From 470f0d4f29a1e95730685808182ae6b3e4d47309 Mon Sep 17 00:00:00 2001 From: jmgao Date: Thu, 28 Dec 2017 14:34:04 +0800 Subject: [PATCH] =?UTF-8?q?=E8=B0=83=E6=95=B4=E9=83=A8=E5=88=86=E7=B3=BB?= =?UTF-8?q?=E7=BB=9F=E5=8F=82=E6=95=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- roles/prepare/files/95-k8s-sysctl.conf | 4 ++++ roles/prepare/tasks/main.yml | 8 ++++++++ 2 files changed, 12 insertions(+) create mode 100644 roles/prepare/files/95-k8s-sysctl.conf diff --git a/roles/prepare/files/95-k8s-sysctl.conf b/roles/prepare/files/95-k8s-sysctl.conf new file mode 100644 index 0000000..c0277b8 --- /dev/null +++ b/roles/prepare/files/95-k8s-sysctl.conf @@ -0,0 +1,4 @@ +net.ipv4.ip_forward = 1 +net.bridge.bridge-nf-call-iptables = 1 +net.bridge.bridge-nf-call-ip6tables = 1 +net.bridge.bridge-nf-call-arptables = 1 diff --git a/roles/prepare/tasks/main.yml b/roles/prepare/tasks/main.yml index 54c6b1a..fd74800 100644 --- a/roles/prepare/tasks/main.yml +++ b/roles/prepare/tasks/main.yml @@ -56,3 +56,11 @@ shell: "setenforce 0 && echo SELINUX=disabled > /etc/selinux/config" when: ansible_distribution == "CentOS" ignore_errors: true + +# 设置系统参数for k8s +# 消除docker info 警告WARNING: bridge-nf-call-ip[6]tables is disabled +- name: 设置系统参数 + copy: src=95-k8s-sysctl.conf dest=/etc/sysctl.d/95-k8s-sysctl.conf + +- name: 生效系统参数 + shell: "sysctl -p /etc/sysctl.d/95-k8s-sysctl.conf"