From 59e9608d58f3ad4ff2a0fb956e5721b83eadb284 Mon Sep 17 00:00:00 2001
From: jaydee <jaydee@sectorq.eu>
Date: Mon, 23 Feb 2026 12:55:10 +0100
Subject: [PATCH] build

---
 roles/kubernetes/tasks/Ubuntu.yml | 169 ++++++++++++++++++++++++++++++
 1 file changed, 169 insertions(+)
 create mode 100644 roles/kubernetes/tasks/Ubuntu.yml

diff --git a/roles/kubernetes/tasks/Ubuntu.yml b/roles/kubernetes/tasks/Ubuntu.yml
new file mode 100644
index 0000000..1c4015d
--- /dev/null
+++ b/roles/kubernetes/tasks/Ubuntu.yml
@@ -0,0 +1,169 @@
+- name: Install Kubernetes on Ubuntu 24
+  become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}"
+  block:
+
+    - name: Update apt cache
+      apt:
+        update_cache: yes
+
+    - name: Disable swap
+      command: swapoff -a
+      when: ansible_swaptotal_mb > 0
+
+    - name: Remove swap from fstab
+      replace:
+        path: /etc/fstab
+        regexp: '.*swap.*'
+        replace: ''
+
+    - name: Enable kernel modules
+      copy:
+        dest: /etc/modules-load.d/k8s.conf
+        content: |
+          overlay
+          br_netfilter
+
+    - name: Load kernel modules
+      modprobe:
+        name: "{{ item }}"
+        state: present
+      loop:
+        - overlay
+        - br_netfilter
+
+    - name: Set sysctl params
+      copy:
+        dest: /etc/sysctl.d/k8s.conf
+        content: |
+          net.bridge.bridge-nf-call-iptables = 1
+          net.bridge.bridge-nf-call-ip6tables = 1
+          net.ipv4.ip_forward = 1
+
+    - name: Apply sysctl
+      command: sysctl --system
+
+    - name: Install required packages
+      apt:
+        name:
+          - apt-transport-https
+          - ca-certificates
+          - curl
+          - gpg
+        state: present
+
+    - name: Add Kubernetes apt key
+      shell: |
+        curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | \
+        gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
+      args:
+        creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg
+
+    - name: Add Kubernetes repository
+      copy:
+        dest: /etc/apt/sources.list.d/kubernetes.list
+        content: |
+          deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /
+
+    - name: Install containerd
+      apt:
+        name: containerd
+        state: present
+
+    - name: Configure containerd
+      shell: |
+        mkdir -p /etc/containerd
+        containerd config default > /etc/containerd/config.toml
+        sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
+      args:
+        creates: /etc/containerd/config.toml
+
+    - name: Enable and start containerd
+      systemd:
+        name: containerd
+        enabled: yes
+        state: started
+
+    - name: Install Kubernetes packages
+      apt:
+        name:
+          - kubelet
+          - kubeadm
+          - kubectl
+        state: present
+        update_cache: yes
+      register: k8s_install
+      retries: 5
+      delay: 10
+      until: k8s_install is succeeded
+
+    - name: Hold Kubernetes packages
+      command: apt-mark hold kubelet kubeadm kubectl
+
+    - name: Enable kubelet
+      systemd:
+        name: kubelet
+        enabled: yes
+        state: started
+
+    # Optional UFW configuration
+    - name: Ensure UFW is installed
+      apt:
+        name: ufw
+        state: present
+      when: inventory_hostname == 'ubuntu-vm01.home.lan'
+
+    - name: Allow Kubernetes ports
+      ufw:
+        rule: allow
+        port: "{{ item }}"
+      loop:
+        - 6443
+        - 2379:2380
+        - 10250
+      when: inventory_hostname == 'ubuntu-vm01.home.lan'
+
+    - name: Initialize Kubernetes
+      command: kubeadm init --pod-network-cidr=10.244.0.0/16
+      args:
+        creates: /etc/kubernetes/admin.conf
+      when: inventory_hostname == 'ubuntu-vm01.home.lan'
+
+    - name: Create .kube directory
+      file:
+        path: /home/{{ ansible_user }}/.kube
+        state: directory
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+        mode: '0755'
+      when: inventory_hostname == 'ubuntu-vm01.home.lan'
+
+    - name: Copy kubeconfig to user
+      copy:
+        remote_src: yes
+        src: /etc/kubernetes/admin.conf
+        dest: /home/{{ ansible_user }}/.kube/config
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+        mode: '0644'
+      when: inventory_hostname == 'ubuntu-vm01.home.lan'
+
+    - name: Install Flannel CNI
+      become_user: "{{ ansible_user }}"
+      command: kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
+      when: inventory_hostname == 'ubuntu-vm01.home.lan'
+
+    - name: Get join command
+      command: kubeadm token create --print-join-command
+      register: join_command
+      when: inventory_hostname == 'ubuntu-vm01.home.lan'
+
+    - name: Save join command
+      set_fact:
+        worker_join_cmd: "{{ join_command.stdout }}"
+      when: inventory_hostname == 'ubuntu-vm01.home.lan'
+
+    - name: Join cluster
+      command: "{{ hostvars['ubuntu-vm01.home.lan'].worker_join_cmd }}"
+      args:
+        creates: /etc/kubernetes/kubelet.conf
+      when: inventory_hostname != 'ubuntu-vm01.home.lan'
\ No newline at end of file