目录
一、实验
1.部署Ansible自动化运维工具
2.K8S 节点安装nginx
3.Jenkins使用GitLab共享库实现基于Ansible的CD流水线部署前后端应用
二、问题
1.ansible安装报错
2.ansible远程ping失败
3. Jenkins流水线通过ansible命令直接ping多台机器的网络状态报错
一、实验
1.部署Ansible自动化运维工具
(1)环境
表1 主机
| 管理端 | 192.168.204.8 | gitlab |
| 被管理端 | 192.168.204.180 | K8S master1 |
| 被管理端 | 192.168.204.181 | K8S node1 |
| 被管理端 | 192.168.204.182 | K8S node2 |
(2) 管理端安装ansible
#安装epel-release
yum install -y epel-release #安装ansible
yum install -y ansible#hosts文件位置:/etc/ansible/hosts
vim /etc/ansible/hosts# 主机hosts文件
vim /etc/hosts
(3)ansible远程ping
# ansible all -m ping
2.K8S 节点安装nginx
(1)K8S查看节点状态
# kubectl get node
(2) 节点安装nginx
1)添加 nginx 到 yum 源中
sudo rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm2)安装 nginx (在把nginx添加到 yum 源之后,就可以使用 yum 安装了)
sudo yum install -y nginx3)稍等一会,即可安装完成4)启动 nginx
sudo systemctl start nginx.service5)设置 nginx 开机自启动
sudo systemctl enable nginx.service(3)nginx 配置信息
1)网站文件存放默认位置(Welcome to nginx 页面)
/usr/share/nginx/html2)网站默认站点配置
/etc/nginx/conf.d/default.conf3)自定义 nginx 站点配置文件存放目录
/etc/nginx/conf.d/4)nginx 全局配置文件
/etc/nginx/nginx.conf5)启动 nginx
service nginx start6)关闭 nginx
service nginx stop7)重启 nginx
service nginx restart
service nginx reload8) 加成nginx
nginx -t(4)修改nginx配置文件
# /etc/nginx/nginx.confuser nginx;
worker_processes auto;error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;events {worker_connections 1024;
}http {include /etc/nginx/mime.types;default_type application/octet-stream;log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log /var/log/nginx/access.log main;sendfile on;tcp_nopush on;tcp_nodelay on;types_hash_max_size 2048;keepalive_timeout 65;#gzip on;include /etc/nginx/conf.d/*.conf;server {listen 8099;server_name _;root /usr/share/nginx/html/devops03-devops-ui;# Load configuration files for the default server block.include /etc/nginx/default.d/*.conf;location / {}error_page 404 /404.html;location = /40x.html {}error_page 500 502 503 504 /50x.html;location = /50x.html {}}}master1节点:
node1节点:
node2节点:
3.Jenkins使用GitLab共享库实现基于Ansible的CD流水线部署前后端应用
(1)修改GitLab共享库目录
(2) 修改部署类 Deploy.groovy
package org.devops//SaltStackdef DeployBySalt(){targetHosts = "${env.saltHosts}"localDeployDir = "/srv/salt/${env.projectName}"sh """[ -d ${localDeployDir} ] || mkdir -p ${localDeployDir}mv ${env.pkgName} ${localDeployDir}# 清理发布目录salt -L "${targetHosts}" cmd.run "rm -fr ${targetDir}/${env.projectName}/* && mkdir -p ${targetDir}/${env.projectName} || echo file is exists"# 发布应用salt -L "${targetHosts}" cp.get_file salt://${env.projectName}/${env.pkgName} ${targetDir}/${env.projectName}"""if ("${env.projectType}" == "npm") {sh """# 解压salt -L "${targetHosts}" cmd.run "cd ${targetDir}/${env.projectName} ;tar zxf ${env.pkgName}""""}if ("${env.projectType}" == "maven") {// 文件内容写到本地gitlab = new Gitlab()response = gitlab.GetRepoFile(21, "service.sh", "master")writeFile file: 'service.sh', text: "${response}"sh "ls -a "sh """mv service.sh ${localDeployDir}# 发布启动脚本salt -L "${targetHosts}" cp.get_file salt://${env.projectName}/service.sh ${targetDir}/${env.projectName}# 启动服务salt -L "${targetHosts}" cmd.run "cd ${targetDir}/${env.projectName} ;source /etc/profile && sh service.sh ${env.projectName} ${env.releaseVersion} ${env.port} start"# 检查服务sleep 5salt -L "${targetHosts}" cmd.run "cd ${targetDir}/${env.projectName} ;source /etc/profile && sh service.sh ${env.projectName} ${env.releaseVersion} ${env.port} check""""}
}//ansible
def DeployByAnsible(){//将主机写入清单文件sh "rm -fr hosts"for (host in "${env.ansibleHosts}".split(',')){sh " echo ${host} >> hosts"}// sh " cat hosts"// ansible 发布sh """# 主机连通性检测ansible "${env.ansibleHosts}" -m ping -i hosts # 清理和创建发布目录ansible "${env.ansibleHosts}" -m shell -a "rm -fr ${env.targetDir}/${env.projectName}/* && mkdir -p ${env.targetDir}/${env.projectName} || echo file is exists" # 复制appansible "${env.ansibleHosts}" -m copy -a "src=${env.pkgName} dest=${env.targetDir}/${env.projectName}/${env.pkgName}" """if ("${env.projectType}" == "npm"){sh """ ansible "${env.ansibleHosts}" -m shell -a "cd ${env.targetDir}/${env.projectName} ; tar zxf ${env.pkgName} " -u root """}if ("${env.projectType}" == "maven"){// 文件内容写到本地gitlab = new Gitlab()response = gitlab.GetRepoFile(21,"service.sh", "master")writeFile file: 'service.sh', text: "${response}"sh "ls -a "sh """# 复制脚本ansible "${env.ansibleHosts}" -m copy -a "src=service.sh dest=${env.targetDir}/${env.projectName}/service.sh" # 启动服务ansible "${env.ansibleHosts}" -m shell -a "cd ${env.targetDir}/${env.projectName} ;source /etc/profile && sh service.sh ${env.projectName} ${env.releaseVersion} ${env.port} start" -u root# 检查服务 sleep 10ansible "${env.ansibleHosts}" -m shell -a "cd ${env.targetDir}/${env.projectName} ;source /etc/profile && sh service.sh ${env.projectName} ${env.releaseVersion} ${env.port} check" -u root"""}
}
(3) 修改流水线 cd.jenkinsfile
@Library("mylib@master") _
import org.devops.*def artifacts = new Artifacts()
def gitlabutil = new Gitlab()
def deployer = new Deploy()pipeline {agent { label "build" }options {skipDefaultCheckout true}stages{stage("PullArtifacts"){steps{script{repoName = "${JOB_NAME}".split("/")[0]env.projectName ="${JOB_NAME}".split("/")[-1].split("_")[0]if ("${env.projectType}" == "maven"){type="jar"}if ("${env.projectType}" == "npm"){type="tar.gz"}artifacts.PullArtifacts("${env.releaseVersion}","${env.projectName}",repoName,type)env.pkgName="${env.projectName}-${env.releaseVersion}.${type}"}}}stage("DeployHost"){steps{script{print("DeployHost")if ("${env.deployTool}" == "saltstack"){deployer.DeployBySalt() }if ("${env.deployTool}" == "ansible"){deployer.DeployByAnsible() }}}}}
}
(4) Jenkins修改前后端项目流水线参数
(5)手动构建前端流水线
(6)Blue Ocean查看
成功
(7)手动构建后端流水线
(8)Blue Ocean查看
二、问题
1.ansible安装报错
(1)报错
(2)原因分析
yum源
(3)解决方法
# vim /etc/resolv.conf
nameserver 8.8.8.8
nameserver 114.114.114.114
成功:
2.ansible远程ping失败
(1) 报错
(2)原因分析
从输出提示上基本可以了解到由于在本机的~/.ssh/known_hosts文件中并有fingerprint key串,ssh第一次连接的时候一般会提示输入yes 进行确认为将key字符串加入到 ~/.ssh/known_hosts 文件中
(3)解决方法
第一种:在本地先SSH登录一下对方设备,下次ansible 就可以正常操作了,但是比较麻烦
第二种:设置参数为不检查key
vim /etc/ansible/ansible.cfghost_key_checking = False #71行取消注释
如继续操作出现如下报错,需要修改被管理端/etc/hosts
注释被管理端域名
如继续操作出现如下报错,修改 /etc/ansible/hosts
修改后
192.168.204.180 ansible_port=22 ansible_user=root ansible_password=123123
192.168.204.181 ansible_port=22 ansible_user=root ansible_password=123123
192.168.204.182 ansible_port=22 ansible_user=root ansible_password=123123
成功:
3. Jenkins流水线通过ansible命令直接ping多台机器的网络状态报错
(1) 报错
(2)原因分析
单向的ssh验证
(3)解决方法
ssh-keygen一路回车,主要是用来免密通信的
ssh-copy-id 被控端IP 需要输入对应主节的root密码
# ssh-copy-id root@192.168.204.180# ssh-copy-id root@192.168.204.181# ssh-copy-id root@192.168.204.182
成功:
![[蓝桥杯刷题]合并区间、最长不连续子序列、最长不重复数组长度](https://img-blog.csdnimg.cn/direct/5d41d6ee92e044b4a1d8a29fdf11973f.gif#pic_center)
