I just went through the exercise deploying OKD 3.11 and was mostly successful up to the pre-check of the first ansible playbook for the prerequistises. Upon running the second ansible playbook to perform the installation of OKD, I am see timeout for the oc get master on port 8443. The port should be block as the firewalld service is not running. Insight please!
TASK [openshift_control_plane : fail]
**************************************************************************
skipping: [192.168.56.122]
TASK [openshift_control_plane : Wait for all control plane pods to come up and become ready]
*******************
FAILED - RETRYING: Wait for all control plane pods to come up and become ready (72 retries left).
FAILED - RETRYING: Wait for all control plane pods to come up and become ready (71 retries left).
FAILED - RETRYING: Wait for all control plane pods to come up and become ready (70 retries left).
failed: [192.168.56.122] (item=etcd) => {"attempts": 72, "changed": false, "item": "etcd", "msg":
{"cmd": "/usr/bin/oc get pod master-etcd-master.cccd-lab.local -o json -n kube-system", "results":
[{}], "returncode": 1, "stderr": "The connection to the server master.cccd-lab.local:8443 was refused
- did you specify the right host or port?\n", "stdout": ""}}
[root@master opt]# cat inventory.ini [OSEv3:children] master nodes etcd
[OSEv3:vars]
ansible_ssh_user=root
ansible_become=true
openshift_master_default_subdomain=infra.cccd-lab.local
deployment_type=origin
#New addition
[nodes:vars]
openshift_disable_check=disk_availability,memory_availability,docker_storage
[masters:vars]
openshift_disable_check=disk_availability,memory_availability,docker_storage
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true',
'kind': 'HTPasswdPasswordIdentityProvider'}]
[masters]
192.168.56.122
[etcd]
192.168.56.122
[nodes]
192.168.56.120 openshift_node_group_name='node-config-compute'
192.168.56.121 openshift_node_group_name='node-config-infra'
192.168.56.122 openshift_node_group_name='node-config-master'
#compute openshift_ip=192.168.56.120 openshift_schedulable=true openshift_node_group_name='node-c
config-compute'
#infra openshift_ip=192.168.56.121 openshift_schedulable=true openshift_node_group_name='node-config-
infra'
#master openshift_ip=192.168.56.122 openshift_schedulable=true openshift_node_group_name='node-
config-master'
In investigating further, I am noted the following
oc get pod master-etcd-master.cccd-lab.local -o json -n kube-system", "results": [{}],
Which is . . .
The connection to the server master.cccd-lab.local:8443 was refused - did you specify the right host
or port?\n", "stdout": ""}}
[root@master opt]# netstat -tupln | grep LISTEN
tcp 0 0 10.0.2.15:53 0.0.0.0:* LISTEN 19370/dnsmasq
tcp 0 0 192.168.56.122:53 0.0.0.0:* LISTEN 19370/dnsmasq
tcp 0 0 172.17.0.1:53 0.0.0.0:* LISTEN 19370/dnsmasq
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1753/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1354/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1357/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1846/master
tcp 0 0 127.0.0.1:43644 0.0.0.0:* LISTEN 17379/hyperkube
tcp 0 0 0.0.0.0:8444 0.0.0.0:* LISTEN 14284/openshift
tcp 0 0 10.0.2.15:2379 0.0.0.0:* LISTEN 14349/etcd
tcp 0 0 10.0.2.15:2380 0.0.0.0:* LISTEN 14349/etcd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 760/rpcbind
tcp6 0 0 fe80::5fe7:910c:c2de:53 :::* LISTEN 19370/dnsmasq
tcp6 0 0 fe80::a00:27ff:fe5d::53 :::* LISTEN 19370/dnsmasq
tcp6 0 0 :::22 :::* LISTEN 1354/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1357/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1846/master
tcp6 0 0 :::10250 :::* LISTEN 17379/hyperkube
tcp6 0 0 :::111 :::* LISTEN 760/rpcbind
[root@master opt]# ^C
[root@master opt]#
Not sure how to correct the issue.
There were a couple of changes I had to make in order to make this work. First I decided to abandon my Virtualbox environment after discovering a certificate error determined by some additional research.
So, starting again with VMware Workstation 15 Pro, performed the following changes,
(+) hostname (DNS: nip.io) - [master.|compute.|infra.]<IP Address>.nip.io
(+) Memory - 4 RAM or more
(+) Processor - Number of processors: 2, Total processor cores: 2
(+) Add two separate Hard Disk
(+) Ideally, set the NIC to a static IP Address. Google for details
[Syntax] yum install --downloadonly --downloaddir=<directory> <package>
# yum install --downloadonly --downloaddir=<directory of choice> install -y wget git zile net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct openssl-devel httpd-tools python-cryptography pyt hon2-pip python-devel python-passlib java-1.8.0-openjdk-headless "@Development Tools"
# yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
# cd /<directory of choice>/<pkg>/docker/
# yum localinstall *rpm -y
# docker version
Configure the new disk added to the system earlier and reboot
# vim docker-storage-setup
Edit the file to just the following two lines.
DEVS=/dev/sdb
VG=docker-vgo
# docker-storage-setup
# systemctl enable docker.service - -now
# systemctl status docker.service
Install ansible 2.7, yes, 2.7!
Note 1: If ansible version is less than 2.4 or 2.8 then remove, install ansible 2.7 from the package (yum remove ansible)
Note 2: If the ansible version is not locally available, then retrieve from the following location
(# rpm -Uvh https://releases.ansible.com/ansible/rpm/release/epel-7-x86_64/ansible-2.7.10-1.el7.ans.noarch.rpm)
# cd /tmp/ansible/ansible2710
# yum localinstall *rpm -y
# ansible --version
The key thing to avoiding the master refused for me was to which to using "nip.io" for DNS, and setting up the /etc/resolv.conf as follows,
search nip.io
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 75.75.75.75
Pay attention to the "search" line.
All this yielded
PLAY RECAP *********************************************************************
192.168.196.140 : ok=724 changed=317 unreachable=0 failed=0
192.168.196.141 : ok=136 changed=69 unreachable=0 failed=0
192.168.196.142 : ok=137 changed=69 unreachable=0 failed=0
localhost : ok=11 changed=0 unreachable=0 failed=0
INSTALLER STATUS ***************************************************************
Health Check : Complete (0:01:06)
Node Bootstrap Preparation : Complete (0:37:12)
etcd Install : Complete (0:04:55)
Master Install : Complete (0:18:15)
Master Additional Install : Complete (0:02:52)
Node Join : Complete (0:07:10)
Hosted Install : Complete (0:03:11)
Cluster Monitoring Operator : Complete (0:02:06)
Web Console Install : Complete (0:02:33)
Console Install : Complete (0:02:20)
Service Catalog Install : Complete (0:08:09)