updated kubernetes state

states/kubernetes/config.sls

@@ -1,2 +1,7 @@
 ---
 {%- from "kubernetes/map.jinja" import kubernetes with context %}
+{% for name in ['iptables', 'ip6tables'] %}
+kubernetes-alternatives-{{ name }}:
+  cmd.run:
+    - name: "update-alternatives --set {{ name }} /usr/sbin/{{ name }}-legacy"
+{% endfor %}

states/kubernetes/containerd.sls

@@ -0,0 +1,13 @@
+---
+{%- from "kubernetes/map.jinja" import kubernetes with context %}
+kubernetes-containerd-conf:
+  file.managed:
+    - name: /etc/containerd/config.toml
+    - source: salt://kubernetes/templates/config.toml.j2
+    - template: jinja
+    - watch_in:
+      - service: kubernetes-containerd-service
+
+kubernetes-containerd-reset-cni:
+  file.absent:
+    - name: /etc/cni/net.d/10-flannel.conflist

states/kubernetes/defaults.yaml

@@ -10,3 +10,7 @@ kubernetes:
     - ip_vs_wrr
     - ip_vs_sh
     - nf_conntrack
+  sysctls:
+    net.ipv4.ip_forward: 1
+    net.ipv6.conf.all.forwarding: 1
+    net.ipv6.conf.all.disable_ipv6: 0

states/kubernetes/init.sls

@@ -2,4 +2,8 @@
 include:
   - repos
   - .install
-  - .prepare
+  - .containerd
+  - .sysctl
+  - .modules
+  - .config
+  - .service

states/kubernetes/install.sls

@@ -3,8 +3,12 @@
 kubernetes-install-pkgs:
   pkg.installed:
     - pkgs:
-      - kubelet
+      - containerd.io
+      - cri-tools
+      - iptables
       - kubeadm
       - kubectl
-      - containerd
+      - kubelet
+      - kubernetes-cni
+      - nftables
       - wireguard-tools

states/kubernetes/modules.sls

@@ -0,0 +1,13 @@
+---
+{%- from "kubernetes/map.jinja" import kubernetes with context %}
+{% for module in kubernetes.required_modules %}
+kubernetes-modules-load-{{ module }}:
+  cmd.run:
+    - name: modprobe {{ module }}
+{% endfor %}
+
+kubernetes-modules-loadatstartup:
+  file.managed:
+    - name: /etc/modules-load.d/kubernetes.conf
+    - source: salt://kubernetes/templates/modules.j2
+    - template: jinja

states/kubernetes/prepare.sls

@@ -1,29 +0,0 @@
----
-{%- from "kubernetes/map.jinja" import kubernetes with context %}
-kubernetes-prepare-containerd-conf:
-  file.managed:
-    - name: /etc/containerd/config.toml
-    - source: salt://kubernetes/templates/config.toml.j2
-    - template: jinja
-
-kubernetes-prepare-reset-cni:
-  file.absent:
-    - name: /etc/cni/net.d/10-flannel.conflist
-
-{% for module in kubernetes.required_modules %}
-kubernetes-modules-load-{{ module }}:
-  cmd.run:
-    - name: modprobe {{ module }}
-{% endfor %}
-
-kubernetes-modules-loadatstartup:
-  file.managed:
-    - name: /etc/sysctl.d/10-kube.conf
-    - source: salt://kubernetes/templates/sysctl.conf.j2
-    - template: jinja
-
-{% for name in ['iptables', 'ip6tables'] %}
-kubernetes-alternatives-{{ name }}:
-  cmd.run:
-    - name: "update-alternatives --set {{ name }} /usr/sbin/{{ name }}-legacy"
-{% endfor %}

states/kubernetes/service.sls

@@ -1,2 +1,10 @@
 ---
 {%- from "kubernetes/map.jinja" import kubernetes with context %}
+kubernetes-containerd-service:
+  service.running:
+    - name: containerd
+
+kubernetes-systemd-resolved:
+  service.running:
+    - name: systemd-resolved
+    - enable: true

states/kubernetes/sysctl.sls

@@ -0,0 +1,17 @@
+---
+{%- from "kubernetes/map.jinja" import kubernetes with context %}
+kubernetes-sysctls:
+  file.keyvalue:
+    - name: /etc/sysctl.conf
+    - key_values:
+{%- for k,v in kubernetes.sysctls.items() %}
+        {{ k }}: {{ v }}
+{%- endfor %}
+    - separator: '='
+    - uncomment: '# '
+    - key_ignore_case: True
+    - append_if_not_found: True
+
+kubernetes-sysctl-command:
+  cmd.run:
+    - name: "sysctl --system"