Roxedus
/
Infra
1
0
Fork 0
Code Issues 1 Pull Requests 6 Projects Releases Wiki Activity
Infra/ansible/roles/kubernetes/tasks/node.yml

157 lines
4.2 KiB
YAML
Raw Blame History

- name: Disable SWAP
when: ansible_memory_mb.swap.total != 0
register: swap_disable
become: "{{ do_become }}"
ansible.builtin.command: swapoff -a
- name: Remove swapfile from /etc/fstab
become: "{{ do_become }}"
ansible.posix.mount:
name: "{{ item }}"
fstype: swap
state: absent
with_items:
- swap
- name: Add propogation to systemd
become: "{{ do_become }}"
community.general.ini_file:
path: /lib/systemd/system/docker.service
section: Service
option: MountFlags
value: shared
mode: "0644"
notify:
- kube | docker options changed
- name: Set up kmsg in LXC # https://kevingoos.medium.com/kubernetes-inside-proxmox-lxc-cce5c9927942
when: inventory_hostname in groups['lxc_guest']
become: "{{ do_become }}"
ansible.builtin.copy:
content: |
#!/bin/sh -e
if [ ! -e /dev/kmsg ]; then
ln -s /dev/console /dev/kmsg
fi
mount --make-rshared /
dest: /etc/rc.local
mode: "0755"
notify:
- kube | boot options changed
- name: Add cgroup directives to boot command line config
when: inventory_hostname in groups['raspberries']
become: yes
ansible.builtin.lineinfile:
path: /boot/firmware/cmdline.txt
regexp: '((.)+?)(\scgroup_\w+=\w+)*$'
line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
backrefs: yes
notify:
- kube | boot options changed
- name: Set GPU memory split to 16 MB
when: inventory_hostname in groups['raspberries']
become: yes
community.general.ini_file:
path: /boot/firmware/config.txt
section: pi4
option: gpu_mem
value: 16
create: yes
notify:
- kube | boot options changed
- name: Tweak modeprobe entries
become: "{{ do_become }}"
ansible.builtin.ini_file:
option: "{{ item.option }}"
state: "{{ item.state }}"
path: "/usr/lib/modules-load.d/kube.conf"
section: ""
mode: "0644"
allow_no_value: true
loop:
- { state: "present", option: "br_netfilter" }
- { state: "present", option: "overlay" }
notify:
- kube | systemctl restart systemd-modules-load.service
- name: Tweak sysctl entries
become: "{{ do_become }}"
ansible.builtin.sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: "{{ item.state }}"
sysctl_file: "/etc/sysctl.conf"
reload: false
loop:
- { state: "present", name: "kernel.pid_max", value: "4194303" }
- {
state: "present",
name: "net.bridge.bridge-nf-call-arptables",
value: "1",
}
- {
state: "present",
name: "net.bridge.bridge-nf-call-ip6tables",
value: "1",
}
- {
state: "present",
name: "net.bridge.bridge-nf-call-iptables",
value: "1",
}
- { state: "present", name: "net.ipv4.ip_forward", value: "1" }
- { state: "present", name: "net.ipv6.conf.all.disable_ipv6", value: "1" }
- { state: "present", name: "net.ipv6.conf.all.forwarding", value: "0" }
- {
state: "present",
name: "net.ipv6.conf.default.disable_ipv6",
value: "1",
}
- { state: "present", name: "net.ipv6.conf.lo.disable_ipv6", value: "1" }
- { state: "present", name: "vm.min_free_kbytes", value: "65536" }
- { state: "present", name: "vm.swappiness", value: "0" }
notify:
- kube | sysctl --system
- name: Add Apt signing key for Google and Libcontainers
become: "{{ do_become }}"
ansible.builtin.apt_key:
url: "{{ item }}"
state: present
loop:
- https://packages.cloud.google.com/apt/doc/apt-key.gpg
- name: Add repo for Google and Libcontainers
become: "{{ do_become }}"
ansible.builtin.apt_repository:
filename: Kubernetes
repo: "deb {{ item }}"
mode: "0666"
update_cache: yes
loop:
- https://apt.kubernetes.io/ kubernetes-xenial main
- name: Install kubernetes packages
become: "{{ do_become }}"
ansible.builtin.apt:
name:
- kubectl={{ kube_apt }}
- kubelet={{ kube_apt }}
- kubeadm={{ kube_apt }}
state: present
allow_downgrade: yes
- name: Hold kubernetes version
become: "{{ do_become }}"
when: ! is_controlplane is defined
ansible.builtin.dpkg_selections:
name: "{{ item }}"
selection: "hold"
with_items:
- kubelet
- kubeadm
- kubectl
Reference in New Issue View Git Blame Copy Permalink