--- - name: generate apt pin files for kubeadm and kubectl loop: - kubeadm - kubectl copy: dest: "/etc/apt/preferences.d/{{ item }}.pref" content: | Package: {{ item }} Pin: version {{ kubernetes_version }}-* Pin-Priority: 1001 - name: install kubeadm packages apt: name: - haproxy - hatop - "kubeadm={{ kubernetes_version }}-*" - "kubectl={{ kubernetes_version }}-*" state: present allow_downgrade: yes - name: add kubeadm config for shells loop: - zsh - bash blockinfile: path: "/root/.{{ item }}rc" create: yes marker: "### {mark} ANSIBLE MANAGED BLOCK for kubeadm ###" content: | source <(kubeadm completion {{ item }}) - name: configure haproxy template: src: haproxy.cfg.j2 dest: /etc/haproxy/haproxy.cfg register: haproxy_config - name: (re)start haproxy systemd: name: haproxy state: "{% if haproxy_config is changed %}restarted{% else %}started{% endif %}" enabled: yes - name: add hatop config for shells loop: - zsh - bash blockinfile: path: "/root/.{{ item }}rc" create: yes marker: "### {mark} ANSIBLE MANAGED BLOCK for hatop ###" content: | alias hatop='hatop -s /run/haproxy/admin.sock' ## loading the modules temporarly because kubeadm will complain if they are not there # but i don't think it is necessary to make this persistent, also ignoring changes here - name: load module br_netfilter to satisfy kubeadm init/join modprobe: name: br_netfilter state: present changed_when: false - name: enable IPv4 forwarding sysctl: name: net.ipv4.ip_forward value: '1' sysctl_set: yes state: present reload: yes - name: prepare network plugin include_tasks: "net_{{ kubernetes_network_plugin }}.yml" - name: install extra packages for kube-proxy ipvs mode when: - not kubernetes_network_plugin_replaces_kube_proxy - kubernetes_kube_proxy_mode is defined - kubernetes_kube_proxy_mode == 'ipvs' apt: name: - ipvsadm - ipset state: present