centos安装ansible集群及playbook常用讲解
yum安装
- 集群IP列表
name | host |
---|---|
k8s-master | 192.168.78.22 |
k8s-node1 | 192.168.78.23 |
k8s-node2 | 192.168.78.24 |
- 主机名称
hostnamectl set-hostname k8s-master
hostnamectl set-hostname k8s-node1
hostnamectl set-hostname k8s-node2
永久:echo "hostname=k8s-master" > /etc/sysconfig/network
- 域名解析
cat >> /etc/hosts <<EOF 192.168.78.22 k8s-master 192.168.78.23 k8s-node1 192.168.78.24 k8s-node2 EOF
- 生成key
ssh-keygen -t dsa -f ~/.ssh/id_dsa -P ""
ssh7.0以上默认关闭dsa
ssh-keygen -t rsa -f ~/.ssh/id_rsa -P ""
- 分发key
ssh-copy-id -i ~/.ssh/id_dsa.pub root@k8s-master
ssh-copy-id -i ~/.ssh/id_dsa.pub root@k8s-node1
ssh-copy-id -i ~/.ssh/id_dsa.pub root@k8s-node2
#RSA
ssh-copy-id -i ~/.ssh/id_rsa.pub root@k8s-master
ssh-copy-id -i ~/.ssh/id_rsa.pub root@k8s-node1
ssh-copy-id -i ~/.ssh/id_rsa.pub root@k8s-node2
- 安装ansible
yum install -y epel-release ansible
- 安装ansible2.9.10
sudo apt install software-properties-common
sudo apt-add-repository ppa:ansible/ansible
sudo apt update
sudo apt install ansible
- 配置ansible集群
#追加
vim /etc/ansible/hosts;
[k8s]
k8s-master
k8s-node1
k8s-node2
- 查看版本及测试联通性
ansible --version
ansible k8s -m command 'uptime'
ansible all -m ping
实践:使用ansible批量同步集群日期
集群安装ntp
yum install ntp -y
timedatectl set-ntp true
timedatectl set-timezone “Asia/Shanghai”
#循环执行
for i in 'yum install -y ntp' 'timedatectl set-ntp true' 'timedatectl set-timezone "Asia/Shanghai"';
do
ansible all -m command -a $i;
done
检查
ansible all -m command -a "date"
自动时间同步
1.配置开机启动校验
vim /etc/rc.d/rc.local
/usr/sbin/ntpdate -u cn.pool.ntp.org> /dev/null 2>&1; /sbin/hwclock -w
2.配置定时任务
每10分钟
vim /etc/crontab
*/10 * * * * root /usr/sbin/ntpdate -u cn.pool.ntp.org > /dev/null 2>&1; /sbin/hwclock -w
或者
crontab -e
*/10 * * * * /usr/sbin/ntpdate -u cn.pool.ntp.org > /dev/null 2>&1; /sbin/hwclock -w
playbook实践集群同步日期
---
- hosts: k8s
remote_user: root
any_errors_fatal: true
gather_facts: no
tasks:
- name: check cron file
shell: /usr/bin/ls /var/spool/cron/root
ignore_errors: True
register: result
- name: 2
file: path=/var/spool/cron/root state=touch
when: result is failure
- name: 集群时间同步安装
yum: name=ntp state=latest
- name: syn date
shell: /usr/sbin/ntpdate -u cn.pool.ntp.org > /dev/null 2>&1
- name: rc date
shell: echo "/usr/sbin/ntpdate -u cn.pool.ntp.org > /dev/null 2>&1" >>/etc/rc.d/rc.local
- name: chmod rc
shell: chmod +x /etc/rc.d/rc.local
- name: cron date
shell: echo "*/10 * * * * /usr/sbin/ntpdate -u cn.pool.ntp.org > /dev/null 2>&1;" >> /var/spool/cron/root
检查yaml语法
ansible-playbook [file-name].yml --syntax-check
执行
ansible-playbook [file-name].yml
ansible-playbook a.yml --syntax-check #检查yaml文件的语法是否正确
ansible-playbook a.yml --list-task #检查tasks任务
ansible-playbook a.yml --list-hosts #检查生效的主机
ansible-playbook a.yml --start-at-task=‘Copy Nginx.conf’ #指定从某个task开始运行
playbook常用模块讲解
- yum_repository
tasks:
- name: add test yum repo
yum_repository:
name: test
description: Kubernetes
baseurl:
- https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck: yes
gpgkey: https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
file: test
yum_repository
是ansible配置yum源的模块
name: [仓库id],即[test]
description:仓库名字即name
baseurl:源网址即baseurl
file:即文件名称即test.repo
的test
gpgcheck:即gpgcheck
gpgkey:即gpgkey
cat test.repo
[test]
baseurl = https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck = 1
gpgkey = https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
name = Kubernetes
- get_url
- name: add docker repo
get_url: url=https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo dest=/root/docker-ce.repo
get_url
即文件下载模块,同wget
url:即下载路径
dest:即保存目录,可重定文件名
类比wget
命令:
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
积累
cat install_docker.yml
---
- hosts: k8s
remote_user: duanyiwen
become: yes
become_user: root
gather_facts: false
tasks:
- name: uninstall
apt: name={{ item }} state=absent
with_items:
- docker
- docker-engine
- docker-ce
- docker.io
ignore_errors: True
register: result
- name: install_YL
apt: name={{ item }} state=present
with_items:
- apt-transport-https
- ca-certificates
- curl
- software-properties-common
- name: GPG
shell: curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -
- name: set-repo
shell: add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
- name: update
apt: update_cache=yes
- name: install
apt: name=docker-ce=18.06.3~ce~3-0~ubuntu state=present
cat main.yml
---
- include: install_docker.yml
tags: docker==18.06.3~ce~3-0~ubuntu