build

2026-03-13 05:42:46 +01:00 · 2026-02-22 20:50:11 +01:00
parent 62b8266729
commit d3d7b67c9b
1 changed files with 29 additions and 29 deletions
--- a/roles/kubernetes/tasks/Rocky.yml
+++ b/roles/kubernetes/tasks/Rocky.yml
@@ -100,7 +100,36 @@
        name: kubelet
        enabled: yes
        state: started
+    - name: Ensure firewalld is running
+      ansible.builtin.service:
+        name: firewalld
+        state: started
+        enabled: true
+      when: inventory_hostname == 'rocky9-vm01.home.lan'

+    - name: Open Kubernetes API server port (6443)
+      ansible.posix.firewalld:
+        port: 6443/tcp
+        permanent: yes
+        state: enabled
+        immediate: yes
+      when: inventory_hostname == 'rocky9-vm01.home.lan'
+
+    - name: Open etcd ports (2379-2380)
+      ansible.posix.firewalld:
+        port: 2379-2380/tcp
+        permanent: yes
+        state: enabled
+        immediate: yes
+      when: inventory_hostname == 'rocky9-vm01.home.lan'
+
+    - name: Open kubelet and scheduler ports (10250-10252)
+      ansible.posix.firewalld:
+        port: 10250-10252/tcp
+        permanent: yes
+        state: enabled
+        immediate: yes
+      when: inventory_hostname == 'rocky9-vm01.home.lan'
    - name: Initialize Kubernetes
      command: kubeadm init --pod-network-cidr=10.244.0.0/16
      args:
@@ -145,36 +174,7 @@
      register: join_command
      when: inventory_hostname == 'rocky9-vm01.home.lan'

-    - name: Ensure firewalld is running
-      ansible.builtin.service:
-        name: firewalld
-        state: started
-        enabled: true
-      when: inventory_hostname == 'rocky9-vm01.home.lan'

-    - name: Open Kubernetes API server port (6443)
-      ansible.posix.firewalld:
-        port: 6443/tcp
-        permanent: yes
-        state: enabled
-        immediate: yes
-      when: inventory_hostname == 'rocky9-vm01.home.lan'
-
-    - name: Open etcd ports (2379-2380)
-      ansible.posix.firewalld:
-        port: 2379-2380/tcp
-        permanent: yes
-        state: enabled
-        immediate: yes
-      when: inventory_hostname == 'rocky9-vm01.home.lan'
-
-    - name: Open kubelet and scheduler ports (10250-10252)
-      ansible.posix.firewalld:
-        port: 10250-10252/tcp
-        permanent: yes
-        state: enabled
-        immediate: yes
-      when: inventory_hostname == 'rocky9-vm01.home.lan'
      
    - name: Save join command
      set_fact: