40 lines
1.8 KiB
Markdown
40 lines
1.8 KiB
Markdown
# Kubernetes Ansible Playbook
|
|
|
|
|
|
## Additional changes
|
|
|
|
- `SystemdCgroup = false` -> `SystemdCgroup = true` [See this comment](https://github.com/kubernetes/kubernetes/issues/110177#issuecomment-1161647736)
|
|
|
|
## Tags
|
|
|
|
This role has been setup to take advantage of Ansible tags. The use of these tags enables finer control over what tasks are run. By design, when you set a task, only what is required for the tag is run.
|
|
|
|
available tags are as follows
|
|
|
|
- `containerregistry` apply container/docker registry settings
|
|
- `firewall` apply firewall settings (firewall name/type independent)
|
|
- `install` Run every task within the role. this is the same as omitting `--tags`
|
|
- `iptables` apply iptables settings
|
|
- `manifest` Apply/remove kubernetes manifests
|
|
- `namespace` Apply/remove kubernetes namespaces
|
|
- `nodelabels` Apply/remove kubernetes node labels
|
|
- `taints` Apply/remove kubernetes taints
|
|
|
|
!!! tip
|
|
if you intend on running the `install` tag, you can omit the `--tags` flag from the ansible tag all togther
|
|
|
|
!!! alert
|
|
the first time this playbook is run if cli switch `--extra-vars "init=true"` is used with `init` either a bool true/false, the manifests will not be applied. this is to enable the kubernetes to be fully setup prior to applying manifests that may prevent successful completion of the play.
|
|
|
|
## command Cheatsheet
|
|
|
|
- `crictl --runtime-endpoint unix:///run/containerd/containerd.sock images` list all container images on the host
|
|
|
|
## Links / References
|
|
|
|
- ContainerD Configuration
|
|
|
|
- [Registry Configuration](https://github.com/containerd/containerd/blob/7cd72cce99c8d3b938c1b763c2744a0b699028ab/docs/cri/config.md#registry-configuration)
|
|
|
|
- [Configuring ContainerD registries](https://github.com/containerd/containerd/blob/7cd72cce99c8d3b938c1b763c2744a0b699028ab/docs/hosts.md#cri)
|