fenix-gitea-admin/iac-ansible-public
1
0
Fork 0
mirror of https://gitea.fenix-dev.com/fenix-gitea-admin/iac-ansible-private.git synced 2025-10-27 08:43:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update roles/kubernetes/tasks/main.yml

Browse Source
This commit is contained in:
fenix-gitea-admin
2025-10-12 16:18:11 +00:00
parent b9f54ed9ad
commit 1e0f723043
1 changed files with 39 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
roles/kubernetes/tasks/main.yml
View File

@ -38,4 +38,42 @@
- name: Hold Kubernetes packages
ansible.builtin.shell: |
apt-mark hold kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl
- name: Ativar ip_forward de forma idempotente
ansible.builtin.sysctl:
name: net.ipv4.ip_forward
value: '1'
state: present
reload: yes
- name: Criar arquivo de configuração sysctl para Kubernetes
ansible.builtin.copy:
dest: /etc/sysctl.d/k8s.conf
content: |
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
owner: root
group: root
mode: '0644'
notify: Reload sysctl
- name: Carregar módulo br_netfilter se necessário
ansible.builtin.modprobe:
name: br_netfilter
state: present
- name: Garantir que o módulo br_netfilter seja carregado na inicialização
ansible.builtin.copy:
dest: /etc/modules-load.d/k8s.conf
content: |
br_netfilter
owner: root
group: root
mode: '0644'
- name: Reload sysctl
ansible.builtin.command: sysctl --system
when: ansible_facts['os_family'] == 'Debian'
changed_when: false