1: 添加实用工具集目录tools

2: 添加sshkey自动复制脚本，方便ansible的使用
3：添加kubectl自动补全配置
4：修复CentOS系统下selinux配置BUG

roles/prepare/tasks/main.yml

@@ -43,19 +43,38 @@
   - lxcfs
   - lxc-common
 
-# 删除默认安装
+- block:
-- name: 删除centos默认安装
+    # 删除默认安装
-  when: ansible_distribution == "CentOS"
+    - name: 删除centos默认安装
-  yum: name={{ item }} state=absent
+      yum: name={{ item }} state=absent
-  with_items:
+      with_items:
-  - firewalld
+        - firewalld
-  - firewalld-filesystem
+        - python-firewall
-  - python-firewall
+        - firewalld-filesystem
+
+    - name: 安装基础软件包
+      yum: name={{ item }}  state=installed
+      with_items:
+        - vim
+        - git
+        - wget
+        - net-tools
+        - bash-completion
+
+    - name: 临时关闭 selinux
+      shell: "setenforce 0" 
+      failed_when: false
+
+    - name: 永久关闭 selinux
+      lineinfile:
+        dest: /etc/selinux/config
+        regexp: "^SELINUX"
+        line: "SELINUX=disabled"
 
-- name: 关闭 selinux
-  shell: "setenforce 0 && echo SELINUX=disabled > /etc/selinux/config"
   when: ansible_distribution == "CentOS"
-  ignore_errors: true
+
+- name: 添加 kubectl 命令自动补全
+  shell: "echo 'source <(kubectl completion bash)' >> ~/.bashrc"
 
 # 设置系统参数for k8s
 # 消除docker info 警告WARNING: bridge-nf-call-ip[6]tables is disabled

tools/yc-ssh-key-copy.sh

@@ -0,0 +1,78 @@
+#!/bin/bash
+
+#set -x
+
+# check args count
+if test $# -ne 3; then
+    echo -e "\nUsage: $0 < hosts file > < username > < password >\n"
+    exit 1
+fi
+
+# check hosts file
+hosts_file=$1
+if ! test -e $hosts_file; then
+    echo "[ERROR]: Can't find hosts file"
+    exit 1
+fi
+
+username=$2
+password=$3
+
+# check sshkey file 
+sshkey_file=~/.ssh/id_rsa.pub
+if ! test -e $sshkey_file; then
+    expect -c "
+    spawn ssh-keygen -t rsa
+    expect \"Enter*\" { send \"\n\"; exp_continue; }
+    "
+fi
+
+# get hosts list
+hosts=$(ansible -i $hosts_file all --list-hosts | awk 'NR>1')
+echo "======================================================================="
+echo "hosts: "
+echo "$hosts"
+echo "======================================================================="
+
+ssh_key_copy()
+{
+    # delete history
+    sed "/$1/d" -i ~/.ssh/known_hosts
+
+    # start copy 
+    expect -c "
+    set timeout 100
+    spawn ssh-copy-id $username@$1
+    expect {
+    \"yes/no\"   { send \"yes\n\"; exp_continue; }
+    \"password\" { send \"$password\n\"; }
+    \"already exist on the remote system\" { exit 1; }
+    }
+    expect eof
+    "
+}
+
+# auto sshkey pair
+for host in $hosts; do
+    echo "======================================================================="
+
+    # check network
+    ping -i 0.2 -c 3 -W 1 $host >& /dev/null
+    if test $? -ne 0; then
+        echo "[ERROR]: Can't connect $host"
+        exit 1
+    fi
+
+    cat /etc/hosts | grep -v '^#' | grep $host >& /dev/null
+    if test $? -eq 0; then
+        hostaddr=$(cat /etc/hosts | grep -v '^#' | grep $host | awk '{print $1}')
+        hostname=$(cat /etc/hosts | grep -v '^#' | grep $host | awk '{print $2}')
+        
+        ssh_key_copy $hostaddr
+        ssh_key_copy $hostname
+    else
+        ssh_key_copy $host
+    fi
+
+    echo ""
+done