diff --git a/docs/README_zh.md b/docs/README_zh.md index c96504d317a..3c1621067d2 100644 --- a/docs/README_zh.md +++ b/docs/README_zh.md @@ -76,6 +76,14 @@ k8s-node [all:vars] vip=10.1.86.209 # 同网段未被占用IP k8s_version=1.12.0 # kubernetes版本 +need_ntp=true #是否安装ntp +tar_local=/data #k8s安装目录 +etcd_image=k8s.gcr.io/etcd:3.2.24 #镜像名称 +haproxy_image=haproxy:1.7 +keepalived_image=fanux/keepalived:2.0.8 +calico_node_image=quay.io/calico/node:v3.2.2 +calico_cni_image=quay.io/calico/cni:v3.2.2 +calico_controller_image=quay.io/calico/kube-controllers:v3.2.2 ip_interface=eth.* etcd_crts=["ca-key.pem","ca.pem","client-key.pem","client.pem","member1-key.pem","member1.pem","server-key.pem","server.pem","ca.csr","client.csr","member1.csr","server.csr"] k8s_crts=["apiserver.crt","apiserver-kubelet-client.crt","ca.crt", "front-proxy-ca.key","front-proxy-client.key","sa.pub", "apiserver.key","apiserver-kubelet-client.key", "ca.key", "front-proxy-ca.crt", "front-proxy-client.crt" , "sa.key"] diff --git a/hosts b/hosts index 600214f55cb..4d5a2171bb0 100644 --- a/hosts +++ b/hosts @@ -27,6 +27,14 @@ k8s-node [all:vars] vip=10.1.86.209 k8s_version=1.12.2 +need_ntp=true +tar_local=/data +etcd_image=k8s.gcr.io/etcd:3.2.24 +haproxy_image=haproxy:1.7 +keepalived_image=fanux/keepalived:2.0.8 +calico_node_image=quay.io/calico/node:v3.2.2 +calico_cni_image=quay.io/calico/cni:v3.2.2 +calico_controller_image=quay.io/calico/kube-controllers:v3.2.2 ip_interface=eth.* etcd_crts=["ca-key.pem","ca.pem","client-key.pem","client.pem","member1-key.pem","member1.pem","server-key.pem","server.pem","ca.csr","client.csr","member1.csr","server.csr"] k8s_crts=["apiserver.crt","apiserver-kubelet-client.crt","ca.crt", "front-proxy-ca.key","front-proxy-client.key","sa.pub", "apiserver.key","apiserver-kubelet-client.key", "ca.key", "front-proxy-ca.crt", "front-proxy-client.crt" , "sa.key"] diff --git a/roles/base/tasks/main.yaml b/roles/base/tasks/main.yaml index 138c5373f5f..ac2610a00cc 100644 --- a/roles/base/tasks/main.yaml +++ b/roles/base/tasks/main.yaml @@ -7,12 +7,17 @@ # - quay.io/calico/kube-controllers:v3.2.0 - name: copy kubernetes.tar.gz - copy: 'src=/data/kube{{ k8s_version }}.tar.gz dest=/root/ mode=0644' + copy: 'src={{ tar_local }}/kube{{ k8s_version }}.tar.gz dest=/root/ mode=0644' - name: init every node shell: 'cd /root && {{ item }}' with_items: - tar zxvf kube{{ k8s_version }}.tar.gz - cd kube/shell && sh init.sh + +- name: ntp config + shell: '{{ item }}' + with_items: - yum install ntpdate -y - - ntpdate 0.asia.pool.ntp.org + - ntpdate 0.asia.pool.ntp.org + when: ( need_ntp == 'true' ) \ No newline at end of file diff --git a/roles/etcd/templates/etcd.static-pod.j2 b/roles/etcd/templates/etcd.static-pod.j2 index 344f2343cb1..359e076d7a8 100644 --- a/roles/etcd/templates/etcd.static-pod.j2 +++ b/roles/etcd/templates/etcd.static-pod.j2 @@ -30,7 +30,7 @@ spec: - --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.pem - --snapshot-count=10000 - --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.pem - image: k8s.gcr.io/etcd:3.2.24 + image: {{ etcd_image }} imagePullPolicy: IfNotPresent livenessProbe: exec: diff --git a/roles/haproxy/templates/haproxy.yaml.j2 b/roles/haproxy/templates/haproxy.yaml.j2 index d14f08621e9..e22579bf5a9 100644 --- a/roles/haproxy/templates/haproxy.yaml.j2 +++ b/roles/haproxy/templates/haproxy.yaml.j2 @@ -8,7 +8,7 @@ metadata: namespace: kube-system spec: containers: - - image: haproxy:1.7 + - image: {{ haproxy_image }} imagePullPolicy: IfNotPresent name: haproxy volumeMounts: diff --git a/roles/install-dashboard.yaml b/roles/install-dashboard.yaml index e7b6f535343..c14ebc53da3 100644 --- a/roles/install-dashboard.yaml +++ b/roles/install-dashboard.yaml @@ -1,4 +1,4 @@ --- - hosts: k8s-master roles: - - { role: kube-dashboard, when: lb is defined } + - { role: kube-dashboard, when: lb is defined } \ No newline at end of file diff --git a/roles/keepalived/templates/keepalived.yaml.j2 b/roles/keepalived/templates/keepalived.yaml.j2 index cb1a747047f..6f9e7338bec 100644 --- a/roles/keepalived/templates/keepalived.yaml.j2 +++ b/roles/keepalived/templates/keepalived.yaml.j2 @@ -8,7 +8,7 @@ metadata: namespace: kube-system spec: containers: - - image: fanux/keepalived:2.0.8 + - image: {{ keepalived_image }} imagePullPolicy: IfNotPresent name: keepalived securityContext: diff --git a/roles/kube-dashboard/tasks/main.yaml b/roles/kube-dashboard/tasks/main.yaml index 25e3a2897b2..58498d8e258 100644 --- a/roles/kube-dashboard/tasks/main.yaml +++ b/roles/kube-dashboard/tasks/main.yaml @@ -18,4 +18,4 @@ - kubectl delete secret -n kube-system kubernetes-dashboard-certs - kubectl create secret generic kubernetes-dashboard-certs --from-file=/root/certs -n kube-system - systemctl restart kubelet.service - when: ( order is defined ) and ( order == 1 ) + when: ( order is defined ) and ( order == 1 ) \ No newline at end of file diff --git a/roles/kube-master/templates/calico.yaml.j2 b/roles/kube-master/templates/calico.yaml.j2 index 315951bacb8..a602115d32f 100644 --- a/roles/kube-master/templates/calico.yaml.j2 +++ b/roles/kube-master/templates/calico.yaml.j2 @@ -109,7 +109,7 @@ spec: # container programs network policy and routes on each # host. - name: calico-node - image: quay.io/calico/node:v3.2.2 + image: {{ calico_node_image }} env: # The location of the Calico etcd cluster. - name: ETCD_ENDPOINTS @@ -220,7 +220,7 @@ spec: # This container installs the Calico CNI binaries # and CNI network config file on each node. - name: install-cni - image: quay.io/calico/cni:v3.2.2 + image: {{ calico_cni_image }} command: ["/install-cni.sh"] env: # Name of the CNI config file to create. @@ -319,7 +319,7 @@ spec: serviceAccountName: calico-kube-controllers containers: - name: calico-kube-controllers - image: quay.io/calico/kube-controllers:v3.2.2 + image: {{ calico_controller_image }} env: # The location of the Calico etcd cluster. - name: ETCD_ENDPOINTS