mirror of https://github.com/easzlab/kubeasz.git
rewrite prepare tasks for different systems
parent
9acff29630
commit
f0947daaec
|
@ -9,15 +9,9 @@
|
||||||
- name: 安装基础软件包
|
- name: 安装基础软件包
|
||||||
yum:
|
yum:
|
||||||
name:
|
name:
|
||||||
- bash-completion # bash命令补全工具,需要重新登录服务器生效
|
|
||||||
- conntrack-tools # ipvs 模式需要
|
- conntrack-tools # ipvs 模式需要
|
||||||
- ipset # ipvs 模式需要
|
|
||||||
- ipvsadm # ipvs 模式需要
|
|
||||||
- libseccomp # 安装containerd需要
|
- libseccomp # 安装containerd需要
|
||||||
- nfs-utils # 挂载nfs 共享文件需要 (创建基于 nfs的PV 需要)
|
- nfs-utils # 挂载nfs 共享文件需要 (创建基于 nfs的PV 需要)
|
||||||
- psmisc # 安装psmisc 才能使用命令killall,keepalive的监测脚本需要
|
|
||||||
- rsync # 文件同步工具,分发证书等配置文件需要
|
|
||||||
- socat # 用于port forwarding
|
|
||||||
state: present
|
state: present
|
||||||
when: 'INSTALL_SOURCE != "offline"'
|
when: 'INSTALL_SOURCE != "offline"'
|
||||||
|
|
||||||
|
|
|
@ -10,9 +10,17 @@
|
||||||
state: absent
|
state: absent
|
||||||
backup: 'yes'
|
backup: 'yes'
|
||||||
|
|
||||||
- name: 转换内核版本为浮点数
|
- name: 安装基础软件包
|
||||||
set_fact:
|
package:
|
||||||
KERNEL_VER: "{{ ansible_kernel.split('-')[0].split('.')[0]|int + ansible_kernel.split('-')[0].split('.')[1]|int/100 }}"
|
name:
|
||||||
|
- bash-completion # bash命令补全工具,需要重新登录服务器生效
|
||||||
|
- ipset # ipvs 模式需要
|
||||||
|
- ipvsadm # ipvs 模式需要
|
||||||
|
- psmisc # 安装psmisc 才能使用命令killall,keepalive的监测脚本需要
|
||||||
|
- rsync # 文件同步工具,分发证书等配置文件需要
|
||||||
|
- socat # 用于port forwarding
|
||||||
|
state: present
|
||||||
|
when: 'INSTALL_SOURCE != "offline"'
|
||||||
|
|
||||||
- name: 加载内核模块
|
- name: 加载内核模块
|
||||||
modprobe: name={{ item }} state=present
|
modprobe: name={{ item }} state=present
|
||||||
|
@ -59,6 +67,20 @@
|
||||||
reload: yes
|
reload: yes
|
||||||
when: fs_may_detach_mounts.stat.exists|bool
|
when: fs_may_detach_mounts.stat.exists|bool
|
||||||
|
|
||||||
|
- name: 查看是否需要设置 net.ipv4.tcp_tw_recycle
|
||||||
|
stat:
|
||||||
|
path: /proc/sys/net/ipv4/tcp_tw_recycle
|
||||||
|
register: tcp_tw_recycle
|
||||||
|
ignore_errors: true
|
||||||
|
|
||||||
|
- name: 设置tcp_tw_recycle
|
||||||
|
sysctl:
|
||||||
|
sysctl_file: "/etc/sysctl.d/95-k8s-sysctl.conf"
|
||||||
|
name: net.ipv4.tcp_tw_recycle
|
||||||
|
value: 0
|
||||||
|
state: present
|
||||||
|
reload: yes
|
||||||
|
when: tcp_tw_recycle.stat.exists|bool
|
||||||
|
|
||||||
- name: 生效系统参数
|
- name: 生效系统参数
|
||||||
shell: "source /etc/profile; sysctl -p /etc/sysctl.d/95-k8s-sysctl.conf"
|
shell: "source /etc/profile; sysctl -p /etc/sysctl.d/95-k8s-sysctl.conf"
|
||||||
|
|
|
@ -1,11 +1,3 @@
|
||||||
# 系统基础软件环境
|
|
||||||
- name: apt更新缓存刷新
|
|
||||||
apt: update_cache=yes cache_valid_time=72000
|
|
||||||
ignore_errors: true
|
|
||||||
when:
|
|
||||||
- 'ansible_distribution in ["Ubuntu","Debian"]'
|
|
||||||
- 'INSTALL_SOURCE != "offline"'
|
|
||||||
|
|
||||||
- import_tasks: ubuntu.yml
|
- import_tasks: ubuntu.yml
|
||||||
when: 'ansible_distribution in ["Ubuntu","Debian"]'
|
when: 'ansible_distribution in ["Ubuntu","Debian"]'
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,9 @@
|
||||||
|
# 系统基础软件环境
|
||||||
|
- name: apt更新缓存刷新
|
||||||
|
apt: update_cache=yes cache_valid_time=72000
|
||||||
|
ignore_errors: true
|
||||||
|
when: 'INSTALL_SOURCE != "offline"'
|
||||||
|
|
||||||
# 删除默认安装
|
# 删除默认安装
|
||||||
- name: 删除ubuntu默认安装
|
- name: 删除ubuntu默认安装
|
||||||
shell: "apt remove -y {{ item }}"
|
shell: "apt remove -y {{ item }}"
|
||||||
|
@ -13,16 +19,10 @@
|
||||||
- name: 安装 ubuntu/debian基础软件
|
- name: 安装 ubuntu/debian基础软件
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- bash-completion # bash命令补全工具,需要重新登录服务器生效
|
|
||||||
- conntrack # network connection cleanup 用到
|
- conntrack # network connection cleanup 用到
|
||||||
- ipset # ipvs 模式需要
|
|
||||||
- ipvsadm # ipvs 模式需要
|
|
||||||
- jq # 轻量JSON处理程序,安装docker查询镜像需要
|
- jq # 轻量JSON处理程序,安装docker查询镜像需要
|
||||||
- libseccomp2 # 安装containerd需要
|
- libseccomp2 # 安装containerd需要
|
||||||
- nfs-common # 挂载nfs 共享文件需要 (创建基于 nfs的PV 需要)
|
- nfs-common # 挂载nfs 共享文件需要 (创建基于 nfs的PV 需要)
|
||||||
- psmisc # 安装psmisc 才能使用命令killall,keepalive的监测脚本需要
|
|
||||||
- rsync # 文件同步工具,分发证书等配置文件需要
|
|
||||||
- socat # 用于port forwarding
|
|
||||||
state: present
|
state: present
|
||||||
when: 'INSTALL_SOURCE != "offline"'
|
when: 'INSTALL_SOURCE != "offline"'
|
||||||
|
|
||||||
|
@ -42,11 +42,3 @@
|
||||||
|
|
||||||
- name: 重启 journald 服务
|
- name: 重启 journald 服务
|
||||||
service: name=systemd-journald state=restarted
|
service: name=systemd-journald state=restarted
|
||||||
|
|
||||||
- name: Configuration iptables
|
|
||||||
shell: 'iptables -F \
|
|
||||||
&& iptables -t nat -F \
|
|
||||||
&& iptables -t mangle -F \
|
|
||||||
&& iptables -X \
|
|
||||||
&& update-alternatives --set iptables /usr/sbin/iptables-legacy'
|
|
||||||
when: ansible_distribution == "Debian" and ansible_distribution_version|int >= 10
|
|
||||||
|
|
|
@ -2,9 +2,6 @@ net.ipv4.ip_forward = 1
|
||||||
net.bridge.bridge-nf-call-iptables = 1
|
net.bridge.bridge-nf-call-iptables = 1
|
||||||
net.bridge.bridge-nf-call-ip6tables = 1
|
net.bridge.bridge-nf-call-ip6tables = 1
|
||||||
net.bridge.bridge-nf-call-arptables = 1
|
net.bridge.bridge-nf-call-arptables = 1
|
||||||
{% if KERNEL_VER|float < 4.12 %}
|
|
||||||
net.ipv4.tcp_tw_recycle = 0
|
|
||||||
{% endif %}
|
|
||||||
net.ipv4.tcp_tw_reuse = 0
|
net.ipv4.tcp_tw_reuse = 0
|
||||||
net.core.somaxconn = 32768
|
net.core.somaxconn = 32768
|
||||||
net.netfilter.nf_conntrack_max=1000000
|
net.netfilter.nf_conntrack_max=1000000
|
||||||
|
|
Loading…
Reference in New Issue