第一题： install and configure Docker

install and configure Docker on your master and node systems according to the following conditions:

1 Apply all the latest available updates.

2 Configure Docker to use the pre-existing volume group docker-vg as a backing volume.

3 Configure Docker to point to the private registry at registry.area4.example.com

4 Configure Docker to NOT use public registry docker.io

5 Use the certificate available from

http://registry.area4.example.com/materials/registry.area4.example.com.crt

6 Add the certificate as trusted

7 Search for Docker images having openshift3 in their namespace and pull them locally

1：更新

在master 和node 和registry上面执行：

yum update -y 更新后reboot

2：在master和node上安装docker

yum install -y docker

3：配置docker, 把镜像仓库指向 registry.area4.example.com 并且不要使用共有仓库。在masta和node节点上操作；

vim /etc/sysconfig/docker

4：在master和node 上面配置https验证

yum install -y ca-certificates

update-ca-trust enable

wget http://registry.area4.example.com/materials/registry.area4.example.com.crt -O /etc/pki/ca-trust/source/anchors/

update-ca-trust extract

scp root@workstation.pod0.example.com:/etc/pki/tls/certs/self.crt /etc/pki/ca-trust/source/anchors/

5:配置master和noder的docker 使用lvm:

vi /etc/sysconfig/docker-storage-setup

DEVS=/dev/vdb

VG=docker-vg

SETUP_LVM_THIN_POOL=yes

docker-storage-setup

6:开机启动

systemctl enable docker ; systemctl start docker

在master and node 下载镜像

for i in `docker search openshift3 | grep openshift3 | awk ‘{print $2}’`  ;

do

dokcer search $i ;

done

第二题：Install OpenShift Enterprise

Install Openshift Enterprise on master using the installer from http://rhgls.domain16.example.com/materials/oo-install-ose.tgz and configure systems as follows:

System             Role

master.area4.example.com   MASTER

node. area4.example.com      NODE

Use the user root for ssh access Note: (ssh keys have already been setup). //提示 ssh 密钥已经配置完成，如果没有需要提前创建并传输密钥

2：在master和node上安装包

yum install -y wget git net-tools bind-utils iptables-services gcc python-virtualenv bridge-utils bash-com*

3：在master解压安装包、

先wget 下来，然后使用 gzip –d  oo-install.tgz  解压

wget  http://rhgls.area4.example.com/materials/oo-install-ose.tgz

tar -zxvf oo-install-ose.tgz

source oo-install-ose

systemctl start openshift-master; systemctl enable openshift-master //设置 openshift 服务已经启动并设置开机启动

systemctl start openshift-node; systemctl enable openshift-node  //node 主机有 openshift-node 服务，没有 openshift-

master 服务

第三题：Configure OpenShift Enterprise

Once the Master and the Node(s) have beem installed, proceed to the configuration of your OpenShift instance by performing the following operations

1 Edit the default OpenShift Image Stream and replace every entry of registry.access.redhat.com with registry.area4.example.com

2 Deploy a registry using the image openshift3/ose-${component}:${version}

3 Deploy a router using the image openshift3/ose-${component}:${version}

4 Use default naming for both the registry and the router

1：在master 先安装router:

创建service account

echo '{"kind":“ServiceAccount","apiVersion":"v1","metadata":{"name":"router"}}' | oc create -f -

2：在master添加SCC privileged

oc edit scc privileged

users:

- system:serviceaccount:default:router

3：创建router命令完全背下来

oadm router oserouter --credentials='/etc/openshift/master/openshift-router.kubeconfig' --images='openshift3/ose-${component}:${version}' --service-account=router

oc get pods

oadm router oserouter --credentials='/etc/openshift/master/openshift-router.kubeconfig' --images='openshift3/ose-haproxy-router:${version}' --service-account=router

4：修改子域

vi /etc/openshift/master/master-config.yaml

routingConfig:

subdomain: devops.area4.example.com

systemctl restart openshift-master

5：master配置registry, 并验证命令完全背下来

oadm registry --credentials='/etc/openshift/master/openshift-registry.kubeconfig' --images='openshift3/ose-${compenent}:${version}'

oc get services

oadm registry --credentials='/etc/openshift/master/openshift-registry.kubeconfig' --images='openshift3/ose-docker-registry:${version}'

curl http://172.30.252.189:5000/healthz

6：master修改registry

oc edit is -n openshift

ctrl+c——》：1,$s/registry.access.redhat.com/workstation.pod0.example.com:5000/g

oc get is -n openshift

第四题：Configure OpenShift authentication

Configure authentication on your Openshift instance so that:

1 The Identity Provider is set to HTPasswdPasswordIdentityProvider

2 The user salvo exists with password wakennym

3 The user ayumi exists with password wakennym

4 Both users must be able to authenticate to the Openshift Instance via CLI and on the

Web Console at https://master.area4.example.com:8443

5 No other user shall be able to log in

1：master安装包

yum install -y httpd-tools

3：创建认证用户

htpasswd -c /etc/openshift/openshift-passwd salvo

htpasswd -m /etc/openshift/openshift-passwd ayumi

cat /etc/openshift/openshift-passwd

4：修改配置文件

vi /etc/openshift/master/master-config.yaml

Kind: HTPasswdPasswordIdentityProvider

file: /etc/openshift/openshift-passwd

systemctl restart openshift-master.service

 登录一下测试

第五题：Configure persistent storage(192P)

Registry 就是 storage ,是同一台虚机，不用管iptables

Configure persistent NFS storage on storage.area4.example.com in the following way:

1 Apply all latest updates on storage.area4.example.com

2 Create and share /OSE_mysql

3 Create and share /OSE_wordpress

4 Create and share /OSE_registry

5 All the shares must be available to anyone in the subnet 172.24.4.0/255.255.255.0

6 Associate the share named /OSE_registry to the registry running within your OpenShift Enterprise instance so that it wi? use it for permanent storage

PV: Openshift instance的管理员 PVC： project

>yum update -y (升级storage)

1 : registry创建共享目录

mkdir /OSE_mysql

mkdir /OSE_wordpress

mkdir /OSE_registry

chown nfsnobody:nfsnobody /OSE_*

chmod 700 /OSE_*

设置selinux布尔值这一步千万不要忘记，默认是 off的

getsebool -a | grep virt_use_nfs

setsebool -P virt_use_nfs=true

重启服务

systemctl enable rpcbind nfs-server

systemctl restart rpcbind nfs-server

2：在node上面测试

mount.nfs master.pod0.example.com:/OSE_mysql /mnt/

umount /mnt/

3:设置/OSE_regitry 永久保存s2istorage 大小我设置的3G,具体设置多大，自己看，反正pv 和pvc对应上就可以了，这个可以不用记，用第7题给的材料文件wget下来修改一下就可以了，但是名字一定要写对

oc create -f registry-volume.yaum

oc login -u system:admin

oc create -f registry-pvclaim.yaum

创建的pvc 给docker-registry 使用，去修改docker-registry的DC：

oc volume dc docker-registry \

--add --overwrite -t  pvc \

--claim-name=registry-pvclaim --name=registry-storage

验证：

第六题： Create OpenShift Enterprise projects

On your OpenShift Enterprise instance create the following projects:

rome

shrimp

farm

Additionally, configure the projects as follows:

1 For all of the projects, set the description to 'This is an EX280 project on OpenShift v3'

2 Make salvo the admin of project rome

3 The user ayumi must be able to view the project rome but not administer or delete it

4 Make ayumi the admin of projects farm and shrimp

用网页访问https://master.pod0.example.com:8443

登录 salvo 创建project: rome

登录ayumi 创建project: farm and shrimp

用命令查看：

oc login -u system:admin

oadm policy add-role-to-user view ayumi -n rome

&& oadm policy remove-role-from-user ayumi rome

第七题：Configure OpenShift quotas for a project

Configure quotas and limits for project shrimp so that:（257）

1 The maximum amount of memory available for an application is 1024Mi

2 The maximum amount of CPU units available for an application is 500m

3 The maximum number of pod replicas allowed for an application does not exceed 3

1:编辑文件

我还加了 type: “container”

oc create -f quota.yaml -n shrimp

oc create -f limit.yaml -n shrimp

网页登录ayumi查看shrimp 这个project 的setting验证

第八题：Create an application using pods(176P)

Use the example files from

http://rhgls.area4.example.com/materials/openshift/origin/examples/wordpress to install a wordPress application in the farm project

1 Set the OpenShift security context clearance by running the file in /root/wordpress_prep.sh on master.area4.example.com(Note: this is necessary to allow WordPress to bind to port 80)

2 For permanent storage use the the shares /OSE_mysql and /OSE_wordpress from storage.area4.example.com

3 For the MySQL pod use the Docker image openshift3/mysql-55-rhel7

4 Once deployed the application must be reachable (and browse-able) at the following address: http://metaljacket.farm.devops.area4.example.com

5 Finally complete the WordPress installation by setting ayumi as the admin user with password wakennym and root@master.area4.example.com for the email address.

6 Set the blog name to EX280 Blog

7 Create your first post with title faber est quisque fortunae suae. The text of the post does not matter.

1：执行/root/wordpress_prep.sh

建一个目录，先将材料全部wget下来，然后从nfs-1, pvc-wp, service-wp pod-wp   nfs-2, pvc-mysql, pod-mysql, service-mysql开始一个一个文件打开按题目要求修改，

2：先创建mysql-PV

两个pv要修改nfs主机名和路径，nfs1是前端-1G，nfs2是mysql-5G

oc create -f nfs-1.yaml

oc project farm

pvc 不用改，

oc create -f mysqldb-pvclaim.json $$ oc delete -f mysqldb-pvclaim.json

mysql   pod 要修改镜像，wp 的Pod 不用改

oc create -f mysql-pod-pv.json $$ oc delete -f mysql-pod-pv.json

两个service不用改

oc expose service quotedb --hostname=mysql.cloudappsX.example.com  #默认没有设置路由，要手动设置主机名字

 个人只记得这样，不知道有没有忽略。考前要多熟悉环境中的Yuml

最后，route 操作完成后，通过域名访问 wordpress，初始化论坛，设置博客管理员为 ayumi，邮箱为 root@master.area4.exmaple.com   设置博客名称为 名称为 EX280

创建 一个新的博客帖子， 标题为： 为：aut viam inveniam aut faciam

第九题：Create an application from a Git repository

Use the S2I functionality of your OpenShift instance to build an application in the rome project（222，）

1 Use the Git repository at http://git.area4.example.com/git/mordor.git for the application source

2 Use the Docker image labeled openshift3/ruby-20-rhel7 (If you are using the Web GUI just use the available Ruby image）

3 Once deployed the application must be reachable (and browse-able) at the following address: http://mordor.rome.devops.area4.example.com

4 Update the original repository so that the app.rb file contains the text from

http://rhgls.area4.example.com/materials/mordor.txt instead of the word PLACEHOLDER

5 Trigger a rebuild so that when browsing http://mordor.rome.devops.area4.example.com it /will display the new test

考试要求 git clone 下载 http://git.area4.example.com/git/mordor.git 仓库 仓库代码 代码

git 下载 下载 代码后 ，使用 使用 http://rhgls.area4.example.com/materials/mordor.txt 的 的 内容替换掉 掉 app.rb 文件中原有 文件中原有的 的 PLACEHOLDER！

修改代码后，提交代码到 git 服务器

使用网页登录操作：Salvo ---rome----add to project----指定GIT文件 ----add routing----修改NAME为mordor----create----90s browse----事件

# git clone http://workstation.pod0.example.com/php-helloworld

# ls

# cd php-helloworld/

# vim index.php           //修改代码

# git add index.php       

# git commit –m “aa”    //提交到服务器

# git push                 //导入

# oc get bc

# oc start-build ‘bcnam’  后要清理缓存

第十题：Create an application from a template

这题完全是修改 ex280-template.json这个文件，先把git url和 registry 地址都替换成题目要求的，然后再上传模板，登录web,使用上传的模板创建应用，其它没什么修改的，最后还要添加路由,如果模板有问题，删掉所有资源，再删除模板，修改正确后，再上传，再创建！

Using the template file http://rhgls.area4.example.com/materials/ex280-template.json as a basis, install an application in the sh? project according to the following requirements:（245）

1 The application uses the Git repository at http://git.area4.example.com/git/ex280-app.git for its source

2 Make sure all the registry entries point to your local registry at registry.area4.example.com

3 Import the template so that any openShift user can use it

4 Deploy an application using the template

5 Once deployed the application must be reachable (and browse able) at the following address: http://ex280-app.shrimp.devops.area4.example.com

oc project openshift

wget http://rhgls.area4.example.com/materials/ex280-template.json .

vi ex280-template.json

模版需要 修改《应用名称》 《应用主机名称》  《git URI 地址栏 地址栏》 。

修改git.area4.example.com/git/ex280-app.git

修改两个仓库： registry.area4.example.com

修改router，metadata/name: "k**-**"

oc login -u system:admin

oc create -f ex280-template.json -n openshift

oc delete -f ex280-template.json -n openshift

 oc delete dc

oc delete bc

oc delete is

oc delete services

oc delete pod

oc delete route

使用网页登录操作：user ---project----add to project----找到指定的template ----add routing----修改APPLICATION_HOSTNAME---修改GIT-URI----create----90s browse----事件