--- - name: Make sure we have all required packages package: name: "{{ item }}" state: present with_items: - container-selinux - curl - device-mapper-devel - expect - findutils - gcc - git - glib2-devel - glibc-devel - glibc-static - gpgme-devel - hostname - iproute - iptables - krb5-workstation - libassuan-devel - libffi-devel - libgpg-error-devel - libguestfs-tools - libseccomp-devel - libvirt-client - libvirt-python - libxml2-devel - libxslt-devel - make - mlocate - nfs-utils - nmap-ncat - oci-register-machine - oci-systemd-hook - oci-umount - openssl - openssl-devel - ostree-devel - pkgconfig - python - python2-boto - python2-crypto - python-devel - python-virtualenv - PyYAML - redhat-rpm-config - rpcbind - rsync - sed - skopeo-containers - socat - tar - wget async: 600 poll: 10 - name: Add Btrfs for Fedora package: name: "{{ item }}" state: present with_items: - btrfs-progs-devel when: ansible_distribution in ['Fedora'] - name: Update all packages package: name: '*' state: latest async: 600 poll: 10 - name: Setup swap to prevent kernel firing off the OOM killer shell: | truncate -s 8G /root/swap && \ export SWAPDEV=$(losetup --show -f /root/swap | head -1) && \ mkswap $SWAPDEV && \ swapon $SWAPDEV && \ swapon --show - name: ensure directories exist as needed file: path: "{{ item }}" state: directory with_items: - /opt/cni/bin - /etc/cni/net.d - name: set sysctl vm.overcommit_memory=1 for CentOS sysctl: name: vm.overcommit_memory state: present value: 1 when: ansible_distribution == 'CentOS' - name: inject hostname into /etc/hosts lineinfile: dest: /etc/hosts line: '{{ ansible_default_ipv4.address }} {{ ansible_nodename }}' insertafter: 'EOF' regexp: '{{ ansible_default_ipv4.address }}\s+{{ ansible_nodename }}' state: present - name: Flush the iptables command: iptables -F - name: Enable localnet routing command: sysctl -w net.ipv4.conf.all.route_localnet=1 - name: Add masquerade for localhost command: iptables -t nat -I POSTROUTING -s 127.0.0.1 ! -d 127.0.0.1 -j MASQUERADE - name: Update the kernel cmdline to include quota support command: grubby --update-kernel=ALL --args="rootflags=pquota" when: ansible_distribution in ['RedHat', 'CentOS']