feat(k3s): 密码切换为密钥 & 相关服务升级
这个提交包含在:
rohow
@@ -7,8 +7,6 @@
|
||||
```
|
||||
ansible/
|
||||
├── ansible.cfg # Ansible 配置
|
||||
├── .ansible-lint # Lint 规则配置
|
||||
├── requirements.yml # Ansible Galaxy 依赖
|
||||
├── inventory/
|
||||
│ ├── hosts.yml # 主机清单 ⭐ 需修改
|
||||
│ └── group_vars/all.yml # 全局变量
|
||||
|
||||
@@ -56,7 +56,6 @@ all:
|
||||
ansible_host: tchk.node.dev.cm
|
||||
node_hostname: tchk
|
||||
node_region: cn-hk
|
||||
enable_lb: true
|
||||
tthk:
|
||||
ansible_host: tthk.node.dev.cm
|
||||
node_hostname: tthk
|
||||
@@ -83,6 +82,7 @@ all:
|
||||
ansible_host: hwsg.node.dev.cm
|
||||
node_hostname: hwsg
|
||||
node_region: sg-sg
|
||||
enable_lb: true
|
||||
netfilter_mode: nodivert
|
||||
hwa:
|
||||
ansible_host: hwa.node.dev.cm
|
||||
|
||||
@@ -11,13 +11,20 @@
|
||||
state: directory
|
||||
mode: "0755"
|
||||
|
||||
# 部署配置文件
|
||||
# 检查安装状态
|
||||
- name: Check if K3s is installed
|
||||
ansible.builtin.stat:
|
||||
path: /usr/local/bin/k3s
|
||||
register: k3s_binary
|
||||
|
||||
# 部署配置文件(注册变更状态)
|
||||
- name: Deploy K3s server config
|
||||
ansible.builtin.template:
|
||||
src: k3s-server.yaml.j2
|
||||
dest: /etc/rancher/k3s/config.yaml
|
||||
mode: "0600"
|
||||
when: "'masters' in group_names"
|
||||
register: k3s_server_config
|
||||
|
||||
- name: Deploy K3s agent config
|
||||
ansible.builtin.template:
|
||||
@@ -25,6 +32,7 @@
|
||||
dest: /etc/rancher/k3s/config.yaml
|
||||
mode: "0600"
|
||||
when: "'agents' in group_names"
|
||||
register: k3s_agent_config
|
||||
|
||||
- name: Deploy registries.yaml
|
||||
ansible.builtin.template:
|
||||
@@ -33,17 +41,17 @@
|
||||
mode: "0644"
|
||||
when: use_mirror | default(false)
|
||||
|
||||
# 判断是否需要安装/重启
|
||||
- name: Set K3s installation flag
|
||||
ansible.builtin.set_fact:
|
||||
k3s_needs_install: "{{ not k3s_binary.stat.exists or (k3s_server_config.changed | default(false)) or (k3s_agent_config.changed | default(false)) }}"
|
||||
|
||||
# 设置安装变量
|
||||
- name: Set K3s install variables
|
||||
ansible.builtin.set_fact:
|
||||
k3s_install_url: "{{ mirror_k3s_install_url if (use_mirror | default(false)) else global_k3s_install_url }}"
|
||||
k3s_install_mirror: "{{ 'INSTALL_K3S_MIRROR=cn' if (use_mirror | default(false)) else '' }}"
|
||||
|
||||
# 检查安装状态
|
||||
- name: Check if K3s is installed
|
||||
ansible.builtin.stat:
|
||||
path: /usr/local/bin/k3s
|
||||
register: k3s_binary
|
||||
|
||||
# 下载安装脚本
|
||||
- name: Download K3s install script
|
||||
@@ -51,7 +59,7 @@
|
||||
url: "{{ k3s_install_url }}"
|
||||
dest: /tmp/k3s-install.sh
|
||||
mode: "0755"
|
||||
when: not k3s_binary.stat.exists
|
||||
when: k3s_needs_install
|
||||
|
||||
# 安装 K3s
|
||||
- name: Install K3s server
|
||||
@@ -62,7 +70,7 @@
|
||||
INSTALL_K3S_MIRROR: "{{ 'cn' if (use_mirror | default(false)) else '' }}"
|
||||
when:
|
||||
- "'masters' in group_names"
|
||||
- not k3s_binary.stat.exists
|
||||
- k3s_needs_install
|
||||
changed_when: true
|
||||
|
||||
- name: Install K3s agent
|
||||
@@ -73,7 +81,7 @@
|
||||
INSTALL_K3S_MIRROR: "{{ 'cn' if (use_mirror | default(false)) else '' }}"
|
||||
when:
|
||||
- "'agents' in group_names"
|
||||
- not k3s_binary.stat.exists
|
||||
- k3s_needs_install
|
||||
changed_when: true
|
||||
|
||||
# 清理安装脚本
|
||||
|
||||
在新议题中引用
屏蔽一个用户