130 lines
2.9 KiB
YAML
130 lines
2.9 KiB
YAML
---
|
|
- name: Update apt cache
|
|
apt:
|
|
update_cache: yes
|
|
cache_valid_time: 3600
|
|
|
|
- name: Upgrade all packages
|
|
apt:
|
|
upgrade: dist
|
|
|
|
- name: Install required system packages
|
|
apt:
|
|
name:
|
|
- apt-transport-https
|
|
- ca-certificates
|
|
- curl
|
|
- software-properties-common
|
|
- gnupg
|
|
state: present
|
|
|
|
- name: Disable swap
|
|
command: swapoff -a
|
|
when: ansible_swaptotal_mb > 0
|
|
|
|
- name: Disable swap in dphys-swapfile
|
|
lineinfile:
|
|
path: /etc/dphys-swapfile
|
|
regexp: '^CONF_SWAPSIZE='
|
|
line: 'CONF_SWAPSIZE=0'
|
|
notify: restart kubelet
|
|
|
|
- name: Enable cgroup features in cmdline.txt
|
|
replace:
|
|
path: /boot/cmdline.txt
|
|
regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_enable=memory cgroup_memory=1\b).*)$'
|
|
replace: '\1 cgroup_enable=cpuset cgroup_enable=memory cgroup_memory=1'
|
|
register: cgroup_update
|
|
|
|
- name: Reboot if cgroup features updated
|
|
reboot:
|
|
when: cgroup_update.changed
|
|
|
|
- name: Load kernel modules for containerd
|
|
copy:
|
|
dest: /etc/modules-load.d/containerd.conf
|
|
content: |
|
|
overlay
|
|
br_netfilter
|
|
|
|
- name: Load overlay module
|
|
modprobe:
|
|
name: overlay
|
|
state: present
|
|
|
|
- name: Load br_netfilter module
|
|
modprobe:
|
|
name: br_netfilter
|
|
state: present
|
|
|
|
- name: Configure sysctl params for Kubernetes
|
|
copy:
|
|
dest: /etc/sysctl.d/99-kubernetes-cri.conf
|
|
content: |
|
|
net.bridge.bridge-nf-call-iptables = 1
|
|
net.ipv4.ip_forward = 1
|
|
net.bridge.bridge-nf-call-ip6tables = 1
|
|
register: sysctl_config
|
|
|
|
- name: Apply sysctl params
|
|
command: sysctl --system
|
|
when: sysctl_config.changed
|
|
|
|
- name: Install containerd
|
|
apt:
|
|
name: containerd
|
|
state: present
|
|
|
|
- name: Create containerd config directory
|
|
file:
|
|
path: /etc/containerd
|
|
state: directory
|
|
|
|
- name: Generate default containerd config
|
|
shell: containerd config default > /etc/containerd/config.toml
|
|
args:
|
|
creates: /etc/containerd/config.toml
|
|
|
|
- name: Configure SystemdCgroup in containerd config
|
|
replace:
|
|
path: /etc/containerd/config.toml
|
|
regexp: 'SystemdCgroup = false'
|
|
replace: 'SystemdCgroup = true'
|
|
notify: restart containerd
|
|
|
|
- name: Create keyrings directory
|
|
file:
|
|
path: /etc/apt/keyrings
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Download Kubernetes GPG key
|
|
get_url:
|
|
url: https://pkgs.k8s.io/core:/stable:/v1.35/deb/Release.key
|
|
dest: /etc/apt/keyrings/kubernetes-apt-keyring.asc
|
|
mode: '0644'
|
|
|
|
- name: Add Kubernetes apt repository
|
|
apt_repository:
|
|
repo: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.asc] https://pkgs.k8s.io/core:/stable:/v1.35/deb/ /"
|
|
state: present
|
|
filename: kubernetes
|
|
|
|
- name: Install Kubernetes binaries
|
|
apt:
|
|
name:
|
|
- kubelet
|
|
- kubeadm
|
|
- kubectl
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Hold Kubernetes packages
|
|
dpkg_selections:
|
|
name: "{{ item }}"
|
|
selection: hold
|
|
loop:
|
|
- kubelet
|
|
- kubeadm
|
|
- kubectl
|