c12s-kubespray/roles/kubernetes/node/tasks/kubelet.yml
Cristian Calin 1afdb05ea9
Fedora and RHEL use etc_t and the convention is <type_name>_t (#7891)
* Fedora and RHEL use etc_t and the convention is <type_name>_t

* Docs: specify all values for preinstall_selinux_state

* CI: Add Fedora 34 with SELinux in enforcing mode
2021-08-27 14:20:53 -07:00

59 lines
1.4 KiB
YAML

---
- name: Make sure dynamic kubelet configuration directory is writeable
file:
path: "{{ dynamic_kubelet_configuration_dir }}"
mode: 0600
state: directory
when: dynamic_kubelet_configuration
- name: Set kubelet api version to v1beta1
set_fact:
kubeletConfig_api_version: v1beta1
tags:
- kubelet
- kubeadm
- name: Write kubelet environment config file (kubeadm)
template:
src: "kubelet.env.{{ kubeletConfig_api_version }}.j2"
dest: "{{ kube_config_dir }}/kubelet.env"
setype: "{{ (preinstall_selinux_state != 'disabled') | ternary('etc_t', omit) }}"
backup: yes
mode: 0640
notify: Node | restart kubelet
tags:
- kubelet
- kubeadm
- name: Write kubelet config file
template:
src: "kubelet-config.{{ kubeletConfig_api_version }}.yaml.j2"
dest: "{{ kube_config_dir }}/kubelet-config.yaml"
mode: 0640
notify: Kubelet | restart kubelet
tags:
- kubelet
- kubeadm
- name: Write kubelet systemd init file
template:
src: "kubelet.service.j2"
dest: "/etc/systemd/system/kubelet.service"
backup: "yes"
mode: 0644
notify: Node | restart kubelet
tags:
- kubelet
- kubeadm
- name: flush_handlers and reload-systemd
meta: flush_handlers
- name: Enable kubelet
service:
name: kubelet
enabled: yes
state: started
tags:
- kubelet
notify: Kubelet | restart kubelet