---
- name: Update and upgrade yum packages
  yum:
    name: "*"
    state: latest

- name: Install yum packages
  yum:
    name: "{{ item }}"
    state: present
  with_items:
    - python-pip
    - yum-utils
    - device-mapper-persistent-data
    - lvm2
    - amazon-linux-extras      

- name: Add extras repository
  shell: yum-config-manager --enable extras

- name: Disable firewalld
  systemd: name=firewalld state=stopped
  ignore_errors: yes
  tags:
   - install
   - atomic
   - firewalld

- name: Disable SWAP since kubernetes can't work with swap enabled (1/2)
  command: 'swapoff -a'

    # - name: Disable SWAP in fstab since kubernetes can't work with swap enabled (2/2)
    #   replace:
    #     path: /etc/fstab
    #     regexp: '^([^#].*?\sswap\s+sw\s+.*)$'
    #     replace: '# \1'

- name: Disable SWAP in fstab since kubernetes can't work with swap enabled (2/2)
  become: true
  lineinfile:
    path: /etc/fstab
    regexp: '^/dev/mapper/.*swap'
    line: '# {{ item }}'
      #  when: item is search('^/dev/mapper/.*swap')
  loop: "{{ lookup('file', '/etc/fstab').split('\n') }}"

- name: Add br_netfilter to module autoload
  lineinfile:
    path: /etc/modules-load.d/k8s2.conf
    line: "{{ item }}"
    create: true
  with_items:
    - 'overlay'
    - 'br_netfilter'

- name: Add br_netfilter to module autoload
  modprobe:
    name: "{{ item }}"
    state: present
  become: true
  with_items:
    - 'overlay'
    - 'br_netfilter'

- name: Add br_netfilter to module autoload
  lineinfile:
    path: /etc/sysctl.d/k8s.conf
    line: "{{ item }}"
    create: true
  with_items:
    - 'net.bridge.bridge-nf-call-iptables  = 1'
    - 'net.bridge.bridge-nf-call-ip6tables = 1'
    - 'net.ipv4.ip_forward                 = 1'

- name: Disable net.bridge.bridge-nf-call-iptables
  sysctl:
    name: "{{ item }}"
    value: 1
  with_items:
    - 'net.bridge.bridge-nf-call-iptables'
    - 'net.bridge.bridge-nf-call-ip6tables'

- name: Disable net.ipv4.ip_forward
  sysctl:
    name: net.ipv4.ip_forward
    value: "1"