mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
247 lines
8.6 KiB
Plaintext
247 lines
8.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * installing/installing_bare_metal/upi/scaling-a-user-provisioned-cluster-with-the-bare-metal-operator.adoc
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="upi-provisioning-new-hosts-in-a-upi-cluster_{context}"]
|
|
= Provisioning new hosts in a user-provisioned cluster by using the BMO
|
|
|
|
You can use the Bare Metal Operator (BMO) to provision bare-metal hosts in a user-provisioned cluster by creating a `BareMetalHost` custom resource (CR).
|
|
|
|
[NOTE]
|
|
====
|
|
Provisioning bare-metal hosts to the cluster by using the BMO sets the `spec.externallyProvisioned` specification in the `BareMetalHost` custom resource to `false` by default. Do not set the `spec.externallyProvisioned` specification to `true`, because this setting results in unexpected behavior.
|
|
====
|
|
|
|
.Prerequisites
|
|
|
|
* You created a user-provisioned bare-metal cluster.
|
|
* You have baseboard management controller (BMC) access to the hosts.
|
|
* You deployed a provisioning service in the cluster by creating a `Provisioning` CR.
|
|
|
|
.Procedure
|
|
|
|
. Create a configuration file for the bare-metal node. Depending if you use either a static configuration or a DHCP server, choose one of the following example `bmh.yaml` files and configure it to your needs by replacing values in the YAML to match your environment:
|
|
|
|
* To deploy with a static configuration, create the following `bmh.yaml` file:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: openshift-worker-<num>-network-config-secret <1>
|
|
namespace: openshift-machine-api
|
|
type: Opaque
|
|
stringData:
|
|
nmstate: | <2>
|
|
interfaces: <3>
|
|
- name: <nic1_name> <4>
|
|
type: ethernet
|
|
state: up
|
|
ipv4:
|
|
address:
|
|
- ip: <ip_address> <5>
|
|
prefix-length: 24
|
|
enabled: true
|
|
dns-resolver:
|
|
config:
|
|
server:
|
|
- <dns_ip_address> <6>
|
|
routes:
|
|
config:
|
|
- destination: 0.0.0.0/0
|
|
next-hop-address: <next_hop_ip_address> <7>
|
|
next-hop-interface: <next_hop_nic1_name> <8>
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: openshift-worker-<num>-bmc-secret
|
|
namespace: openshift-machine-api
|
|
type: Opaque
|
|
data:
|
|
username: <base64_of_uid> <9>
|
|
password: <base64_of_pwd>
|
|
---
|
|
apiVersion: metal3.io/v1alpha1
|
|
kind: BareMetalHost
|
|
metadata:
|
|
name: openshift-worker-<num>
|
|
namespace: openshift-machine-api
|
|
spec:
|
|
online: true
|
|
bootMACAddress: <nic1_mac_address> <10>
|
|
bmc:
|
|
address: <protocol>://<bmc_url> <11>
|
|
credentialsName: openshift-worker-<num>-bmc-secret
|
|
disableCertificateVerification: false
|
|
customDeploy:
|
|
method: install_coreos
|
|
userData:
|
|
name: worker-user-data-managed
|
|
namespace: openshift-machine-api
|
|
rootDeviceHints:
|
|
deviceName: <root_device_hint> <12>
|
|
preprovisioningNetworkDataName: openshift-worker-<num>-network-config-secret
|
|
----
|
|
<1> Replace all instances of `<num>` with a unique compute node number for the bare-metal nodes in the `name`, `credentialsName`, and `preprovisioningNetworkDataName` fields.
|
|
<2> Add the NMState YAML syntax to configure the host interfaces. To configure the network interface for a newly created node, specify the name of the secret that has the network configuration. Follow the `nmstate` syntax to define the network configuration for your node. See "Preparing the bare-metal node" for details on configuring NMState syntax.
|
|
<3> Optional: If you have configured the network interface with `nmstate`, and you want to disable an interface, set `state: up` with the IP addresses set to `enabled: false`.
|
|
<4> Replace `<nic1_name>` with the name of the bare-metal node's first network interface controller (NIC).
|
|
<5> Replace `<ip_address>` with the IP address of the bare-metal node's NIC.
|
|
<6> Replace `<dns_ip_address>` with the IP address of the bare-metal node's DNS resolver.
|
|
<7> Replace `<next_hop_ip_address>` with the IP address of the bare-metal node's external gateway.
|
|
<8> Replace `<next_hop_nic1_name>` with the name of the bare-metal node's external gateway.
|
|
<9> Replace `<base64_of_uid>` and `<base64_of_pwd>` with the base64 string of the user name and password.
|
|
<10> Replace `<nic1_mac_address>` with the MAC address of the bare-metal node's first NIC. See the "BMC addressing" section for additional BMC configuration options.
|
|
<11> Replace `<protocol>` with the BMC protocol, such as IPMI, Redfish, or others. Replace `<bmc_url>` with the URL of the bare-metal node's baseboard management controller.
|
|
<12> Optional: Replace `<root_device_hint>` with a device path when specifying a root device hint. See "Root device hints" for additional details.
|
|
|
|
* When configuring the network interface with a static configuration by using `nmstate`, set `state: up` with the IP addresses set to `enabled: false`:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: openshift-worker-<num>-network-config-secret
|
|
namespace: openshift-machine-api
|
|
# ...
|
|
interfaces:
|
|
- name: <nic_name>
|
|
type: ethernet
|
|
state: up
|
|
ipv4:
|
|
enabled: false
|
|
ipv6:
|
|
enabled: false
|
|
# ...
|
|
----
|
|
|
|
* To deploy with a DHCP configuration, create the following `bmh.yaml` file:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: openshift-worker-<num>-bmc-secret <1>
|
|
namespace: openshift-machine-api
|
|
type: Opaque
|
|
data:
|
|
username: <base64_of_uid> <2>
|
|
password: <base64_of_pwd>
|
|
---
|
|
apiVersion: metal3.io/v1alpha1
|
|
kind: BareMetalHost
|
|
metadata:
|
|
name: openshift-worker-<num>
|
|
namespace: openshift-machine-api
|
|
spec:
|
|
online: true
|
|
bootMACAddress: <nic1_mac_address> <3>
|
|
bmc:
|
|
address: <protocol>://<bmc_url> <4>
|
|
credentialsName: openshift-worker-<num>-bmc
|
|
disableCertificateVerification: false
|
|
customDeploy:
|
|
method: install_coreos
|
|
userData:
|
|
name: worker-user-data-managed
|
|
namespace: openshift-machine-api
|
|
rootDeviceHints:
|
|
deviceName: <root_device_hint> <5>
|
|
----
|
|
<1> Replace `<num>` with a unique compute node number for the bare-metal nodes in the `name` and `credentialsName` fields.
|
|
<2> Replace `<base64_of_uid>` and `<base64_of_pwd>` with the base64 string of the user name and password.
|
|
<3> Replace `<nic1_mac_address>` with the MAC address of the bare-metal node's first NIC. See the "BMC addressing" section for additional BMC configuration options.
|
|
<4> Replace `<protocol>` with the BMC protocol, such as IPMI, Redfish, or others. Replace `<bmc_url>` with the URL of the bare-metal node's baseboard management controller.
|
|
<5> Optional: Replace `<root_device_hint>` with a device path when specifying a root device hint. See "Root device hints" for additional details.
|
|
+
|
|
[IMPORTANT]
|
|
====
|
|
If the MAC address of an existing bare-metal node matches the MAC address of the bare-metal host that you are attempting to provision, then the installation will fail. If the host enrollment, inspection, cleaning, or other steps fail, the Bare Metal Operator retries the installation continuously. See "Diagnosing a duplicate MAC address when provisioning a new host in the cluster" for additional details.
|
|
====
|
|
|
|
. Create the bare-metal node by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create -f bmh.yaml
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
secret/openshift-worker-<num>-network-config-secret created
|
|
secret/openshift-worker-<num>-bmc-secret created
|
|
baremetalhost.metal3.io/openshift-worker-<num> created
|
|
----
|
|
|
|
. Inspect the bare-metal node by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc -n openshift-machine-api get bmh openshift-worker-<num>
|
|
----
|
|
+
|
|
where:
|
|
+
|
|
<num>:: Specifies the compute node number.
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME STATE CONSUMER ONLINE ERROR
|
|
openshift-worker-<num> provisioned true
|
|
----
|
|
|
|
. Approve all certificate signing requests (CSRs).
|
|
|
|
.. Get the list of pending CSRs by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get csr
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME AGE SIGNERNAME REQUESTOR REQUESTEDDURATION CONDITION
|
|
csr-gfm9f 33s kubernetes.io/kube-apiserver-client-kubelet system:serviceaccount:openshift-machine-config-o
|
|
perator:node-bootstrapper <none> Pending
|
|
----
|
|
|
|
.. Approve the CSR by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc adm certificate approve <csr_name>
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
certificatesigningrequest.certificates.k8s.io/<csr_name> approved
|
|
----
|
|
|
|
.Verification
|
|
|
|
* Verify that the node is ready by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get nodes
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME STATUS ROLES AGE VERSION
|
|
app1 Ready worker 47s v1.24.0+dc5a2fd
|
|
controller1 Ready master,worker 2d22h v1.24.0+dc5a2fd
|
|
---- |