diff --git a/roles/kubernetes/tasks/main.yml b/roles/kubernetes/tasks/main.yml
index c5eab28..3b26c79 100644
--- a/roles/kubernetes/tasks/main.yml
+++ b/roles/kubernetes/tasks/main.yml
@@ -38,4 +38,42 @@
 
 - name: Hold Kubernetes packages
   ansible.builtin.shell: |
-    apt-mark hold kubelet kubeadm kubectl
\ No newline at end of file
+    apt-mark hold kubelet kubeadm kubectl
+
+
+- name: Ativar ip_forward de forma idempotente
+  ansible.builtin.sysctl:
+    name: net.ipv4.ip_forward
+    value: '1'
+    state: present
+    reload: yes
+
+- name: Criar arquivo de configuração sysctl para Kubernetes
+  ansible.builtin.copy:
+    dest: /etc/sysctl.d/k8s.conf
+    content: |
+      net.bridge.bridge-nf-call-iptables = 1
+      net.bridge.bridge-nf-call-ip6tables = 1
+    owner: root
+    group: root
+    mode: '0644'
+  notify: Reload sysctl
+
+- name: Carregar módulo br_netfilter se necessário
+  ansible.builtin.modprobe:
+    name: br_netfilter
+    state: present
+
+- name: Garantir que o módulo br_netfilter seja carregado na inicialização
+  ansible.builtin.copy:
+    dest: /etc/modules-load.d/k8s.conf
+    content: |
+      br_netfilter
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Reload sysctl
+  ansible.builtin.command: sysctl --system
+  when: ansible_facts['os_family'] == 'Debian'
+  changed_when: false
\ No newline at end of file