Adrien Reslinger
39c5ef5e82
All checks were successful
continuous-integration/drone/push Build is passing
106 lines
2.6 KiB
YAML
106 lines
2.6 KiB
YAML
---
|
|
#- name: Add kubernetes repository
|
|
# yumrepo:
|
|
# name: kubernetes
|
|
# description: "Kubernetes Repository"
|
|
# baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-$releasever-x86_64
|
|
# gpgcheck: yes
|
|
# enabled: yes
|
|
# gpgkey: https://packages.cloud.google.com/yum/doc/yum-key.gpg
|
|
# state: present
|
|
|
|
- name: Add Official kubernetes's repo
|
|
template:
|
|
src: "etc/yum.repos.d/kubernetes.repo.j2"
|
|
dest: "/etc/yum.repos.d/kubernetes.repo"
|
|
group: root
|
|
owner: root
|
|
mode: 0644
|
|
when:
|
|
- not ansible_machine == "armv7l"
|
|
- not ansible_machine == "armv6l"
|
|
- kubernetes_cri != "k3s"
|
|
|
|
- name: Register kubernetes firewalld service
|
|
template:
|
|
src: "etc/firewalld/services/kubernetes.xml.j2"
|
|
dest: "/etc/firewalld/services/kubernetes.xml"
|
|
group: root
|
|
owner: root
|
|
mode: 0644
|
|
register: need_firewalld_reload
|
|
when:
|
|
- kubernetes_server|bool
|
|
|
|
- name: Reload firewalld configuration
|
|
service:
|
|
name: firewalld
|
|
state: reloaded
|
|
enabled: yes
|
|
when:
|
|
- kubernetes_server|bool
|
|
- need_firewalld_reload is changed
|
|
|
|
#- name: reload firewalld to refresh service list
|
|
# command: firewall-cmd --reload
|
|
# when:
|
|
# - need_firewalld_reload is changed
|
|
# - kubernetes_server|bool
|
|
|
|
# Définir interface
|
|
- name: Open Firewalld
|
|
firewalld:
|
|
service: kubernetes
|
|
permanent: true
|
|
state: enabled
|
|
immediate: true
|
|
when:
|
|
# - need_firewall|bool
|
|
# - firewall_name == "firewalld"
|
|
- kubernetes_server|bool
|
|
|
|
- name: Create kubernetes firewalld zone
|
|
firewalld:
|
|
zone: kubernetes
|
|
permanent: true
|
|
state: present
|
|
when:
|
|
- kubernetes_server|bool
|
|
- name: Add PODs network to kubernetes firewalld zone
|
|
firewalld:
|
|
zone: kubernetes
|
|
permanent: true
|
|
state: enabled
|
|
source: "{{ kubernetes_pods_network }}"
|
|
when:
|
|
- kubernetes_server|bool
|
|
- name: Add Services network to kubernetes firewalld zone
|
|
firewalld:
|
|
zone: kubernetes
|
|
permanent: true
|
|
state: enabled
|
|
source: "10.96.0.0/12"
|
|
when:
|
|
- kubernetes_server|bool
|
|
|
|
- name: Install kubernetes tools
|
|
dnf:
|
|
name: "{{ kubernetes_package_name }}"
|
|
enablerepo: "kubernetes"
|
|
state: present
|
|
update_cache: yes
|
|
# notify: Restart kubelet
|
|
when:
|
|
- ansible_pkg_mgr == "dnf"
|
|
- (not kubernetes_server|bool) or ( kubernetes_server|bool and kubernetes_cri != "k3s")
|
|
|
|
- name: Install kubernetes tools
|
|
yum:
|
|
name: "{{ kubernetes_package_name }}"
|
|
enablerepo: "kubernetes"
|
|
state: present
|
|
update_cache: yes
|
|
# notify: Restart kubelet
|
|
when:
|
|
- ansible_pkg_mgr == "yum"
|
|
- (not kubernetes_server|bool) or ( kubernetes_server|bool and kubernetes_cri != "k3s")
|