smatsiievskyi/kube
1
0
Fork 0
forked from k-space/kube
Code Issues Pull Requests Packages Projects Activity

Update kubeadm, kubectl, kubelet deployment

Browse Source
This commit is contained in:
Lauri Võsandi
2024-07-27 01:05:55 +03:00
parent 047cbb5c6b
commit ca623c11fd
1 changed files with 95 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
ansible-kubernetes.yml
View File

@@ -1,46 +1,89 @@
--- ---
- name: Reconfigure graceful shutdown for kubelet - name: Reconfigure Kubernetes nodes
hosts: kubernetes hosts: kubernetes
vars:
KUBERNETES_VERSION: v1.27.16
tasks: tasks:
- name: Remove APT packages
ansible.builtin.apt:
name: "{{ item }}"
state: absent
loop:
- kubelet
- kubeadm
- kubectl
- name: Download kubectl
ansible.builtin.get_url:
url: "https://cdn.dl.k8s.io/release/{{ KUBERNETES_VERSION }}/bin/linux/{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}/kubectl"
dest: /usr/bin/kubectl
mode: '0755'
- name: Download kubeadm
ansible.builtin.get_url:
url: "https://cdn.dl.k8s.io/release/{{ KUBERNETES_VERSION }}/bin/linux/{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}/kubeadm"
dest: /usr/bin/kubeadm
mode: '0755'
- name: Download kubelet
ansible.builtin.get_url:
url: "https://cdn.dl.k8s.io/release/{{ KUBERNETES_VERSION }}/bin/linux/{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}/kubelet"
dest: /usr/bin/kubelet
mode: '0755'
- name: Create /etc/systemd/system/kubelet.service
ansible.builtin.copy:
content: |
[Unit]
Description=kubelet: The Kubernetes Node Agent
Documentation=https://kubernetes.io/docs/home/
Wants=network-online.target
After=network-online.target
[Service]
ExecStart=/usr/local/bin/kubelet
Restart=always
StartLimitInterval=0
RestartSec=10
[Install]
WantedBy=multi-user.target
dest: /etc/systemd/system/kubelet.service
- name: Reconfigure shutdownGracePeriod - name: Reconfigure shutdownGracePeriod
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /var/lib/kubelet/config.yaml path: /var/lib/kubelet/config.yaml
regexp: '^shutdownGracePeriod:' regexp: '^shutdownGracePeriod:'
line: 'shutdownGracePeriod: 5m' line: 'shutdownGracePeriod: 5m'
- name: Reconfigure shutdownGracePeriodCriticalPods - name: Reconfigure shutdownGracePeriodCriticalPods
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /var/lib/kubelet/config.yaml path: /var/lib/kubelet/config.yaml
regexp: '^shutdownGracePeriodCriticalPods:' regexp: '^shutdownGracePeriodCriticalPods:'
line: 'shutdownGracePeriodCriticalPods: 5m' line: 'shutdownGracePeriodCriticalPods: 5m'
- name: Work around unattended-upgrades - name: Work around unattended-upgrades
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /lib/systemd/logind.conf.d/unattended-upgrades-logind-maxdelay.conf path: /lib/systemd/logind.conf.d/unattended-upgrades-logind-maxdelay.conf
regexp: '^InhibitDelayMaxSec=' regexp: '^InhibitDelayMaxSec='
line: 'InhibitDelayMaxSec=5m0s' line: 'InhibitDelayMaxSec=5m0s'
- name: Pin kube components - name: Disable unneccesary services
hosts: kubernetes ignore_errors: true
tasks:
- name: Pin packages
loop: loop:
- kubeadm - gdm3
- kubectl - snapd
- kubelet - bluetooth
ansible.builtin.copy: - multipathd
dest: "/etc/apt/preferences.d/{{ item }}" service:
content: | name: "{{item}}"
Package: {{ item }} state: stopped
Pin: version 1.26.* enabled: no
Pin-Priority: 1001
- name: Reset /etc/containers/registries.conf - name: Reset /etc/containers/registries.conf
hosts: kubernetes
tasks:
- name: Copy /etc/containers/registries.conf
ansible.builtin.copy: ansible.builtin.copy:
content: "unqualified-search-registries = [\"docker.io\"]\n" content: "unqualified-search-registries = [\"docker.io\"]\n"
dest: /etc/containers/registries.conf dest: /etc/containers/registries.conf
register: registries register: registries
- name: Restart CRI-O - name: Restart CRI-O
service: service:
name: cri-o name: cri-o
@@ -48,9 +91,6 @@
when: registries.changed when: registries.changed
- name: Reset /etc/modules - name: Reset /etc/modules
hosts: kubernetes
tasks:
- name: Copy /etc/modules
ansible.builtin.copy: ansible.builtin.copy:
content: | content: |
overlay overlay
@@ -62,9 +102,6 @@
when: kernel_modules.changed when: kernel_modules.changed
- name: Reset /etc/sysctl.d/99-k8s.conf - name: Reset /etc/sysctl.d/99-k8s.conf
hosts: kubernetes
tasks:
- name: Copy /etc/sysctl.d/99-k8s.conf
ansible.builtin.copy: ansible.builtin.copy:
content: | content: |
net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.accept_redirects = 0
@@ -76,6 +113,7 @@
fs.inotify.max_user_watches = 655360 fs.inotify.max_user_watches = 655360
dest: /etc/sysctl.d/99-k8s.conf dest: /etc/sysctl.d/99-k8s.conf
register: sysctl register: sysctl
- name: Reload sysctl config - name: Reload sysctl config
ansible.builtin.shell: "sysctl --system" ansible.builtin.shell: "sysctl --system"
when: sysctl.changed when: sysctl.changed