      - key: infra
        value: reserved
        effect: NoSchedule
      - key: infra
        value: reserved
        effect: NoExecute
    prometheusOperator:
      nodeSelector:
        node-role.kubernetes.io/infra: ""
      tolerations:
      - key: infra
        value: reserved
        effect: NoSchedule
      - key: infra
        value: reserved
        effect: NoExecute
    grafana:
      nodeSelector:
        node-role.kubernetes.io/infra: ""
      tolerations:
      - key: infra
        value: reserved
        effect: NoSchedule
      - key: infra
        value: reserved
        effect: NoExecute
    k8sPrometheusAdapter:
      nodeSelector:
        node-role.kubernetes.io/infra: ""
      tolerations:
      - key: infra
        value: reserved
        effect: NoSchedule
      - key: infra
        value: reserved
        effect: NoExecute
    kubeStateMetrics:
      nodeSelector:
        node-role.kubernetes.io/infra: ""
      tolerations:
      - key: infra
        value: reserved
        effect: NoSchedule
      - key: infra
        value: reserved
        effect: NoExecute
    telemeterClient:
      nodeSelector:
        node-role.kubernetes.io/infra: ""
      tolerations:
      - key: infra
        value: reserved
        effect: NoSchedule
      - key: infra
        value: reserved
        effect: NoExecute
EOF

 

configmap 생성

oc create -f monitoring.yaml

 

mc, mcp 생성

# oc create -f infra.mcp.yaml

apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfigPool
metadata:
  name: infra
spec:
  machineConfigSelector:
    matchExpressions:
      - {key: machineconfiguration.openshift.io/role, operator: In, values: [worker,infra]}
  nodeSelector:
    matchLabels:
      node-role.kubernetes.io/infra: ""
	  
# oc create -f  infra.mc.yaml

apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  labels:
    machineconfiguration.openshift.io/role: infra
  name: 51-infra
spec:
  config:
    ignition:
      version: 2.2.0
    storage:
      files:
      - contents:
          source: data:,infra
        filesystem: root
        mode: 0644
        path: /etc/infratest

 

 

 

확인

 

 

 

 

반응형

'CLOUD > Openshift' 카테고리의 다른 글

OCP 4.10.23 설치(openshift) - 7. LDAP  (0) 2022.08.29
OCP 4.10.23 설치(openshift) - 6. pv  (0) 2022.08.28
OCP 4.10.23 설치(openshift) - 4. Install-config, bootstrap, master, worker  (0) 2022.08.26
OCP 4.10.23 설치(openshift) - 3. HA proxy, image mirror(cfssl)  (4) 2022.08.25
OCP 4.10.23 설치(openshift) - 2. DNS  (2) 2022.08.25

'CLOUD/Openshift' Related Articles

티스토리툴바