kubernetes错误汇总


title: “kubernetes错误汇总”
categories:
- “技术”
tags:
- “Kubernetes”
- “错误汇总”
toc: false
original: true
draft: false

1、增加 master etcd 报错

1.1、错误描述

由于创建的k8s集群,其中有一个master节点初始化失败,先删除了这个节点,将他重新添加为主节点,加入集群的时候报错。

➜  kubectl get nodes
NAME                      STATUS   ROLES    AGE   VERSION
node231                   Ready    master   14h   v1.16.7
node232                   Ready    <none>   14h   v1.16.7
apiserver                 Ready    master   14h   v1.16.7
node225                   Ready    <none>   14h   v1.16.7
node234                   Ready    <none>   14h   v1.16.7

1.2、错误信息

➜  kubeadm join apiserver.cluster.local:6443 --token 7kbxdh.166ls2phjr8o6o6h     --discovery-token-ca-cert-hash sha256:9cbe70e86b0e441af9da4d48df743150fcd40c86e6878ed899359c6d696e54d1 --control-plane --certificate-key 3052e10797e6d44abc862d67249c4abebb3a71901a4fee397b59508320295832[check-etcd] Checking that the etcd cluster is healthy
error execution phase check-etcd: etcd cluster is not healthy: failed to dial endpoint https://192.168.100.232:2379 with maintenance client: context deadline exceeded
To see the stack trace of this error execute with --v=5 or higher

1.3、错误解决

# 查找运行中的etcd pod
➜  kubectl get pods -n kube-system
# 进入etcd pod内部
➜  kubectl exec etcd-apiserver.cluster.local -n kube-system -it -- /bin/sh# 设置别名使用etcdctl命令时可以不用每次都列出证书文件了
➜  alias etcdctl='etcdctl --endpoints=https://localhost:2379 --ca-file=/etc/kubernetes/pki/etcd/ca.crt --cert-file=/etc/kubernetes/pki/etcd/server.crt --key-file=/etc/kubernetes/pki/etcd/server.key';➜  etcdctl member list
62db8197a2e3eb9: name=apiserver.cluster.local peerURLs=https://192.168.100.236:2380 clientURLs=https://192.168.100.236:2379 isLeader=false
25fad11c030a1194: name=node2 peerURLs=https://192.168.100.232:2380 clientURLs=https://192.168.100.232:2379 isLeader=false                  # 发现232还在成员列表中
ada4976ae76f3d2b: name=node231 peerURLs=https://192.168.100.231:2380 clientURLs=https://192.168.100.231:2379 isLeader=true# 删除etcd成员232
➜  etcdctl member remove 25fad11c030a1194
Removed member 25fad11c030a1194 from cluster

2、quay 镜像拉取

2.1、错误信息

# 获取pod超时
➜  kubectl get pods
NAME                               READY   STATUS             RESTARTS   AGE
rbd-provisioner-75b85f85bd-c6xnb   0/1     ImagePullBackOff   0          23mEvents:Type     Reason     Age                  From               Message----     ------     ----                 ----               -------Normal   Scheduled  <unknown>            default-scheduler  Successfully assigned default/rbd-provisioner-75b85f85bd-c6xnb to node225Warning  Failed     14m                  kubelet, node225   Failed to pull image "quay.io/external_storage/rbd-provisioner:latest": rpc error: code = Unknown desc = dial tcp: lookup d3uo42mtx6z2cr.cloudfront.net on 192.168.100.1:53: read udp 192.168.100.225:50342->192.168.100.1:53: i/o timeoutWarning  Failed     11m                  kubelet, node225   Failed to pull image "quay.io/external_storage/rbd-provisioner:latest": rpc error: code = Unknown desc = dial tcp: lookup d3uo42mtx6z2cr.cloudfront.net on 192.168.100.1:53: read udp 192.168.100.225:52712->192.168.100.1:53: i/o timeoutWarning  Failed     8m19s                kubelet, node225   Failed to pull image "quay.io/external_storage/rbd-provisioner:latest": rpc error: code = Unknown desc = dial tcp: lookup d3uo42mtx6z2cr.cloudfront.net on 192.168.100.1:53: read udp 192.168.100.225:37164->192.168.100.1:53: i/o timeoutNormal   Pulling    7m32s (x4 over 23m)  kubelet, node225   Pulling image "quay.io/external_storage/rbd-provisioner:latest"Warning  Failed     4m36s                kubelet, node225   Failed to pull image "quay.io/external_storage/rbd-provisioner:latest": rpc error: code = Unknown desc = dial tcp: lookup d3uo42mtx6z2cr.cloudfront.net on 192.168.100.1:53: read udp 192.168.100.225:39043->192.168.100.1:53: i/o timeoutWarning  Failed     4m36s (x4 over 14m)  kubelet, node225   Error: ErrImagePullNormal   BackOff    3m55s (x8 over 14m)  kubelet, node225   Back-off pulling image "quay.io/external_storage/rbd-provisioner:latest"Warning  Failed     3m55s (x8 over 14m)  kubelet, node225   Error: ImagePullBackOff

2.2、错误解决

由于quay.io的镜像有某些不可描述的原因无法拉取,所以我们将这个地址换成国内的镜像库即可
将 quay.io/{XXX} 替换为 quay-mirror.qiniu.com/{XXX}

# 先使用docker pull尝试拉取镜像
➜  docker pull quay-mirror.qiniu.com/external_storage/rbd-provisioner:latest
latest: Pulling from external_storage/rbd-provisioner
256b176beaff: Pull complete 
b4ecb0f03fba: Pull complete 
0ce433cb7726: Pull complete 
Digest: sha256:94fd36b8625141b62ff1addfa914d45f7b39619e55891bad0294263ecd2ce09a
Status: Downloaded newer image for quay-mirror.qiniu.com/external_storage/rbd-provisioner:latest
quay-mirror.qiniu.com/external_storage/rbd-provisioner:latest# 修改yaml文件
➜  vim rbd-provisioner-v16.yaml
spec:containers:- name: rbd-provisionerimage: quay-mirror.qiniu.com/external_storage/rbd-provisioner:latest➜  kubectl apply -f rbd-provisioner-v16.yaml
➜  kubectl get pods
NAME                               READY   STATUS              RESTARTS   AGE
rbd-provisioner-5b7b9c7b6c-2qn6q   1/1     Running             0          33s

3、Statefulset 挂载Ceph 失败

3.1、错误信息

➜  kubectl get pods
NAME                               READY   STATUS              RESTARTS   AGE
consul-0                           0/1     ContainerCreating   0          15hEvents:Type     Reason       Age                  From             Message----     ------       ----                 ----             -------Warning  FailedMount  46m (x304 over 15h)  kubelet, mongo1  Unable to attach or mount volumes: unmounted volumes=[consul-ceph-pvc], unattached volumes=[consul-ceph-pvc default-token-8wntp]: timed out waiting for the conditionWarning  FailedMount  12m (x83 over 14h)   kubelet, mongo1  Unable to attach or mount volumes: unmounted volumes=[consul-ceph-pvc], unattached volumes=[default-token-8wntp consul-ceph-pvc]: timed out waiting for the conditionWarning  FailedMount  56s (x455 over 15h)  kubelet, mongo1  MountVolume.WaitForAttach failed for volume "pvc-025063c5-3a6e-4e34-a950-f72dee2f8b9b" : fail to check rbd image status with: (executable file not found in $PATH), rbd output: ()

3.2、错误解决

node节点未安装ceph-common

ansible配置

➜  cat /etc/ansible/hosts
[k8s-master]
192.168.100.231 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.232 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.236 ansible_ssh_user='root' ansible_ssh_pass='test123'[k8s-node]
192.168.100.225 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.226 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.227 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.228 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.234 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.237 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.238 ansible_ssh_user='root' ansible_ssh_pass='test123'
192.168.100.239 ansible_ssh_user='root' ansible_ssh_pass='test123'

拷贝ceph.repo至每一个节点

➜  ansible k8s-node -m copy -a "src=/etc/yum.repos.d/ceph.repo dest=/etc/yum.repos.d/ceph.repo"

安装ceph-common

➜  ansible k8s-node -m shell -a "yum install -y ceph-common"
➜  ansible k8s-master -m shell -a "yum install -y ceph-common"

验证问题

➜  kubectl get pods
NAME                               READY   STATUS    RESTARTS   AGE
consul-0                           1/1     Running   0          16h
consul-1                           1/1     Running   0          9m54s
consul-2                           1/1     Running   0          <invalid>

4、age invalid

4.1、错误信息

发现pod的age不对,显示invalid

➜  kubectl get pods
NAME                               READY   STATUS    RESTARTS   AGE
consul-0                           1/1     Running   0          16h
consul-1                           1/1     Running   0          10m
consul-2                           1/1     Running   0          <invalid>

4.2、错误解决

# apiserver 的时间date
Wed Mar 18 10:34:01 CST 2020# node 的时间date
Tue Mar 17 22:34:01 EDT 2020# 发现问题是时间不同步
# 同步所有主机时间
➜  ansible all -m shell -a "ntpdate ntp1.aliyun.com"# 验证
➜  kubectl get pods
NAME                               READY   STATUS    RESTARTS   AGE
consul-0                           1/1     Running   0          17h
consul-1                           1/1     Running   0          30m
consul-2                           1/1     Running   0          18s

5、Harbor私服的http

5.1、错误信息

➜  kubectl describe pods consul-0Normal   BackOff                 17s (x3 over 43s)  kubelet, node231         Back-off pulling image "reg.test.local/library/consul:1.7"Warning  Failed                  17s (x3 over 43s)  kubelet, node231         Error: ImagePullBackOffNormal   Pulling                 3s (x3 over 44s)   kubelet, node231         Pulling image "reg.test.local/library/consul:1.7"Warning  Failed                  3s (x3 over 44s)   kubelet, node231         Failed to pull image "reg.test.local/library/consul:1.7": rpc error: code = Unknown desc = Error response from daemon: Get https://reg.test.local/v2/: x509: certificate signed by unknown authorityWarning  Failed                  3s (x3 over 44s)   kubelet, node231         Error: ErrImagePull

5.2、错误分析

reg.test.local为测试环境Harbor
没有启用https

5.3、错误解决

# 修改所有docker主机
➜  vim /etc/docker/daemon.json
"insecure-registries": ["http://reg.test.local"]➜  systemctl restart docker

6、Harbor私服需要docker login

6.1、错误信息

kubectl get pods -w
NAME                               READY   STATUS              RESTARTS   AGE
consul-0                           0/1     ContainerCreating   0          8s
consul-0                           0/1     ContainerCreating   0          19s
consul-0                           0/1     ErrImagePull        0          20s
consul-0                           0/1     ImagePullBackOff    0          21s➜  kubectl describe pods consul-0Normal   Pulling                 17s (x2 over 30s)  kubelet, node232         Pulling image "reg.test.local/library/consul:1.7"Warning  Failed                  17s (x2 over 30s)  kubelet, node232         Failed to pull image "reg.test.local/library/consul:1.7": rpc error: code = Unknown desc = Error response from daemon: pull access denied for reg.test.local/library/consul, repository does not exist or may require 'docker login': denied: requested access to the resource is deniedWarning  Failed                  17s (x2 over 30s)  kubelet, node232         Error: ErrImagePullNormal   BackOff                 5s (x3 over 30s)   kubelet, node232         Back-off pulling image "reg.test.local/library/consul:1.7"Warning  Failed                  5s (x3 over 30s)   kubelet, node232         Error: ImagePullBackOff

6.2、错误解析

docker主机需要docker login

6.3、错误解决

# 在所有docker主机执行docker login
➜  docker login reg.test.local
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded# 已经可以直接使用docker pull镜像了
➜  docker pull reg.test.local/library/consul:1.7
1.7: Pulling from library/consul
9123ac7c32f7: Pull complete
f3e53a83f220: Pull complete
b64aa8d4cc8e: Pull complete
82481eff66f7: Pull complete
79aba2a452b6: Pull complete
fe81d1cfdb25: Pull complete
Digest: sha256:2f03c533527fdf8b579647f093eb7fe88fc7f2038794cfbe20347b02eef68e1e
Status: Downloaded newer image for reg.test.local/library/consul:1.7
reg.test.local/library/consul:1.7# 但是k8s节点暂时还无法拉取镜像
# 需要创建名为registry-secret的docker-registry
➜  kubectl create secret docker-registry registry-secret --namespace=default \
--docker-server=reg.test.local \
--docker-username=admin \
--docker-password=Harbor123# 查看imagePullSecrets属性
➜  kubectl explain deploy.spec.template.spec.imagePullSecrets
KIND:     Deployment
VERSION:  apps/v1RESOURCE: imagePullSecrets <[]Object>DESCRIPTION:ImagePullSecrets is an optional list of references to secrets in the samenamespace to use for pulling any of the images used by this PodSpec. Ifspecified, these secrets will be passed to individual pullerimplementations for them to use. For example, in the case of docker, onlyDockerConfig type secrets are honored. More info:https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-podLocalObjectReference contains enough information to let you locate thereferenced object inside the same namespace.FIELDS:name	<string>Name of the referent. More info:https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names# 修改deployment yaml
➜  vim consul-statefulset-v16.yaml
imagePullSecrets:- name: registry-secret➜  kubectl delete -f consul-statefulset-v16.yaml
➜  kubectl apply -f consul-statefulset-v16.yaml
statefulset.apps/consul configured
➜  kubectl get pods
NAME                               READY   STATUS    RESTARTS   AGE
consul-0                           1/1     Running   0          4m53s
consul-1                           1/1     Running   0          4m44s
consul-2                           0/1     Pending   0          4m10s

7、pod反亲和性

7.1、错误信息

➜  ubectl get nodes
NAME                      STATUS   ROLES    AGE    VERSION
apiserver.cluster.local   Ready    master   4d3h   v1.16.10
node231                   Ready    <none>   4d2h   v1.16.10
node232                   Ready    <none>   4d2h   v1.16.10
➜  kubectl get pods
NAME                               READY   STATUS    RESTARTS   AGE
consul-0                           1/1     Running   0          3m46s
consul-1                           1/1     Running   0          3m37s
consul-2                           0/1     Pending   0          3m3s
➜  kubectl describe pods consul-2
Events:Type     Reason            Age        From               Message----     ------            ----       ----               -------Warning  FailedScheduling  <unknown>  default-scheduler  pod has unbound immediate PersistentVolumeClaims (repeated 2 times)Warning  FailedScheduling  <unknown>  default-scheduler  pod has unbound immediate PersistentVolumeClaims (repeated 2 times)Warning  FailedScheduling  <unknown>  default-scheduler  0/3 nodes are available: 1 node(s) had taints that the pod didn't tolerate, 2 node(s) didn't match pod affinity/anti-affinity, 2 node(s) didn't satisfy existing pods anti-affinity rules.
➜  cat consul-statefulset-v16.yamlspec:affinity:podAntiAffinity:requiredDuringSchedulingIgnoredDuringExecution:- labelSelector:matchExpressions:- key: appoperator: Invalues:- consultopologyKey: kubernetes.io/hostname

7.2、错误分析

由于只有两个node,违反了yaml中配置的反亲和性规则

7.3、错误解决

➜  vim consul-statefulset-v16.yaml:set nu28       affinity:29         podAntiAffinity:30           requiredDuringSchedulingIgnoredDuringExecution:31             - labelSelector:32                 matchExpressions:33                   - key: app34                     operator: In35                     values:36                       - consul37               topologyKey: kubernetes.io/:28,37s@^@#@28 #      affinity:29 #        podAntiAffinity:30 #          requiredDuringSchedulingIgnoredDuringExecution:31 #            - labelSelector:32 #                matchExpressions:33 #                  - key: app34 #                    operator: In35 #                    values:36 #                      - consul37 #              topologyKey: kubernetes.io/hostname➜   kubectl delete -f consul-statefulset-v16.yaml
➜   kubectl apply -f consul-statefulset-v16.yaml➜   kubectl get pods
NAME                               READY   STATUS    RESTARTS   AGE
consul-0                           1/1     Running   0          55s
consul-1                           1/1     Running   0          46s
consul-2                           1/1     Running   0          24s

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/news/17649.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

LeetCode 周赛上分之旅 # 36 KMP 字符串匹配殊途同归

⭐️ 本文已收录到 AndroidFamily&#xff0c;技术和职场问题&#xff0c;请关注公众号 [彭旭锐] 和 BaguTree Pro 知识星球提问。 学习数据结构与算法的关键在于掌握问题背后的算法思维框架&#xff0c;你的思考越抽象&#xff0c;它能覆盖的问题域就越广&#xff0c;理解难度…

day50-Insect Catch Game(捉虫游戏)

50 天学习 50 个项目 - HTMLCSS and JavaScript day50-Insect Catch Game&#xff08;捉虫游戏&#xff09; 效果 index.html <!DOCTYPE html> <html lang"en"><head><meta charset"UTF-8" /><meta name"viewport"…

codeblocks编译lvgl报错

codeblocks编译lvgl报错 1.报错内容2.解决方案3.lvgl本身代码报错 1.报错内容 error: unknown type name _In_opt_ ...2.解决方案 官网下载&#xff1a; 这里的Compiler’s installation directory 选择自带的 3.lvgl本身代码报错 undefined reference to _lv_utils_bse…

面试总结-Redis篇章(九)——Redis主从复制、主从数据同步原理

Redis其他面试问题 主从复制单节点Redis的并发能力是有上限的&#xff0c;要进一步提高Redis的并发能力&#xff0c;就需要搭建主从集群&#xff0c;实现读写分离主节点主要进行客户端的写操作&#xff0c;从节点进行客户端的读操作&#xff0c;因为Redis一直都是读多写少&…

UE5.1.1 创建C++项目失败

因一直使用Unity开发环境&#xff0c;安装Unreal后&#xff0c;并未详细配置过其开发环境&#xff0c;默认创建蓝图工程无异常&#xff0c;但创建UE C项目时总共遇到两个错误&#xff1a; 错误一 Running /Epic/UE/UE_5.1/Engine/Build/BatchFiles/Build.bat -projectfiles -…

flutter项目运行时一直卡在Running Gradle task ‘assembleDebug‘解决办法

1.修改项目中的android/build.gradle&#xff0c;将google()&#xff0c;mavenCentral()替换为下面的代码 maven { url https://maven.aliyun.com/repository/central/ }maven { url https://maven.aliyun.com/repository/public/ }maven { url https://maven.aliyun.com/repos…

<C++>二、类和对象-构造函数

1.类的6个默认成员函数 如果一个类中什么成员都没有&#xff0c;简称为空类。 空类中真的什么都没有吗&#xff1f;并不是&#xff0c;任何类在什么都不写时&#xff0c;编译器会自动生成以下6个默认成员函数。 默认成员函数&#xff1a;用户没有显式实现&#xff0c;编译器会生…

【Linux多线程】死锁问题介绍

死锁 &#x1f96d;什么是死锁&#x1f965;死锁产生的条件&#x1f95d;如何避免死锁&#x1f345; 避免死锁算法 &#x1f96d;什么是死锁 死锁是多线程或多进程编程中的一种常见问题&#xff0c;指的是两个或多个线程&#xff08;或进程&#xff09;相互等待对方持有的资源&…

位操作相关的函数(C++)

目录 popcount函数 bitset类模板 __builtin_popcount函数 popcount函数 在C中&#xff0c;std::popcount函数是用来计算一个整数二进制表示中包含的1的个数。不过要注意&#xff0c;这个函数是C20标准引入的&#xff0c;因此在使用之前&#xff0c;要先确保编译器支持C20标…

Redis 理论部分

前面写了很多redis项目&#xff0c;今天在通过redis的理论加深redis的了解&#xff0c;顺便做个总结 Redis 理论部分 1.redis 速度快的原因 纯内存操作单线程操作&#xff0c;避免频繁的上下文切换以及资源争用的问题&#xff0c;多线程需要占用更多的cpu资源采用非阻塞I/O多…

搜索二叉树_SearchBinaryTree

目录 搜索二叉树的原理 搜索二叉树的搜索时间复杂度 二叉搜索树实现_key 模型 节点 构造函数 查找 中序遍历 插入 循环 递归 删除 循环 1.删除叶子节点 2.删除有一个孩子的节点 3.左右孩子都不为空 递归 析构函数 拷贝构造 operator key_value 模型 节点 …

Mysql触发器

1.触发器 触发器是与表有关的数据库对象&#xff0c;指在 insert / update / delete 之前或之后&#xff0c;触发并执行触发器中定义的SL语句集合。触发器的这种特性可以协助应用在数据库端确保数据的完整性&#xff0c;日志记录&#xff0c;数据校验等操作。 使用别名 OLD 和 …

C#常用数学插值法

目录 1、分段线性插值 2、三次样条插值 3、拉格朗日插值 &#xff08;1&#xff09;一元全区间不等距插值 &#xff08;2&#xff09;一元全区间等距插值 4、埃尔米特插值 &#xff08;1&#xff09;埃尔米特不等距插值 &#xff08;2&#xff09;埃尔米特等距插值 1、…

mysql安装教程保姆级

MySQL免安装本地运行 1.下载MySQL2.创建install.bat3.init.sql 初始创建4.环境变量配置5.运行 install.bat 管理员权限运行6.连接成功遇到的问题 1.下载MySQL ①地址&#xff1a;https://downloads.mysql.com/archives/community/ ②解压 2.创建install.bat 放在mysql>b…

【SpringBoot笔记37】SpringBoot基于@ServerEndpoint、@OnMessage等注解的方式集成WebSocket

这篇文章,主要介绍SpringBoot基于@ServerEndpoint、@OnMessage等注解的方式集成WebSocket。 目录 一、基于注解集成WebSocket 1.1、WebSocket常见注解 1.2、创建WebSocket服务端 1.3、配置ServerEndpointExpor

java数据算法-汉诺塔

1、有三根相邻的柱子&#xff0c;标号为A,B,C。 2、A柱子上从下到上按金字塔状叠放着n个不同大小的圆盘。 3、现在把所有盘子一个一个移动到柱子C上&#xff0c;并且每次移动同一根柱子上都不能出现大盘子在小盘子上方。 题解步骤 1、当n1时&#xff1b; 将1号从A移动到C即…

算法综合篇专题一:双指针问题

"就算没有看清那株灿烂的花蕊&#xff0c;也应该放声歌颂赞美鲜红的玫瑰" 1、移动零 (1) 题目解析 (2) 算法原理 class Solution { public:void moveZeroes(vector<int>& nums) {for(int cur0,dest-1;cur<nums.size();cur){if(nums[cu…

AcWing 4908.饥饿的牛

原题链接&#xff1a;AcWing 4908.饥饿的牛 题目来源&#xff1a;夏季每日一题2023 贝茜是一头饥饿的牛。 每天晚上&#xff0c;如果牛棚中还有干草的话&#xff0c;贝茜都会吃掉其中的一捆。 初始时&#xff0c;牛棚中没有干草。 为了让贝茜不被饿死&#xff0c;农夫约翰制…

AOJ 2200 Mr. Rito Post Office 最短路径+动态规划+谨慎+思维

我写了好多注释&#xff0c;一看就能看懂&#xff0c;这个题目我想了6&#xff0c;7个小时&#xff0c;一开始忽略了船的位置和要把船安置的位置一致的情况&#xff0c;补上就对了。 #include <iostream> using namespace std; int inf 0x3f3f3f3f, num[1007], dp[1007…

Ansible-roles

Ansible-roles 一、roles作用 把playbook剧本里的各个play看作为角色&#xff0c;将各个角色的tasks任务、vars变量、templates模板、files文件等内容放置到角色的目录中统一管理&#xff0c;需要的时候可在playbook中直接使用roles调用&#xff0c;所以roles可以实现playboo…