Luca/Ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3f4726ed2de8f12583d37c491f3400da5173736d
Ansible/masterk8s.yml
Luca bc70590b3f Update masterk8s.yml
2025-11-02 19:30:09 +01:00

175 lines
4.8 KiB
YAML
Raw Blame History

---
- name: Setup nodo master Kubernetes e genera comando join
hosts: master
become: yes
vars:
master_hostname: k8s-m
master_ip: 192.168.1.17
kube_version: "1.34"
calico_manifest: "https://raw.githubusercontent.com/projectcalico/calico/v3.30.3/manifests/calico.yaml"
dashboard_manifest: "https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml"
tasks:
- name: Aggiorna sistema operativo
dnf:
name: "*"
state: latest
update_cache: yes
- name: Imposta hostname master
hostname:
name: "{{ master_hostname }}"
- name: Aggiunge voce hosts master
lineinfile:
path: /etc/hosts
line: "{{ master_ip }} {{ master_hostname }}"
- name: Disabilita swap temporaneamente e permanentemente
block:
- command: swapoff -a
args:
warn: false
changed_when: false
- replace:
path: /etc/fstab
regexp: '(^.* swap .*$)'
replace: '#\1'
- name: Imposta SELinux in permissive (runtime e config)
block:
- command: setenforce 0
args:
warn: false
- lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: 'SELINUX=permissive'
- name: Configura firewall master
firewalld:
port: "{{ item }}/tcp"
permanent: yes
state: enabled
loop: [6443,2379,2380,10250,10251,10252,10257,10259,179]
- name: Apre porta UDP firewall master
firewalld:
port: 4789/udp
permanent: yes
state: enabled
- name: Ricarica firewall
command: firewall-cmd --reload
args:
warn: false
- name: Carica moduli kernel containerd
copy:
dest: /etc/modules-load.d/containerd.conf
content: |
overlay
br_netfilter
- name: Carica modulo overlay
modprobe:
name: overlay
state: present
- name: Carica modulo br_netfilter
modprobe:
name: br_netfilter
state: present
- name: Configura sysctl per Kubernetes
copy:
dest: /etc/sysctl.d/k8s.conf
content: |
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
- name: Applica sysctl
command: sysctl --system
args:
warn: false
- name: Aggiungi repo Docker per containerd
get_url:
url: https://download.docker.com/linux/centos/docker-ce.repo
dest: /etc/yum.repos.d/docker-ce.repo
- name: Installa containerd
dnf:
name: containerd.io
state: present
- name: Configura containerd systemd
shell: |
containerd config default > /etc/containerd/config.toml
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
- name: Riavvia e abilita containerd
systemd:
name: containerd
state: restarted
enabled: yes
- name: Aggiungi repo Kubernetes
copy:
dest: /etc/yum.repos.d/kubernetes.repo
content: |
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v{{ kube_version }}/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v{{ kube_version }}/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
- name: Installa kubelet kubeadm kubectl
dnf:
name:
- kubelet
- kubeadm
- kubectl
state: present
disable_excludes: kubernetes
- name: Avvia e abilita kubelet
systemd:
name: kubelet
state: started
enabled: yes
- name: Inizializza cluster Kubernetes
command: kubeadm init --control-plane-endpoint="{{ master_hostname }}"
register: kubeadm_init
- name: Configura kubectl per utente corrente
shell: |
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
- name: Installa Calico CNI
command: kubectl apply -f {{ calico_manifest }}
- name: Installa Kubernetes Dashboard
command: kubectl apply -f {{ dashboard_manifest }}
- name: Deploy nginx di test
command: kubectl create deployment web-app01 --image nginx --replicas 2
- name: Espone nginx via NodePort
command: kubectl expose deployment web-app01 --type NodePort --port 80
- name: Crea token per join worker (comando)
shell: kubeadm token create --print-join-command
register: join_command
changed_when: false
- name: Mostra comando join da usare nei worker
debug:
msg: "{{ join_command.stdout }}"
Reference in New Issue View Git Blame Copy Permalink