NSX ALB + Harbor + OpenShift 4.8 UPI安装配置实验笔记系列目录
目录
- oc new-project avi-demo
- kubectl -n avi-demo create deploy avi-demo --image=map.corp.tanzu/dyadin/avi-demo --replicas=3
注:使用oc new-app命令会调用openshift image straam,而image steam需要使挂载持久存储,此LAB中未配置,所以使用了kubectl命令直接新建deployment,oc new-app命令记录如下:
oc new-app map.corp.tanzu/dyadin/avi-demo:latest --name=avi-demo
1). 因avi-demo image的启动脚本需以root身份执行,而OCP环境默认是禁止POD以root身份运行的,所以需要先在OCP环境中先执行以下命令,向运行容器的服务帐户添加权限来启用它,否则会有下图中类似的“Permission denied”报错:
oc adm policy add-scc-to-user anyuid -z default
2). 新建一个项目
oc new-project avi-demo
3). 生成avi-demo.yaml
- cat << EOF > avi-demo.yaml
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: avi-demo
- namespace: avi-demo
- labels:
- app: avi-demo
- spec:
- replicas: 3
- selector:
- matchLabels:
- app: avi-demo
- template:
- metadata:
- labels:
- app: avi-demo
- spec:
- containers:
- - name: avi-demo
- image: map.corp.tanzu/dyadin/avi-demo:latest
- EOF
4). 应用yaml
oc apply -f avi-demo.yaml
5). 查看avi-demo pod运行情况:
oc -n avi-demo get pods -o wide
- oc project avi-demo
- oc expose deployment avi-demo --port=80 --target-port=80 --name=avi-demo-svc
1). 编辑yaml
- cat << EOF > avi-demo-svc.yaml
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: avi-demo-svc
- namespace: avi-demo
- spec:
- selector:
- app: avi-demo
- ports:
- - protocol: TCP
- port: 80
- targetPort: 80
- EOF
2). 应用yaml
oc apply -f avi-demo-svc.yaml
3). 查看service创建结果
oc -n avi-demo get svc
- oc project avi-demo
- oc expose svc avi-demo-svc --name=avi-demo-route
1). 编辑yaml
- cat << EOF > avi-demo-route.yaml
- ---
- apiVersion: route.openshift.io/v1
- kind: Route
- metadata:
- name: avi-demo-route
- namespace: avi-demo
- spec:
- path: /
- to:
- kind: Service
- name: avi-demo-svc
- port:
- targetPort: 80
- EOF
2). 应用yaml
oc apply -f avi-demo-route.yaml
3). 查看route创建结果
oc get route
4). 访问测试
因前面已配置了apps这个子域的委派,这里在没有配置AVI前,需要通过在本机hosts文件中添加记录才可以访问:
oc -n avi-demo get svc -o wide
oc -n avi-demo get svc -o yaml
oc -n avi-demo get route -o yaml
注:ingress Yaml中不能像官方文档那样在path后跟“/”,否则会无法自动生成对应的Route。
1). Annotations为edge模式
- cat << EOF > avi-demo-ingress-edge.yaml
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: avi-demo-ingress-edge
- annotations:
- route.openshift.io/termination: edge
- spec:
- ingressClassName: openshift-default
- rules:
- - host: avi-demo-ingress-edge.apps.ocp.corp.tanzu
- http:
- paths:
- - backend:
- service:
- name: avi-demo-svc
- port:
- number: 80
- pathType: ImplementationSpecific
- EOF
2). Annotations为Passthrough模式
- cat << EOF > avi-demo-ingress.yaml
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: avi-demo-ingress
- annotations:
- route.openshift.io/termination: passthrough
- spec:
- ingressClassName: openshift-default
- rules:
- - host: avi-demo-ingress-edge.apps.ocp.corp.tanzu
- http:
- paths:
- - backend:
- service:
- name: avi-demo-svc
- port:
- number: 80
- pathType: ImplementationSpecific
- EOF