Update k8sworker.yml

k8sworker.yml

@@ -0,0 +1,152 @@
+---
+- name: Setup nodi worker Kubernetes e join cluster
+  hosts: workers
+  become: yes
+  vars:
+    kube_version: "1.34"
+  tasks:
+    - name: Aggiorna sistema operativo
+      dnf:
+        name: "*"
+        state: latest
+        update_cache: yes
+
+    - name: Imposta hostname worker
+      hostname:
+        name: "{{ inventory_hostname }}"
+
+    - name: Aggiunge voce hosts master e workers
+      lineinfile:
+        path: /etc/hosts
+        line: "{{ item }}"
+      loop:
+        - "192.168.1.17 k8s-m"
+        - "192.168.1.18 k8s-w1"
+        - "192.168.1.19 k8s-w2"
+
+    - name: Disabilita swap temporaneamente e permanentemente
+      block:
+        - command: swapoff -a
+          args:
+            warn: false
+          changed_when: false
+        - replace:
+            path: /etc/fstab
+            regexp: '(^.* swap .*$)'
+            replace: '#\1'
+
+    - name: Imposta SELinux in permissive (runtime e config)
+      block:
+        - command: setenforce 0
+          args:
+            warn: false
+        - lineinfile:
+            path: /etc/selinux/config
+            regexp: '^SELINUX='
+            line: 'SELINUX=permissive'
+
+    - name: Configura firewall worker (porte tcp)
+      firewalld:
+        port: "{{ item }}/tcp"
+        permanent: yes
+        state: enabled
+      loop: [179,10250]
+
+    - name: Apre porta UDP firewall worker
+      firewalld:
+        port: 4789/udp
+        permanent: yes
+        state: enabled
+
+    - name: Apre NodePort range TCP
+      firewalld:
+        port: 30000-32767/tcp
+        permanent: yes
+        state: enabled
+
+    - name: Ricarica firewall
+      command: firewall-cmd --reload
+      args:
+        warn: false
+
+    - name: Carica moduli kernel containerd
+      copy:
+        dest: /etc/modules-load.d/containerd.conf
+        content: |
+          overlay
+          br_netfilter
+
+    - name: Carica modulo overlay
+      modprobe:
+        name: overlay
+        state: present
+
+    - name: Carica modulo br_netfilter
+      modprobe:
+        name: br_netfilter
+        state: present
+
+    - name: Configura sysctl per Kubernetes
+      copy:
+        dest: /etc/sysctl.d/k8s.conf
+        content: |
+          net.bridge.bridge-nf-call-iptables = 1
+          net.ipv4.ip_forward = 1
+          net.bridge.bridge-nf-call-ip6tables = 1
+
+    - name: Applica sysctl
+      command: sysctl --system
+      args:
+        warn: false
+
+    - name: Aggiungi repo Docker per containerd
+      get_url:
+        url: https://download.docker.com/linux/centos/docker-ce.repo
+        dest: /etc/yum.repos.d/docker-ce.repo
+
+    - name: Installa containerd
+      dnf:
+        name: containerd.io
+        state: present
+
+    - name: Configura containerd systemd
+      shell: |
+        containerd config default > /etc/containerd/config.toml
+        sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
+
+    - name: Riavvia e abilita containerd
+      systemd:
+        name: containerd
+        state: restarted
+        enabled: yes
+
+    - name: Aggiungi repo Kubernetes
+      copy:
+        dest: /etc/yum.repos.d/kubernetes.repo
+        content: |
+          [kubernetes]
+          name=Kubernetes
+          baseurl=https://pkgs.k8s.io/core:/stable:/v{{ kube_version }}/rpm/
+          enabled=1
+          gpgcheck=1
+          gpgkey=https://pkgs.k8s.io/core:/stable:/v{{ kube_version }}/rpm/repodata/repomd.xml.key
+          exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
+
+    - name: Installa kubelet kubeadm kubectl
+      dnf:
+        name:
+          - kubelet
+          - kubeadm
+          - kubectl
+        state: present
+        disable_excludes: kubernetes
+
+    - name: Avvia e abilita kubelet
+      systemd:
+        name: kubelet
+        state: started
+        enabled: yes
+
+    - name: Unisciti al cluster Kubernetes usando comando join
+      command: "{{ join_command }}"
+      when: join_command is defined