feat: CoreDNS IPv4 上游、03-03 Tomcat 修复、HAProxy 与验证脚本
- Ansible: 部署时自动配置 CoreDNS forward 为 IPv4,避免 ACME 解析失败 - 01-01/01-07: 文档增加 CoreDNS 设置说明 - 03-03: Tomcat webapps.dist 复制、HTTP/HTTPS 双 Ingress、显式 Dashboard IngressRoute - traefik-dashboard-acme: tomcat-acme.yaml、404 排查说明 - HAProxy: 健康检查与 PROXY 配置拆分,18080/18443 部署与验证脚本 Made-with: Cursor
This commit is contained in:
@@ -136,6 +136,46 @@
|
||||
when: firewalld_check.stdout == 'running'
|
||||
when: k3s_manage_firewalld | default(true) | bool
|
||||
|
||||
- name: Configure CoreDNS (IPv4 upstream for ACME)
|
||||
hosts: k3s_server
|
||||
become: true
|
||||
run_once: true
|
||||
vars:
|
||||
k3s_kubeconfig: /etc/rancher/k3s/k3s.yaml
|
||||
tasks:
|
||||
- name: Wait for CoreDNS deployment to be ready
|
||||
ansible.builtin.shell: |
|
||||
KUBECONFIG={{ k3s_kubeconfig }} kubectl rollout status deployment/coredns -n kube-system --timeout=120s
|
||||
when: k3s_manage_coredns | default(true) | bool
|
||||
|
||||
- name: Extract CoreDNS Corefile from ConfigMap
|
||||
ansible.builtin.shell: |
|
||||
KUBECONFIG={{ k3s_kubeconfig }} kubectl get configmap coredns -n kube-system -o jsonpath='{.data.Corefile}' > /tmp/coredns-corefile.txt
|
||||
when: k3s_manage_coredns | default(true) | bool
|
||||
|
||||
- name: Patch Corefile forward to IPv4 (avoid IPv6 upstream in Pod network)
|
||||
ansible.builtin.replace:
|
||||
path: /tmp/coredns-corefile.txt
|
||||
regexp: 'forward \. /etc/resolv\.conf'
|
||||
replace: 'forward . {{ coredns_forward_servers }}'
|
||||
register: coredns_patched
|
||||
when: k3s_manage_coredns | default(true) | bool
|
||||
|
||||
- name: Apply patched CoreDNS ConfigMap and restart
|
||||
ansible.builtin.shell: |
|
||||
KUBECONFIG={{ k3s_kubeconfig }} kubectl create configmap coredns --from-file=Corefile=/tmp/coredns-corefile.txt -n kube-system --dry-run=client -o yaml | KUBECONFIG={{ k3s_kubeconfig }} kubectl apply -f -
|
||||
KUBECONFIG={{ k3s_kubeconfig }} kubectl rollout restart deployment/coredns -n kube-system
|
||||
KUBECONFIG={{ k3s_kubeconfig }} kubectl rollout status deployment/coredns -n kube-system --timeout=60s
|
||||
when:
|
||||
- k3s_manage_coredns | default(true) | bool
|
||||
- coredns_patched is changed
|
||||
|
||||
- name: Remove temp Corefile
|
||||
ansible.builtin.file:
|
||||
path: /tmp/coredns-corefile.txt
|
||||
state: absent
|
||||
when: k3s_manage_coredns | default(true) | bool
|
||||
|
||||
- name: 安装后验证 - traefik / nodes / curl
|
||||
hosts: k3s_server
|
||||
become: true
|
||||
|
||||
Reference in New Issue
Block a user