9e256fd8b0
For details see the announcement https://kubernetes.io/blog/2023/08/31/legacy-package-repository-deprecation/ Also bump K8s version up to 1.28.4 Change-Id: Ic6b3478e53504622804b6f003ca176a679573d5b
117 lines
2.9 KiB
YAML
117 lines
2.9 KiB
YAML
---
|
|
- name: Load necessary modules
|
|
modprobe:
|
|
name: "{{ item }}"
|
|
state: present
|
|
with_items:
|
|
- overlay
|
|
- br_netfilter
|
|
|
|
- name: Configure sysctl
|
|
sysctl:
|
|
name: "{{ item }}"
|
|
value: "1"
|
|
state: present
|
|
loop:
|
|
- net.ipv6.conf.default.disable_ipv6
|
|
- net.ipv6.conf.all.disable_ipv6
|
|
- net.ipv6.conf.lo.disable_ipv6
|
|
- net.bridge.bridge-nf-call-iptables
|
|
- net.bridge.bridge-nf-call-ip6tables
|
|
- net.ipv4.ip_forward
|
|
ignore_errors: true
|
|
|
|
# This is necessary when we run dnsmasq.
|
|
# Otherwise, we get the error:
|
|
# failed to create inotify: Too many open files
|
|
- name: Configure number of inotify instances
|
|
sysctl:
|
|
name: "fs.inotify.max_user_instances"
|
|
value: "256"
|
|
state: present
|
|
ignore_errors: true
|
|
|
|
- name: Remove swapfile from /etc/fstab
|
|
mount:
|
|
name: "{{ item }}"
|
|
fstype: swap
|
|
state: absent
|
|
with_items:
|
|
- swap
|
|
- none
|
|
|
|
- name: Disable swap
|
|
command: swapoff -a
|
|
when: ansible_swaptotal_mb > 0
|
|
|
|
- name: Ensure dependencies are installed
|
|
apt:
|
|
name:
|
|
- apt-transport-https
|
|
- ca-certificates
|
|
- gnupg2
|
|
- ipvsadm
|
|
- jq
|
|
state: present
|
|
|
|
- name: Add Kubernetes apt repository key
|
|
apt_key:
|
|
url: "https://pkgs.k8s.io/core:/stable:/{{ kube_version_repo }}/deb/Release.key"
|
|
state: present
|
|
|
|
- name: Add Kubernetes apt repository
|
|
apt_repository:
|
|
repo: "deb https://pkgs.k8s.io/core:/stable:/{{ kube_version_repo }}/deb/ /"
|
|
state: present
|
|
filename: kubernetes.list
|
|
|
|
- name: Install Kubernetes binaries
|
|
apt:
|
|
state: present
|
|
update_cache: true
|
|
allow_downgrade: true
|
|
pkg:
|
|
- "kubelet={{ kube_version }}"
|
|
- "kubeadm={{ kube_version }}"
|
|
- "kubectl={{ kube_version }}"
|
|
|
|
- name: Restart kubelet
|
|
service:
|
|
name: kubelet
|
|
daemon_reload: yes
|
|
state: restarted
|
|
|
|
- name: Disable systemd-resolved
|
|
service:
|
|
name: systemd-resolved
|
|
enabled: false
|
|
state: stopped
|
|
|
|
- name: Configure resolv.conf
|
|
copy:
|
|
src: files/resolv.conf
|
|
dest: "{{ item }}"
|
|
loop:
|
|
- /etc/resolv.conf
|
|
- /run/systemd/resolve/resolv.conf
|
|
|
|
# We download Calico manifest on all nodes because we then want to download
|
|
# Calico images BEFORE deploying it
|
|
- name: Download Calico manifest
|
|
shell: |
|
|
curl -LSs https://docs.projectcalico.org/archive/{{ calico_version }}/manifests/calico.yaml -o /tmp/calico.yaml
|
|
sed -i -e 's#docker.io/calico/#quay.io/calico/#g' /tmp/calico.yaml
|
|
args:
|
|
executable: /bin/bash
|
|
|
|
# Download images needed for calico before applying manifests, so that `kubectl wait` timeout
|
|
# for `k8s-app=kube-dns` isn't reached by slow download speeds
|
|
- name: Download Calico images
|
|
shell: |
|
|
export CONTAINER_RUNTIME_ENDPOINT=unix:///run/containerd/containerd.sock
|
|
export IMAGE_SERVICE_ENDPOINT=unix:///run/containerd/containerd.sock
|
|
awk '/image:/ { print $2 }' /tmp/calico.yaml | xargs -I{} crictl pull {}
|
|
args:
|
|
executable: /bin/bash
|
|
...
|