From 64bf05138e5bcf3bd33c1e99833f7dafcaa57cdf Mon Sep 17 00:00:00 2001
From: Bradley Bickford <bradleybickford@gmail.com>
Date: Sat, 21 Sep 2024 19:48:59 -0400
Subject: [PATCH] Adding the beginnings of kubernetes node config, the tutorial
 I'm following doesn't have the firewall and SELINUX rules in there ansible
 examples, so that's not done yet

---
 inventories/kubernetes               |  5 +-
 playbooks/configure_node_for_k8s.yml | 84 ++++++++++++++++++++++++++++
 2 files changed, 88 insertions(+), 1 deletion(-)
 create mode 100644 playbooks/configure_node_for_k8s.yml

diff --git a/inventories/kubernetes b/inventories/kubernetes
index a6263d7..71d5f17 100644
--- a/inventories/kubernetes
+++ b/inventories/kubernetes
@@ -3,4 +3,7 @@ KubeMaster ansible_host=192.168.100.2
 
 [workers]
 KubeWorker1 ansible_host=192.168.100.3
-KubeWorker2 ansible_host=192.168.100.4
\ No newline at end of file
+KubeWorker2 ansible_host=192.168.100.4
+
+[ansible]
+Ansible ansible_host=192.168.100.5
\ No newline at end of file
diff --git a/playbooks/configure_node_for_k8s.yml b/playbooks/configure_node_for_k8s.yml
new file mode 100644
index 0000000..2df2eac
--- /dev/null
+++ b/playbooks/configure_node_for_k8s.yml
@@ -0,0 +1,84 @@
+---
+- hosts: masters,workers
+  become: yes
+  become_method: su
+  become_user: root
+  tasks:
+    - name: Add overlay modprobe module
+      community.general.modprobe:
+        name: overlay
+        persistent: present
+        state: present
+
+    - name: Add br_netfilter module
+      community.general.modprobe:
+        name: br_netfilter
+        persistent: present
+        state: present
+
+    - name: Create network settings configuration file
+      ansible.builtin.blockinfile:
+        path: "/etc/sysctl.d/99-kubernetes-cri.conf"
+        block: |
+          net.bridge.bridge-nf-call-iptables = 1
+          net.ipv4.ip_forward = 1
+          net.bridge.bridge-nf-call-ip6tables = 1
+        create: true
+    
+    - name: Apply new sysctl settings
+      ansible.builtin.shell:
+        cmd: sysctl --system
+      changed_when: false
+
+    - name: Add docker repo
+      ansible.builtin.shell:
+        cmd: dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+      changed_when: false
+
+    - name: Install containerd
+      ansible.builtin.yum:
+        name: containerd.io
+        state: present
+      
+    - name: Build default containerd config
+      ansible.builtin.shell:
+        cmd: set -o pipefail && mkdir -p /etc/containerd && containered config default | tee /etc/containerd/config.toml
+      changed_when: false
+
+    - name: Restart containerd
+      ansible.builtin.service:
+        name: containerd
+        state: restarted
+        enabled: true
+    
+    - name: Create Kubernetes repo
+      ansible.builtin.blockinfile:
+        path: "/etc/yum.repos.d/kubernetes.repo"
+        create: true
+        block: |
+          [kubernetes]
+          name=Kubernetes
+          baseurl=https://pkgs.k8s.io/core:/stable:/v1.31/rpm/
+          enabled=1
+          gpgcheck=1
+          gpgkey=https://pkgs.k8s.io/core:stable:/v1.31/rpm/repodata/repomd.xml.key
+          exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
+
+    - name: Install Kubernetes components
+      ansible.builtin.yum:
+        name:
+          - kubelet
+          - kubeadm
+          - kubectl
+        state: present
+        disable_excludes: all
+
+    - name: Disable running swap
+      ansible.builtin.shell:
+        cmd: swapoff -a
+      changed_when: false
+
+    - name: Disable swap in fstab
+      ansible.builtin.shell:
+        cmd: sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
+      changed_when: false
\ No newline at end of file