我的书签
添加书签
移除书签Expanding the cluster
- Preparing the bare metal node
- Preparing to deploy with Virtual Media on the baremetal network
- Diagnosing a duplicate MAC address when provisioning a new host in the cluster
- Provisioning the bare metal node
After deploying an installer-provisioned OKD cluster, you can use the following procedures to expand the number of worker nodes. Ensure that each prospective worker node meets the prerequisites.
Expanding the cluster using RedFish Virtual Media involves meeting minimum firmware requirements. See Firmware requirements for installing with virtual media in the Prerequisites section for additional details when expanding the cluster using RedFish Virtual Media. |
Preparing the bare metal node
Expanding the cluster requires a DHCP server. Each node must have a DHCP reservation.
Reserving IP addresses so they become static IP addresses Some administrators prefer to use static IP addresses so that each node’s IP address remains constant in the absence of a DHCP server. To use static IP addresses in the OKD cluster, reserve the IP addresses in the DHCP server with an infinite lease. After the installer provisions the node successfully, the dispatcher script will check the node’s network configuration. If the dispatcher script finds that the network configuration contains a DHCP infinite lease, it will recreate the connection as a static IP connection using the IP address from the DHCP infinite lease. NICs without DHCP infinite leases will remain unmodified. |
Preparing the bare metal node requires executing the following procedure from the provisioner node.
Procedure
Get the
ocbinary, if needed. It should already exist on the provisioner node.[kni@provisioner ~]$ curl -s https://mirror.openshift.com/pub/openshift-v4/clients/ocp/$VERSION/openshift-client-linux-$VERSION.tar.gz | tar zxvf - oc
[kni@provisioner ~]$ sudo cp oc /usr/local/bin
Power off the bare metal node via the baseboard management controller and ensure it is off.
Retrieve the user name and password of the bare metal node’s baseboard management controller. Then, create
base64strings from the user name and password. In the following example, the user name isrootand the password iscalvin.[kni@provisioner ~]$ echo -ne "root" | base64
[kni@provisioner ~]$ echo -ne "calvin" | base64
Create a configuration file for the bare metal node.
[kni@provisioner ~]$ vim bmh.yaml
---apiVersion: v1kind: Secretmetadata:name: openshift-worker-<num>-bmc-secrettype: Opaquedata:username: <base64-of-uid>password: <base64-of-pwd>---apiVersion: metal3.io/v1alpha1kind: BareMetalHostmetadata:name: openshift-worker-<num>spec:online: truebootMACAddress: <NIC1-mac-address>bmc:address: <protocol>://<bmc-ip>credentialsName: openshift-worker-<num>-bmc-secret
Replace
<num>for the worker number of the bare metal node in the twonamefields and thecredentialsNamefield. Replace<base64-of-uid>with thebase64string of the user name. Replace<base64-of-pwd>with thebase64string of the password. Replace<NIC1-mac-address>with the MAC address of the bare metal node’s first NIC.See the BMC addressing section for additional BMC configuration options. Replace
<protocol>with the BMC protocol, such as IPMI, RedFish, or others. Replace<bmc-ip>with the IP address of the bare metal node’s baseboard management controller.If the MAC address of an existing bare metal node matches the MAC address of a bare metal host that you are attempting to provision, then the Ironic installation will fail. If the host enrollment, inspection, cleaning, or other Ironic steps fail, the Bare Metal Operator retries the installation continuously. See Diagnosing a host duplicate MAC address for more information.
Create the bare metal node.
[kni@provisioner ~]$ oc -n openshift-machine-api create -f bmh.yaml
secret/openshift-worker-<num>-bmc-secret createdbaremetalhost.metal3.io/openshift-worker-<num> created
Where
<num>will be the worker number.Power up and inspect the bare metal node.
[kni@provisioner ~]$ oc -n openshift-machine-api get bmh openshift-worker-<num>
Where
<num>is the worker node number.NAME STATUS PROVISIONING STATUS CONSUMER BMC HARDWARE PROFILE ONLINE ERRORopenshift-worker-<num> OK ready ipmi://<out-of-band-ip> unknown true
Preparing to deploy with Virtual Media on the baremetal network
If the provisioning network is enabled and you want to expand the cluster using Virtual Media on the baremetal network, use the following procedure.
Prerequisites
- There is an existing cluster with a
baremetalnetwork and aprovisioningnetwork.
Procedure
Edit the
provisioningcustom resource (CR) to enable deploying with Virtual Media on thebaremetalnetwork:oc edit provisioning
apiVersion: metal3.io/v1alpha1kind: Provisioningmetadata:creationTimestamp: "2021-08-05T18:51:50Z"finalizers:- provisioning.metal3.iogeneration: 8name: provisioning-configurationresourceVersion: "551591"uid: f76e956f-24c6-4361-aa5b-feaf72c5b526spec:preProvisioningOSDownloadURLs: {}provisioningDHCPRange: 172.22.0.10,172.22.0.254provisioningIP: 172.22.0.3provisioningInterface: enp1s0provisioningNetwork: ManagedprovisioningNetworkCIDR: 172.22.0.0/24provisioningOSDownloadURL: http://192.168.111.1/images/rhcos-<version>.x86_64.qcow2.gz?sha256=<sha256>virtualMediaViaExternalNetwork: true (1)status:generations:- group: appshash: ""lastGeneration: 7name: metal3namespace: openshift-machine-apiresource: deployments- group: appshash: ""lastGeneration: 1name: metal3-image-cachenamespace: openshift-machine-apiresource: daemonsetsobservedGeneration: 8readyReplicas: 0
1 Add virtualMediaViaExternalNetwork: trueto theprovisioningCR.Edit the machineset to use the API VIP address:
oc edit machineset
apiVersion: machine.openshift.io/v1beta1kind: MachineSetmetadata:creationTimestamp: "2021-08-05T18:51:52Z"generation: 11labels:machine.openshift.io/cluster-api-cluster: ostest-hwmdtmachine.openshift.io/cluster-api-machine-role: workermachine.openshift.io/cluster-api-machine-type: workername: ostest-hwmdt-worker-0namespace: openshift-machine-apiresourceVersion: "551513"uid: fad1c6e0-b9da-4d4a-8d73-286f78788931spec:replicas: 2selector:matchLabels:machine.openshift.io/cluster-api-cluster: ostest-hwmdtmachine.openshift.io/cluster-api-machineset: ostest-hwmdt-worker-0template:metadata:labels:machine.openshift.io/cluster-api-cluster: ostest-hwmdtmachine.openshift.io/cluster-api-machine-role: workermachine.openshift.io/cluster-api-machine-type: workermachine.openshift.io/cluster-api-machineset: ostest-hwmdt-worker-0spec:metadata: {}providerSpec:value:apiVersion: baremetal.cluster.k8s.io/v1alpha1hostSelector: {}image:checksum: http:/172.22.0.3:6181/images/rhcos-<version>.x86_64.qcow2.<md5sum> (1)url: http://172.22.0.3:6181/images/rhcos-<version>.x86_64.qcow2 (2)kind: BareMetalMachineProviderSpecmetadata:creationTimestamp: nulluserData:name: worker-user-datastatus:availableReplicas: 2fullyLabeledReplicas: 2observedGeneration: 11readyReplicas: 2replicas: 2
1 Edit the checksumURL to use the API VIP address.2 Edit the urlURL to use the API VIP address.
Diagnosing a duplicate MAC address when provisioning a new host in the cluster
If the MAC address of an existing bare-metal node in the cluster matches the MAC address of a bare-metal host you are attempting to add to the cluster, the Bare Metal Operator associates the host with the existing node. If the host enrollment, inspection, cleaning, or other Ironic steps fail, the Bare Metal Operator retries the installation continuously. A registration error is displayed for the failed bare-metal host.
You can diagnose a duplicate MAC address by examining the bare-metal hosts that are running in the openshift-machine-api namespace.
Prerequisites
Install an OKD cluster on bare metal.
Install the OKD CLI
oc.Log in as a user with
cluster-adminprivileges.
Procedure
To determine whether a bare-metal host that fails provisioning has the same MAC address as an existing node, do the following:
Get the bare-metal hosts running in the
openshift-machine-apinamespace:$ oc get bmh -n openshift-machine-api
Example output
NAME STATUS PROVISIONING STATUS CONSUMERopenshift-master-0 OK externally provisioned openshift-zpwpq-master-0openshift-master-1 OK externally provisioned openshift-zpwpq-master-1openshift-master-2 OK externally provisioned openshift-zpwpq-master-2openshift-worker-0 OK provisioned openshift-zpwpq-worker-0-lv84nopenshift-worker-1 OK provisioned openshift-zpwpq-worker-0-zd8lmopenshift-worker-2 error registering
To see more detailed information about the status of the failing host, run the following command replacing
<bare_metal_host_name>with the name of the host:$ oc get -n openshift-machine-api bmh <bare_metal_host_name> -o yaml
Example output
...status:errorCount: 12errorMessage: MAC address b4:96:91:1d:7c:20 conflicts with existing node openshift-worker-1errorType: registration error...
Provisioning the bare metal node
Provisioning the bare metal node requires executing the following procedure from the provisioner node.
Procedure
Ensure the
PROVISIONING STATUSisreadybefore provisioning the bare metal node.$ oc -n openshift-machine-api get bmh openshift-worker-<num>
Where
<num>is the worker node number.NAME STATUS PROVISIONING STATUS CONSUMER BMC HARDWARE PROFILE ONLINE ERRORopenshift-worker-<num> OK ready ipmi://<out-of-band-ip> unknown true
Get a count of the number of worker nodes.
$ oc get nodes
NAME STATUS ROLES AGE VERSIONprovisioner.openshift.example.com Ready master 30h v1.22.1openshift-master-1.openshift.example.com Ready master 30h v1.22.1openshift-master-2.openshift.example.com Ready master 30h v1.22.1openshift-master-3.openshift.example.com Ready master 30h v1.22.1openshift-worker-0.openshift.example.com Ready master 30h v1.22.1openshift-worker-1.openshift.example.com Ready master 30h v1.22.1
Get the machine set.
$ oc get machinesets -n openshift-machine-api
NAME DESIRED CURRENT READY AVAILABLE AGE...openshift-worker-0.example.com 1 1 1 1 55mopenshift-worker-1.example.com 1 1 1 1 55m
Increase the number of worker nodes by one.
$ oc scale --replicas=<num> machineset <machineset> -n openshift-machine-api
Replace
<num>with the new number of worker nodes. Replace<machineset>with the name of the machine set from the previous step.Check the status of the bare metal node.
$ oc -n openshift-machine-api get bmh openshift-worker-<num>
Where
<num>is the worker node number. The status changes fromreadytoprovisioning.NAME STATUS PROVISIONING STATUS CONSUMER BMC HARDWARE PROFILE ONLINE ERRORopenshift-worker-<num> OK provisioning openshift-worker-<num>-65tjz ipmi://<out-of-band-ip> unknown true
The
provisioningstatus remains until the OKD cluster provisions the node. This can take 30 minutes or more. After the node is provisioned, the status will change toprovisioned.NAME STATUS PROVISIONING STATUS CONSUMER BMC HARDWARE PROFILE ONLINE ERRORopenshift-worker-<num> OK provisioned openshift-worker-<num>-65tjz ipmi://<out-of-band-ip> unknown true
After provisioning completes, ensure the bare metal node is ready.
$ oc get nodes
NAME STATUS ROLES AGE VERSIONprovisioner.openshift.example.com Ready master 30h v1.22.1openshift-master-1.openshift.example.com Ready master 30h v1.22.1openshift-master-2.openshift.example.com Ready master 30h v1.22.1openshift-master-3.openshift.example.com Ready master 30h v1.22.1openshift-worker-0.openshift.example.com Ready master 30h v1.22.1openshift-worker-1.openshift.example.com Ready master 30h v1.22.1openshift-worker-<num>.openshift.example.com Ready worker 3m27s v1.22.1
You can also check the kubelet.
$ ssh openshift-worker-<num>
[kni@openshift-worker-<num>]$ journalctl -fu kubelet
