diff --git a/roles/kubernetes-apps/ansible/templates/dns-autoscaler-clusterrole.yml.j2 b/roles/kubernetes-apps/ansible/dns-autoscaler-clusterrole.yml similarity index 100% rename from roles/kubernetes-apps/ansible/templates/dns-autoscaler-clusterrole.yml.j2 rename to roles/kubernetes-apps/ansible/dns-autoscaler-clusterrole.yml diff --git a/roles/kubernetes-apps/ansible/templates/dns-autoscaler-clusterrolebinding.yml.j2 b/roles/kubernetes-apps/ansible/dns-autoscaler-clusterrolebinding.yml similarity index 100% rename from roles/kubernetes-apps/ansible/templates/dns-autoscaler-clusterrolebinding.yml.j2 rename to roles/kubernetes-apps/ansible/dns-autoscaler-clusterrolebinding.yml diff --git a/roles/kubernetes-apps/ansible/files/coredns-clusterrole.yml b/roles/kubernetes-apps/ansible/files/coredns-clusterrole.yml new file mode 100644 index 000000000..ea8142a54 --- /dev/null +++ b/roles/kubernetes-apps/ansible/files/coredns-clusterrole.yml @@ -0,0 +1,25 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + kubernetes.io/bootstrapping: rbac-defaults + addonmanager.kubernetes.io/mode: Reconcile + name: system:coredns +rules: + - apiGroups: + - "" + resources: + - endpoints + - services + - pods + - namespaces + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes + verbs: + - get diff --git a/roles/kubernetes-apps/ansible/templates/coredns-clusterrolebinding.yml.j2 b/roles/kubernetes-apps/ansible/files/coredns-clusterrolebinding.yml similarity index 84% rename from roles/kubernetes-apps/ansible/templates/coredns-clusterrolebinding.yml.j2 rename to roles/kubernetes-apps/ansible/files/coredns-clusterrolebinding.yml index 7c79ccfde..af7f684ee 100644 --- a/roles/kubernetes-apps/ansible/templates/coredns-clusterrolebinding.yml.j2 +++ b/roles/kubernetes-apps/ansible/files/coredns-clusterrolebinding.yml @@ -13,6 +13,6 @@ roleRef: kind: ClusterRole name: system:coredns subjects: -- kind: ServiceAccount - name: coredns - namespace: kube-system + - kind: ServiceAccount + name: coredns + namespace: kube-system diff --git a/roles/kubernetes-apps/ansible/templates/coredns-sa.yml.j2 b/roles/kubernetes-apps/ansible/files/coredns-sa.yml similarity index 52% rename from roles/kubernetes-apps/ansible/templates/coredns-sa.yml.j2 rename to roles/kubernetes-apps/ansible/files/coredns-sa.yml index 8b661936e..64d9c4dae 100644 --- a/roles/kubernetes-apps/ansible/templates/coredns-sa.yml.j2 +++ b/roles/kubernetes-apps/ansible/files/coredns-sa.yml @@ -5,5 +5,5 @@ metadata: name: coredns namespace: kube-system labels: - kubernetes.io/cluster-service: "true" - addonmanager.kubernetes.io/mode: Reconcile + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile diff --git a/roles/kubernetes-apps/ansible/templates/dns-autoscaler-sa.yml.j2 b/roles/kubernetes-apps/ansible/files/dns-autoscaler-sa.yml similarity index 100% rename from roles/kubernetes-apps/ansible/templates/dns-autoscaler-sa.yml.j2 rename to roles/kubernetes-apps/ansible/files/dns-autoscaler-sa.yml diff --git a/roles/kubernetes-apps/ansible/tasks/coredns.yml b/roles/kubernetes-apps/ansible/tasks/coredns.yml index ba1cb31d6..bb959966b 100644 --- a/roles/kubernetes-apps/ansible/tasks/coredns.yml +++ b/roles/kubernetes-apps/ansible/tasks/coredns.yml @@ -1,19 +1,20 @@ --- - name: Kubernetes Apps | Lay Down CoreDNS Template - template: - src: "{{ item.file }}.j2" + action: "{{ item.module }}" + args: + src: "{{ item.file }}{% if item.module == 'template' %}.j2{% endif %}" dest: "{{ kube_config_dir }}/{{ item.file }}" with_items: - - { name: coredns, file: coredns-config.yml, type: configmap } - - { name: coredns, file: coredns-sa.yml, type: sa } - - { name: coredns, file: coredns-deployment.yml, type: deployment } - - { name: coredns, file: coredns-svc.yml, type: svc } - - { name: coredns, file: coredns-clusterrole.yml, type: clusterrole } - - { name: coredns, file: coredns-clusterrolebinding.yml, type: clusterrolebinding } - - { name: dns-autoscaler, file: dns-autoscaler-sa.yml, type: sa } - - { name: dns-autoscaler, file: dns-autoscaler-clusterrole.yml, type: clusterrole } - - { name: dns-autoscaler, file: dns-autoscaler-clusterrolebinding.yml, type: clusterrolebinding } - - { name: dns-autoscaler, file: dns-autoscaler.yml, type: deployment } + - { name: coredns, module: template, file: coredns-config.yml, type: configmap } + - { name: coredns, module: copy, file: coredns-sa.yml, type: sa } + - { name: coredns, module: template, file: coredns-deployment.yml, type: deployment } + - { name: coredns, module: template, file: coredns-svc.yml, type: svc } + - { name: coredns, module: copy, file: coredns-clusterrole.yml, type: clusterrole } + - { name: coredns, module: copy, file: coredns-clusterrolebinding.yml, type: clusterrolebinding } + - { name: dns-autoscaler, module: copy, file: dns-autoscaler-sa.yml, type: sa } + - { name: dns-autoscaler, module: copy, file: dns-autoscaler-clusterrole.yml, type: clusterrole } + - { name: dns-autoscaler, module: copy, file: dns-autoscaler-clusterrolebinding.yml, type: clusterrolebinding } + - { name: dns-autoscaler, module: template, file: dns-autoscaler.yml, type: deployment } register: coredns_manifests vars: clusterIP: "{{ skydns_server }}" diff --git a/roles/kubernetes-apps/ansible/templates/coredns-clusterrole.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-clusterrole.yml.j2 deleted file mode 100644 index 248cd8cb2..000000000 --- a/roles/kubernetes-apps/ansible/templates/coredns-clusterrole.yml.j2 +++ /dev/null @@ -1,25 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - kubernetes.io/bootstrapping: rbac-defaults - addonmanager.kubernetes.io/mode: Reconcile - name: system:coredns -rules: -- apiGroups: - - "" - resources: - - endpoints - - services - - pods - - namespaces - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - nodes - verbs: - - get