From ad5fe1cebc6937dd46ef14014d473d88f3e4b2ba Mon Sep 17 00:00:00 2001 From: ogrechko Date: Sat, 27 Dec 2025 23:30:35 +0000 Subject: [PATCH] =?UTF-8?q?=D0=9E=D0=B1=D0=BD=D0=BE=D0=B2=D0=B8=D1=82?= =?UTF-8?q?=D1=8C=20ansible/k8s=5Fsetup.yml?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ansible/k8s_setup.yml | 110 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 109 insertions(+), 1 deletion(-) diff --git a/ansible/k8s_setup.yml b/ansible/k8s_setup.yml index d8263ee..a95f033 100644 --- a/ansible/k8s_setup.yml +++ b/ansible/k8s_setup.yml @@ -1 +1,109 @@ -2 \ No newline at end of file +--- +- name: Подготовка всех узлов + hosts: all + become: true + tasks: + - name: Обновление системы + apt: update_cache=yes upgrade=dist + + - name: Установка базовых пакетов + apt: + name: [apt-transport-https, ca-certificates, curl, gnupg, qemu-guest-agent] + state: present + + - name: Отключение SWAP + command: swapoff -a + when: ansible_swaptotal_mb > 0 + + - name: Загрузка модулей ядра + copy: + dest: /etc/modules-load.d/k8s.conf + content: | + overlay + br_netfilter + + - name: Применение модулей + shell: | + modprobe overlay + modprobe br_netfilter + + - name: Настройка параметров sysctl + copy: + dest: /etc/sysctl.d/k8s.conf + content: | + net.bridge.bridge-nf-call-iptables = 1 + net.bridge.bridge-nf-call-ip6tables = 1 + net.ipv4.ip_forward = 1 + register: sysctl_res + + - name: Применить sysctl + command: sysctl --system + when: sysctl_res.changed + + - name: Установка Containerd (версия 2025 года) + apt: + name: containerd + state: present + + - name: Настройка Containerd (SystemdCgroup) + shell: | + mkdir -p /etc/containerd + containerd config default > /etc/containerd/config.toml + sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml + notify: restart containerd + + - name: Добавление ключа и репозитория Kubernetes + shell: | + curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg + echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' > /etc/apt/sources.list.d/kubernetes.list + + - name: Установка компонентов K8s + apt: + name: [kubelet, kubeadm, kubectl] + state: present + update_cache: yes + + handlers: + - name: restart containerd + service: name=containerd state=restarted + +- name: Инициализация Master + hosts: masters + become: true + tasks: + - name: Проверка, инициализирован ли кластер + stat: path=/etc/kubernetes/admin.conf + register: kube_init + + - name: Kubeadm init (без kube-proxy для Cilium) + command: kubeadm init --pod-network-cidr=10.244.0.0/16 --skip-phases=addon/kube-proxy + when: not kube_init.stat.exists + + - name: Настройка конфига для пользователя + shell: | + mkdir -p $HOME/.kube + cp -i /etc/kubernetes/admin.conf $HOME/.kube/config + chown $(id -u):$(id -g) $HOME/.kube/config + + - name: Генерация команды присоединения + command: kubeadm token create --print-join-command + register: join_command + +- name: Присоединение Worker узлов + hosts: workers + become: true + tasks: + - name: Join к кластеру + command: "{{ hostvars[groups['masters'][0]]['join_command'].stdout }}" + args: + creates: /etc/kubernetes/kubelet.conf + +- name: Установка Cilium (eBPF) + hosts: masters + tasks: + - name: Установка Cilium CLI и самого CNI + shell: | + curl -L --remote-name-all https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz + tar xzvf cilium-linux-amd64.tar.gz -C /usr/local/bin + rm cilium-linux-amd64.tar.gz + cilium install --set kubeProxyReplacement=true \ No newline at end of file