build

roles/kubernetes/tasks/Rocky.yml

@@ -58,14 +58,14 @@
         content: |
           [kubernetes]
           name=Kubernetes
-          baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/
+          baseurl=http://pkgs.k8s.io/core:/stable:/v1.29/rpm/
           enabled=1
           gpgcheck=1
-          gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key
+          gpgkey=http://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key
 
     - name: Add Docker CE repository
       get_url:
-        url: https://download.docker.com/linux/centos/docker-ce.repo
+        url: http://download.docker.com/linux/centos/docker-ce.repo
         dest: /etc/yum.repos.d/docker-ce.repo
         mode: '0644'
 
@@ -86,6 +86,12 @@
         enabled: yes
         state: started
 
+    - name: Wait for containerd socket
+      ansible.builtin.wait_for:
+        path: /run/containerd/containerd.sock
+        state: present
+        timeout: 30
+
     - name: Install Kubernetes packages
       dnf:
         name:
@@ -94,12 +100,51 @@
           - kubectl
         disable_excludes: kubernetes
         state: present
+      register: k8s_install
+      retries: 5
+      delay: 10
+      until: k8s_install is succeeded
 
     - name: Enable kubelet
       systemd:
         name: kubelet
         enabled: yes
         state: started
+    - name: Ensure firewalld is running
+      ansible.builtin.service:
+        name: firewalld
+        state: started
+        enabled: true
+      when: inventory_hostname == 'rocky9-vm01.home.lan'
+
+    - name: Open Kubernetes API server port (6443)
+      ansible.posix.firewalld:
+        port: 6443/tcp
+        permanent: yes
+        state: enabled
+        immediate: yes
+      when: inventory_hostname == 'rocky9-vm01.home.lan'
+
+    - name: Open etcd ports (2379-2380)
+      ansible.posix.firewalld:
+        port: 2379-2380/tcp
+        permanent: yes
+        state: enabled
+        immediate: yes
+      when: inventory_hostname == 'rocky9-vm01.home.lan'
+
+    - name: Open kubelet and scheduler ports (10250-10252)
+      ansible.posix.firewalld:
+        port: 10250-10252/tcp
+        permanent: yes
+        state: enabled
+        immediate: yes
+      when: inventory_hostname == 'rocky9-vm01.home.lan'
+
+    - name: Restart containerd
+      systemd:
+        name: containerd
+        state: restarted
 
     - name: Initialize Kubernetes
       command: kubeadm init --pod-network-cidr=10.244.0.0/16
@@ -145,36 +190,7 @@
       register: join_command
       when: inventory_hostname == 'rocky9-vm01.home.lan'
 
-    - name: Ensure firewalld is running
-      ansible.builtin.service:
-        name: firewalld
-        state: started
-        enabled: true
-      when: inventory_hostname == 'rocky9-vm01.home.lan'
 
-    - name: Open Kubernetes API server port (6443)
-      ansible.posix.firewalld:
-        port: 6443/tcp
-        permanent: yes
-        state: enabled
-        immediate: yes
-      when: inventory_hostname == 'rocky9-vm01.home.lan'
-
-    - name: Open etcd ports (2379-2380)
-      ansible.posix.firewalld:
-        port: 2379-2380/tcp
-        permanent: yes
-        state: enabled
-        immediate: yes
-      when: inventory_hostname == 'rocky9-vm01.home.lan'
-
-    - name: Open kubelet and scheduler ports (10250-10252)
-      ansible.posix.firewalld:
-        port: 10250-10252/tcp
-        permanent: yes
-        state: enabled
-        immediate: yes
-      when: inventory_hostname == 'rocky9-vm01.home.lan'
       
     - name: Save join command
       set_fact: