--- - name: Setup nodo master Kubernetes e genera comando join hosts: master become: yes vars: master_hostname: k8s-m master_ip: 192.168.1.17 kube_version: "1.34" calico_manifest: "https://raw.githubusercontent.com/projectcalico/calico/v3.30.3/manifests/calico.yaml" dashboard_manifest: "https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml" tasks: - name: Aggiorna sistema operativo dnf: name: "*" state: latest update_cache: yes - name: Imposta hostname master hostname: name: "{{ master_hostname }}" - name: Aggiunge voce hosts master lineinfile: path: /etc/hosts line: "{{ master_ip }} {{ master_hostname }}" - name: Disabilita swap temporaneamente e permanentemente block: - command: swapoff -a args: warn: false changed_when: false - replace: path: /etc/fstab regexp: '(^.* swap .*$)' replace: '#\1' - name: Imposta SELinux in permissive (runtime e config) block: - command: setenforce 0 args: warn: false - lineinfile: path: /etc/selinux/config regexp: '^SELINUX=' line: 'SELINUX=permissive' - name: Configura firewall master firewalld: port: "{{ item }}/tcp" permanent: yes state: enabled loop: [6443,2379,2380,10250,10251,10252,10257,10259,179] - name: Apre porta UDP firewall master firewalld: port: 4789/udp permanent: yes state: enabled - name: Ricarica firewall command: firewall-cmd --reload args: warn: false - name: Carica moduli kernel containerd copy: dest: /etc/modules-load.d/containerd.conf content: | overlay br_netfilter - name: Carica modulo overlay modprobe: name: overlay state: present - name: Carica modulo br_netfilter modprobe: name: br_netfilter state: present - name: Configura sysctl per Kubernetes copy: dest: /etc/sysctl.d/k8s.conf content: | net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-ip6tables = 1 - name: Applica sysctl command: sysctl --system args: warn: false - name: Aggiungi repo Docker per containerd get_url: url: https://download.docker.com/linux/centos/docker-ce.repo dest: /etc/yum.repos.d/docker-ce.repo - name: Installa containerd dnf: name: containerd.io state: present - name: Configura containerd systemd shell: | containerd config default > /etc/containerd/config.toml sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml - name: Riavvia e abilita containerd systemd: name: containerd state: restarted enabled: yes - name: Aggiungi repo Kubernetes copy: dest: /etc/yum.repos.d/kubernetes.repo content: | [kubernetes] name=Kubernetes baseurl=https://pkgs.k8s.io/core:/stable:/v{{ kube_version }}/rpm/ enabled=1 gpgcheck=1 gpgkey=https://pkgs.k8s.io/core:/stable:/v{{ kube_version }}/rpm/repodata/repomd.xml.key exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni - name: Installa kubelet kubeadm kubectl dnf: name: - kubelet - kubeadm - kubectl state: present disable_excludes: kubernetes - name: Avvia e abilita kubelet systemd: name: kubelet state: started enabled: yes - name: Inizializza cluster Kubernetes command: kubeadm init --control-plane-endpoint="{{ master_hostname }}" register: kubeadm_init - name: Configura kubectl per utente corrente shell: | mkdir -p $HOME/.kube cp -i /etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/config - name: Installa Calico CNI command: kubectl apply -f {{ calico_manifest }} - name: Installa Kubernetes Dashboard command: kubectl apply -f {{ dashboard_manifest }} - name: Deploy nginx di test command: kubectl create deployment web-app01 --image nginx --replicas 2 - name: Espone nginx via NodePort command: kubectl expose deployment web-app01 --type NodePort --port 80 - name: Crea token per join worker (comando) shell: kubeadm token create --print-join-command register: join_command changed_when: false - name: Mostra comando join da usare nei worker debug: msg: "{{ join_command.stdout }}"