|
|
|
#- name: Load br_netfilter kernel-module
|
|
|
|
# modprobe:
|
|
|
|
# name: br_netfilter
|
|
|
|
# state: present
|
|
|
|
|
|
|
|
- name: Set sysctl settings for iptables bridged traffic
|
|
|
|
copy:
|
|
|
|
dest: "/etc/sysctl.d/kubernetes.conf"
|
|
|
|
content: |
|
|
|
|
net.bridge.bridge-nf-call-ip6tables = 1
|
|
|
|
net.bridge.bridge-nf-call-iptables = 1
|
|
|
|
|
|
|
|
net.ipv4.conf.all.forwarding=1
|
|
|
|
net.ipv6.conf.all.forwarding=1
|
|
|
|
notify: reload_sysctl
|
|
|
|
|
|
|
|
#- name: Disable swap
|
|
|
|
# command: swapoff -a
|
|
|
|
|
|
|
|
- name: Install iptables
|
|
|
|
package:
|
|
|
|
name:
|
|
|
|
#- containerd
|
|
|
|
- iptables
|
|
|
|
state: latest
|
|
|
|
|
|
|
|
- name: Check if containerd-service exists & is started
|
|
|
|
service:
|
|
|
|
name: containerd
|
|
|
|
state: started
|
|
|
|
ignore_errors: true
|
|
|
|
register: containerd_status
|
|
|
|
|
|
|
|
- name: Install containerd when not exists
|
|
|
|
package:
|
|
|
|
name:
|
|
|
|
- containerd
|
|
|
|
when: containerd_status is failed
|
|
|
|
|
|
|
|
- name: Create containerd config-folder
|
|
|
|
file:
|
|
|
|
path: /etc/containerd
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
- name: Deploy containerd-config
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: containerd_config.toml
|
|
|
|
dest: /etc/containerd/config.toml
|
|
|
|
mode: u=rw,g=r,o=r
|
|
|
|
notify: restart_containerd
|
|
|
|
|
|
|
|
# todo: Move to netmaker-role as handler?
|
|
|
|
- name: Gather facts to get changes
|
|
|
|
ansible.builtin.gather_facts:
|
|
|
|
|
|
|
|
- name: Getting nodeIp-data from interface
|
|
|
|
set_fact:
|
|
|
|
nodeip_ipv4: "{{ ansible_facts[ kubernetes.ipPool.nodeIp_interface ].ipv4.address }}"
|
|
|
|
nodeip_ipv6: "{{ ansible_facts[ kubernetes.ipPool.nodeIp_interface ].ipv6[0].address }}"
|
|
|
|
|
|
|
|
- name: Set control-plane-dns-endpoint towards local-ip
|
|
|
|
blockinfile:
|
|
|
|
path: /etc/hosts
|
|
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK | k8s"
|
|
|
|
block: |
|
|
|
|
{{ nodeip_ipv4 }} {{ kubernetes.control_plane.dns_name }}
|
|
|
|
|
|
|
|
- name: Run handlers to reload configurations
|
|
|
|
meta: flush_handlers
|