jack/Deploy-Laboratory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Deploy-Laboratory/ansible/roles/verify_common/tasks/http-curl-traefik-incluster.yml
Jack befdefd222 日常更新
2026-03-29 09:08:01 +08:00

53 lines
2.2 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 在集群内起临时 Pod 做 HTTP 探针(不经宿主机 :80
# 默认可选 traefik.kube-system + verify_traefik_path若集群 Traefik ClusterIP 不可达,请在 playbook 设 verify_incluster_http_url 直链 Service如 http://nginx-m1.default.svc.cluster.local/)。
#
# 必填verify_traefik_kubeconfig、verify_traefik_assertion
# 与 URL 二选一默认verify_traefik_path配合 Traefik或 verify_incluster_http_url直链 backend Service
# 可选verify_traefik_header_name / verify_traefik_header_value同时非空则校验响应头
- name: Resolve in-cluster probe URL
ansible.builtin.set_fact:
_vf_url: "{{ verify_incluster_http_url | default('http://traefik.kube-system.svc.cluster.local' ~ (verify_traefik_path | default('/')), true) }}"
- name: Ephemeral pod name for in-cluster HTTP check
ansible.builtin.set_fact:
_vf_http_pod: "vf-http-{{ 1000000000 | random }}-{{ 100000 | random }}"
- name: Render in-cluster probe Pod manifest
ansible.builtin.template:
src: incluster-traefik-http-probe-pod.yml.j2
dest: "/tmp/{{ _vf_http_pod }}-probe.yaml"
mode: "0644"
- name: Apply probe Pod and wait for success
ansible.builtin.shell: |
set -euo pipefail
export KUBECONFIG={{ verify_traefik_kubeconfig }}
POD={{ _vf_http_pod | quote }}
f="/tmp/{{ _vf_http_pod }}-probe.yaml"
kubectl delete pod -n default "$POD" --ignore-not-found --wait=false 2>/dev/null || true
kubectl apply -f "$f"
ok=0
for i in $(seq 1 120); do
phase=$(kubectl get pod -n default "$POD" -o jsonpath='{.status.phase}' 2>/dev/null || echo "")
if [ "$phase" = "Succeeded" ]; then ok=1; break; fi
if [ "$phase" = "Failed" ]; then
echo "[ERR] probe pod Failed"
kubectl describe pod -n default "$POD" | tail -50 || true
kubectl logs -n default "$POD" 2>&1 || true
exit 1
fi
sleep 2
done
if [ "$ok" != "1" ]; then
echo "[ERR] probe pod timeout (expected Succeeded)"
kubectl describe pod -n default "$POD" | tail -50 || true
kubectl logs -n default "$POD" 2>&1 || true
exit 1
fi
kubectl delete pod -n default "$POD" --wait=false 2>/dev/null || true
rm -f "$f"
args:
executable: /bin/bash
changed_when: false
Reference in New Issue View Git Blame Copy Permalink