环境: centos 7
设置系统limit 为65535
详见: http://www.cnblogs.com/qq78292959/archive/2012/03/07/2383337.html
关闭selinux
|
1
2
3
4
|
/etc/sysconfig/selinux
SELINUX=disabled
安装ansible
yum
install
epel-release ansible
|
配置ssh key
配置ansible (ansible目录ansible_test)
1、修改ansible配置:vi /etc/ansible/ansible.cfg
|
1
2
|
# uncomment this to disable SSH key host checking
host_key_checking = False
#关闭known hosts提醒
|
2、设置hosts:vi ansible_test/hosts
|
1
2
3
4
5
6
7
8
9
|
[harbor] -->服务名称命名
10.199.133.157 -->ip地址
10.199.133.158
[registry]
10.199.133.159
[mysql]
10.199.132.136
|
3、设置全局变量 ansible_test/group_vars/all.yml
|
1
2
3
4
5
6
|
open_trigger:
"on"
-->on默认会转化为True需要加上双引号
mysql_host: 10.199.133.158
mysql_user: root
mysql_pwd: 21@AAAsafqqqsQ
registry_url: 10.199.133.159:5000
harbor_ip: 10.199.133.157
|
4、ansible_test/harbor.yml示例配置
harbor.yml
|
1
2
3
4
5
|
- hosts: harbor -->对应 hosts中的harbor定义
roles:
#- docker -->对应ansible_test/roles/docker,不执行
- master -->对应ansible_test
/roles/master
- test_docker_dns -->对应ansible_test
/roles/test_docker_dns
|
5、ansible task目录
ls -l ansible_test/roles/docker/
|
1
2
3
4
|
total 0
drwxr-xr-x 2 root root 24 Jul 13 2016 files -->文件存放
drwxr-xr-x 2 root root 21 Aug 8 15:59 tasks -->ansible执行任务
drwxr-xr-x 2 root root 22 Jul 13 2016 templates -->模板
|
cat roles/docker/tasks/main.yml
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
---
###起始行
- name: Copy yum repo
file
-->拷贝文件,放置在files目录中
copy: src=docker.repo dest=
/etc/yum
.repos.d
/docker
.repo
- name: Copy docker images -->拷贝目录
copy: src=images/ dest=
/tmp/images/
- name: Copy container config files -->批量拷贝
copy: src={{ item.src }} dest={{ item.dest }}
with_items:
- src: config
/jobservice/
dest:
/apps/conf/harbor/jobservice/
- src: config
/ui/
{{ use_by }}/ -->引用全局变量
dest:
/apps/conf/harbor/ui/
- src: config
/nginx/
dest:
/apps/conf/harbor/nginx/
- name: Import docker images -->批量执行命令
command
: docker load -i {{ item }}
with_items:
-
/tmp/images/golang
.
tar
-
/tmp/images/deploy_log
.
tar
-
/tmp/images/deploy_jobservice
.
tar
-
file
: path=
/var/log/harbor_jobservice_audit
.log state=
touch
mode=
"u=rw,g=r,o=r"
-->创建文件
- lineinfile: dest=
/etc/resolv
.conf line=
"nameserver 192.168.209.254"
-->增加目标主机resolv.conf 的nameserver解析
- lineinfile: dest=
/etc/resolv
.conf state=absent regexp=
"10.199.129.21"
-->删除10.199.129.21域名解析
- lineinfile: dest=
/apps/conf/harbor/ui/env
regexp=
'^HA_PROXY_ADDR='
line=
'HA_PROXY_ADDR={{ domain_name }}'
-->引用全局变量替换内容
- replace: dest=
/apps/conf/harbor/nginx/nginx
.conf regexp=
'(.*upstream registry.*{.*\n.*)server.*'
replace=
'\1 server {{ registry_url}};'
-->替换upstream registry后一行内容
- lineinfile: dest=
/apps/conf/harbor/registry/config
.yml regexp=
'(.*rootdirectory:)'
line=
'\1 {{ rootdirectory }}'
backrefs=
yes
-->引用并替换内容
- name: Delete restart
file
-->删除文件
file
: path=~
/restart_docker
.sh state=absent
- name: Yum makecache -->执行linux命令
command
: yum makecache
- name: Install docker -->安装软件
yum: name=docker state=latest
- name: Update docker config
file
-->使用模板替换文件
template: src=docker.j2 dest=
/etc/sysconfig/docker
- name: Enable docker service -->启动服务
service: name=docker enabled=
yes
state=started
|
流程图
执行部署harboransible-playbook -i hosts harbor.yml
本文转自 qwjhq 51CTO博客,原文链接:http://blog.51cto.com/bingdian/1893465
