terraform-k8s/roles/kubernetes/tasks/main.yml

102 lines
2.1 KiB
YAML
Raw Normal View History

2019-01-22 12:10:16 +00:00
---
2019-01-25 17:54:52 +00:00
- name: upgrade all packages
yum:
name: '*'
state: latest
- name: permanently disable selinux
lineinfile:
dest: /etc/sysconfig/selinux
regexp: "^SELINUX="
line: "SELINUX=disabled"
- name: temporarily disable swap
shell: swapoff -a
- name: permanently disable swap
lineinfile:
dest: /etc/fstab
regexp: "^/dev/mapper/centos-swap"
line: "# /dev/mapper/centos-swap swap swap defaults 0 0"
- name: activate kernel module
shell: modprobe br_netfilter
- name: enable bridge-nf-call-iptables
sysctl:
name: net.bridge.bridge-nf-call-iptables
value: 1
sysctl_set: yes
state: present
reload: yes
- name: enable bridge-nf-call-ip6tables
sysctl:
name: net.bridge.bridge-nf-call-ip6tables
value: 1
sysctl_set: yes
state: present
reload: yes
- name: enable ipv6 default forwarding
sysctl:
name: net.ipv6.conf.default.forwarding
value: 1
sysctl_set: yes
state: present
reload: yes
- name: add docker-ce yum repository
shell: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- name: copy kubernetes repo config
copy:
src: ../files/kubernetes.repo
dest: /etc/yum.repos.d/kubernetes.repo
- name: create cni config directory
file:
path: /etc/cni/net.d
state: directory
2019-01-28 14:28:54 +00:00
- name: copy cni config
template:
src: ../files/kube-router-cni.conf.j2
dest: /etc/cni/net.d/10-kuberouter.conf
owner: root
group: root
2019-01-25 17:54:52 +00:00
- name: install packages
yum:
name:
- yum-utils
- device-mapper-persistent-data
- lvm2
- docker-ce
- kubelet
- kubeadm
- kubectl
- kubernetes-cni
state: present
- name: set cgroup
lineinfile:
dest: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
regexp: "^cgroup-driver="
line: "cgroup-driver=cgroupfs"
- name: force systemd to reread configs and restart service docker
systemd:
name: docker
enabled: yes
state: restarted
- name: force systemd to reread configs and restart service kubelet
systemd:
name: kubelet
enabled: yes
state: restarted
daemon_reload: yes