diff --git a/roles/kubernetes/tasks/main.yml b/roles/kubernetes/tasks/main.yml index 1928bcf..b4e3fec 100644 --- a/roles/kubernetes/tasks/main.yml +++ b/roles/kubernetes/tasks/main.yml @@ -3,8 +3,10 @@ name: containerd state: present update_cache: no + become: true - name: Hold Kubernetes packages + become: true ansible.builtin.shell: | apt-mark hold containerd #- name: Add Kubernetes APT key @@ -18,6 +20,7 @@ # state: present - name: Adicionar chave GPG do Kubernetes + become: true ansible.builtin.shell: | mkdir -p /etc/apt/keyrings curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg @@ -25,6 +28,7 @@ creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg - name: Adicionar repositório oficial do Kubernetes + become: true ansible.builtin.copy: dest: /etc/apt/sources.list.d/kubernetes.list content: | @@ -32,6 +36,7 @@ - name: Install Kubernetes components + become: true apt: name: - kubelet @@ -41,14 +46,17 @@ update_cache: yes - name: Hold Kubernetes packages + become: true ansible.builtin.shell: | apt-mark hold kubelet kubeadm kubectl - name: Desativar swap + become: true ansible.builtin.command: swapoff -a - name: Garantir que swap está desativado no fstab + become: true ansible.builtin.lineinfile: path: /etc/fstab regexp: '.*swap.*' @@ -56,6 +64,7 @@ - name: Ativar ip_forward de forma idempotente + become: true ansible.builtin.sysctl: name: net.ipv4.ip_forward value: '1' @@ -63,6 +72,7 @@ reload: yes - name: Configurar sysctl para Kubernetes + become: true ansible.builtin.copy: dest: /etc/sysctl.d/k8s.conf content: | @@ -74,6 +84,7 @@ ansible.builtin.command: sysctl --system when: ansible_facts['os_family'] == 'Debian' changed_when: false + become: true @@ -93,7 +104,6 @@ name: br_netfilter state: present - - name: Garantir que o módulo br_netfilter seja carregado na inicialização ansible.builtin.copy: dest: /etc/modules-load.d/k8s.conf