echo root:balinux | chpasswd
yum -y install net-tools bind-utils vim iptables epel-release
yum -y install centos-release-openshift-origin310 epel-release docker git pyOpenSSL
systemctl start docker
systemctl enable docker
yum -y install openshift-ansible
yum -y install dnsmasq
grep -v "#" /etc/ssh/sshd_config | grep . | grep -v "PasswordAuthentication no" > /tmp/salida
echo "PermitRootLogin yes" >> /tmp/salida
echo "PasswordAuthentication yes" >> /tmp/salida
mv /etc/ssh/sshd_config /etc/ssh/sshd_config.old
mv /tmp/salida /etc/ssh/sshd_config
systemctl restart sshd
#Cambiamos Pass Root
hostname ocp.balinux.com.ar
echo "hostname ocp.balinux.com.ar"
echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts
echo "192.168.0.147 ocp.balinux.com.ar ocp" >> /etc/hosts
#Mando el openshift Ansible
yum -y install openshift-ansible
cat << EOT > /tmp/hosts
[OSEv3:children]
masters
nodes
etcd
[OSEv3:vars]
# admin user created in previous section
ansible_ssh_user=root
ansible_become=true
openshift_deployment_type=origin
# use HTPasswd for authentication
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider'}]
os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant'
# define default sub-domain for Master node
openshift_master_default_subdomain=apps.balinux.com.ar
# allow unencrypted connection within cluster
openshift_docker_insecure_registries=172.30.0.0/16
openshift_disable_check=disk_availability,docker_storage,memory_availability,docker_image_availability
[masters]
ocp.balinux.com.ar openshift_schedulable=true containerized=false
[etcd]
ocp.balinux.com.ar
[nodes]
# defined values for [openshift_node_group_name] in the file below
# [/usr/share/ansible/openshift-ansible/roles/openshift_facts/defaults/main.yml]
ocp.balinux.com.ar openshift_node_group_name='node-config-all-in-one'
EOT
mv /etc/ansible/hosts /etc/ansible/hosts.bak
mv /tmp/hosts /etc/ansible
# Ansible
yum -y install e2fsprogs
yum -y install python2-pip
pip install --upgrade ansible
systemctl enable dnsmasq
systemctl restart dnsmasq
iptables -I INPUT -p tcp --dport 53 -j ACCEPT
iptables -I INPUT -p udp --dport 53 -j ACCEPT
#
echo "search balinux.com.ar" > /etc/resolv.conf
echo "nameserver 192.168.0.147" >> /etc/resolv.conf
echo "nameserver 8.8.8.8" >> /etc/resolv.conf
# DNSMASQ Y OPENSHIFT
cat << EOT > /etc/dnsmasq.d/openshift.conf
strict-order
domain-needed
local=/balinux.com.ar/
bind-dynamic
log-queries
address=/.apps.balinux.com.ar/192.168.0.147
EOT
cp /etc/resolv.conf /etc/resolv.conf.upstream
#Ahora el dnsmasq.conf
echo "resolv-file=/etc/resolv.conf.upstream" > /etc/dnsmasq.conf
echo "conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig" >> /etc/dnsmasq.conf
systemctl restart dnsmasq
####
## Ahora vamos porn las ssh keys
echo -e "\n\n\n" | ssh-keygen -t rsa
cat << EOT > /root/.ssh/config
Host ocp
Hostname ocp.balinux.com.ar
User root
EOT
chmod 600 /root/.ssh/config
echo "#### Probando el tema de ssh-copy-id"
yum -y install yum
cat << EOT > /tmp/salida-ssh.sh
#!/usr/bin/expect -f
spawn ssh-copy-id $argv
expect "password:"
send "balinux\n"
expect eof
EOT
chmod +x /tmp/salida-ssh.sh
(continuará)....
No comments:
Post a Comment