richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5938 Commits
34 Branches
82 Tags
155 MiB
Tree: 0ac364dfae
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0ac364dfae'
${ noResults }
kubespray/roles/kubernetes/preinstall/tasks/0080-system-configurations.yml

100 lines
2.3 KiB
Raw Normal View History

Fix yaml checks
6 years ago
Update dir list
6 years ago
Only use stat get_checksum: yes when needed (#7270) By default Ansible stat module compute checksum, list extended attributes and find mime type To find all stat invocations that really use one of those: git grep -F stat. | grep -vE 'stat.(islnk|exists|lnk_source|writeable)' Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
4 years ago
Added Amazon Linux 2 support for deploying with docker (#5301)
5 years ago
Update dir list
6 years ago
Added Amazon Linux 2 support for deploying with docker (#5301)
5 years ago
ansible-lint: Don’t compare to literal True/False (#4499)
5 years ago
Update dir list
6 years ago
Create /etc/gai.conf if not exists when disable_ipv6_dns is 'true' (#6258)
4 years ago
Update dir list
6 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Update dir list
6 years ago
Remove support for CoreOS Container Linux (#6576)
4 years ago
Update dir list
6 years ago
ansible-lint: add spaces around variables [E206] (#4699)
5 years ago
Only use stat get_checksum: yes when needed (#7270) By default Ansible stat module compute checksum, list extended attributes and find mime type To find all stat invocations that really use one of those: git grep -F stat. | grep -vE 'stat.(islnk|exists|lnk_source|writeable)' Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
4 years ago
Update dir list
6 years ago
ansible-lint: add spaces around variables [E206] (#4699)
5 years ago
Update dir list
6 years ago
Enable ClearLinux as a distro in kubespray (#3855) Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
6 years ago
Move to Ansible 3.4.0 (#7672) * Ansible: move to Ansible 3.4.0 which uses ansible-base 2.10.10 * Docs: add a note about ansible upgrade post 2.9.x * CI: ensure ansible is removed before ansible 3.x is installed to avoid pip failures * Ansible: use newer ansible-lint * Fix ansible-lint 5.0.11 found issues * syntax issues * risky-file-permissions * var-naming * role-name * molecule tests * Mitogen: use 0.3.0rc1 which adds support for ansible 2.10+ * Pin ansible-base to 2.10.11 to get package fix on RHEL8
3 years ago
Enable ClearLinux as a distro in kubespray (#3855) Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
6 years ago
Update dir list
6 years ago
ansible-lint: add spaces around variables [E206] (#4699)
5 years ago
Update dir list
6 years ago
Fix warning of "Enable ip forwarding" (#6953) The task outputs the following warning: TASK [kubernetes/preinstall : Enable ip forwarding] [WARNING]: The value 1 (type int) in a string field was converted to u'1' (type string). If this does not look like what you expect, quote the entire value to ensure it does not change.
4 years ago
Update dir list
6 years ago
Add protectKernelDefaults option (default true) to kubelet config file (#6611)
4 years ago
Changes to support Dual Stack networking
4 years ago
Add protectKernelDefaults option (default true) to kubelet config file (#6611)
4 years ago
Check for dummy kernel module (#7348) The dummy module is needed for nodelocaldns.
4 years ago
  1. ---
  2. # Todo : selinux configuration
  3. - name: Confirm selinux deployed
  4. stat:
  5. path: /etc/selinux/config
  6. get_attributes: no
  7. get_checksum: no
  8. get_mime: no
  9. when:
  10. - ansible_os_family == "RedHat"
  11. - "'Amazon' not in ansible_distribution"
  12. register: slc
  14. - name: Set selinux policy
  15. selinux:
  16. policy: targeted
  17. state: "{{ preinstall_selinux_state }}"
  18. when:
  19. - ansible_os_family == "RedHat"
  20. - "'Amazon' not in ansible_distribution"
  21. - slc.stat.exists
  22. changed_when: False
  23. tags:
  24. - bootstrap-os
  26. - name: Disable IPv6 DNS lookup
  27. lineinfile:
  28. dest: /etc/gai.conf
  29. line: "precedence ::ffff:0:0/96 100"
  30. state: present
  31. create: yes
  32. backup: yes
  33. mode: 0644
  34. when:
  35. - disable_ipv6_dns
  36. - not ansible_os_family in ["Flatcar Container Linux by Kinvolk"]
  37. tags:
  38. - bootstrap-os
  40. - name: Stat sysctl file configuration
  41. stat:
  42. path: "{{ sysctl_file_path }}"
  43. get_attributes: no
  44. get_checksum: no
  45. get_mime: no
  46. register: sysctl_file_stat
  47. tags:
  48. - bootstrap-os
  50. - name: Change sysctl file path to link source if linked
  51. set_fact:
  52. sysctl_file_path: "{{ sysctl_file_stat.stat.lnk_source }}"
  53. when:
  54. - sysctl_file_stat.stat.islnk is defined
  55. - sysctl_file_stat.stat.islnk
  56. tags:
  57. - bootstrap-os
  59. - name: Make sure sysctl file path folder exists
  60. file:
  61. name: "{{ sysctl_file_path | dirname }}"
  62. state: directory
  63. mode: 0755
  65. - name: Enable ip forwarding
  66. sysctl:
  67. sysctl_file: "{{ sysctl_file_path }}"
  68. name: net.ipv4.ip_forward
  69. value: "1"
  70. state: present
  71. reload: yes
  73. - name: Enable ipv6 forwarding
  74. sysctl:
  75. sysctl_file: "{{ sysctl_file_path }}"
  76. name: net.ipv6.conf.all.forwarding
  77. value: 1
  78. state: present
  79. reload: yes
  80. when: enable_dual_stack_networks | bool
  82. - name: Ensure kube-bench parameters are set
  83. sysctl:
  84. sysctl_file: /etc/sysctl.d/bridge-nf-call.conf
  85. name: "{{ item.name }}"
  86. value: "{{ item.value }}"
  87. state: present
  88. reload: yes
  89. with_items:
  90. - { name: vm.overcommit_memory, value: 1 }
  91. - { name: kernel.panic, value: 10 }
  92. - { name: kernel.panic_on_oops, value: 1 }
  93. when: kubelet_protect_kernel_defaults|bool
  95. - name: Check dummy module
  96. modprobe:
  97. name: dummy
  98. state: present
  99. params: 'numdummies=0'
  100. when: enable_nodelocaldns