Centos7.4-Rancher2.3.6-Docker19.03环境Ansible部署
文章目录
- 1.环境准备
- 1.1 配置hosts文件
- 1.2 域名解析
- 1.3 关闭防火墙
- 1.4 关闭SELinux
- 1.5 关闭SWAP
- 1.6 设置本地yum源(根据需要)
- 2.安装Docker
- 2.1 安装docker
- 2.2 统一以上步骤
- 3.安装Rancher
1.环境准备
| 软件 | 版本 |
|---|---|
| CentOS | 7.4-1708 |
| Docker | docker-ce-19.03.8 |
| Rancher | 2.3.6 |
| IP | hostname | 描述 |
|---|---|---|
| 10.180.249.245 | manager.rancher | server管理节点 |
| 10.180.249.246 | master.rancher | agent节点 |
| 10.180.249.247 | worker.rancher | agent节点 |
- 配置manager.rancher到{manager, master, worker}.rancher的免密登录:
[root@manager ~]# ssh-keygen -t rsa # 一路回车
[root@manager ~]# ssh-copy-id manager.rancher # 输入密码
[root@manager ~]# ssh-copy-id master.rancher # 输入密码
[root@manager ~]# ssh-copy-id worker.rancher # 输入密码
- 在manager.rancher节点安装ansible:
yum install ansible -y - 修改
/etc/ansible/hosts
[root@manager ~]# cat /etc/ansible/hosts
10.180.249.245
10.180.249.246
10.180.249.247
1.1 配置hosts文件
新建hosts.yml
[root@manager ~]#vim hosts.yml
---
- hosts: all
remote_user: root
tasks:
- name: update hosts
lineinfile: dest=/etc/hosts line="{{item.ip}} {{item.hostname}}"
with_items:
- {ip: '10.180.249.245', hostname: 'manager.rancher'}
- {ip: '10.180.249.246', hostname: 'master.rancher'}
- {ip: '10.180.249.247', hostname: 'worker.rancher'}
执行ansible-playbook
[root@manager ~]#ansible-playbook hosts.yml
查看结果
[root@manager ~]#ansible all -m shell -a "cat /etc/hosts"
1.2 域名解析
[root@manager ~]#
vim nameserver.yml
---
- hosts: all
remote_user: root
tasks:
- name: 设置nameserver(dns)
lineinfile: dest=/etc/resolv.conf line="{{item.name}} {{item.dns}}"
with_items:
- {name: 'nameserver', dns: '8.8.8.8'}
- {name: 'nameserver', dns: '8.8.4.4'}
执行ansible-playbook
[root@manager ~]#ansible-playbook nameserver.yml
查看结果
[root@manager ~]#ansible all -m shell -a "cat /etc/resolv.conf"
1.3 关闭防火墙
新建firewall.yml
[root@manager ~]# vim firewall.yml
---
- hosts: all
remote_user: root
tasks:
- name: stop firewalld
command: "systemctl stop firewalld"
- name: disable firewalld
command: "systemctl disable firewalld"
或者
---
- hosts: all
remote_user: root
tasks:
- name: stop firewalld
service:
name: firewalld
state: stopped
enabled: no
执行ansible-playbook
[root@manager ~]# ansible-playbook firewall.yml
查看结果
[root@manager ~]# ansible all -m shell -a "systemctl status firewalld"
[root@manager ~]# ansible all -m shell -a "systemctl is-enabled firewalld"
1.4 关闭SELinux
查看selinux状态:sestatus
vim selinux.ym
---
- hosts: all
remote_user: root
tasks:
- name: stop selinux
selinux:
policy: targeted
state: disabled
[root@manager ~]# ansible-playbook selinux.yml
[root@manager ~]# ansible all -m shell -a "grep -Ev '^$|#' /etc/selinux/config"
1.5 关闭SWAP
[root@manager ~]# vim swap.yml
---
- hosts: all
remote_user: root
tasks:
- name: stop swap
command: "swapoff -a"
[root@manager ~]# ansible-playbook swap.yml
[root@manager ~]# ansible all -m shell -a "free -h"
或者修改/etc/fstab,将swap那一项注释掉(需重启,永久禁用)
1.6 设置本地yum源(根据需要)
[root@manager ~]# vim localrepo.yml
---
- hosts: all
remote_user: root
tasks:
- name: mkdir /media/centos7
file:
path: /media/centos7
state: directory
- name: mount /dev/cdrom /media/centos7
mount:
path: /media/centos7
src: /dev/cdrom
fstype: iso9660
opts: loop
state: mounted
- name: delete /etc/yum.repos.d/
file:
path: /etc/yum.repos.d/
state: absent
- name: create /etc/yum.repos.d/
file:
path: /etc/yum.repos.d/
state: directory
- name: create local.repo
file:
path: /etc/yum.repos.d/centos7.repo
state: touch
- name: write local.repo
lineinfile: dest=/etc/yum.repos.d/centos7.repo line="{{item}}"
with_items:
- '[centos7]'
- name=centos7
- baseurl=file:///media/centos7/
- gpgcheck=0
- enabled=1
[root@manager ~]# ansible-playbook localrepo.yml
[root@manager ~]# ansible all -m shell -a "cat /etc/yum.repos.d/centos7.repo"
2.安装Docker
2.1 安装docker
---
- hosts: all
remote_user: root
tasks:
- name: remove old docker
yum: name={{item}} state=absent
with_items:
- docker-client
- docker-client-latest
- docker-common
- docker-latest
- docker-latest-logrotate
- docker-logrotate
- docker-engine
- name: install docker step1
yum: name={{item}} state=present
with_items:
- yum-utils
- device-mapper-persistent-data
- lvm2
- wget
- name: install docker step2
shell: "yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo"
- name: install docker step3
shell: "yum makecache fast -y"
- name: install docker step4
shell: "wget -O /etc/yum.repos.d/CentOS-Base-Ali.repo http://mirrors.aliyun.com/repo/Centos-7.repo"
- name: install epel-release
shell: "yum install epel-release -y"
- name: install container-selinux
shell: "yum install container-selinux -y"
- name: install docker step5
yum: name={{item}} state=present
with_items:
- docker-ce-19.03.8
- name: start docker
service:
name: docker
state: started
enabled: true
- name: touch /etc/docker/daemon.json
file:
path: /etc/docker/daemon.json
state: touch
- name: wirte /etc/docker/daemon.json
lineinfile: dest=/etc/docker/daemon.json line="{{item}}"
with_items:
- '{'
- ' "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn/"]'
- '}'
- name: systemctl daemon-reload
shell: "systemctl daemon-reload"
- name: restart docker
service:
name: docker
state: restarted
[root@manager ~]# ansible-playbook docker.yml
2.2 统一以上步骤
统一以上步骤,只需要执行main.yml即可完成上述步骤
[root@manager ~]# vim main.yml
---
- import_playbook: hosts.yml
- import_playbook: nameserver.yml
- import_playbook: firewall.yml
- import_playbook: selinux.yml
- import_playbook: swap.yml
- import_playbook: localrepo.yml
- import_playbook: docker.yml
执行ansible-playbook
[root@manager ~]# ansible-playbook main.yml
3.安装Rancher
- 在 manager.rancher 节点执行:
docker search rancher
- 直接自动拉取镜像,安装ranger
sudo docker run -d --restart=unless-stopped -v /var/rancher/:/var/lib/rancher/ -v /var/log/auditlog:/var/log/auditlog -p 80:80 -p 443:443 rancher/rancher:stable
[root@manager ~]# sudo docker run -d --restart=unless-stopped -v /var/rancher/:/var/lib/rancher/ -v /var/log/auditlog:/var/log/auditlog -p 80:80 -p 443:443 rancher/rancher:stable
Unable to find image 'rancher/rancher:stable' locally
stable: Pulling from rancher/rancher
5bed26d33875: Pull complete
f11b29a9c730: Pull complete
930bda195c84: Pull complete
78bf9a5ad49e: Pull complete
12a73929b6a7: Pull complete
8434af3b0a23: Pull complete
28db93a68de0: Pull complete
e6dfd852f705: Pull complete
a1fa824ccd2c: Pull complete
1e2d165916be: Pull complete
aaf1116b238c: Pull complete
375fded79e14: Pull complete
e2c84878ed8a: Pull complete
f7a8fcb48ebd: Pull complete
Digest: sha256:d630921e978a938c86f9706e64b4f3229c45f006bd1ee5dfa74e5ba4634c7e7f
Status: Downloaded newer image for rancher/rancher:stable
fd790109a80a64057b00c1f52a7664bc7c9ca081f17bb9521e224d7647bf768b
- 查看本地镜像
[root@manager ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rancher/rancher stable b821fa609f1a 2 weeks ago 674MB
- 查看启动的容器
[root@manager ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fd790109a80a rancher/rancher:stable "entrypoint.sh" About a minute ago Up 53 seconds 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp infallible_nobel
- 浏览器输入
https://manager.rancher:80,访问rancher管理页面
- 设置新密码,进行登录;
