安装配置ansible

安装

dnf install -y ansible

配置

echo "[defaults]" >> /etc/ansible/ansible.cfg
echo "host_key_checking = false" >>/etc/ansible/ansible.cfg
ansible-playbook 结构 /root 目录下

复制代码
├── deplyment
│ └── install_k8s_os_init.yml
├── hosts
├── roles
│ └── init
│ ├── files
│ │ ├── epel.repo
│ │ ├── ipvs_br_netfilter.conf
│ │ ├── limits.conf
│ │ ├── k8s.conf
│ │ ├── hosts
│ │ ├── rocky-addons.repo
│ │ ├── rocky-devel.repo
│ │ ├── rocky-extras.repo
│ │ └── rocky.repo
│ ├── tasks
│ │ └── main.yml
│ └── templates
复制代码
部署命令：

ansible-playbook -i hosts deplyment/install_k8s_os_init.yml
各个文件内容

install_k8s_osinit.yml

hosts: init
roles:
- ../roles/init
  epel.repo

复制代码
[epel]
name=Extra Packages for Enterprise Linux $releasever - $basearch
baseurl=https://mirrors.aliyun.com/epel/$releasever/Everything/$basearch/
enabled=1
gpgcheck=1
countme=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-$releasever

[epel-debuginfo]
name=Extra Packages for Enterprise Linux $releasever - $basearch - Debug
baseurl=https://mirrors.aliyun.com/epel/$releasever/Everything/$basearch/debug/
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-$releasever
gpgcheck=1

[epel-source]
name=Extra Packages for Enterprise Linux $releasever - $basearch - Source
baseurl=https://mirrors.aliyun.com/epel/$releasever/Everything/source/tree/
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-$releasever
gpgcheck=1
复制代码
ipvs_br_netfilter.conf

复制代码
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack
br_netfilter
复制代码
limits.conf

复制代码

/etc/security/limits.conf

hard nproc 655360
hard nofile 655360
root hard nproc 655360
root hard nofile 655360
End of file
复制代码
k8s.conf

net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
hosts

复制代码
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

k8s-dep

192.168.0.200 k8s-dep-200

k8s-master

192.168.0.201 k8s-m1-c1-201
192.168.0.202 k8s-m2-c2-202
192.168.0.203 k8s-m3-c3-203

k8s-node

192.168.0.204 k8s-n1-204
192.168.0.205 k8s-n2-205
192.168.0.206 k8s-n3-206
复制代码
rocky-addons.repo

复制代码

rocky-addons.repo

[highavailability]
name=Rocky Linux $releasever - High Availability
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/HighAvailability/$basearch/os/
gpgcheck=1
enabled=0
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[highavailability-debuginfo]
name=Rocky Linux $releasever - High Availability - Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/HighAvailability/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[highavailability-source]
name=Rocky Linux $releasever - High Availability - Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/HighAvailability/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[resilientstorage]
name=Rocky Linux $releasever - Resilient Storage
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/ResilientStorage/$basearch/os/
gpgcheck=1
enabled=0
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[resilientstorage-debuginfo]
name=Rocky Linux $releasever - Resilient Storage - Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/ResilientStorage/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[resilientstorage-source]
name=Rocky Linux $releasever - Resilient Storage - Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/ResilientStorage/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
[nfv]
name=Rocky Linux $releasever - NFV
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/NFV/$basearch/os/
gpgcheck=1
enabled=0
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[nfv-debuginfo]
name=Rocky Linux $releasever - NFV Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/NFV/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[nfv-source]
name=Rocky Linux $releasever - NFV Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/NFV/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[rt]
name=Rocky Linux $releasever - Realtime
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/RT/$basearch/os/
gpgcheck=1
enabled=0
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[rt-debuginfo]
name=Rocky Linux $releasever - Realtime Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/RT/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[rt-source]
name=Rocky Linux $releasever - Realtime Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/RT/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[sap]
name=Rocky Linux $releasever - SAP
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/SAP/$basearch/os/
gpgcheck=1
enabled=0
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[sap-debuginfo]
name=Rocky Linux $releasever - SAP Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/SAP/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[sap-source]
name=Rocky Linux $releasever - SAP Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/SAP/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[saphana]
name=Rocky Linux $releasever - SAPHANA
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/SAPHANA/$basearch/os/
gpgcheck=1
enabled=0
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[saphana-debuginfo]
name=Rocky Linux $releasever - SAPHANA Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/SAPHANA/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[saphana-source]
name=Rocky Linux $releasever - SAPHANA Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/SAPHANA/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
复制代码
rocky-devel.repo

复制代码

rocky-devel.repo

[devel]
name=Rocky Linux $releasever - Devel WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/devel/$basearch/os/
gpgcheck=1
enabled=0
countme=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[devel-debuginfo]
name=Rocky Linux $releasever - Devel Debug WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/devel/$basearch/debug/tree/
gpgcheck=1
enabled=0
countme=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

{spa.maiip8.com]
{spa.yny100.com]
{spa.yunguotong.com]
{spa.ningmengblock.com]
{spa.cshicl.com]
{spa.v6799.com]
{spa.inuantong.com]
{spa.ketzx.com]
[devel-source]
name=Rocky Linux $releasever - Devel Source WARNING! FOR BUILDROOT ONLY DO NOT LEAVE ENABLED
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/devel/source/tree/
gpgcheck=1
enabled=0
countme=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
复制代码
rocky-extras.repo

复制代码

rocky-extras.repo

[extras]
name=Rocky Linux $releasever - Extras
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/extras/$basearch/os/
gpgcheck=1
enabled=1
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[extras-debuginfo]
name=Rocky Linux $releasever - Extras Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/extras/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[extras-source]
name=Rocky Linux $releasever - Extras Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/extras/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[plus]
name=Rocky Linux $releasever - Plus
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/plus/$basearch/os/
gpgcheck=1
enabled=0
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[plus-debuginfo]
name=Rocky Linux $releasever - Plus - Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/plus/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[plus-source]
name=Rocky Linux $releasever - Plus - Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/plus/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
复制代码
rocky.repo

复制代码

rocky.repo

[baseos]
name=Rocky Linux $releasever - BaseOS
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/BaseOS/$basearch/os/
gpgcheck=1
enabled=1
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[baseos-debuginfo]
name=Rocky Linux $releasever - BaseOS - Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/BaseOS/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[baseos-source]
name=Rocky Linux $releasever - BaseOS - Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/BaseOS/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[appstream]
name=Rocky Linux $releasever - AppStream
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/AppStream/$basearch/os/
gpgcheck=1
enabled=1
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[appstream-debuginfo]
name=Rocky Linux $releasever - AppStream - Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/AppStream/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[appstream-source]
name=Rocky Linux $releasever - AppStream - Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/AppStream/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[crb]
name=Rocky Linux $releasever - CRB
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/CRB/$basearch/os/
gpgcheck=1
enabled=0
countme=1
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[crb-debuginfo]
name=Rocky Linux $releasever - CRB - Debug
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/CRB/$basearch/debug/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9

[crb-source]
name=Rocky Linux $releasever - CRB - Source
baseurl=https://mirrors.aliyun.com/rockylinux/$releasever/CRB/source/tree/
gpgcheck=1
enabled=0
metadata_expire=6h
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
复制代码
main.yml

复制代码

name: 关闭firewalld
systemd: name=firewalld state=stopped enabled=no
name: 关闭selinux
selinux: state=disabled
name: 关闭swap
lineinfile:
dest: /etc/fstab
regexp: ".*swap"
line: ""
name: 即时生效
shell: setenforce 0 ; swapoff -a
name: 修改主机名
shell: hostnamectl set-hostname { { hostname }}
name: 配置UTF8
shell: localectl set-locale LANG=en_US.UTF-8
name: 配置24小时制
shell: localectl set-locale LC_TIME=en_GB.UTF-8
name: 配置时区
shell: timedatectl set-timezone Asia/Shanghai
name: 拷贝时区
copy: src=/usr/share/zoneinfo/Asia/Shanghai dest=/etc/localtime
name: 配置hosts主机解析
copy: src=hosts dest=/etc/ mode=0644 force=yes
name: 配置阿里源-base-and-epel
copy: src={ { item }} dest=/etc/yum.repos.d/ mode=0644 force=yes
with_items:
{spa.life-log-happy.com]
{spa.nyanhanten.com]
{spa.cncowboy.com]
{spa.dbtd1688.com]
{spa.votesmart2017.com]
{spa.brookschandler.com]
{spa.guzhiyush.top]
{spa.daguan33.com]
{spa.wuten888.com]
- rocky.repo
- rocky-addons.repo
- rocky-devel.repo
- rocky-extras.repo
- epel.repo
name: 安装常用工具包rpm
dnf: name={ { item }} state=present disable_gpg_check=yes
loop:
- vim
- bridge-utils
- iftop
- tree
- net-tools
- telnet
- ipvsadm
- ansible
- bash-complete
- lrzsz
- wget
- curl
- iotop
- tcpdump
- lsof
- zip
- unzip
- gcc
- make
- chrony
name: 配置时间同步chrony
lineinfile:
dest: /etc/chrony.conf
regexp: '2.rocky.pool.ntp.org'
line: 'ntp1.aliyun.com'
name: 重启时间同步chrony
systemd: name=chronyd state=restarted enabled=yes
name: 配置内核加载 ipvs br_netfilter
copy: src=ipvs_br_netfilter.conf /etc/modules-load.d/ mode=0644 force=yes
name: 配置文件句柄
copy: src=limits.conf dest=/etc/security/ mode=0644 force=yes
name: 配置k8s内核参数
copy: src=k8s.conf dest=/etc/sysctl.d/ mode=0644 force=yes
复制代码

本文来自博客园，站在巨人的肩膀上，坚持开源精神，遵循开源协议：Apache Licene 2.0协议。

分类: 13 自动化

ansible-install-k8s 之 1 初始化环境

安装

配置

/etc/security/limits.conf

End of file

k8s-dep

k8s-master

k8s-node

rocky-addons.repo

rocky-devel.repo

rocky-extras.repo

rocky.repo

复制代码

热门文章

最新文章

相关电子书