【发布时间】:2016-12-09 12:23:01
【问题描述】:
我在云中的虚拟机上设置了 openshift V3 一体机,所以我如何联系它,因为地址是私有的和内部的。 我想我必须用一些神奇的参数来启动 Vagrand,但我对它们一无所知。 谢谢
【问题讨论】:
标签: openshift-origin
【发布时间】:2016-12-09 12:23:01
【问题描述】:
在测试 Openshift 时,我在一个 Openstack 实例中部署了所有功能。 为了能够访问 Openshift,我必须更改 master-config.yaml 配置(在 VM 中位于 /var/lib/origin/openshift.local.config/master/master-config.yaml)
将内部 IP (10.2.2.2) 的所有引用更改为我的公共域 (https://my-domain.com:8443) 就可以了。
我还必须重新生成服务器证书,包括我的 Openstack 实例的公共 IP,这样:
oadm ca create-server-cert --cert=master.server.crt --key=master.server.key --signer-cert=/var/lib/origin/openshift.local.config/master/ca.crt --signer-key=/var/lib/origin/openshift.local.config/master/ca.key --signer-serial=/var/lib/origin/openshift.local.config/master/ca.serial.txt --hostnames=kubernetes.default.svc,kubernetes.default.svc.cluster.local,localhost,openshift.default.svc.cluster.local,127.0.0.1,10.2.2.2,yourdomain.com,yourpublicIP
希望对你有帮助
【讨论】:
-
您能否提供如何“重新生成服务器证书”的链接?
-
这非常有帮助,但不幸的是,我仍在努力让它发挥作用。使用提供的命令并向其中添加我自己的 LAN IP,我能够生成新的 master.server.crt 和 master.server.key,并替换 /var/lib/origin/openshift.local.config 中的现有对/master/,但这似乎还不够。我可以看到 /var/lib/origin/openshift.local.config/master/ 中有很多 crt/key 对。我必须重新生成所有这些吗?也许也在“../node-origin”目录中?谢谢你带我完成这个!
-
那些是需要重新生成的
-
在“答案”中添加了我的 cmets,以便更具体地了解我正在尝试的内容和结果。谢谢
这是我尝试过的(为了更好地记录我的尝试)
1 -
systemctl stop origin
2 -
oadm ca create-server-cert --cert=/var/lib/origin/openshift.local.config/master/master.server.crt --key=/var/lib/origin/openshift.local.config/master/master.server.key --signer-cert=/var/lib/origin/openshift.local.config/master/ca.crt --signer-key=/var/lib/origin/openshift.local.config/master/ca.key --signer-serial=/var/lib/origin/openshift.local.config/master/ca.serial.txt --hostnames=kubernetes.default.svc,kubernetes.default.svc.cluster.local,localhost,openshift.default.svc.cluster.local,127.0.0.1,192.168.76.120
3 -
编辑/var/lib/origin/openshift.local.config/master/master-config.yaml,将所有出现的“10.2.2.2”替换为“192.168.76.120”
4 -
编辑/etc/systemd/system/origin.service,将“10.2.2.2”替换为“192.168.76.120”
5 -
systemctl daemon-reload
6 -
systemctl start origin
按照这些步骤,我在 /var/log/messages 中得到以下信息:
Dec 29 21:12:29 localhost systemd: Starting Session 7 of user root.
Dec 29 21:13:30 localhost systemd: Starting OpenShift...
Dec 29 21:13:30 localhost openshift: W1229 16:13:30.512389 9725 start_master.go:272] Warning: assetConfig.loggingPublicURL: Invalid value: "": required to view aggregated container logs in the console, master start will continue.
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.525718 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.ClusterPolicyBinding: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.525809 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.ClusterPolicy: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526034 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.Policy: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526127 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.PolicyBinding: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526417 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.Group: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.527610 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go:154: Failed to list *api.LimitRange: Get https://10.2.2.2:8443/api/v1/limitranges?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.528199 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/lifecycle/admission.go:122: Failed to list *api.Namespace: Get https://10.2.2.2:8443/api/v1/namespaces?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530127 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go:154: Failed to list *api.LimitRange: Get https://10.2.2.2:8443/api/v1/limitranges?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530246 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/admission.go:103: Failed to list *api.ServiceAccount: Get https://10.2.2.2:8443/api/v1/serviceaccounts?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530309 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/admission.go:119: Failed to list *api.Secret: Get https://10.2.2.2:8443/api/v1/secrets?fieldSelector=type%3Dkubernetes.io%2Fservice-account-token&resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530494 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/resource_access.go:83: Failed to list *api.ResourceQuota: Get https://10.2.2.2:8443/api/v1/resourcequotas?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530524 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.OAuthAccessToken: client: etcd cluster is unavailable or misconfigured
【讨论】: