Cleanup the kata setup role
This adds a modprobe for vhost_net to ensure it is present for kata. Also we will remove the explicit docker install as .ci/setup.sh should do it for us now. Allow k8s cluster-cidr range to talk to port 6443 (k8s api server). Change-Id: Ic1c13e9635e00bcdd096c48c8a7983ccc19bfbda
This commit is contained in:
parent
7fa875d100
commit
7bfe80df73
|
@ -6,6 +6,18 @@
|
|||
- "setup/{{ ansible_os_family }}.yaml"
|
||||
- "setup/default.yaml"
|
||||
|
||||
- name: Allow k8s cluster range to talk to k8s api
|
||||
iptables:
|
||||
state: present
|
||||
action: insert
|
||||
chain: INPUT
|
||||
ip_version: ipv4
|
||||
protocol: tcp
|
||||
source: "10.244.0.0/16"
|
||||
destination_port: 6443
|
||||
jump: ACCEPT
|
||||
become: yes
|
||||
|
||||
- name: Run kata setup.sh
|
||||
args:
|
||||
executable: /bin/bash
|
||||
|
|
|
@ -45,3 +45,12 @@
|
|||
name: docker-ce
|
||||
state: present
|
||||
become: yes
|
||||
|
||||
# TODO why isn't this necessary on Ubuntu?
|
||||
- name: Ensure vhost and vhost_net modules are present as kata checks for these
|
||||
args:
|
||||
executable: /bin/bash
|
||||
shell: |
|
||||
set -x
|
||||
modprobe vhost_net
|
||||
become: yes
|
||||
|
|
Loading…
Reference in New Issue