ansible镜像构建使用

js 复制代码

cat << EOF >Dockerfile

FROM alpine:latest

RUN echo "https://mirrors.tuna.tsinghua.edu.cn/alpine/v3.18/main" > /etc/apk/repositories \
    && echo "https://mirrors.tuna.tsinghua.edu.cn/alpine/v3.18/community" >> /etc/apk/repositories \
    && apk add --no-cache ansible openssh sshpass bash-doc \
    && apk update \
    && apk add tzdata \
    && mkdir /etc/ansible \
    && echo "StrictHostKeyChecking no" > /etc/ssh/ssh_config
 
#如何你是AWS账号就要copy密钥（不是的话就忽略）
#COPY k8s.pem /opt/k8s.pem
EOF

再来一个k8s文件

js 复制代码

cat << EOF > config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: ansible-hosts-configmap
data:
  hosts: |
    [aws]
    57.11.11.11    ansible_ssh_private_key_file=/opt/k8s.pem
    57.11.11.11    ansible_ssh_user=admin
EOF

如果你不是AWS的服务器可以跳过这里

js 复制代码

secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: k8s-prod-pem-secret
type: Opaque
data:
  k8s.pem: LS0tLS1CRUdJTiBSU0EgUFJ
  
  #转化密钥
#cat k8.pem | base64 -w 0

或者直接一条命令

shell 复制代码

kubectl create configmap k8s-prod-pem-configmap --from-file=k8s.pem -n devops-tools

不是AWS服务器使用这个yaml运行

yaml 复制代码

cat << EOF > test.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ansible
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ansible
  template:
    metadata:
      labels:
        app: ansible
    spec:
      volumes:
        - name: ansible-hosts
          configMap:
            name: ansible-hosts-configmap
        - name: k8s-prod-pem
          configMap:
            name: k8s-prod-pem-configmap
      containers:
        - name: ansible
          image: registry.cn-shenzhen.aliyuncs.com/jbjb/dockers:ansible-v01
          command: ["sleep", "3333"]
          volumeMounts:
            - name: ansible-hosts
              mountPath: /etc/ansible/hosts
              subPath: hosts
            - name: k8s-prod-pem
              mountPath: /opt/k8s.pem
              subPath: k8s.pem
              readOnly: true
EOF

AWS 服务器器使用

js 复制代码

cat << EOF > test.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ansible
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ansible
  template:
    metadata:
      labels:
        app: ansible
    spec:
      volumes:
        - name: ansible-hosts
          configMap:
            name: ansible-hosts-configmap
      containers:
        - name: ansible
          image: registry.cn-shenzhen.aliyuncs.com/jbjb/dockers:ansible-v01
          command: ["sleep", "3333"]
          volumeMounts:
            - name: ansible-hosts
              mountPath: /etc/ansible/hosts
              subPath: hosts
EOF