feat: 按 doc_id 重组 ansible/files 与验证框架

- ansible/files 改为与文档 XX-YY 对齐的目录结构，更新相关 playbook 路径 - 新增 scripts/verify.sh 与 ansible/playbooks/verify/*.yml，移除单体 verify-matrix.yml - 补充 docs/00-02 矩阵状态、00-05 验证框架与流程、00-04 环境与 ylc65 工作机说明 - 增加 k3s 存储准备、Longhorn、local-path 等 playbook 与辅助脚本 Made-with: Cursor
2026-03-26 07:01:14 +08:00
parent a67788de56
commit 8c43761962
192 changed files with 4006 additions and 320 deletions
--- a/ansible/playbooks/verify/03-06.yml
+++ b/ansible/playbooks/verify/03-06.yml
@@ -0,0 +1,94 @@
+- name: Deploy 03-06 NFS PV/PVC demo (gated)
+  hosts: k3s_server
+  become: true
+  run_once: true
+  vars:
+    k3s_kubeconfig: /etc/rancher/k3s/k3s.yaml
+    nfs_server_ip: "{{ NFS_SERVER_IP | default('') }}"
+    nfs_export_path: "{{ NFS_EXPORT_PATH | default('') }}"
+    manifest_src: "{{ playbook_dir }}/../../files/03-06-nfs-demo/nfs-pv-pvc-demo.yaml"
+    manifest_dest: /tmp/nfs-pv-pvc-demo.yaml
+  tasks:
+    - name: "Gate - require NFS_SERVER_IP and NFS_EXPORT_PATH"
+      ansible.builtin.shell: |
+        set -e
+        test -n "{{ nfs_server_ip }}"
+        test -n "{{ nfs_export_path }}"
+      args:
+        executable: /bin/bash
+      register: nfs_gate
+      changed_when: false
+      failed_when: false
+
+    - name: Copy manifest
+      when: nfs_gate.rc == 0
+      ansible.builtin.copy:
+        src: "{{ manifest_src }}"
+        dest: "{{ manifest_dest }}"
+        mode: "0644"
+
+    - name: kubectl apply
+      when: nfs_gate.rc == 0
+      ansible.builtin.shell: |
+        set -e
+        KUBECONFIG={{ k3s_kubeconfig }} kubectl apply -f {{ manifest_dest }}
+      args:
+        executable: /bin/bash
+      changed_when: true
+
+- name: Verify 03-06 NFS PV/PVC demo (gated)
+  hosts: k3s_server
+  become: true
+  run_once: true
+  vars:
+    k3s_kubeconfig: /etc/rancher/k3s/k3s.yaml
+    nfs_server_ip: "{{ NFS_SERVER_IP | default('') }}"
+    nfs_export_path: "{{ NFS_EXPORT_PATH | default('') }}"
+  tasks:
+    - name: "Gate - require NFS_SERVER_IP and NFS_EXPORT_PATH"
+      ansible.builtin.shell: |
+        set -e
+        test -n "{{ nfs_server_ip }}"
+        test -n "{{ nfs_export_path }}"
+      args:
+        executable: /bin/bash
+      register: nfs_gate
+      changed_when: false
+      failed_when: false
+
+    - name: Assert PVC Bound
+      when: nfs_gate.rc == 0
+      ansible.builtin.shell: |
+        set -e
+        phase=$(KUBECONFIG={{ k3s_kubeconfig }} kubectl -n default get pvc nfs-pvc-demo -o jsonpath='{.status.phase}')
+        echo "pvc phase=$phase"
+        test "$phase" = "Bound"
+      args:
+        executable: /bin/bash
+      changed_when: false
+
+- name: Teardown 03-06 NFS PV/PVC demo (optional)
+  hosts: k3s_server
+  become: true
+  run_once: true
+  vars:
+    k3s_kubeconfig: /etc/rancher/k3s/k3s.yaml
+    verify_teardown: "{{ (VERIFY_TEARDOWN | default('1')) | string }}"
+    manifest_dest: /tmp/nfs-pv-pvc-demo.yaml
+    nfs_server_ip: "{{ NFS_SERVER_IP | default('') }}"
+    nfs_export_path: "{{ NFS_EXPORT_PATH | default('') }}"
+  tasks:
+    - name: Delete resources when VERIFY_TEARDOWN=1
+      when: verify_teardown == "1"
+      ansible.builtin.shell: |
+        set -e
+        # gated：只有在 deploy gate 通过且文件存在时才清理；否则跳过，避免 fail-fast。
+        test -n "{{ nfs_server_ip }}"
+        test -n "{{ nfs_export_path }}"
+        test -f "{{ manifest_dest }}"
+        KUBECONFIG={{ k3s_kubeconfig }} kubectl delete -f {{ manifest_dest }} --ignore-not-found=true
+      args:
+        executable: /bin/bash
+      changed_when: true
+      failed_when: false
+