실습 Ansible Playbook 실습 - Ansible AWX - K3s 설치 자동화 - 구현 2
페이지 정보
본문
안녕하세요.
꿈꾸는여행자입니다.
Ansible을 통한 Playbook을 활용에 대해서 Ansible AWX 구성 자동화 방안을 생각해 보았습니다.
해당 항목들을 설계 및 구현 해보는 과정을 진행하고자 합니다.
이번 항목에서는 다음 내용을 기준으로
구현 해 보겠습니다.
1. K3s 오프라인 설치를 위한 Ansible 기반 자동화
- K3s 오프라인 패키지 복사
- K3s 설치
감사합니다.
> 아래
### **`roles/copy_offline_package/tasks/main.yml`**
**기능:**
- K3s 오프라인 패키지 복사
- `kubectl` 심볼릭 링크 생성
- `sudo` 환경 변수(`secure_path`) 업데이트
```yaml
---
# tasks file for roles/copy_offline_package
- name: Ensure target directory exists on target node
ansible.builtin.file:
path: "{{ offline_package_dir }}"
state: directory
mode: '0755'
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: Copy K3s offline package to target nodes
ansible.builtin.copy:
src: "{{ offline_package_archive }}"
dest: "{{ offline_package_dir }}/k3s_offline_package.tar.gz"
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0644'
- name: Extract offline package
ansible.builtin.unarchive:
src: "{{ offline_package_dir }}/k3s_offline_package.tar.gz"
dest: "{{ offline_package_dir }}/"
remote_src: yes
- name: Move K3s binary to system path
ansible.builtin.copy:
src: "{{ offline_package_dir }}/k3s"
dest: "{{ k3s_bin_path }}"
mode: '0755'
owner: "root"
group: "root"
remote_src: yes
become: yes
- name: Create symbolic link for kubectl
ansible.builtin.file:
src: "{{ k3s_bin_path }}"
dest: "/usr/local/bin/kubectl"
state: link
become: yes
- name: Move K3s install script to root directory
ansible.builtin.copy:
src: "{{ offline_package_dir }}/install.sh"
dest: "{{ k3s_install_script_dest }}"
mode: '0755'
owner: "root"
group: "root"
remote_src: yes
become: yes
- name: Ensure K3s image directory exists
ansible.builtin.file:
path: "{{ k3s_airgap_image_dest | dirname }}"
state: directory
mode: '0755'
owner: "root"
group: "root"
become: yes
- name: Move K3s airgap image to K3s image directory
ansible.builtin.copy:
src: "{{ offline_package_dir }}/k3s-airgap-images-amd64.tar.zst"
dest: "{{ k3s_airgap_image_dest }}"
mode: '0644'
owner: "root"
group: "root"
remote_src: yes
become: yes
- name: Update sudo secure_path to include /usr/local/bin
ansible.builtin.lineinfile:
path: /etc/sudoers
regexp: '^Defaults\s+secure_path='
line: 'Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin'
validate: 'visudo -cf %s'
become: yes
```
---
### **`roles/install_k3s_offline/tasks/main.yml`**
**기능:**
- 오프라인 모드에서 K3s 설치
- K3s 서비스 실행 상태 확인
```yaml
---
# tasks file for roles/install_k3s_offline
- name: Install K3s
shell: "INSTALL_K3S_SKIP_DOWNLOAD=true {{ k3s_install_script_dest }}"
- name: Wait for K3s startup
pause:
seconds: 10
- name: Ensure K3s is running
systemd:
name: k3s
state: started
enabled: yes
- name: Verify K3s installation
command: "kubectl get nodes"
register: node_status
- debug:
var: node_status.stdout_lines
```
---
### **`install-k3s.yml` (Playbook)**
**기능:**
- `copy_offline_package` 및 `install_k3s_offline` 역할을 순차적으로 실행
```yaml
---
- name: Deploy K3s with Offline Installation
hosts: k3s_nodes
become: yes
vars_files:
- group_vars/all.yml
roles:
- copy_offline_package
- install_k3s_offline
```
---
### **실행 결과 요약**
- **실행 명령어:**
```bash
ansible-playbook -i inventory.ini install-k3s.yml --ask-pass --ask-become-pass
```
- **주요 작업 결과:**
- K3s 오프라인 패키지 복사 및 압축 해제 완료
- `k3s` 바이너리를 `/usr/local/bin` 경로로 이동
- `/usr/local/bin/kubectl` 심볼릭 링크 생성
- `/etc/sudoers`의 `secure_path` 업데이트 완료
- K3s 설치 및 서비스 실행 성공
- `kubectl get nodes` 명령어를 통한 클러스터 상태 확인 완료
- **성공적인 출력 결과:**
```
NAME STATUS ROLES AGE VERSION
ansible-guest Ready control-plane,master 1s v1.31.5+k3s1
```
---
## 작업 실행 내역
---
```
[lds@ansible-host with-ansible]$ vi roles/copy_offline_package/tasks/main.yml
[lds@ansible-host with-ansible]$ cat roles/copy_offline_package/tasks/main.yml
---
# tasks file for roles/copy_offline_package
- name: Ensure target directory exists on target node
ansible.builtin.file:
path: "{{ offline_package_dir }}"
state: directory
mode: '0755'
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: Copy K3s offline package to target nodes
ansible.builtin.copy:
src: "{{ offline_package_archive }}"
dest: "{{ offline_package_dir }}/k3s_offline_package.tar.gz"
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: '0644'
- name: Extract offline package
ansible.builtin.unarchive:
src: "{{ offline_package_dir }}/k3s_offline_package.tar.gz"
dest: "{{ offline_package_dir }}/"
remote_src: yes
- name: Move K3s binary to system path
ansible.builtin.copy:
src: "{{ offline_package_dir }}/k3s"
dest: "{{ k3s_bin_path }}"
mode: '0755'
owner: "root"
group: "root"
remote_src: yes
become: yes
- name: Create symbolic link for kubectl
ansible.builtin.file:
src: "{{ k3s_bin_path }}"
dest: "/usr/local/bin/kubectl"
state: link
become: yes
- name: Move K3s install script to root directory
ansible.builtin.copy:
src: "{{ offline_package_dir }}/install.sh"
dest: "{{ k3s_install_script_dest }}"
mode: '0755'
owner: "root"
group: "root"
remote_src: yes
become: yes
- name: Ensure K3s image directory exists
ansible.builtin.file:
path: "{{ k3s_airgap_image_dest | dirname }}"
state: directory
mode: '0755'
owner: "root"
group: "root"
become: yes
- name: Move K3s airgap image to K3s image directory
ansible.builtin.copy:
src: "{{ offline_package_dir }}/k3s-airgap-images-amd64.tar.zst"
dest: "{{ k3s_airgap_image_dest }}"
mode: '0644'
owner: "root"
group: "root"
remote_src: yes
become: yes
- name: Update sudo secure_path to include /usr/local/bin
ansible.builtin.lineinfile:
path: /etc/sudoers
regexp: '^Defaults\s+secure_path='
line: 'Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin'
validate: 'visudo -cf %s'
become: yes
[lds@ansible-host with-ansible]$
[lds@ansible-host with-ansible]$ vi roles/install_k3s_offline/tasks/main.yml
[lds@ansible-host with-ansible]$ cat roles/install_k3s_offline/tasks/main.yml
---
# tasks file for roles/install_k3s_offline
- name: Install K3s
shell: "INSTALL_K3S_SKIP_DOWNLOAD=true {{ k3s_install_script_dest }}"
- name: Wait for K3s startup
pause:
seconds: 10
- name: Ensure K3s is running
systemd:
name: k3s
state: started
enabled: yes
- name: Verify K3s installation
command: "kubectl get nodes"
register: node_status
- debug:
var: node_status.stdout_lines
[lds@ansible-host with-ansible]$ vi install-k3s.yml
[lds@ansible-host with-ansible]$ cat install-k3s.yml
---
- name: Deploy K3s with Offline Installation
hosts: k3s_nodes
become: yes
vars_files:
- group_vars/all.yml
roles:
- copy_offline_package
- install_k3s_offline
[lds@ansible-host with-ansible]$
[lds@ansible-host with-ansible]$ ansible-playbook \
-i inventory.ini \
install-k3s.yml \
--ask-become-pass --ask-pass
SSH password:
BECOME password[defaults to SSH password]:
PLAY [Deploy K3s with Offline Installation] ***************************************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************************************************
ok: [node1]
TASK [copy_offline_package : Ensure target directory exists on target node] *******************************************************************************************************************************************************
changed: [node1]
TASK [copy_offline_package : Copy K3s offline package to target nodes] ************************************************************************************************************************************************************
changed: [node1]
TASK [copy_offline_package : Extract offline package] *****************************************************************************************************************************************************************************
[WARNING]: Relative destination path './k3s_offline_package/' was resolved to absolute path '/home/lds/k3s_offline_package'.
changed: [node1]
TASK [copy_offline_package : Move K3s binary to system path] **********************************************************************************************************************************************************************
changed: [node1]
TASK [copy_offline_package : Create symbolic link for kubectl] ********************************************************************************************************************************************************************
changed: [node1]
TASK [copy_offline_package : Move K3s install script to root directory] ***********************************************************************************************************************************************************
changed: [node1]
TASK [copy_offline_package : Ensure K3s image directory exists] *******************************************************************************************************************************************************************
changed: [node1]
TASK [copy_offline_package : Move K3s airgap image to K3s image directory] ********************************************************************************************************************************************************
changed: [node1]
TASK [copy_offline_package : Update sudo secure_path to include /usr/local/bin] ***************************************************************************************************************************************************
changed: [node1]
TASK [install_k3s_offline : Install K3s] ******************************************************************************************************************************************************************************************
changed: [node1]
TASK [install_k3s_offline : Wait for K3s startup] *********************************************************************************************************************************************************************************
Pausing for 10 seconds
(ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort)
ok: [node1]
TASK [install_k3s_offline : Ensure K3s is running] ********************************************************************************************************************************************************************************
ok: [node1]
TASK [install_k3s_offline : Verify K3s installation] ******************************************************************************************************************************************************************************
changed: [node1]
TASK [install_k3s_offline : debug] ************************************************************************************************************************************************************************************************
ok: [node1] => {
"node_status.stdout_lines": [
"NAME STATUS ROLES AGE VERSION",
"ansible-guest Ready control-plane,master 1s v1.31.5+k3s1"
]
}
PLAY RECAP ************************************************************************************************************************************************************************************************************************
node1 : ok=15 changed=11 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[lds@ansible-host with-ansible]$
[lds@ansible-host with-ansible]$ git add . -A
[lds@ansible-host with-ansible]$ git commit -m "Edit copy_offline_package role and install_k3s_offline role"
[main 40360c2] Edit copy_offline_package role and install_k3s_offline role
3 files changed, 90 insertions(+), 81 deletions(-)
[lds@ansible-host with-ansible]$ git push origin main
(gnome-ssh-askpass:98084): Gtk-WARNING **: 13:11:29.342: cannot open display:
error: unable to read askpass response from '/usr/libexec/openssh/gnome-ssh-askpass'
Username for 'https://gitlab.com': taeminKwon
(gnome-ssh-askpass:98085): Gtk-WARNING **: 13:11:34.435: cannot open display:
error: unable to read askpass response from '/usr/libexec/openssh/gnome-ssh-askpass'
Password for 'https://taeminKwon@gitlab.com':
warning: redirecting to https://gitlab.com/lds_solution/ezauto/install/with-ansible.git/
Enumerating objects: 18, done.
Counting objects: 100% (18/18), done.
Delta compression using up to 4 threads
Compressing objects: 100% (8/8), done.
Writing objects: 100% (10/10), 1.45 KiB | 1.45 MiB/s, done.
Total 10 (delta 6), reused 0 (delta 0), pack-reused 0
To https://gitlab.com/lds_solution/ezauto/install/with-ansible
d5df566..40360c2 main -> main
[lds@ansible-host with-ansible]$
```
- 이전글Ansible Playbook 실습 - Ansible AWX - Ansible AWX 설치 자동화 - 설계 1 25.02.20
- 다음글Ansible Playbook 실습 - Ansible AWX - K3s 설치 자동화 - 구현 1 25.02.18
댓글목록
등록된 댓글이 없습니다.