k8s-ansible-role/tasks/sysctl_and_kernel_modules.yml

---
################################################################################
# sysctl stuff
# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#letting-iptables-see-bridged-traffic
################################################################################

- name: Force kernel modules to load.
  copy:
    dest: /etc/modules-load.d/k8s.conf
    content: br_netfilter
    mode: 0644
  become: true

- name: Let iptables see bridged traffic.
  sysctl:
    name: "{{ item }}"
    value: '1'
    state: present
  become: true
  loop:
    - net.bridge.bridge-nf-call-iptables
    - net.bridge.bridge-nf-call-ip6tables

# TODO Add task to open ports.
# Currently this role depends on the hosts having these ports open already.
# https://kubernetes.io/docs/reference/ports-and-protocols/