jack/Deploy-Laboratory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

日常更新

Browse Source
This commit is contained in:
Jack
2026-03-29 09:08:01 +08:00
parent 31709425e2
commit befdefd222
224 changed files with 7240 additions and 3297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
ansible/playbooks/verify/01-04.yml Normal file
View File

@@ -0,0 +1,145 @@
# SKIP_ARMV7=1默认仅 noop。
# SKIP_ARMV7=0 且 ARMV7_NFS_SSH 或 ARMV7_SSH经 SSH 在 arm 上 dnf 装 nfs-utils、写 /etc/exports、exportfs见 docs/01-04
# 导出路径/网段ARMV7_NFS_EXPORT_PATH默认 /sdcard、ARMV7_NFS_CLIENT_SUBNET默认 192.168.2.0/24
- name: 01-04 armv7 NFS矩阵 + 可选远程安装)
hosts: localhost
gather_facts: false
vars:
repo_root: "{{ playbook_dir }}/../../.."
doc_id: "01-04"
doc_filename: "01-04-armv7-nfs服务安装.md"
skip_armv7: "{{ lookup('env', 'SKIP_ARMV7') | default('1', true) | trim }}"
armv7_ssh: "{{ lookup('env', 'ARMV7_SSH') | default('', true) | trim }}"
armv7_nfs_export_path: "{{ lookup('env', 'ARMV7_NFS_EXPORT_PATH') | default('/sdcard', true) | trim }}"
armv7_nfs_client_subnet: "{{ lookup('env', 'ARMV7_NFS_CLIENT_SUBNET') | default('192.168.2.0/24', true) | trim }}"
tasks:
- name: Resolve ARMV7_NFS_SSH from env
ansible.builtin.set_fact:
armv7_nfs_ssh: >-
{% set n = lookup('env', 'ARMV7_NFS_SSH') | default('', true) | trim %}
{% set b = lookup('env', 'ARMV7_SSH') | default('', true) | trim %}
{{ n if n | length > 0 else b }}
- name: Baseline docs/files checks
block:
- name: Assert docs file exists
ansible.builtin.stat:
path: "{{ repo_root }}/docs/{{ doc_filename }}"
register: _doc_stat
- name: Fail when docs file missing
ansible.builtin.assert:
that:
- _doc_stat.stat.exists
fail_msg: "docs file missing: docs/{{ doc_filename }}"
- name: Find matching ansible/files doc_id directory
ansible.builtin.find:
paths: "{{ repo_root }}/ansible/files"
file_type: directory
patterns: "{{ doc_id }}"
use_regex: false
register: _files_dirs
- name: Fail when ansible/files doc_id directory missing
ansible.builtin.assert:
that:
- _files_dirs.matched | int >= 1
fail_msg: "ansible/files missing doc_id directory: ansible/files/{{ doc_id }}"
- name: Show noop verification summary
ansible.builtin.debug:
msg:
- "doc_id={{ doc_id }}"
- "doc={{ doc_filename }}"
- "files_dirs={{ _files_dirs.files | map(attribute='path') | list }}"
- name: Verify cluster reachable (kubectl get nodes) [runbook baseline]
ansible.builtin.shell: |
set -euo pipefail
KUBECONFIG={{ k3s_kubeconfig | default('/etc/rancher/k3s/k3s.yaml') }} kubectl get nodes
args:
executable: /bin/bash
delegate_to: "{{ groups['k3s_server'][0] }}"
become: true
run_once: true
changed_when: false
- name: Verify core namespace exists (kube-system) [runbook baseline]
ansible.builtin.shell: |
set -euo pipefail
KUBECONFIG={{ k3s_kubeconfig | default('/etc/rancher/k3s/k3s.yaml') }} kubectl get ns kube-system
args:
executable: /bin/bash
delegate_to: "{{ groups['k3s_server'][0] }}"
become: true
run_once: true
changed_when: false
- name: Find YAML manifests under ansible/files doc_id dirs
ansible.builtin.find:
paths: "{{ _files_dirs.files | map(attribute='path') | list }}"
file_type: file
patterns:
- "*.yml"
- "*.yaml"
recurse: true
use_regex: false
register: _files_manifests
- name: Show manifest count summary
ansible.builtin.debug:
msg:
- "doc_id={{ doc_id }}"
- "manifest_files={{ _files_manifests.matched | default(0) }}"
- "manifest_paths={{ (_files_manifests.files | map(attribute='path') | list)[:12] }}"
- name: Server-side dry-run apply (kubectl apply --dry-run=server) [doc assertion]
ansible.builtin.shell: |
set -euo pipefail
KUBECONFIG={{ k3s_kubeconfig | default('/etc/rancher/k3s/k3s.yaml') }} \
kubectl apply --dry-run=server -f "{{ item.path }}"
args:
executable: /bin/bash
loop: "{{ _files_manifests.files }}"
loop_control:
label: "{{ item.path }}"
delegate_to: "{{ groups['k3s_server'][0] }}"
become: true
run_once: true
changed_when: false
when: (_files_manifests.matched | default(0) | int) > 0
- name: Fail when SKIP_ARMV7=0 but no ARMV7_SSH / ARMV7_NFS_SSH
ansible.builtin.fail:
msg: "SKIP_ARMV7=0 但未设置 ARMV7_SSH或 ARMV7_NFS_SSH 指向 NFS 所在 arm 主机)"
when: skip_armv7 == '0' and armv7_nfs_ssh | length == 0
- name: Note skipping remote NFS setup
ansible.builtin.debug:
msg: "SKIP_ARMV7={{ skip_armv7 }}:跳过 arm NFS 远程配置。"
when: skip_armv7 != '0' or armv7_nfs_ssh | length == 0
- name: Remote NFS install (dnf on arm)
when: skip_armv7 == '0' and armv7_nfs_ssh | length > 0
block:
- name: Install nfs-utils and enable nfs-server
ansible.builtin.shell: "{{ armv7_nfs_ssh }} 'sudo dnf install -y nfs-utils && sudo systemctl enable --now nfs-server'"
- name: Check if export path already in /etc/exports
ansible.builtin.shell: "{{ armv7_nfs_ssh }} sudo grep -qF {{ armv7_nfs_export_path | quote }} /etc/exports"
register: armv7_exports_grep
failed_when: false
changed_when: false
- name: Append NFS export line
ansible.builtin.shell: "{{ armv7_nfs_ssh }} bash -c 'echo \"{{ armv7_nfs_export_path }} {{ armv7_nfs_client_subnet }}(rw,sync,no_subtree_check,no_root_squash)\" | sudo tee -a /etc/exports'"
when: armv7_exports_grep.rc != 0
- name: Apply exportfs
ansible.builtin.shell: "{{ armv7_nfs_ssh }} sudo exportfs -rav"
changed_when: true
- name: Verify showmount
ansible.builtin.shell: "{{ armv7_nfs_ssh }} showmount -e localhost"
changed_when: false