Adding the beginnings of kubernetes node config, the tutorial I'm following doesn't have the firewall and SELINUX rules in there ansible examples, so that's not done yet

2024-09-21 19:48:59 -04:00 · 2024-09-21 19:48:59 -04:00 · 64bf05138e
commit 64bf05138e
parent af210e8cb4
2 changed files with 88 additions and 1 deletions
--- a/inventories/kubernetes
+++ b/inventories/kubernetes
@ -3,4 +3,7 @@ KubeMaster ansible_host=192.168.100.2

 [workers]
 KubeWorker1 ansible_host=192.168.100.3
-KubeWorker2 ansible_host=192.168.100.4
+KubeWorker2 ansible_host=192.168.100.4
+
+[ansible]
+Ansible ansible_host=192.168.100.5
--- a/playbooks/configure_node_for_k8s.yml
+++ b/playbooks/configure_node_for_k8s.yml
@ -0,0 +1,84 @@
+---
+- hosts: masters,workers
+  become: yes
+  become_method: su
+  become_user: root
+  tasks:
+    - name: Add overlay modprobe module
+      community.general.modprobe:
+        name: overlay
+        persistent: present
+        state: present
+
+    - name: Add br_netfilter module
+      community.general.modprobe:
+        name: br_netfilter
+        persistent: present
+        state: present
+
+    - name: Create network settings configuration file
+      ansible.builtin.blockinfile:
+        path: "/etc/sysctl.d/99-kubernetes-cri.conf"
+        block: |
+          net.bridge.bridge-nf-call-iptables = 1
+          net.ipv4.ip_forward = 1
+          net.bridge.bridge-nf-call-ip6tables = 1
+        create: true
+    
+    - name: Apply new sysctl settings
+      ansible.builtin.shell:
+        cmd: sysctl --system
+      changed_when: false
+
+    - name: Add docker repo
+      ansible.builtin.shell:
+        cmd: dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+      changed_when: false
+
+    - name: Install containerd
+      ansible.builtin.yum:
+        name: containerd.io
+        state: present
+      
+    - name: Build default containerd config
+      ansible.builtin.shell:
+        cmd: set -o pipefail && mkdir -p /etc/containerd && containered config default | tee /etc/containerd/config.toml
+      changed_when: false
+
+    - name: Restart containerd
+      ansible.builtin.service:
+        name: containerd
+        state: restarted
+        enabled: true
+    
+    - name: Create Kubernetes repo
+      ansible.builtin.blockinfile:
+        path: "/etc/yum.repos.d/kubernetes.repo"
+        create: true
+        block: |
+          [kubernetes]
+          name=Kubernetes
+          baseurl=https://pkgs.k8s.io/core:/stable:/v1.31/rpm/
+          enabled=1
+          gpgcheck=1
+          gpgkey=https://pkgs.k8s.io/core:stable:/v1.31/rpm/repodata/repomd.xml.key
+          exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
+
+    - name: Install Kubernetes components
+      ansible.builtin.yum:
+        name:
+          - kubelet
+          - kubeadm
+          - kubectl
+        state: present
+        disable_excludes: all
+
+    - name: Disable running swap
+      ansible.builtin.shell:
+        cmd: swapoff -a
+      changed_when: false
+
+    - name: Disable swap in fstab
+      ansible.builtin.shell:
+        cmd: sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
+      changed_when: false