Merge pull request 'docs: rewrite readme in chinese' (#1) from docs/ch-readme into main
Some checks failed
terraform-plan / plan (push) Has been cancelled
Some checks failed
terraform-plan / plan (push) Has been cancelled
Reviewed-on: #1
This commit is contained in:
34
README.md
34
README.md
@@ -1,21 +1,21 @@
|
||||
# K3s Master Infrastructure-as-Code
|
||||
# K3s Master 基础设施代码仓库
|
||||
|
||||
This repository tracks the Terraform + Ansible automation for provisioning and configuring K3s control-plane nodes on vSphere. Initial commit supplies scaffolding only; functional resources, modules, and tasks follow in upcoming iterations.
|
||||
本仓库用于管理 vSphere 上 K3s 控制平面节点的 Terraform + Ansible 自动化流程。当前提交仅提供骨架结构,后续会逐步补充具体资源定义与配置逻辑。
|
||||
|
||||
## Current Status
|
||||
- Gitea repository `iac/k3s-master` initialized with protected `main` branch and PR review requirement.
|
||||
- Terraform directory contains provider baseline, version pinning, and documented variables.
|
||||
- Ansible inventory/playbook skeleton captures control-plane bootstrap flow.
|
||||
- Gitea Actions workflow stub (`.gitea/workflows/plan.yml`) reserved for Terraform plan execution.
|
||||
## 当前进展
|
||||
- 已在 Gitea 组织 `iac` 下初始化仓库 `iac/k3s-master`,`main` 分支启用只读保护并要求至少一名 Reviewer 审核。
|
||||
- `terraform/` 目录包含版本约束、vSphere Provider 配置占位以及变量说明文档,便于未来扩展虚拟机资源。
|
||||
- `ansible/` 中提供控制平面初始化的 Playbook 骨架与动态库存使用指引,为后续配置下发做准备。
|
||||
- `.gitea/workflows/plan.yml` 定义 Terraform Plan 工作流框架,目前以 `echo TODO` 作为占位,确保流程结构先行落地。
|
||||
|
||||
## Next Steps
|
||||
1. Author Terraform data sources and VM definitions aligned with K3s sizing doc (ID 588).
|
||||
2. Implement dynamic inventory output bridging Terraform state and Ansible.
|
||||
3. Build hardened Ansible roles for OS baseline and K3s installation, leveraging security guidelines.
|
||||
4. Replace workflow placeholders with real Terraform fmt/init/plan stages and artifact upload.
|
||||
## 下一步计划
|
||||
1. 根据《企业级 K3s Master 虚拟机创建规范流程》(MrDoc 文档 ID 588)完善 Terraform 数据源与虚拟机资源。
|
||||
2. 将 Terraform 输出转化为 Ansible 可消费的动态库存,串联资源编排与配置管理。
|
||||
3. 编写操作系统加固、K3s 安装与后续校验等 Ansible 角色,落实安全基线要求。
|
||||
4. 在 Gitea Actions 中替换占位命令,串联 `terraform fmt`、`terraform init`、`terraform plan` 以及状态与工件管理。
|
||||
|
||||
## Dependencies
|
||||
- vSphere endpoint with service account credentials and API access.
|
||||
- Terraform CLI >= 1.8 and HashiCorp vsphere provider >= 2.5 (managed by CI image).
|
||||
- Secrets storage for vSphere credentials (Gitea Actions secrets or Vault).
|
||||
- Ansible control node with access to provisioned masters for configuration.
|
||||
## 依赖与前置条件
|
||||
- 具备 vSphere API 访问权限的服务账号,并通过 Gitea Actions Secrets 或 Vault 管理敏感凭据。
|
||||
- Terraform CLI ≥ 1.8 与 HashiCorp vSphere Provider ≥ 2.5(可由 CI 镜像预装)。
|
||||
- 远端 Terraform state 存储(Consul、S3 兼容服务等),确保状态加密与备份。
|
||||
- 能访问 K3s 控制平面节点的 Ansible 控制端,用于执行配置与校验任务。
|
||||
|
||||
Reference in New Issue
Block a user