terraform script add
This commit is contained in:
ByeonJungHun
86
packer/ansible/roles/docker/tasks/00-amazon-os-main.yml
Normal file
86
packer/ansible/roles/docker/tasks/00-amazon-os-main.yml
Normal file
@@ -0,0 +1,86 @@
|
||||
---
|
||||
- name: Update and upgrade yum packages
|
||||
yum:
|
||||
name: "*"
|
||||
state: latest
|
||||
|
||||
- name: Install yum packages
|
||||
yum:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- python-pip
|
||||
- yum-utils
|
||||
- device-mapper-persistent-data
|
||||
- lvm2
|
||||
- amazon-linux-extras
|
||||
|
||||
- name: Add extras repository
|
||||
shell: yum-config-manager --enable extras
|
||||
|
||||
- name: Disable firewalld
|
||||
systemd: name=firewalld state=stopped
|
||||
ignore_errors: yes
|
||||
tags:
|
||||
- install
|
||||
- atomic
|
||||
- firewalld
|
||||
|
||||
- name: Disable SWAP since kubernetes can't work with swap enabled (1/2)
|
||||
command: 'swapoff -a'
|
||||
|
||||
# - name: Disable SWAP in fstab since kubernetes can't work with swap enabled (2/2)
|
||||
# replace:
|
||||
# path: /etc/fstab
|
||||
# regexp: '^([^#].*?\sswap\s+sw\s+.*)$'
|
||||
# replace: '# \1'
|
||||
|
||||
- name: Disable SWAP in fstab since kubernetes can't work with swap enabled (2/2)
|
||||
become: true
|
||||
lineinfile:
|
||||
path: /etc/fstab
|
||||
regexp: '^/dev/mapper/.*swap'
|
||||
line: '# {{ item }}'
|
||||
# when: item is search('^/dev/mapper/.*swap')
|
||||
loop: "{{ lookup('file', '/etc/fstab').split('\n') }}"
|
||||
|
||||
- name: Add br_netfilter to module autoload
|
||||
lineinfile:
|
||||
path: /etc/modules-load.d/k8s2.conf
|
||||
line: "{{ item }}"
|
||||
create: true
|
||||
with_items:
|
||||
- 'overlay'
|
||||
- 'br_netfilter'
|
||||
|
||||
- name: Add br_netfilter to module autoload
|
||||
modprobe:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
become: true
|
||||
with_items:
|
||||
- 'overlay'
|
||||
- 'br_netfilter'
|
||||
|
||||
- name: Add br_netfilter to module autoload
|
||||
lineinfile:
|
||||
path: /etc/sysctl.d/k8s.conf
|
||||
line: "{{ item }}"
|
||||
create: true
|
||||
with_items:
|
||||
- 'net.bridge.bridge-nf-call-iptables = 1'
|
||||
- 'net.bridge.bridge-nf-call-ip6tables = 1'
|
||||
- 'net.ipv4.ip_forward = 1'
|
||||
|
||||
- name: Disable net.bridge.bridge-nf-call-iptables
|
||||
sysctl:
|
||||
name: "{{ item }}"
|
||||
value: 1
|
||||
with_items:
|
||||
- 'net.bridge.bridge-nf-call-iptables'
|
||||
- 'net.bridge.bridge-nf-call-ip6tables'
|
||||
|
||||
- name: Disable net.ipv4.ip_forward
|
||||
sysctl:
|
||||
name: net.ipv4.ip_forward
|
||||
value: "1"
|
||||
Reference in New Issue
Block a user