fenix-gitea-admin/iac-ansible-public
1
0
Fork 0
mirror of https://gitea.fenix-dev.com/fenix-gitea-admin/iac-ansible-private.git synced 2025-10-27 00:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update roles/kubernetes/tasks/main.yml

Browse Source
This commit is contained in:
fenix-gitea-admin
2025-10-17 19:35:49 +00:00
parent 1be1e6e121
commit 297354bf83
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
roles/kubernetes/tasks/main.yml
View File

@ -3,8 +3,10 @@
name: containerd
state: present
update_cache: no
become: true
- name: Hold Kubernetes packages
become: true
ansible.builtin.shell: |
apt-mark hold containerd
#- name: Add Kubernetes APT key
@ -18,6 +20,7 @@
# state: present
- name: Adicionar chave GPG do Kubernetes
become: true
ansible.builtin.shell: |
mkdir -p /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
@ -25,6 +28,7 @@
creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg
- name: Adicionar repositório oficial do Kubernetes
become: true
ansible.builtin.copy:
dest: /etc/apt/sources.list.d/kubernetes.list
content: |
@ -32,6 +36,7 @@
- name: Install Kubernetes components
become: true
apt:
name:
- kubelet
@ -41,14 +46,17 @@
update_cache: yes
- name: Hold Kubernetes packages
become: true
ansible.builtin.shell: |
apt-mark hold kubelet kubeadm kubectl
- name: Desativar swap
become: true
ansible.builtin.command: swapoff -a
- name: Garantir que swap está desativado no fstab
become: true
ansible.builtin.lineinfile:
path: /etc/fstab
regexp: '.*swap.*'
@ -56,6 +64,7 @@
- name: Ativar ip_forward de forma idempotente
become: true
ansible.builtin.sysctl:
name: net.ipv4.ip_forward
value: '1'
@ -63,6 +72,7 @@
reload: yes
- name: Configurar sysctl para Kubernetes
become: true
ansible.builtin.copy:
dest: /etc/sysctl.d/k8s.conf
content: |
@ -74,6 +84,7 @@
ansible.builtin.command: sysctl --system
when: ansible_facts['os_family'] == 'Debian'
changed_when: false
become: true
@ -93,7 +104,6 @@
name: br_netfilter
state: present
- name: Garantir que o módulo br_netfilter seja carregado na inicialização
ansible.builtin.copy:
dest: /etc/modules-load.d/k8s.conf