150 lines
3.2 KiB
YAML
150 lines
3.2 KiB
YAML
---
|
|
- name: clear yum package cache
|
|
shell: "{{ item }}"
|
|
args:
|
|
warn: false
|
|
with_items:
|
|
- yum clean all
|
|
- yum makecache
|
|
|
|
- name: upgrade all packages
|
|
yum:
|
|
name: '*'
|
|
state: latest
|
|
|
|
- name: permanently disable selinux
|
|
lineinfile:
|
|
dest: /etc/sysconfig/selinux
|
|
regexp: "^SELINUX="
|
|
line: "SELINUX=disabled"
|
|
|
|
- name: temporarily disable swap
|
|
shell: swapoff -a
|
|
|
|
- name: permanently disable swap
|
|
lineinfile:
|
|
dest: /etc/fstab
|
|
regexp: "^/dev/mapper/centos-swap"
|
|
line: "# /dev/mapper/centos-swap swap swap defaults 0 0"
|
|
|
|
- name: add bridge-netfilter kernel module
|
|
shell: modprobe br_netfilter
|
|
|
|
- name: enable bridge-nf-call-iptables
|
|
sysctl:
|
|
name: net.bridge.bridge-nf-call-iptables
|
|
value: 1
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
|
|
- name: enable bridge-nf-call-ip6tables
|
|
sysctl:
|
|
name: net.bridge.bridge-nf-call-ip6tables
|
|
value: 1
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
|
|
- name: enable ipv6 default forwarding
|
|
sysctl:
|
|
name: net.ipv6.conf.default.forwarding
|
|
value: 1
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
|
|
- name: add docker-ce yum repository
|
|
shell: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
|
|
|
|
|
|
- name: copy kubernetes repo config
|
|
copy:
|
|
src: ../files/kubernetes.repo
|
|
dest: /etc/yum.repos.d/kubernetes.repo
|
|
|
|
- name: create cni config directory
|
|
file:
|
|
path: /etc/cni/net.d
|
|
state: directory
|
|
|
|
- name: copy cni config
|
|
template:
|
|
src: ../files/kube-router-cni.conf.j2
|
|
dest: /etc/cni/net.d/10-kuberouter.config
|
|
owner: root
|
|
group: root
|
|
|
|
- name: clear yum package cache
|
|
shell: yum clean all
|
|
args:
|
|
warn: false
|
|
|
|
- name: install packages
|
|
package:
|
|
name: "{{ item }}"
|
|
state: installed
|
|
with_items:
|
|
- yum-utils
|
|
- device-mapper-persistent-data
|
|
- lvm2
|
|
- kubernetes-cni
|
|
|
|
- name: installing kubeadm, kubelet and kubectl
|
|
shell: "{{ item }}"
|
|
args:
|
|
warn: false
|
|
with_items:
|
|
- yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
|
|
- systemctl enable --now kubelet
|
|
|
|
- name: add docker-ce repo
|
|
shell: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
|
|
|
|
- name: install docker-ce
|
|
package:
|
|
name: docker-ce-18.06.2.ce
|
|
state: installed
|
|
|
|
- name: create docker directory
|
|
file:
|
|
path: /etc/docker
|
|
state: directory
|
|
|
|
- name: deploy docker daemon configuration
|
|
copy:
|
|
src: ../files/docker-daemon.json
|
|
dest: /etc/docker/daemon.json
|
|
|
|
- name: create systemd unit directory for kubelet
|
|
file:
|
|
path: /etc/systemd/system/kubelet.service.d/
|
|
state: directory
|
|
|
|
- name: deploy kubelet service file
|
|
copy:
|
|
src: ../files/systemd-unit-kubelet.conf
|
|
dest: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
|
|
|
|
- name: set cgroup
|
|
lineinfile:
|
|
dest: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
|
|
regexp: "^cgroup-driver="
|
|
line: "cgroup-driver=cgroupfs"
|
|
|
|
- name: restart services
|
|
systemd:
|
|
name: "{{ item }}"
|
|
enabled: yes
|
|
state: restarted
|
|
daemon_reload: yes
|
|
with_items:
|
|
- docker
|
|
- kubelet
|
|
|
|
- name: open firewall ports
|
|
import_tasks: firewalld.yml
|
|
|
|
- name: update linux kernel
|
|
import_tasks: upgrade_kernel.yml
|