129 lines
3.7 KiB
YAML
129 lines
3.7 KiB
YAML
######################################
|
|
#tasks for vanilla kubernetes install#
|
|
######################################
|
|
---
|
|
- name: Get OS version name
|
|
command: lsb_release -cs
|
|
register: os_codename
|
|
changed_when: false
|
|
|
|
- name: Get OS release number
|
|
command: lsb_release -rs
|
|
register: os_release
|
|
changed_when: false
|
|
|
|
- name: Add an apt signing key for CRI-O
|
|
apt_key:
|
|
url: "{{ item }}"
|
|
state: present
|
|
loop:
|
|
- 'https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/{{ crio_version }}/Debian_{{ os_release.stdout }}/Release.key'
|
|
- 'https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_{{ os_release.stdout }}/Release.key'
|
|
|
|
- name: Add CRI-O apt repository for stable version
|
|
apt_repository:
|
|
repo: deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_{{ os_release.stdout }}/ /
|
|
filename: devel:kubic:libcontainers:stable.list
|
|
state: present
|
|
update_cache: yes
|
|
- apt_repository:
|
|
repo: deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/{{ crio_version }}/Debian_{{ os_release.stdout }}/ /
|
|
filename: devel:kubic:libcontainers:stable:cri-o:{{ crio_version }}.list
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Install CRI-O packages
|
|
apt:
|
|
name: "{{ packages }}"
|
|
state: present
|
|
update_cache: yes
|
|
allow_unauthenticated: true
|
|
vars:
|
|
packages:
|
|
- cri-o
|
|
- cri-o-runc
|
|
|
|
- name: Enable and start CRI-O service
|
|
ansible.builtin.systemd:
|
|
name: crio.service
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: CRI-O use systemd cgroup driver
|
|
copy:
|
|
dest: "/etc/crio/crio.conf.d/02-cgroup-manager.conf"
|
|
content: |
|
|
[crio.runtime]
|
|
conmon_cgroup = "pod"
|
|
cgroup_manager = "systemd"
|
|
|
|
- name: Overriding the CRI-O sandbox (pause) image
|
|
lineinfile:
|
|
path: /etc/crio/crio.conf
|
|
regexp: '#? ?pause_image ?= ?"registry\.k8s\.io/pause:(.+)"'
|
|
backrefs: True
|
|
line: pause_image = "registry.k8s.io/pause:\1"
|
|
|
|
- name: Forwarding IPv4 and letting iptables see bridged traffic
|
|
copy:
|
|
dest: "/etc/modules-load.d/k8s.conf"
|
|
content: |
|
|
overlay
|
|
br_netfilter
|
|
|
|
- name: modprobe overlay & br-netfilter
|
|
command: "{{ item }}"
|
|
loop:
|
|
- modprobe overlay
|
|
- modprobe br_netfilter
|
|
|
|
#sysctl params required by setup, params persist across reboots
|
|
- name: ipv4 bridge forward
|
|
copy:
|
|
dest: "/etc/sysctl.d/k8s.conf"
|
|
content: |
|
|
net.bridge.bridge-nf-call-iptables = 1
|
|
net.bridge.bridge-nf-call-ip6tables = 1
|
|
net.ipv4.ip_forward = 1
|
|
|
|
- name: Apply sysctl params without reboot
|
|
command: sysctl --system
|
|
|
|
|
|
- name: Import Kubernetes GPG key
|
|
raw: "curl -fsSL https://pkgs.k8s.io/core:/stable:/v{{ kubernetesVersion.split('.')[:2] | join('.') }}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg"
|
|
|
|
- name: Add Kubernetes apt repository
|
|
raw: "echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v{{ kubernetesVersion.split('.')[:2] | join('.') }}/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list"
|
|
|
|
- name: Remove swapfile from /etc/fstab
|
|
mount:
|
|
name: "{{ item }}"
|
|
fstype: swap
|
|
state: absent
|
|
with_items:
|
|
- swap
|
|
- none
|
|
|
|
- name: Disable swap
|
|
command: swapoff -a
|
|
|
|
- name: Update apt cache
|
|
raw: apt-get -y update
|
|
changed_when: False
|
|
|
|
- name: Install Kubernetes binaries
|
|
apt:
|
|
name: "{{ packages }}"
|
|
state: present
|
|
update_cache: yes
|
|
vars:
|
|
packages:
|
|
- "kubelet={{ kubernetesVersion }}-1.1"
|
|
- "kubeadm={{ kubernetesVersion }}-1.1"
|
|
- "kubectl={{ kubernetesVersion }}-1.1"
|
|
|
|
- name: Add kubectl completion bash
|
|
lineinfile:
|
|
path: ~/.bashrc
|
|
line: source <(kubectl completion bash) |