jack/Deploy-Laboratory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
befdefd2229c705d8601b1bd611d7de29bbcd39d
Deploy-Laboratory/ansible/playbooks/verify/01-04.yml
Jack befdefd222 日常更新
2026-03-29 09:08:01 +08:00

146 lines
6.1 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# SKIP_ARMV7=1默认仅 noop。
# SKIP_ARMV7=0 且 ARMV7_NFS_SSH 或 ARMV7_SSH经 SSH 在 arm 上 dnf 装 nfs-utils、写 /etc/exports、exportfs见 docs/01-04
# 导出路径/网段ARMV7_NFS_EXPORT_PATH默认 /sdcard、ARMV7_NFS_CLIENT_SUBNET默认 192.168.2.0/24
- name: 01-04 armv7 NFS矩阵 + 可选远程安装)
hosts: localhost
gather_facts: false
vars:
repo_root: "{{ playbook_dir }}/../../.."
doc_id: "01-04"
doc_filename: "01-04-armv7-nfs服务安装.md"
skip_armv7: "{{ lookup('env', 'SKIP_ARMV7') | default('1', true) | trim }}"
armv7_ssh: "{{ lookup('env', 'ARMV7_SSH') | default('', true) | trim }}"
armv7_nfs_export_path: "{{ lookup('env', 'ARMV7_NFS_EXPORT_PATH') | default('/sdcard', true) | trim }}"
armv7_nfs_client_subnet: "{{ lookup('env', 'ARMV7_NFS_CLIENT_SUBNET') | default('192.168.2.0/24', true) | trim }}"
tasks:
- name: Resolve ARMV7_NFS_SSH from env
ansible.builtin.set_fact:
armv7_nfs_ssh: >-
{% set n = lookup('env', 'ARMV7_NFS_SSH') | default('', true) | trim %}
{% set b = lookup('env', 'ARMV7_SSH') | default('', true) | trim %}
{{ n if n | length > 0 else b }}
- name: Baseline docs/files checks
block:
- name: Assert docs file exists
ansible.builtin.stat:
path: "{{ repo_root }}/docs/{{ doc_filename }}"
register: _doc_stat
- name: Fail when docs file missing
ansible.builtin.assert:
that:
- _doc_stat.stat.exists
fail_msg: "docs file missing: docs/{{ doc_filename }}"
- name: Find matching ansible/files doc_id directory
ansible.builtin.find:
paths: "{{ repo_root }}/ansible/files"
file_type: directory
patterns: "{{ doc_id }}"
use_regex: false
register: _files_dirs
- name: Fail when ansible/files doc_id directory missing
ansible.builtin.assert:
that:
- _files_dirs.matched | int >= 1
fail_msg: "ansible/files missing doc_id directory: ansible/files/{{ doc_id }}"
- name: Show noop verification summary
ansible.builtin.debug:
msg:
- "doc_id={{ doc_id }}"
- "doc={{ doc_filename }}"
- "files_dirs={{ _files_dirs.files | map(attribute='path') | list }}"
- name: Verify cluster reachable (kubectl get nodes) [runbook baseline]
ansible.builtin.shell: |
set -euo pipefail
KUBECONFIG={{ k3s_kubeconfig | default('/etc/rancher/k3s/k3s.yaml') }} kubectl get nodes
args:
executable: /bin/bash
delegate_to: "{{ groups['k3s_server'][0] }}"
become: true
run_once: true
changed_when: false
- name: Verify core namespace exists (kube-system) [runbook baseline]
ansible.builtin.shell: |
set -euo pipefail
KUBECONFIG={{ k3s_kubeconfig | default('/etc/rancher/k3s/k3s.yaml') }} kubectl get ns kube-system
args:
executable: /bin/bash
delegate_to: "{{ groups['k3s_server'][0] }}"
become: true
run_once: true
changed_when: false
- name: Find YAML manifests under ansible/files doc_id dirs
ansible.builtin.find:
paths: "{{ _files_dirs.files | map(attribute='path') | list }}"
file_type: file
patterns:
- "*.yml"
- "*.yaml"
recurse: true
use_regex: false
register: _files_manifests
- name: Show manifest count summary
ansible.builtin.debug:
msg:
- "doc_id={{ doc_id }}"
- "manifest_files={{ _files_manifests.matched | default(0) }}"
- "manifest_paths={{ (_files_manifests.files | map(attribute='path') | list)[:12] }}"
- name: Server-side dry-run apply (kubectl apply --dry-run=server) [doc assertion]
ansible.builtin.shell: |
set -euo pipefail
KUBECONFIG={{ k3s_kubeconfig | default('/etc/rancher/k3s/k3s.yaml') }} \
kubectl apply --dry-run=server -f "{{ item.path }}"
args:
executable: /bin/bash
loop: "{{ _files_manifests.files }}"
loop_control:
label: "{{ item.path }}"
delegate_to: "{{ groups['k3s_server'][0] }}"
become: true
run_once: true
changed_when: false
when: (_files_manifests.matched | default(0) | int) > 0
- name: Fail when SKIP_ARMV7=0 but no ARMV7_SSH / ARMV7_NFS_SSH
ansible.builtin.fail:
msg: "SKIP_ARMV7=0 但未设置 ARMV7_SSH或 ARMV7_NFS_SSH 指向 NFS 所在 arm 主机)"
when: skip_armv7 == '0' and armv7_nfs_ssh | length == 0
- name: Note skipping remote NFS setup
ansible.builtin.debug:
msg: "SKIP_ARMV7={{ skip_armv7 }}:跳过 arm NFS 远程配置。"
when: skip_armv7 != '0' or armv7_nfs_ssh | length == 0
- name: Remote NFS install (dnf on arm)
when: skip_armv7 == '0' and armv7_nfs_ssh | length > 0
block:
- name: Install nfs-utils and enable nfs-server
ansible.builtin.shell: "{{ armv7_nfs_ssh }} 'sudo dnf install -y nfs-utils && sudo systemctl enable --now nfs-server'"
- name: Check if export path already in /etc/exports
ansible.builtin.shell: "{{ armv7_nfs_ssh }} sudo grep -qF {{ armv7_nfs_export_path | quote }} /etc/exports"
register: armv7_exports_grep
failed_when: false
changed_when: false
- name: Append NFS export line
ansible.builtin.shell: "{{ armv7_nfs_ssh }} bash -c 'echo \"{{ armv7_nfs_export_path }} {{ armv7_nfs_client_subnet }}(rw,sync,no_subtree_check,no_root_squash)\" | sudo tee -a /etc/exports'"
when: armv7_exports_grep.rc != 0
- name: Apply exportfs
ansible.builtin.shell: "{{ armv7_nfs_ssh }} sudo exportfs -rav"
changed_when: true
- name: Verify showmount
ansible.builtin.shell: "{{ armv7_nfs_ssh }} showmount -e localhost"
changed_when: false
Reference in New Issue View Git Blame Copy Permalink