问题
I set up openshift V3 all-in-one on a VM in the cloud so how can I contact it as the address is private and internal. I think I have to start Vagrand with some magic parameters but I haven't clue about them. Thanks
回答1:
When testing Openshift, I deployed the all in one VM in an Openstack instance. To be able to access Openshift, I had to change master-config.yaml configuration (which in the VM is located in /var/lib/origin/openshift.local.config/master/master-config.yaml)
Changing all references of the internal IP (10.2.2.2) to my public domain (https://my-domain.com:8443) did the trick.
I also had to regenerate the server certificates, including the public IP of my Openstack instance, this way:
oadm ca create-server-cert --cert=master.server.crt --key=master.server.key --signer-cert=/var/lib/origin/openshift.local.config/master/ca.crt --signer-key=/var/lib/origin/openshift.local.config/master/ca.key --signer-serial=/var/lib/origin/openshift.local.config/master/ca.serial.txt --hostnames=kubernetes.default.svc,kubernetes.default.svc.cluster.local,localhost,openshift.default.svc.cluster.local,127.0.0.1,10.2.2.2,yourdomain.com,yourpublicIP
Hope this helps
回答2:
Here is what I've tried (in an answer to better document my attempts)
1 -
systemctl stop origin
2 -
oadm ca create-server-cert --cert=/var/lib/origin/openshift.local.config/master/master.server.crt --key=/var/lib/origin/openshift.local.config/master/master.server.key --signer-cert=/var/lib/origin/openshift.local.config/master/ca.crt --signer-key=/var/lib/origin/openshift.local.config/master/ca.key --signer-serial=/var/lib/origin/openshift.local.config/master/ca.serial.txt --hostnames=kubernetes.default.svc,kubernetes.default.svc.cluster.local,localhost,openshift.default.svc.cluster.local,127.0.0.1,192.168.76.120
3 -
edit /var/lib/origin/openshift.local.config/master/master-config.yaml, replace all occurences of "10.2.2.2" with "192.168.76.120"
4 -
edit /etc/systemd/system/origin.service, replace "10.2.2.2" with "192.168.76.120"
5 -
systemctl daemon-reload
6 -
systemctl start origin
Following these steps, I get the following in the /var/log/messages:
Dec 29 21:12:29 localhost systemd: Starting Session 7 of user root.
Dec 29 21:13:30 localhost systemd: Starting OpenShift...
Dec 29 21:13:30 localhost openshift: W1229 16:13:30.512389 9725 start_master.go:272] Warning: assetConfig.loggingPublicURL: Invalid value: "": required to view aggregated container logs in the console, master start will continue.
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.525718 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.ClusterPolicyBinding: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.525809 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.ClusterPolicy: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526034 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.Policy: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526127 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.PolicyBinding: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526417 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.Group: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.527610 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go:154: Failed to list *api.LimitRange: Get https://10.2.2.2:8443/api/v1/limitranges?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.528199 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/lifecycle/admission.go:122: Failed to list *api.Namespace: Get https://10.2.2.2:8443/api/v1/namespaces?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530127 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go:154: Failed to list *api.LimitRange: Get https://10.2.2.2:8443/api/v1/limitranges?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530246 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/admission.go:103: Failed to list *api.ServiceAccount: Get https://10.2.2.2:8443/api/v1/serviceaccounts?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530309 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/admission.go:119: Failed to list *api.Secret: Get https://10.2.2.2:8443/api/v1/secrets?fieldSelector=type%3Dkubernetes.io%2Fservice-account-token&resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530494 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/resource_access.go:83: Failed to list *api.ResourceQuota: Get https://10.2.2.2:8443/api/v1/resourcequotas?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530524 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.OAuthAccessToken: client: etcd cluster is unavailable or misconfigured
来源:https://stackoverflow.com/questions/41060422/how-to-re-route-the-openshift-private-address-to-a-public-one