43 lines
1.5 KiB
YAML
43 lines
1.5 KiB
YAML
---
|
|
- name: Activating cgroup support
|
|
ansible.builtin.lineinfile:
|
|
path: /boot/cmdline.txt
|
|
regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
|
|
line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
|
|
backrefs: true
|
|
notify: Reboot Pi
|
|
|
|
- name: Gather the package facts
|
|
ansible.builtin.package_facts:
|
|
manager: auto
|
|
|
|
# If no iptables is found, K3s will use the iptables it ships with.
|
|
# However, if a iptables is found, K3s will use that instead. Iptables
|
|
# versions 1.8.7 and older have problems with K3s, so we force the use of
|
|
# iptables-legacy in that case.
|
|
- name: If old iptables found, change to iptables-legacy
|
|
when:
|
|
- ansible_facts.packages['iptables'] is defined
|
|
- ansible_facts.packages['iptables'][0]['version'] is version('1.8.8', '<')
|
|
block:
|
|
- name: Iptables version on node
|
|
ansible.builtin.debug:
|
|
msg: "iptables version {{ ansible_facts.packages['iptables'][0]['version'] }} found"
|
|
|
|
- name: Flush iptables before changing to iptables-legacy
|
|
ansible.builtin.iptables:
|
|
flush: true
|
|
changed_when: false # iptables flush always returns changed
|
|
|
|
- name: Changing to iptables-legacy
|
|
community.general.alternatives:
|
|
path: /usr/sbin/iptables-legacy
|
|
name: iptables
|
|
register: ip4_legacy
|
|
|
|
- name: Changing to ip6tables-legacy
|
|
community.general.alternatives:
|
|
path: /usr/sbin/ip6tables-legacy
|
|
name: ip6tables
|
|
register: ip6_legacy
|