This commit is contained in:
parent
59c05d3713
commit
e7508d7d21
1 changed files with 18 additions and 0 deletions
|
@ -79,6 +79,24 @@
|
||||||
reload: yes
|
reload: yes
|
||||||
when: enable_dual_stack_networks | bool
|
when: enable_dual_stack_networks | bool
|
||||||
|
|
||||||
|
- name: Check if we need to set fs.may_detach_mounts
|
||||||
|
stat:
|
||||||
|
path: /proc/sys/fs/may_detach_mounts
|
||||||
|
get_attributes: no
|
||||||
|
get_checksum: no
|
||||||
|
get_mime: no
|
||||||
|
register: fs_may_detach_mounts
|
||||||
|
ignore_errors: true # noqa ignore-errors
|
||||||
|
|
||||||
|
- name: Set fs.may_detach_mounts if needed
|
||||||
|
sysctl:
|
||||||
|
sysctl_file: "{{ sysctl_file_path }}"
|
||||||
|
name: fs.may_detach_mounts
|
||||||
|
value: 1
|
||||||
|
state: present
|
||||||
|
reload: yes
|
||||||
|
when: fs_may_detach_mounts.stat.exists | d(false)
|
||||||
|
|
||||||
- name: Ensure kube-bench parameters are set
|
- name: Ensure kube-bench parameters are set
|
||||||
sysctl:
|
sysctl:
|
||||||
sysctl_file: /etc/sysctl.d/bridge-nf-call.conf
|
sysctl_file: /etc/sysctl.d/bridge-nf-call.conf
|
||||||
|
|
Loading…
Reference in a new issue