Openshift创建Router和Registry

Openshift创建Router和Registry:

[root@DockerServer openshift]# oadm policy add-scc-to-user privileged system:serviceacount:default:router

scc "privileged" added to: ["system:serviceacount:default:router"]

[root@DockerServer openshift]# oadm policy add-scc-to-user hostnetwork system:serviceaccount:default:router

scc "hostnetwork" added to: ["system:serviceaccount:default:router"]

[root@DockerServer openshift]# oadm policy add-scc-to-user privileged system:serviceaccount:default:router

scc "privileged" added to: ["system:serviceaccount:default:router"]

[root@DockerServer openshift]# oadm router router --replicas=1 --service-account=router

info: password for stats user admin has been set to gEpwLc6BC4

--> Creating router router ...

    serviceaccount "router" created

    clusterrolebinding "router-router-role" created

    deploymentconfig "router" created

    service "router" created

--> Success

Same way:

[root@DockerServer openshift]# oadm policy add-scc-to-user privileged -z router

scc "privileged" added to: ["system:serviceaccount:default:router"]

[root@DockerServer openshift]# oc adm policy add-scc-to-user hostnetwork -z router

scc "hostnetwork" added to: ["system:serviceaccount:default:router"]

[root@DockerServer openshift]# oc get pod -n default

NAME             READY     STATUS    RESTARTS   AGE

router-1-bd6f2   1/1       Running   0          4m

[root@DockerServer openshift]# ss -ltn|egrep -w "80|443"

LISTEN     0      128          *:80                       *:*

LISTEN     0      128          *:443                      *:*

[root@DockerServer openshift]# oadm registry --config=/opt/openshift/openshift.local.config/master/admin.kubeconfig --service-account=registry

--> Creating registry registry ...

    serviceaccount "registry" created

    clusterrolebinding "registry-registry-role" created

    deploymentconfig "docker-registry" created

    service "docker-registry" created

--> Success

[root@DockerServer openshift]# oc get pod

NAME                      READY     STATUS    RESTARTS   AGE

docker-registry-1-2kqtb   1/1       Running   0          1m

router-1-bd6f2            1/1       Running   0          29m

[root@DockerServer openshift]# vi /etc/sysconfig/docker

OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://docker.mirrors.ustc.edu.cn --insecure-registry=172.30.0.0/16'

[root@DockerServer openshift]# systemctl restart docker