第 4 章 在 OpenShift Container Platform 中配置 Ansible 自动化控制器

流程

1. 在 AutomationController 规格中启用 RECEPTOR_KUBE_SUPPORT_RECONNECT ：

   apiVersion: automationcontroller.ansible.com/v1beta1
   kind: AutomationController
   metadata:
     ...
   spec:
     ...
     ee_extra_env: |
       - name: RECEPTOR_KUBE_SUPPORT_RECONNECT
         value: enabled
       ```

   Copy to Clipboard Toggle word wrap

2. 在 AutomationController 规格中启用安全终止功能：

   termination_grace_period_seconds: <time to wait for job to finish>

   Copy to Clipboard Toggle word wrap

3. 为 Web 和任务 pod 配置 podAntiAffinity，将部署分散到 AutomationController 规格中：

   task_affinity:
       podAntiAffinity:
         preferredDuringSchedulingIgnoredDuringExecution:
         - podAffinityTerm:
             labelSelector:
               matchExpressions:
               - key: app.kubernetes.io/name
                 operator: In
                 values:
                 - awx-task
             topologyKey: topology.kubernetes.io/zone
           weight: 100
     web_affinity:
       podAntiAffinity:
         preferredDuringSchedulingIgnoredDuringExecution:
         - podAffinityTerm:
             labelSelector:
               matchExpressions:
               - key: app.kubernetes.io/name
                 operator: In
                 values:
                 - awx-web
             topologyKey: topology.kubernetes.io/zone
           weight: 100

   Copy to Clipboard Toggle word wrap

4. 在 OpenShift Container Platform 中配置 PodDisruptionBudget ：

   ---
   apiVersion: policy/v1
   kind: PodDisruptionBudget
   metadata:
     name: automationcontroller-job-pods
   spec:
     maxUnavailable: 0
     selector:
       matchExpressions:
         - key: ansible-awx-job-id
           operator: Exists
   ---
   apiVersion: policy/v1
   kind: PodDisruptionBudget
   metadata:
     name: automationcontroller-web-pods
   spec:
     minAvailable: 1
     selector:
       matchExpressions:
         - key: app.kubernetes.io/name
           operator: In
           values:
             - <automationcontroller_instance_name>-web
   ---
   apiVersion: policy/v1
   kind: PodDisruptionBudget
   metadata:
     name: automationcontroller-task-pods
   spec:
     minAvailable: 1
     selector:
       matchExpressions:
         - key: app.kubernetes.io/name
           operator: In
           values:
             - <automationcontroller_instance_name>-task

   Copy to Clipboard Toggle word wrap