Add kubectl alias support (#10552)

Signed-off-by: tu1h <lihai.tu@daocloud.io>

docs/vars.md

@@ -271,6 +271,7 @@ node_taints:
   * `audit_webhook_mode`: batch
   * `audit_webhook_batch_max_size`: 100
   * `audit_webhook_batch_max_wait`: 1s
+* *kubectl_alias* - Bash alias of kubectl to interact with Kubernetes cluster much easier.
 
 ### Custom flags for Kube Components
 

roles/kubernetes/control-plane/defaults/main/main.yml

@@ -228,3 +228,6 @@ auto_renew_certificates_systemd_calendar: "{{ 'Mon *-*-1,2,3,4,5,6,7 03:' ~
 # If we have requirement like without renewing certs upgrade the cluster,
 # we can opt out from the default behavior by setting kubeadm_upgrade_auto_cert_renewal to false
 kubeadm_upgrade_auto_cert_renewal: true
+
+# Bash alias of kubectl to interact with Kubernetes cluster much easier
+# kubectl_alias: k

roles/kubernetes/control-plane/tasks/main.yml

@@ -60,6 +60,26 @@
     - upgrade
   ignore_errors: true  # noqa ignore-errors
 
+- name: Set bash alias for kubectl
+  blockinfile:
+    path: /etc/bash_completion.d/kubectl.sh
+    block: |-
+      alias {{ kubectl_alias }}=kubectl
+      if [[ $(type -t compopt) = "builtin" ]]; then
+        complete -o default -F __start_kubectl {{ kubectl_alias }}
+      else
+        complete -o default -o nospace -F __start_kubectl {{ kubectl_alias }}
+      fi
+    state: present
+    marker: "# Ansible entries {mark}"
+  when:
+    - ansible_os_family in ["Debian","RedHat"]
+    - kubectl_alias is defined and kubectl_alias != ""
+  tags:
+    - kubectl
+    - upgrade
+  ignore_errors: true  # noqa ignore-errors
+
 - name: Disable SecurityContextDeny admission-controller and enable PodSecurityPolicy
   set_fact:
     kube_apiserver_enable_admission_plugins: "{{ kube_apiserver_enable_admission_plugins | difference(['SecurityContextDeny']) | union(['PodSecurityPolicy']) | unique }}"