Adding firewalld and SELinux configuration for Kubernetes in configure_node_for_k8s

inventories/kubernetes

@@ -1,9 +1,9 @@
 [masters]
-KubeMaster ansible_host=192.168.100.2
+KubeMaster ansible_host=192.168.100.2 master=true
 
 [workers]
-KubeWorker1 ansible_host=192.168.100.3
+KubeWorker1 ansible_host=192.168.100.3 worker=true
-KubeWorker2 ansible_host=192.168.100.4
+KubeWorker2 ansible_host=192.168.100.4 worker=true
 
 [ansible]
 Ansible ansible_host=192.168.100.5

playbooks/configure_node_for_k8s.yml

@@ -16,6 +16,38 @@
         persistent: present
         state: present
 
+    - name: Set SELinux to Permissive
+      ansible.posix.selinux:
+        state: disabled
+
+    - name: Set firewalld configuration | Master Nodes
+      ansible.posix.firewalld:
+        port: "{{ item }}"
+        permanent: true
+        state: enabled
+      loop:
+        - "6443/tcp"
+        - "2379-2380/tcp"
+        - "10250/tcp"
+        - "10251/tcp"
+        - "10259/tcp"
+        - "10257/tcp"
+        - "179/tcp"
+        - "4789/udp"
+      when: master | default(false)
+
+    - name: Set firewalld configuration | Worker Nodes
+      ansible.posix.firewalld:
+        port: "{{ item }}"
+        permanent: true
+        state: enabled
+      loop:
+        - "179/tcp"
+        - "10250/tcp"
+        - "30000-32767/tcp"
+        - "4789/udp"
+      when: worker | default(false)
+
     - name: Create network settings configuration file
       ansible.builtin.blockinfile:
         path: "/etc/sysctl.d/99-kubernetes-cri.conf"