2017-09-19 22:50:37 +00:00
|
|
|
---
|
2017-09-26 11:27:18 +00:00
|
|
|
|
2017-09-19 22:50:37 +00:00
|
|
|
- name: Make sure we have all required packages
|
|
|
|
package:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: present
|
2017-09-29 18:49:12 +00:00
|
|
|
with_items:
|
|
|
|
- container-selinux
|
|
|
|
- curl
|
|
|
|
- device-mapper-devel
|
|
|
|
- expect
|
|
|
|
- findutils
|
|
|
|
- gcc
|
|
|
|
- git
|
|
|
|
- glib2-devel
|
|
|
|
- glibc-devel
|
|
|
|
- glibc-static
|
|
|
|
- gpgme-devel
|
|
|
|
- hostname
|
|
|
|
- iproute
|
|
|
|
- iptables
|
|
|
|
- krb5-workstation
|
|
|
|
- libassuan-devel
|
|
|
|
- libffi-devel
|
|
|
|
- libgpg-error-devel
|
|
|
|
- libguestfs-tools
|
|
|
|
- libseccomp-devel
|
|
|
|
- libvirt-client
|
|
|
|
- libvirt-python
|
|
|
|
- libxml2-devel
|
|
|
|
- libxslt-devel
|
|
|
|
- make
|
|
|
|
- mlocate
|
|
|
|
- nfs-utils
|
|
|
|
- nmap-ncat
|
|
|
|
- oci-register-machine
|
|
|
|
- oci-systemd-hook
|
|
|
|
- oci-umount
|
|
|
|
- openssl
|
|
|
|
- openssl-devel
|
|
|
|
- ostree-devel
|
|
|
|
- pkgconfig
|
|
|
|
- python
|
|
|
|
- python2-crypto
|
|
|
|
- python-devel
|
2017-12-04 15:44:29 +00:00
|
|
|
- python-rhsm-certificates
|
2017-09-29 18:49:12 +00:00
|
|
|
- python-virtualenv
|
|
|
|
- PyYAML
|
|
|
|
- redhat-rpm-config
|
|
|
|
- rpcbind
|
|
|
|
- rsync
|
|
|
|
- sed
|
|
|
|
- skopeo-containers
|
|
|
|
- socat
|
|
|
|
- tar
|
|
|
|
- wget
|
2017-09-19 22:50:37 +00:00
|
|
|
async: 600
|
|
|
|
poll: 10
|
|
|
|
|
2017-12-04 15:44:29 +00:00
|
|
|
- name: Add python2-boto for Fedora
|
|
|
|
package:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: present
|
|
|
|
with_items:
|
|
|
|
- python2-boto
|
|
|
|
when: ansible_distribution in ['Fedora']
|
|
|
|
|
|
|
|
- name: Add python-boto for RHEL and CentOS
|
|
|
|
package:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: present
|
|
|
|
with_items:
|
|
|
|
- python-boto
|
|
|
|
when: ansible_distribution in ['RedHat', 'CentOS']
|
|
|
|
|
2017-09-29 09:16:49 +00:00
|
|
|
- name: Add Btrfs for Fedora
|
|
|
|
package:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: present
|
|
|
|
with_items:
|
|
|
|
- btrfs-progs-devel
|
|
|
|
when: ansible_distribution in ['Fedora']
|
|
|
|
|
2017-09-19 22:50:37 +00:00
|
|
|
- name: Update all packages
|
|
|
|
package:
|
|
|
|
name: '*'
|
|
|
|
state: latest
|
|
|
|
async: 600
|
|
|
|
poll: 10
|
|
|
|
|
2017-09-20 21:34:01 +00:00
|
|
|
- name: Setup swap to prevent kernel firing off the OOM killer
|
|
|
|
shell: |
|
|
|
|
truncate -s 8G /root/swap && \
|
|
|
|
export SWAPDEV=$(losetup --show -f /root/swap | head -1) && \
|
|
|
|
mkswap $SWAPDEV && \
|
|
|
|
swapon $SWAPDEV && \
|
|
|
|
swapon --show
|
2017-09-19 22:50:37 +00:00
|
|
|
|
|
|
|
- name: ensure directories exist as needed
|
|
|
|
file:
|
|
|
|
path: "{{ item }}"
|
|
|
|
state: directory
|
|
|
|
with_items:
|
|
|
|
- /opt/cni/bin
|
|
|
|
- /etc/cni/net.d
|
|
|
|
|
|
|
|
- name: set sysctl vm.overcommit_memory=1 for CentOS
|
|
|
|
sysctl:
|
|
|
|
name: vm.overcommit_memory
|
|
|
|
state: present
|
|
|
|
value: 1
|
|
|
|
when: ansible_distribution == 'CentOS'
|
|
|
|
|
|
|
|
- name: inject hostname into /etc/hosts
|
|
|
|
lineinfile:
|
|
|
|
dest: /etc/hosts
|
|
|
|
line: '{{ ansible_default_ipv4.address }} {{ ansible_nodename }}'
|
|
|
|
insertafter: 'EOF'
|
|
|
|
regexp: '{{ ansible_default_ipv4.address }}\s+{{ ansible_nodename }}'
|
|
|
|
state: present
|
|
|
|
|
|
|
|
- name: Flush the iptables
|
2017-09-26 11:27:18 +00:00
|
|
|
command: iptables -F
|
2017-09-27 23:40:40 +00:00
|
|
|
|
2017-10-31 20:14:05 +00:00
|
|
|
- name: Enable localnet routing
|
|
|
|
command: sysctl -w net.ipv4.conf.all.route_localnet=1
|
|
|
|
|
|
|
|
- name: Add masquerade for localhost
|
|
|
|
command: iptables -t nat -I POSTROUTING -s 127.0.0.1 ! -d 127.0.0.1 -j MASQUERADE
|
|
|
|
|
2017-09-27 23:40:40 +00:00
|
|
|
- name: Update the kernel cmdline to include quota support
|
|
|
|
command: grubby --update-kernel=ALL --args="rootflags=pquota"
|
2017-10-10 21:51:28 +00:00
|
|
|
when: ansible_distribution in ['RedHat', 'CentOS']
|