1afdb05ea9
* Fedora and RHEL use etc_t and the convention is <type_name>_t * Docs: specify all values for preinstall_selinux_state * CI: Add Fedora 34 with SELinux in enforcing mode
59 lines
1.4 KiB
YAML
59 lines
1.4 KiB
YAML
---
|
|
- name: Make sure dynamic kubelet configuration directory is writeable
|
|
file:
|
|
path: "{{ dynamic_kubelet_configuration_dir }}"
|
|
mode: 0600
|
|
state: directory
|
|
when: dynamic_kubelet_configuration
|
|
|
|
- name: Set kubelet api version to v1beta1
|
|
set_fact:
|
|
kubeletConfig_api_version: v1beta1
|
|
tags:
|
|
- kubelet
|
|
- kubeadm
|
|
|
|
- name: Write kubelet environment config file (kubeadm)
|
|
template:
|
|
src: "kubelet.env.{{ kubeletConfig_api_version }}.j2"
|
|
dest: "{{ kube_config_dir }}/kubelet.env"
|
|
setype: "{{ (preinstall_selinux_state != 'disabled') | ternary('etc_t', omit) }}"
|
|
backup: yes
|
|
mode: 0640
|
|
notify: Node | restart kubelet
|
|
tags:
|
|
- kubelet
|
|
- kubeadm
|
|
|
|
- name: Write kubelet config file
|
|
template:
|
|
src: "kubelet-config.{{ kubeletConfig_api_version }}.yaml.j2"
|
|
dest: "{{ kube_config_dir }}/kubelet-config.yaml"
|
|
mode: 0640
|
|
notify: Kubelet | restart kubelet
|
|
tags:
|
|
- kubelet
|
|
- kubeadm
|
|
|
|
- name: Write kubelet systemd init file
|
|
template:
|
|
src: "kubelet.service.j2"
|
|
dest: "/etc/systemd/system/kubelet.service"
|
|
backup: "yes"
|
|
mode: 0644
|
|
notify: Node | restart kubelet
|
|
tags:
|
|
- kubelet
|
|
- kubeadm
|
|
|
|
- name: flush_handlers and reload-systemd
|
|
meta: flush_handlers
|
|
|
|
- name: Enable kubelet
|
|
service:
|
|
name: kubelet
|
|
enabled: yes
|
|
state: started
|
|
tags:
|
|
- kubelet
|
|
notify: Kubelet | restart kubelet
|