159 lines
4.7 KiB
YAML
159 lines
4.7 KiB
YAML
---
|
|
# - name: Add kubernetes repository
|
|
# yumrepo:
|
|
# name: kubernetes
|
|
# description: "Kubernetes Repository"
|
|
# baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-$releasever-x86_64
|
|
# gpgcheck: yes
|
|
# enabled: true
|
|
# gpgkey: https://packages.cloud.google.com/yum/doc/yum-key.gpg
|
|
# state: present
|
|
|
|
# - name: Add Official kubernetes's repo
|
|
# ansible.builtin.template:
|
|
# src: "etc/yum.repos.d/kubernetes.repo.j2"
|
|
# dest: "/etc/yum.repos.d/kubernetes.repo"
|
|
# group: root
|
|
# owner: root
|
|
# mode: 0644
|
|
# when:
|
|
# - not ansible_machine == "armv7l"
|
|
# - not ansible_machine == "armv6l"
|
|
# - kubernetes_cri != "k3s"
|
|
|
|
- name: Add Official kubernetes's repo on servers
|
|
ansible.builtin.yum_repository:
|
|
name: kubernetes
|
|
description: Kubernetes
|
|
baseurl: "https://pkgs.k8s.io/core:/stable:/v{{ kubernetes_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}/rpm/"
|
|
enabled: true
|
|
gpgcheck: true
|
|
repo_gpgcheck: true
|
|
gpgkey: "https://pkgs.k8s.io/core:/stable:/v{{ kubernetes_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}/rpm/repodata/repomd.xml.key"
|
|
exclude: kubelet kubeadm
|
|
become: true
|
|
when:
|
|
- not ansible_machine == "armv7l"
|
|
- not ansible_machine == "armv6l"
|
|
- kubernetes_server|bool
|
|
- kubernetes_cri != "k3s"
|
|
|
|
- name: Add Official kubernetes's repo for Desktop
|
|
ansible.builtin.yum_repository:
|
|
name: kubernetes
|
|
description: Kubernetes
|
|
baseurl: "https://pkgs.k8s.io/core:/stable:/v{{ kubernetes_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}/rpm/"
|
|
enabled: true
|
|
gpgcheck: true
|
|
repo_gpgcheck: true
|
|
gpgkey: "https://pkgs.k8s.io/core:/stable:/v{{ kubernetes_version | regex_replace('^([0-9])\\.([0-9]*).*', '\\1.\\2') }}/rpm/repodata/repomd.xml.key"
|
|
exclude: kubelet kubeadm kubectl
|
|
become: true
|
|
when:
|
|
- not ansible_machine == "armv7l"
|
|
- not ansible_machine == "armv6l"
|
|
- not kubernetes_server|bool
|
|
|
|
# - name: Redhat | Installing K8s Packages
|
|
# ansible.builtin.package:
|
|
# name:
|
|
# - kubectl
|
|
# - kubelet
|
|
# - kubeadm
|
|
# - iproute-tc
|
|
# - ipvsadm
|
|
# state: present
|
|
# disable_excludes: kubernetes
|
|
# become: true
|
|
# register: result
|
|
# until: result is successful
|
|
|
|
# - name: Register kubernetes firewalld service
|
|
# ansible.builtin.template:
|
|
# src: "etc/firewalld/services/kubernetes.xml.j2"
|
|
# dest: "/etc/firewalld/services/kubernetes.xml"
|
|
# group: root
|
|
# owner: root
|
|
# mode: 0644
|
|
# register: need_firewalld_reload
|
|
# when:
|
|
# - kubernetes_server|bool
|
|
#
|
|
# - name: Reload firewalld configuration
|
|
# ansible.builtin.service:
|
|
# name: firewalld
|
|
# state: reloaded
|
|
# enabled: true
|
|
# when:
|
|
# - kubernetes_server|bool
|
|
# - need_firewalld_reload is changed
|
|
#
|
|
## Définir interface
|
|
# - name: Open Firewalld
|
|
# ansible.posix.firewalld:
|
|
# zone: external
|
|
# service: kubernetes
|
|
# permanent: true
|
|
# state: enabled
|
|
# immediate: true
|
|
# when:
|
|
## - need_firewall|bool
|
|
## - firewall_name == "firewalld"
|
|
# - kubernetes_server|bool
|
|
|
|
# - name: Create kubernetes firewalld zone
|
|
# ansible.posix.firewalld:
|
|
# zone: kubernetes
|
|
# permanent: true
|
|
# state: present
|
|
# when:
|
|
# - kubernetes_server|bool
|
|
- name: Add kubernetes networks to trusted firewalld zone
|
|
ansible.posix.firewalld:
|
|
# zone: kubernetes
|
|
zone: trusted
|
|
permanent: true
|
|
state: enabled
|
|
source: "{{ item }}"
|
|
when:
|
|
- kubernetes_server|bool
|
|
with_items:
|
|
- "{{ kubernetes_pods_network }}"
|
|
- "{{ kubernetes_svc_network }}"
|
|
|
|
- name: Add kubernetes networks to trusted firewalld zone
|
|
ansible.posix.firewalld:
|
|
# zone: kubernetes
|
|
zone: trusted
|
|
permanent: true
|
|
state: enabled
|
|
source: "{{ item }}"
|
|
when:
|
|
- kubernetes_server|bool
|
|
- kubernetes_interface is defined
|
|
# - false
|
|
with_items:
|
|
- "{{ (lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.network + '/' + lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.netmask) | ansible.utils.ipaddr('net') }}"
|
|
|
|
- name: Install kubernetes tools
|
|
ansible.builtin.dnf:
|
|
name: "{{ kubernetes_package_name }}"
|
|
enablerepo: "kubernetes"
|
|
state: present
|
|
update_cache: true
|
|
disable_excludes: kubernetes
|
|
# notify: Restart kubelet
|
|
when:
|
|
- ansible_pkg_mgr == "dnf"
|
|
- (not kubernetes_server|bool) or ( kubernetes_server|bool and kubernetes_cri != "k3s")
|
|
|
|
- name: Install kubernetes tools
|
|
ansible.builtin.yum:
|
|
name: "{{ kubernetes_package_name }}"
|
|
enablerepo: "kubernetes"
|
|
state: present
|
|
update_cache: true
|
|
# notify: Restart kubelet
|
|
when:
|
|
- ansible_pkg_mgr == "yum"
|
|
- (not kubernetes_server|bool) or ( kubernetes_server|bool and kubernetes_cri != "k3s")
|