Test group membership with group_names

Testing for group membership with group names makes Kubespray more tolerant towards the structure of the inventory. Where 'inventory_hostname in groups["some_group"] would fail if "some_group" is not defined, '"some_group" in group_names' would not.
2024-09-21 14:09:09 +02:00 · 2024-09-21 14:09:09 +02:00 · 2ec1c93897
parent 89ff0710e9
commit 2ec1c93897
22 changed files with 60 additions and 60 deletions
--- a/roles/download/tasks/main.yml
+++ b/roles/download/tasks/main.yml
@ -11,7 +11,7 @@
  include_tasks: prep_kubeadm_images.yml
  when:
    - not skip_downloads | default(false)
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
  tags:
    - download
    - upload
--- a/roles/etcd/tasks/check_certs.yml
+++ b/roles/etcd/tasks/check_certs.yml
@ -21,7 +21,7 @@
    get_checksum: true
    get_mime: false
  register: etcd_member_certs
-  when: inventory_hostname in groups['etcd']
+  when: ('etcd' in group_names)
  with_items:
    - ca.pem
    - member-{{ inventory_hostname }}.pem
@ -33,7 +33,7 @@
  stat:
    path: "{{ etcd_cert_dir }}/{{ item }}"
  register: etcd_node_certs
-  when: inventory_hostname in groups['k8s_cluster']
+  when: ('k8s_cluster' in group_names)
  with_items:
    - ca.pem
    - node-{{ inventory_hostname }}.pem
@ -99,7 +99,7 @@
  set_fact:
    etcd_member_requires_sync: true
  when:
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
    - (not etcd_member_certs.results[0].stat.exists | default(false)) or
      (not etcd_member_certs.results[1].stat.exists | default(false)) or
      (not etcd_member_certs.results[2].stat.exists | default(false)) or
@ -115,7 +115,7 @@
  set_fact:
    kubernetes_host_requires_sync: true
  when:
-    - inventory_hostname in groups['k8s_cluster'] and
+    - ('k8s_cluster' in group_names) and
      inventory_hostname not in groups['etcd']
    - (not etcd_node_certs.results[0].stat.exists | default(false)) or
      (not etcd_node_certs.results[1].stat.exists | default(false)) or
--- a/roles/etcd/tasks/gen_certs_script.yml
+++ b/roles/etcd/tasks/gen_certs_script.yml
@ -79,7 +79,7 @@
        {% endfor %}]"
  delegate_to: "{{ groups['etcd'][0] }}"
  when:
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
    - sync_certs | default(false)
    - inventory_hostname != groups['etcd'][0]
  notify: Set etcd_secret_changed
@ -93,7 +93,7 @@
    mode: "0640"
  with_items: "{{ etcd_master_certs.results }}"
  when:
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
    - sync_certs | default(false)
    - inventory_hostname != groups['etcd'][0]
  loop_control:
@ -110,7 +110,7 @@
        {% endfor %}]"
  delegate_to: "{{ groups['etcd'][0] }}"
  when:
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
    - inventory_hostname != groups['etcd'][0]
    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
    - kube_network_plugin != "calico" or calico_datastore == "etcd"
@ -125,7 +125,7 @@
    mode: "0640"
  with_items: "{{ etcd_master_node_certs.results }}"
  when:
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
    - inventory_hostname != groups['etcd'][0]
    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
    - kube_network_plugin != "calico" or calico_datastore == "etcd"
@ -135,7 +135,7 @@
 - name: Gen_certs | Generate etcd certs
  include_tasks: gen_nodes_certs_script.yml
  when:
-    - inventory_hostname in groups['kube_control_plane'] and
+    - ('kube_control_plane' in group_names) and
        sync_certs | default(false) and inventory_hostname not in groups['etcd']
 - name: Gen_certs | Generate etcd certs on nodes if needed
@ -143,7 +143,7 @@
  when:
    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
    - kube_network_plugin != "calico" or calico_datastore == "etcd"
-    - inventory_hostname in groups['k8s_cluster'] and
+    - ('k8s_cluster' in group_names) and
        sync_certs | default(false) and inventory_hostname not in groups['etcd']
 - name: Gen_certs | check certificate permissions
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@ -25,7 +25,7 @@
  when:
    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
    - kube_network_plugin != "calico" or calico_datastore == "etcd"
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
  tags:
    - etcd-secrets
@ -37,7 +37,7 @@
  when:
    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
    - kube_network_plugin != "calico" or calico_datastore == "etcd"
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
  tags:
    - master    # master tag is deprecated and replaced by control-plane
    - control-plane
@ -49,7 +49,7 @@
  when:
    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
    - kube_network_plugin != "calico" or calico_datastore == "etcd"
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
  tags:
    - master    # master tag is deprecated and replaced by control-plane
    - control-plane
--- a/roles/kubernetes-apps/csi_driver/cinder/tasks/main.yml
+++ b/roles/kubernetes-apps/csi_driver/cinder/tasks/main.yml
@ -9,7 +9,7 @@
  loop_control:
    loop_var: delegate_host_to_write_cacert
  when:
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
    - cinder_cacert is defined
    - cinder_cacert | length > 0
--- a/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
+++ b/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
@ -243,5 +243,5 @@
  delegate_to: "{{ first_kube_control_plane }}"
  with_items:
    - "node-role.kubernetes.io/control-plane:NoSchedule-"
-  when: inventory_hostname in groups['kube_node']
+  when: ('kube_node' in group_names)
  failed_when: false
--- a/roles/kubernetes/control-plane/tasks/kubeadm-upgrade.yml
+++ b/roles/kubernetes/control-plane/tasks/kubeadm-upgrade.yml
@ -3,7 +3,7 @@
  uri:
    url: "https://{{ ip | default(fallback_ips[inventory_hostname]) }}:{{ kube_apiserver_port }}/healthz"
    validate_certs: false
-  when: inventory_hostname in groups['kube_control_plane']
+  when: ('kube_control_plane' in group_names)
  register: _result
  retries: 60
  delay: 5
--- a/roles/kubernetes/kubeadm/tasks/kubeadm_etcd_node.yml
+++ b/roles/kubernetes/kubeadm/tasks/kubeadm_etcd_node.yml
@ -51,7 +51,7 @@
  register: "etcd_client_cert_serial_result"
  changed_when: false
  when:
-    - inventory_hostname in groups['k8s_cluster'] | union(groups['calico_rr'] | default([])) | unique | sort
+    - group_names | intersect(['k8s_cluster', 'calico_rr']) | length > 0
  tags:
    - network
--- a/roles/kubernetes/node/tasks/install.yml
+++ b/roles/kubernetes/node/tasks/install.yml
@ -8,7 +8,7 @@
  tags:
    - kubeadm
  when:
-    - not inventory_hostname in groups['kube_control_plane']
+    - not ('kube_control_plane' in group_names)
 - name: Install | Copy kubelet binary from download dir
  copy:
--- a/roles/kubernetes/preinstall/handlers/main.yml
+++ b/roles/kubernetes/preinstall/handlers/main.yml
@ -35,7 +35,7 @@
    get_checksum: false
    get_mime: false
  register: kube_apiserver_set
-  when: inventory_hostname in groups['kube_control_plane'] and dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'
+  when: ('kube_control_plane' in group_names) and dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'
  listen: Preinstall | propagate resolvconf to k8s components
 # FIXME(mattymo): Also restart for kubeadm mode
@ -46,7 +46,7 @@
    get_checksum: false
    get_mime: false
  register: kube_controller_set
-  when: inventory_hostname in groups['kube_control_plane'] and dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'
+  when: ('kube_control_plane' in group_names) and dns_mode != 'none' and resolvconf_mode == 'host_resolvconf'
  listen: Preinstall | propagate resolvconf to k8s components
 - name: Preinstall | restart kube-controller-manager docker
@ -55,7 +55,7 @@
    executable: /bin/bash
  when:
    - container_manager == "docker"
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - dns_mode != 'none'
    - resolvconf_mode == 'host_resolvconf'
    - kube_controller_set.stat.exists
@ -71,7 +71,7 @@
  until: preinstall_restart_controller_manager.rc == 0
  when:
    - container_manager in ['crio', 'containerd']
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - dns_mode != 'none'
    - resolvconf_mode == 'host_resolvconf'
    - kube_controller_set.stat.exists
@ -83,7 +83,7 @@
    executable: /bin/bash
  when:
    - container_manager == "docker"
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - dns_mode != 'none'
    - resolvconf_mode == 'host_resolvconf'
    - kube_apiserver_set.stat.exists
@ -99,7 +99,7 @@
  delay: 1
  when:
    - container_manager in ['crio', 'containerd']
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - dns_mode != 'none'
    - resolvconf_mode == 'host_resolvconf'
    - kube_apiserver_set.stat.exists
@ -116,7 +116,7 @@
  delay: 1
  when:
    - dns_late
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - dns_mode != 'none'
    - resolvconf_mode == 'host_resolvconf'
    - not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"] and not is_fedora_coreos
--- a/roles/kubernetes/preinstall/tasks/0040-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0040-verify-settings.yml
@ -65,14 +65,14 @@
    that: ansible_memtotal_mb >= minimal_master_memory_mb
  when:
    - not ignore_assert_errors
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
 - name: Stop if memory is too small for nodes
  assert:
    that: ansible_memtotal_mb >= minimal_node_memory_mb
  when:
    - not ignore_assert_errors
-    - inventory_hostname in groups['kube_node']
+    - ('kube_node' in group_names)
 # This command will fail if cgroups are not enabled on the node.
 # For reference: https://kubernetes.io/docs/concepts/architecture/cgroups/#check-cgroup-version
@ -92,7 +92,7 @@
    msg: "Do not schedule more pods on a node than inet addresses are available."
  when:
    - not ignore_assert_errors
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
    - kube_network_node_prefix is defined
    - kube_network_plugin != 'calico'
--- a/roles/kubernetes/preinstall/tasks/0050-create_directories.yml
+++ b/roles/kubernetes/preinstall/tasks/0050-create_directories.yml
@ -5,7 +5,7 @@
    state: directory
    owner: "{{ kube_owner }}"
    mode: "0755"
-  when: inventory_hostname in groups['k8s_cluster']
+  when: ('k8s_cluster' in group_names)
  become: true
  tags:
    - kubelet
@ -30,7 +30,7 @@
    state: directory
    owner: root
    mode: "0755"
-  when: inventory_hostname in groups['k8s_cluster']
+  when: ('k8s_cluster' in group_names)
  become: true
  tags:
    - kubelet
@ -55,7 +55,7 @@
    get_mime: false
  register: kube_cert_compat_dir_check
  when:
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
    - kube_cert_dir != kube_cert_compat_dir
 - name: Create kubernetes kubeadm compat cert dir (kubernetes/kubeadm issue 1498)
@ -65,7 +65,7 @@
    state: link
    mode: "0755"
  when:
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
    - kube_cert_dir != kube_cert_compat_dir
    - not kube_cert_compat_dir_check.stat.exists
@ -80,7 +80,7 @@
    - "/opt/cni/bin"
  when:
    - kube_network_plugin in ["calico", "weave", "flannel", "cilium", "kube-ovn", "kube-router", "macvlan"]
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
  tags:
    - network
    - cilium
@ -100,7 +100,7 @@
    - "/var/lib/calico"
  when:
    - kube_network_plugin == "calico"
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
  tags:
    - network
    - calico
@ -115,7 +115,7 @@
    mode: "{{ local_volume_provisioner_directory_mode }}"
  with_items: "{{ local_volume_provisioner_storage_classes.keys() | list }}"
  when:
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
    - local_volume_provisioner_enabled
  tags:
    - persistent_volumes
--- a/roles/kubernetes/tokens/tasks/gen_tokens.yml
+++ b/roles/kubernetes/tokens/tasks/gen_tokens.yml
@ -57,7 +57,7 @@
  args:
    executable: /bin/bash
  when:
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - sync_tokens | default(false)
    - inventory_hostname != groups['kube_control_plane'][0]
    - tokens_data.stdout
--- a/roles/kubespray-defaults/defaults/main/main.yml
+++ b/roles/kubespray-defaults/defaults/main/main.yml
@ -273,7 +273,7 @@ kubelet_shutdown_grace_period: 60s
 kubelet_shutdown_grace_period_critical_pods: 20s
 # Whether to deploy the container engine
-deploy_container_engine: "{{ inventory_hostname in groups['k8s_cluster'] or etcd_deployment_type == 'docker' }}"
+deploy_container_engine: "{{ 'k8s_cluster' in group_names or etcd_deployment_type == 'docker' }}"
 # Container for runtime
 container_manager: containerd
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@ -121,7 +121,7 @@
 - name: Calico | kdd specific configuration
  when:
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - calico_datastore == "kdd"
  block:
    - name: Calico | Check if extra directory is needed
@ -321,7 +321,7 @@
    nodeToNodeMeshEnabled: "false"
  when:
    - peer_with_router | default(false) or peer_with_calico_rr | default(false)
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
  run_once: true
 - name: Calico | Configure Calico BGP
@ -382,7 +382,7 @@
    - {name: kubernetes-services-endpoint, file: kubernetes-services-endpoint.yml, type: cm }
  register: calico_node_manifests
  when:
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - rbac_enabled or item.type not in rbac_resources
 - name: Calico | Create calico manifests for typha
@ -394,7 +394,7 @@
    - {name: calico, file: calico-typha.yml, type: typha}
  register: calico_node_typha_manifest
  when:
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - typha_enabled
 - name: Calico | get calico apiserver caBundle
@ -421,7 +421,7 @@
    - {name: calico, file: calico-apiserver.yml, type: calico-apiserver}
  register: calico_apiserver_manifest
  when:
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - calico_apiserver_enabled
 - name: Start Calico resources
@ -473,7 +473,7 @@
  with_items:
    - {name: calico, file: calico-ipamconfig.yml, type: ipam}
  when:
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - calico_datastore == "kdd"
 - name: Calico | Create ipamconfig resources
--- a/roles/network_plugin/calico/tasks/peer_with_calico_rr.yml
+++ b/roles/network_plugin/calico/tasks/peer_with_calico_rr.yml
@ -32,7 +32,7 @@
  when:
    - calico_rr_id is defined
    - calico_group_id is defined
-    - inventory_hostname in groups['calico_rr']
+    - ('calico_rr' in group_names)
 - name: Calico | Configure peering with route reflectors at global scope
  command:
--- a/roles/network_plugin/calico/tasks/peer_with_router.yml
+++ b/roles/network_plugin/calico/tasks/peer_with_router.yml
@ -28,7 +28,7 @@
    cmd: "{{ bin_dir }}/calicoctl.sh get node {{ inventory_hostname }}"
  register: output_get_node
  when:
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
    - local_as is defined
    - groups['calico_rr'] | default([]) | length == 0
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
@ -50,7 +50,7 @@
  until: output.rc == 0
  delay: "{{ retry_stagger | random + 3 }}"
  when:
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
    - local_as is defined
    - groups['calico_rr'] | default([]) | length == 0
    - output_get_node.rc == 0
@ -77,7 +77,7 @@
  until: output.rc == 0
  delay: "{{ retry_stagger | random + 3 }}"
  when:
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
    - local_as is defined
    - groups['calico_rr'] | default([]) | length == 0
    - output_get_node.rc != 0
@ -110,4 +110,4 @@
    - "{{ peers | default([]) | selectattr('scope', 'undefined') | list | union(peers | default([]) | selectattr('scope', 'defined') | selectattr('scope', 'equalto', 'node') | list ) }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
  when:
-    - inventory_hostname in groups['k8s_cluster']
+    - ('k8s_cluster' in group_names)
--- a/roles/network_plugin/cilium/tasks/install.yml
+++ b/roles/network_plugin/cilium/tasks/install.yml
@ -59,7 +59,7 @@
    - {name: cilium, file: sa.yml, type: sa}
  register: cilium_node_manifests
  when:
-    - inventory_hostname in groups['kube_control_plane']
+    - ('kube_control_plane' in group_names)
    - item.when | default(True) | bool
 - name: Cilium | Create Cilium Hubble manifests
--- a/roles/network_plugin/kube-router/tasks/annotate.yml
+++ b/roles/network_plugin/kube-router/tasks/annotate.yml
@ -4,18 +4,18 @@
  with_items:
  - "{{ kube_router_annotations_master }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
-  when: kube_router_annotations_master is defined and inventory_hostname in groups['kube_control_plane']
+  when: kube_router_annotations_master is defined and 'kube_control_plane' in group_names
 - name: Kube-router | Add annotations on kube_node
  command: "{{ kubectl }} annotate --overwrite node {{ ansible_hostname }} {{ item }}"
  with_items:
  - "{{ kube_router_annotations_node }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
-  when: kube_router_annotations_node is defined and inventory_hostname in groups['kube_node']
+  when: kube_router_annotations_node is defined and 'kube_node' in group_names
 - name: Kube-router | Add common annotations on all servers
  command: "{{ kubectl }} annotate --overwrite node {{ ansible_hostname }} {{ item }}"
  with_items:
  - "{{ kube_router_annotations_all }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
-  when: kube_router_annotations_all is defined and inventory_hostname in groups['k8s_cluster']
+  when: kube_router_annotations_all is defined and 'k8s_cluster' in group_names
--- a/roles/remove-node/post-remove/tasks/main.yml
+++ b/roles/remove-node/post-remove/tasks/main.yml
@ -5,7 +5,7 @@
  when:
    - groups['kube_control_plane'] | length > 0
    # ignore servers that are not nodes
-    - inventory_hostname in groups['k8s_cluster'] and kube_override_hostname | default(inventory_hostname) in nodes.stdout_lines
+    - ('k8s_cluster' in group_names) and kube_override_hostname | default(inventory_hostname) in nodes.stdout_lines
  retries: "{{ delete_node_retries }}"
  # Sometimes the api-server can have a short window of indisponibility when we delete a control plane node
  delay: "{{ delete_node_delay_seconds }}"
--- a/roles/remove-node/remove-etcd-node/tasks/main.yml
+++ b/roles/remove-node/remove-etcd-node/tasks/main.yml
@ -6,7 +6,7 @@
  register: remove_node_ip
  when:
    - groups['kube_control_plane'] | length > 0
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
    - ip is not defined
    - access_ip is not defined
  delegate_to: "{{ groups['etcd'] | first }}"
@ -16,14 +16,14 @@
  set_fact:
    node_ip: "{{ ip | default(access_ip | default(remove_node_ip.stdout)) | trim }}"
  when:
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
 - name: Make sure node_ip is set
  assert:
    that: node_ip is defined and node_ip | length > 0
    msg: "Etcd node ip is not set !"
  when:
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
 - name: Lookup etcd member id
  shell: "set -o pipefail && {{ bin_dir }}/etcdctl member list | grep -w {{ node_ip }} | cut -d, -f1"
@ -42,7 +42,7 @@
    ETCDCTL_CACERT: "{{ kube_cert_dir + '/etcd/ca.crt' if etcd_deployment_type == 'kubeadm' else etcd_cert_dir + '/ca.pem' }}"
    ETCDCTL_ENDPOINTS: "https://127.0.0.1:2379"
  delegate_to: "{{ groups['etcd'] | first }}"
-  when: inventory_hostname in groups['etcd']
+  when: ('etcd' in group_names)
 - name: Remove etcd member from cluster
  command: "{{ bin_dir }}/etcdctl member remove {{ etcd_member_id.stdout }}"
@ -54,5 +54,5 @@
    ETCDCTL_ENDPOINTS: "https://127.0.0.1:2379"
  delegate_to: "{{ groups['etcd'] | first }}"
  when:
-    - inventory_hostname in groups['etcd']
+    - ('etcd' in group_names)
    - etcd_member_id.stdout | length > 0
--- a/roles/reset/tasks/main.yml
+++ b/roles/reset/tasks/main.yml
@ -211,7 +211,7 @@
  command: "ipvsadm -C"
  ignore_errors: true  # noqa ignore-errors
  when:
-    - kube_proxy_mode == 'ipvs' and inventory_hostname in groups['k8s_cluster']
+    - kube_proxy_mode == 'ipvs' and 'k8s_cluster' in group_names
 - name: Reset | check kube-ipvs0 network device
  stat: