NSX ALB + Harbor + OpenShift 4.8 UPI安装配置实验笔记系列目录
目录
1 部署avi-demo Deployment
1.1 命令行方式新建
oc new-project avi-demo
kubectl -n avi-demo create deploy avi-demo --image=map.corp.tanzu/dyadin/avi-demo --replicas=3
注:
使用oc new-app命令会调用openshift image straam,而image steam需要使挂载持久存储,此LAB中未配置,所以使用了kubectl命令直接新建deployment,oc new-app命令记录如下:
oc new-app map.corp.tanzu/dyadin/avi-demo:latest --name=avi-demo
1.2 yaml方式新建
1). 因avi-demo image的启动脚本需以root身份执行,而OCP环境默认是禁止POD以root身份运行的,所以需要先在OCP环境中先执行以下命令,向运行容器的服务帐户添加权限来启用它,否则会有下图中类似的“Permission denied”报错:
oc adm policy add-scc-to-user anyuid -z default2). 新建一个项目
oc new-project avi-demo3). 生成avi-demo.yaml
cat << EOF > avi-demo.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: avi-demo
namespace: avi-demo
labels:
app: avi-demo
spec:
replicas: 3
selector:
matchLabels:
app: avi-demo
template:
metadata:
labels:
app: avi-demo
spec:
containers:
- name: avi-demo
image: map.corp.tanzu/dyadin/avi-demo:latest
EOF4). 应用yaml
oc apply -f avi-demo.yaml5). 查看avi-demo pod运行情况:
oc -n avi-demo get pods -o wide
2 新建avi-demo service
2.1 命令行方式新建
oc project avi-demo
oc expose deployment avi-demo --port=80 --target-port=80 --name=avi-demo-svc
2.2 yaml方式新建
1). 编辑yaml
cat << EOF > avi-demo-svc.yaml
---
apiVersion: v1
kind: Service
metadata:
name: avi-demo-svc
namespace: avi-demo
spec:
selector:
app: avi-demo
ports:
- protocol: TCP
port: 80
targetPort: 80
EOF2). 应用yaml
oc apply -f avi-demo-svc.yaml3). 查看service创建结果
oc -n avi-demo get svc
3 为avi-demo service新建route
3.1 命令行方式新建
oc project avi-demo
oc expose svc avi-demo-svc --name=avi-demo-route
3.2 yaml方式新建
1). 编辑yaml
cat << EOF > avi-demo-route.yaml
---
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: avi-demo-route
namespace: avi-demo
spec:
path: /
to:
kind: Service
name: avi-demo-svc
port:
targetPort: 80
EOF2). 应用yaml
oc apply -f avi-demo-route.yaml3). 查看route创建结果
oc get route
4). 访问测试
因前面已配置了apps这个子域的委派,这里在没有配置AVI前,需要通过在本机hosts文件中添加记录才可以访问:
4 配置信息检查
4.1 查看SVC和Route信息
oc -n avi-demo get svc -o wide
4.2 查看SVC和Route yaml
oc -n avi-demo get svc -o yaml
oc -n avi-demo get route -o yaml
4.3 OCP console页面查看配置
5 Ingress应用发布测试
注:
ingress Yaml中不能像官方文档那样在path后跟“/”,否则会无法自动生成对应的Route。
1). Annotations为edge模式
cat << EOF > avi-demo-ingress-edge.yaml
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: avi-demo-ingress-edge
annotations:
route.openshift.io/termination: edge
spec:
ingressClassName: openshift-default
rules:
- host: avi-demo-ingress-edge.apps.ocp.corp.tanzu
http:
paths:
- backend:
service:
name: avi-demo-svc
port:
number: 80
pathType: ImplementationSpecific
EOF2). Annotations为Passthrough模式
cat << EOF > avi-demo-ingress.yaml
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: avi-demo-ingress
annotations:
route.openshift.io/termination: passthrough
spec:
ingressClassName: openshift-default
rules:
- host: avi-demo-ingress-edge.apps.ocp.corp.tanzu
http:
paths:
- backend:
service:
name: avi-demo-svc
port:
number: 80
pathType: ImplementationSpecific
EOF
