Skip to content

Commit

Permalink
translate playbooks comments into english -1
Browse files Browse the repository at this point in the history
  • Loading branch information
gjmzj committed Sep 29, 2018
1 parent 8caa842 commit eab1d62
Show file tree
Hide file tree
Showing 24 changed files with 207 additions and 196 deletions.
2 changes: 1 addition & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,6 @@ manifests/storage/*
roles/cluster-backup/files/*
!roles/cluster-backup/files/readme.md

# roles/xxx/vars, exclude roles/os-harden/vars/
# role based variable settings, exclude roles/os-harden/vars/
/roles/*/vars/*
!/roles/os-harden/vars/
8 changes: 4 additions & 4 deletions 01.prepare.yml
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
# 集群内时间同步
# [optional] to synchronize time of nodes with 'chrony'
- hosts: all
roles:
- { role: chrony, when: "hostvars[groups.deploy[0]]['NTP_ENABLED'] == 'yes'" }

# 在deploy节点生成CA相关证书
# to create CA, kubeconfig, kube-proxy.kubeconfig etc. on 'deploy' node
- hosts: deploy
roles:
- deploy

# 集群节点的公共配置任务
# prepare tasks for all nodes
- hosts:
- kube-master
- kube-node
Expand All @@ -18,7 +18,7 @@
roles:
- prepare

# [可选]多master部署时的负载均衡配置
# [optional] to install loadbalance service, only needed by multi-master cluster
- hosts: lb
roles:
- lb
1 change: 1 addition & 0 deletions 02.etcd.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# to install etcd cluster
- hosts: etcd
roles:
- etcd
1 change: 1 addition & 0 deletions 03.docker.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# to install docker service
- hosts:
- kube-master
- kube-node
Expand Down
6 changes: 3 additions & 3 deletions 04.kube-master.yml
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
# to set up 'kube-master' nodes
- hosts: kube-master
roles:
- kube-master
- kube-node
# 禁止业务 pod调度到 master节点
tasks:
- name: 禁止业务 pod调度到 master节点
- name: Making master nodes SchedulingDisabled
shell: "{{ bin_dir }}/kubectl cordon {{ inventory_hostname }} "
delegate_to: "{{ groups.deploy[0] }}"
when: DEPLOY_MODE != "allinone"
ignore_errors: true

- name: 设置master节点role
- name: Setting master role name
shell: "{{ bin_dir }}/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite"
ignore_errors: true
delegate_to: "{{ groups.deploy[0] }}"
1 change: 1 addition & 0 deletions 05.kube-node.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# to set up 'kube-node' nodes
- hosts: kube-node
roles:
- kube-node
2 changes: 1 addition & 1 deletion 06.network.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# 集群网络插件部署,只能选择一种安装
# to install network plugin, only one can be choosen
- hosts:
- kube-master
- kube-node
Expand Down
1 change: 1 addition & 0 deletions 07.cluster-addon.yml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
# to install clust-addons
- hosts:
- kube-node
roles:
Expand Down
13 changes: 8 additions & 5 deletions 11.harbor.yml
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
# [optional] to set up a HARBOR, and to integrate the HARBOR with k8s cluster
# read the guide: 'guide/harbor.md'

- hosts: harbor
roles:
- { role: chrony, when: "hostvars[groups.deploy[0]]['NTP_ENABLED'] == 'yes' and NEW_INSTALL == 'yes'" }
- { role: prepare, when: "NEW_INSTALL == 'yes'" }
- { role: docker, when: "NEW_INSTALL == 'yes'" }
- { role: harbor, when: "NEW_INSTALL == 'yes'" }
tasks:
- name: 获取harbor服务器证书
- name: Fetching the HARBOR SERVER's CA cert
fetch:
src: "{{ ca_dir }}/ca.pem"
dest: "{{ base_dir }}/down/"
Expand All @@ -19,14 +22,14 @@
vars:
harbor_domain: "{{ hostvars[groups.harbor[0]]['HARBOR_DOMAIN'] }}"
tasks:
- name: harbor证书目录创建
- name: Creating cert dir of the HARBOR SERVER for the docker daemon
file: name=/etc/docker/certs.d/{{ harbor_domain }} state=directory

- name: 推送harbor服务器证书
- name: Installing the HARBOR SERVER's cert on k8s nodes
copy: src={{ base_dir }}/down/ca.pem dest=/etc/docker/certs.d/{{ harbor_domain }}/ca.crt

# 如果你的环境中有dns服务器,可以跳过hosts文件设置
- name: 增加harbor的hosts解析
# [optional] if you have a DNS server, add an 'A record' instead
- name: Adding an '/etc/hosts' entry for the HARBOR DOMAIN
lineinfile:
dest: /etc/hosts
state: present
Expand Down
2 changes: 1 addition & 1 deletion 20.addnode.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
- prepare
- docker
- kube-node
# 根据hosts中配置,以下两种网络只会安装一种
#
- { role: calico, when: "CLUSTER_NETWORK == 'calico'" }
- { role: cilium, when: "CLUSTER_NETWORK == 'cilium'" }
- { role: flannel, when: "CLUSTER_NETWORK == 'flannel'" }
Expand Down
10 changes: 5 additions & 5 deletions 21.addmaster.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# 重新配置启动 haproxy
# reconfigure and restart the haproxy service
- hosts: lb
roles:
- lb
Expand All @@ -10,20 +10,20 @@
- docker
- kube-master
- kube-node
# 根据hosts中配置,以下两种网络只会安装一种
#
- { role: calico, when: "CLUSTER_NETWORK == 'calico'" }
- { role: cilium, when: "CLUSTER_NETWORK == 'cilium'" }
- { role: flannel, when: "CLUSTER_NETWORK == 'flannel'" }
- { role: kube-router, when: "CLUSTER_NETWORK == 'kube-router'" }
# 禁止业务 pod调度到 master节点
#
tasks:
- name: 禁止业务 pod调度到 master节点
- name: Making master nodes SchedulingDisabled
shell: "{{ bin_dir }}/kubectl cordon {{ inventory_hostname }} "
delegate_to: "{{ groups.deploy[0] }}"
when: DEPLOY_MODE != "allinone"
ignore_errors: true

- name: 设置master节点role
- name: Setting master role name
shell: "{{ bin_dir }}/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite"
ignore_errors: true
delegate_to: "{{ groups.deploy[0] }}"
14 changes: 7 additions & 7 deletions 22.upgrade.yml
Original file line number Diff line number Diff line change
@@ -1,20 +1,20 @@
# 集群更新存在一定风险,请谨慎操作
# 使用命令:ansible-playbook -t upgrade_k8s 22.upgrade.yml
# WARNING: Upgrade the k8s cluster can be risky. Make sure you know what you are doing.
# Read the guide: 'op/upgrade.md' .

# 更新kubectl二进制
# update kubectl binary
- hosts:
- kube-master
- kube-node
- deploy
roles:
- prepare

# 更新etcd集群
# update etcd
- hosts: etcd
roles:
- etcd

# docker更新,为保证不中断业务,不自动重启docker服务
# update docker binary
- hosts:
- kube-master
- new-master
Expand All @@ -23,15 +23,15 @@
roles:
- docker

# 更新master节点
# update masters
- hosts:
- kube-master
- new-master
roles:
- kube-master
- kube-node

# 更新node节点
# update nodes
- hosts:
- kube-node
- new-node
Expand Down
19 changes: 10 additions & 9 deletions 23.backup.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
# 集群备份脚本,请详细参阅文档 docs/op/cluster_restore.md
# cluster-backup playbook
# read the guide: 'op/cluster_restore.md'

- hosts:
- etcd
Expand All @@ -8,14 +9,14 @@
- hosts:
- deploy
tasks:
- name: 准备备份目录
- name: Creating backup dirs
file: name={{ item }} state=directory
with_items:
- "{{ base_dir }}/roles/cluster-backup/files/ca"
- "{{ base_dir }}/roles/cluster-backup/files/hosts"
- "{{ base_dir }}/roles/cluster-backup/files/snapshot"

- name: 备份 CA 相关文件
- name: Backing up CA sth
copy:
src: "{{ ca_dir }}/{{ item }}"
dest: "{{ base_dir }}/roles/cluster-backup/files/ca/{{ item }}"
Expand All @@ -26,25 +27,25 @@
- ca-csr.json
- ca-config.json

- name: 备份 ansible hosts 1
- name: Backing up ansible hosts-1
copy:
src: "{{ base_dir }}/hosts"
dest: "{{ base_dir }}/roles/cluster-backup/files/hosts/hosts"
register: p

- name: 备份 ansible hosts 2
- name: Backing up ansible hosts-2
shell: "cd {{ base_dir }}/roles/cluster-backup/files/hosts && \
cp -fp hosts hosts-$(date +'%Y%m%d%H%M')"
when: p | changed
when: 'p is changed'

- name: 备份 etcd snapshot 1
- name: Backing up etcd snapshot-1
copy:
src: "{{ base_dir }}/roles/cluster-backup/files/snapshot.db"
dest: "{{ base_dir }}/roles/cluster-backup/files/snapshot/snapshot.db"
register: q

- name: 备份 etcd snapshot 2
- name: Backing up etcd snapshot-2
shell: "cd {{ base_dir }}/roles/cluster-backup/files/ && \
mv -f snapshot.db snapshot/snapshot-$(date +'%Y%m%d%H%M').db"
when: q | changed
when: 'q is changed'

28 changes: 15 additions & 13 deletions 24.restore.yml
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
# 集群从备份恢复的脚本,使用请参阅文档 docs/op/cluster_restore.md
# cluster-restore playbook
# read the guide: 'op/cluster_restore.md'

# 在deploy节点恢复CA相关证书
# to restore CA sth on 'deploy' node
- hosts: deploy
tasks:
- name: 恢复CA 文件夹
- name: Restoring dirs of CA sth
file: name=/etc/kubernetes/ssl/ state=directory

- name: 恢复CA 相关文件
- name: Restoring CA sth
copy:
src: "{{ base_dir }}/roles/cluster-backup/files/ca/{{ item }}"
dest: "{{ ca_dir }}/{{ item }}"
Expand All @@ -21,22 +22,22 @@
roles:
- deploy

# 集群节点的公共配置任务
# pre-tasks on all nodes
- hosts: all
roles:
- prepare

# [可选]多master部署时的负载均衡配置
# [optional] only needed by multi-master cluster
- hosts: lb
roles:
- lb

# 创建etcd集群
# to install etcd cluster
- hosts: etcd
roles:
- etcd

# docker服务安装
# to install docker
- hosts:
- kube-master
- kube-node
Expand All @@ -45,31 +46,32 @@
roles:
- docker

# to set up 'kube-master' nodes
- hosts:
- kube-master
- new-master
roles:
- kube-master
- kube-node
# 禁止业务 pod调度到 master节点
#
tasks:
- name: 禁止业务 pod调度到 master节点
- name: Making master nodes SchedulingDisabled
shell: "{{ bin_dir }}/kubectl cordon {{ inventory_hostname }} "
when: DEPLOY_MODE != "allinone"
ignore_errors: true

- name: 设置master节点role
- name: Setting master role name
shell: "{{ bin_dir }}/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite"
ignore_errors: true

# node 节点部署
# to set up 'kube-node' nodes
- hosts:
- kube-node
- new-node
roles:
- kube-node

# etcd 集群进行数据恢复
# to restore data of etcd cluster
- hosts: etcd
roles:
- cluster-restore
Expand Down
Loading

0 comments on commit eab1d62

Please sign in to comment.