- name: Install kubernetes on Rocky 9 become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" block: - name: Include role ansible.builtin.include_role: name: proxy_repo - name: Disable SELinux ansible.posix.selinux: state: permissive policy: targeted - name: Disable swap command: swapoff -a when: ansible_swaptotal_mb > 0 - name: Remove swap from fstab replace: path: /etc/fstab regexp: '.*swap.*' replace: '' - name: Enable kernel modules copy: dest: /etc/modules-load.d/k8s.conf content: | overlay br_netfilter - name: Load kernel modules shell: | modprobe overlay modprobe br_netfilter - name: Set sysctl params copy: dest: /etc/sysctl.d/k8s.conf content: | net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 - name: Apply sysctl command: sysctl --system - name: Install required packages dnf: name: - yum-utils - device-mapper-persistent-data - lvm2 state: present - name: Add Kubernetes repo copy: dest: /etc/yum.repos.d/kubernetes.repo content: | [kubernetes] name=Kubernetes baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/ enabled=1 gpgcheck=1 gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key - name: Add Docker CE repository get_url: url: https://download.docker.com/linux/centos/docker-ce.repo dest: /etc/yum.repos.d/docker-ce.repo mode: '0644' - name: Install containerd dnf: name: containerd.io state: present - name: Configure containerd shell: | mkdir -p /etc/containerd containerd config default > /etc/containerd/config.toml sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml - name: Enable and start containerd systemd: name: containerd enabled: yes state: started - name: Install Kubernetes packages dnf: name: - kubelet - kubeadm - kubectl disable_excludes: kubernetes state: present - name: Enable kubelet systemd: name: kubelet enabled: yes state: started - name: Initialize Kubernetes command: kubeadm init --pod-network-cidr=10.244.0.0/16 args: creates: /etc/kubernetes/admin.conf when: inventory_hostname == 'rocky9-vm01.home.lan' - name: Wait for Kubernetes API to be available wait_for: host: 127.0.0.1 port: 6443 delay: 10 timeout: 300 state: started when: inventory_hostname == 'rocky9-vm01.home.lan' - name: Copy kubeconfig to user copy: remote_src: yes src: /etc/kubernetes/admin.conf dest: /home/{{ ansible_user }}/.kube/config owner: "{{ ansible_user }}" group: "{{ ansible_user }}" mode: '0644' when: inventory_hostname == 'rocky9-vm01.home.lan' - name: Install Flannel CNI become_user: "{{ ansible_user }}" command: kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml when: inventory_hostname == 'rocky9-vm01.home.lan' - name: Get join command command: kubeadm token create --print-join-command register: join_command when: inventory_hostname == 'rocky9-vm01.home.lan' - name: Save join command set_fact: worker_join_cmd: "{{ join_command.stdout }}" when: inventory_hostname == 'rocky9-vm01.home.lan' - name: Print join command debug: msg: "{{ worker_join_cmd }}" when: inventory_hostname == 'rocky9-vm01.home.lan' - name: Wait for Kubernetes API uri: url: https://localhost:6443/healthz method: GET status_code: 200 validate_certs: no register: api_health until: api_health.status == 200 retries: 10 delay: 15 when: inventory_hostname == 'rocky9-vm01.home.lan' - name: Join cluster command: "{{ hostvars['rocky9-vm01.home.lan'].worker_join_cmd }}" args: creates: /etc/kubernetes/kubelet.conf when: inventory_hostname != 'rocky9-vm01.home.lan'