1
클라우드의 VM에서 오픈 시프트 V3 복합기를 설정 했으므로 주소가 비공개 및 내부로되어 있으므로 어떻게 연락 할 수 있습니까? 나는 마술 매개 변수로 Vagrand를 시작해야한다고 생각하지만, 나는 그것에 대해 단서가 없습니다. 감사합니다공개 입찰로 개인 주소를 다시 지정하는 방법
A
답변
0
Openshift를 테스트 할 때 Openstack 인스턴스에 하나의 VM에 모두를 배포했습니다. Openshift에 액세스하려면 master-config.yaml 구성 (VM의 /var/lib/origin/openshift.local.config/master/master-config.yaml에 있음)을 변경해야했습니다.
내부 IP (10.2.2.2)의 모든 참조를 공개 도메인 (https://my-domain.com:8443)으로 변경하는 것이 트릭입니다.
가 나는 또한 내 OpenStack은 인스턴스의 공용 IP를 포함하여 서버 인증서를 재생했다,이 방법 :oadm ca create-server-cert --cert=master.server.crt --key=master.server.key --signer-cert=/var/lib/origin/openshift.local.config/master/ca.crt --signer-key=/var/lib/origin/openshift.local.config/master/ca.key --signer-serial=/var/lib/origin/openshift.local.config/master/ca.serial.txt --hostnames=kubernetes.default.svc,kubernetes.default.svc.cluster.local,localhost,openshift.default.svc.cluster.local,127.0.0.1,10.2.2.2,yourdomain.com,yourpublicIP
희망이 답변에 (
여기
0
내가 무엇을 시도했다입니다 도움 더 좋은 문서 내 시도)에
1 -
systemctl stop origin
2-
oadm ca create-server-cert --cert=/var/lib/origin/openshift.local.config/master/master.server.crt --key=/var/lib/origin/openshift.local.config/master/master.server.key --signer-cert=/var/lib/origin/openshift.local.config/master/ca.crt --signer-key=/var/lib/origin/openshift.local.config/master/ca.key --signer-serial=/var/lib/origin/openshift.local.config/master/ca.serial.txt --hostnames=kubernetes.default.svc,kubernetes.default.svc.cluster.local,localhost,openshift.default.svc.cluster.local,127.0.0.1,192.168.76.120
3 -
편집 /var/lib/origin/openshift.local.config/master/master-config.yaml, "192.168.76.120"와 "10.2.2.2"모든 발행 수를 교체
4 -
-편집 /etc/systemd/system/origin.service는 "192.168.76.120"
5 "10.2.2.2"을 대체
systemctl daemon-reload
6 -
systemctl start origin
다음 단계를 수행, 내가는/var/로그/메시지에 다음을 얻을 :
는Dec 29 21:12:29 localhost systemd: Starting Session 7 of user root.
Dec 29 21:13:30 localhost systemd: Starting OpenShift...
Dec 29 21:13:30 localhost openshift: W1229 16:13:30.512389 9725 start_master.go:272] Warning: assetConfig.loggingPublicURL: Invalid value: "": required to view aggregated container logs in the console, master start will continue.
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.525718 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.ClusterPolicyBinding: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.525809 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.ClusterPolicy: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526034 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.Policy: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526127 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.PolicyBinding: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526417 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.Group: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.527610 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go:154: Failed to list *api.LimitRange: Get https://10.2.2.2:8443/api/v1/limitranges?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.528199 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/lifecycle/admission.go:122: Failed to list *api.Namespace: Get https://10.2.2.2:8443/api/v1/namespaces?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530127 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go:154: Failed to list *api.LimitRange: Get https://10.2.2.2:8443/api/v1/limitranges?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530246 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/admission.go:103: Failed to list *api.ServiceAccount: Get https://10.2.2.2:8443/api/v1/serviceaccounts?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530309 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/admission.go:119: Failed to list *api.Secret: Get https://10.2.2.2:8443/api/v1/secrets?fieldSelector=type%3Dkubernetes.io%2Fservice-account-token&resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530494 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/resource_access.go:83: Failed to list *api.ResourceQuota: Get https://10.2.2.2:8443/api/v1/resourcequotas?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530524 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.OAuthAccessToken: client: etcd cluster is unavailable or misconfigured
당신은 "서버 인증서를 다시 생성하는 방법에 대한 링크를 제공 할 수 있습니다 "? – swv
매우 도움이되는 –
요청에 따라 답변을 편집했지만 불행히도이 작업을 수행하는 데 여전히 어려움을 겪고 있습니다. 제공된 명령을 사용하고 자체 LAN IP를 추가하여 새 master.server.crt 및 master.server.key를 생성 할 수 있었으며 /var/lib/origin/openshift.local.config에있는 기존 쌍을 바꿀 수있었습니다./master /,하지만 충분하지 않습니다. /var/lib/origin/openshift.local.config/master/에서 볼 때 crt/key 쌍이 많이 있음을 알 수 있습니다. 나는 그들 모두를 재생성해야합니까? 어쩌면 "../node-origin"dir에도 있을까요? 이걸 통해 주셔서 감사합니다! – swv