ちょっと、手順忘れると思ったのでメモ。
環境は以前作ったOpenShift 4.6の以下。
https://qiita.com/rk05231977/items/ec1626c1223dddffc98a
NFSサーバーを作る
bastionノードをNFSサーバーにして、それをImage RegistryのPVにする。emptyDirでもいいんだけど。
(bastionにて)
# yum install -y nfs-utils
# echo "/registry 192.168.1.0/24(rw,no_root_squash)" > /etc/exports
# mkdir /registry
# chmod 777 /registry
# systemctl enable --now nfs-server
(結果)
[root@bastion ~]# exportfs
/registry 192.168.1.0/24
Image Registryを設定する
1.PVC作る。
cat > pvc-registry.yaml << EOF
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: nfs
provisioner: kubernetes.io/no-provisioner
reclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: registry
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs
nfs:
path: /registry
server: 192.168.1.1
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: image-registry-storage
namespace: openshift-image-registry
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
storageClassName: nfs
EOF
# oc create -f pvc-registry.yaml
2.Image Registryを起動する。
# oc edit configs.imageregistry.operator.openshift.io/cluster
(変更前)
spec:
logLevel: Normal
managementState: Removed
(変更後)
spec:
logLevel: Normal
managementState: Managed
(変更前)
storage: {}
(変更後)
storage:
pvc:
claim:
変更後、「image-registry-~」のPodが起動する。
# oc get pod -n openshift-image-registry
NAME READY STATUS RESTARTS AGE
cluster-image-registry-operator-648d8c656d-5c4r7 1/1 Running 0 3h26m
image-registry-659878f999-474zf 1/1 Running 0 22s
...
この時点で、サンプルを使ったrubyとかのS2Iのビルド、実行は成功するようになる。
Gitレポジトリを作る
GitHub使うでもいいのだが、なんとなく、せっかくなので。
1.gitをインストールし、hello-worldレポジトリを作る。
# yum install -y git
# useradd git
# sudo -u git ssh-keygen
# sudo -u git cp ~git/.ssh/id_rsa.pub ~git/.ssh/authorized_keys
# sudo -u git chmod 600 ~git/.ssh/authorized_keys
# mkdir /gitrepo
# chown git:git /gitrepo
# sudo -u git mkdir /gitrepo/hello-world
# sudo -u git git init --bare /gitrepo/hello-world
2.hello-worldレポジトリの中身を埋める。
node.jsにするか。
(参考)https://codeburst.io/node-js-by-example-part-1-668376cd4f96
# git config --global user.name "root@example.com"
# git config --global user.email "root@example.com"
# git clone /gitrepo/hello-world/
# cd hello-world
# yum install -y npm
# npm init
→ 全て空リターンで。
# sed -i 's/^ "test".*$/ "start": "node index.js"/' package.json
# cat > index.js << "EOF"
const http = require('http');
const hostname = '0.0.0.0';
const port = 8080;
const server = http.createServer((req, res) => {
res.statusCode = 200;
res.setHeader('Content-Type', 'text/plain');
res.end('Hello World\n');
});
server.listen(port, hostname, () => {
console.log(`Server running at http://${hostname}:${port}/`);
});
EOF
# git add *
# git commit -m "initial"
# git push
# cd ..
3.OpenShiftでプログラムをビルド・実行する。
(参考)https://cookbook.openshift.org/building-and-deploying-from-source/how-can-i-build-from-a-private-repository-on-github.html
# oc new-project hello-world
# oc create secret generic gitrepo --from-file=ssh-privatekey=/home/git/.ssh/id_rsa --type=kubernetes.io/ssh-auth
# oc secrets link builder gitrepo
# oc new-app ssh://git@192.168.1.1/gitrepo/hello-world --source-secret=gitrepo --name hello-world
(実行結果)
[root@bastion ~]# oc new-app nodejs~ssh://git@192.168.1.1/gitrepo/hello-world --source-secret=gitrepo --name hello-world
--> Found image 9350f28 (10 days old) in image stream "openshift/nodejs" under tag "12-ubi8" for "nodejs"
Node.js 12
----------
Node.js 12 available as container is a base platform for building and running various Node.js 12 applications and frameworks. Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.
Tags: builder, nodejs, nodejs12
* A source build using source code from ssh://git@192.168.1.1/gitrepo/hello-world will be created
* The resulting image will be pushed to image stream tag "hello-world:latest"
* Use 'oc start-build' to trigger a new build
--> Creating resources ...
imagestream.image.openshift.io "hello-world" created
buildconfig.build.openshift.io "hello-world" created
deployment.apps "hello-world" created
service "hello-world" created
--> Success
Build scheduled, use 'oc logs -f buildconfig/hello-world' to track its progress.
Application is not exposed. You can expose services to the outside world by executing one or more of the commands below:
'oc expose service/hello-world'
Run 'oc status' to view your app.
4.そのプログラムにアクセスする。
# oc expose svc hello-world
# curl --resolve hello-world-hello-world.apps.ocp.example.com:80:127.0.0.1 http://hello-world-hello-world.apps.ocp.example.com/
(実行結果)
[root@bastion ~]# curl --resolve hello-world-hello-world.apps.ocp.example.com:80:127.0.0.1 http://hello-world-hello-world.apps.ocp.example.com/
Hello World
一応、プライベートレジストリから作成イメージをpull
1.podmanをインストールし、イメージをpull
# yum install -y podman
# unset KUBECONFIG
(OpenShiftのWeb管理画面にadminユーザーログインしてCopy Login Command)
# oc login --token=sha256~u0QIFhDEyBPcJknDYUZajysI4Y6yB5mnwxZ8XDzs_a4 --server=https://api.ocp.example.com:6443
# oc get pod -n openshift-image-registry
# oc port-forward -n openshift-image-registry image-registry-757fcf66-rj49z 5000:5000 &
# podman login -u admin -p $(oc whoami -t) localhost:5000 --tls-verify=false
# podman pull localhost:5000/hello-world/hello-world --tls-verify=false
# kill (port-foward実行してるプロセスID)
(実行結果)
[root@bastion ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost:5000/hello-world/hello-world latest 6044fc471330 28 minutes ago 798 MB