Dustin C. Hatch
878a099752
The _iscsi.socket_ unit gets enabled by default with the _iscsi-initiator-utils_ package is installed, but it won't start automatically until the next boot. Without this service running, Longhorn volumes will not be able to attach to the node, so we need to explicitly ensure it is running before any workloads are assigned to the node.
128 lines
2.6 KiB
YAML
128 lines
2.6 KiB
YAML
- name: load os-specific values
|
|
include_vars: '{{ item }}'
|
|
with_first_found:
|
|
- '{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml'
|
|
- '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
|
|
- '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml'
|
|
- '{{ ansible_distribution }}.yml'
|
|
- '{{ ansible_os_family }}.yml'
|
|
- defaults.yml
|
|
tags:
|
|
- always
|
|
|
|
- name: ensure required packages are installed
|
|
dnf:
|
|
name: '{{ kubernetes_packages }}'
|
|
install_weak_deps: false
|
|
state: present
|
|
tags:
|
|
- install
|
|
|
|
- name: ensure firewalld service is stopped
|
|
service:
|
|
name: firewalld
|
|
state: stopped
|
|
enabled: false
|
|
ignore_errors: true
|
|
tags:
|
|
- firewalld
|
|
|
|
- name: ensure kernel modules-load is configured for kubernetes
|
|
copy:
|
|
content: |+
|
|
{{ kubernetes_kernel_modules | join('\n') }}
|
|
dest: /etc/modules-load.d/k8s.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- load kernel modules
|
|
tags:
|
|
- kmod
|
|
|
|
- name: ensure kernel tunables are set for kubernetes
|
|
copy:
|
|
src: sysctl.conf
|
|
dest: /etc/sysctl.d/60-k8s.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- set kernel tunables
|
|
tags:
|
|
- sysctl
|
|
|
|
- name: ensure zram generator defaults are disabled
|
|
copy:
|
|
content: ''
|
|
dest: /etc/systemd/zram-generator.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- reload systemd
|
|
tags:
|
|
- zram-generator
|
|
|
|
- name: ensure zram0 is stopped
|
|
systemd:
|
|
name: systemd-zram-setup@zram0
|
|
state: stopped
|
|
ignore_errors: true
|
|
notify:
|
|
- swapoff -a
|
|
tags:
|
|
- zram-generator
|
|
|
|
- name: ensure unneeded cni configuration files are removed
|
|
file:
|
|
path: /etc/cni/net.d/{{ item }}
|
|
state: absent
|
|
loop:
|
|
- 100-crio-bridge.conflist
|
|
- 200-loopback.conflist
|
|
tags:
|
|
- cni
|
|
|
|
- name: ensure kubelet.service drop-in configuration directory exists
|
|
file:
|
|
path: /etc/systemd/system/kubelet.service.d
|
|
owner: root
|
|
group: root
|
|
mode: u=rwx,go=rx
|
|
state: directory
|
|
tags:
|
|
- systemd
|
|
- name: ensure kubelet.service extra args are configured
|
|
copy:
|
|
src: extra-args.systemd.conf
|
|
dest: /etc/systemd/system/kubelet.service.d/60-extra-args.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,go=r
|
|
notify:
|
|
- reload systemd
|
|
- restart kubelet
|
|
tags:
|
|
- systemd
|
|
|
|
- name: ensure kubelet service is enabled
|
|
service:
|
|
name: kubelet
|
|
enabled: true
|
|
tags:
|
|
- service
|
|
|
|
- name: ensure iscsi socket is enabled
|
|
systemd:
|
|
name: iscsid.socket
|
|
enabled: true
|
|
tags:
|
|
- service
|
|
- name: ensure iscsi socket is active
|
|
systemd:
|
|
name: iscsid.socket
|
|
state: started
|
|
tags:
|
|
- service
|