--- - name: Kubernetes Apps | Check AppArmor status command: which apparmor_parser register: apparmor_status when: - inventory_hostname == groups['kube_control_plane'][0] failed_when: false - name: Kubernetes Apps | Set apparmor_enabled set_fact: apparmor_enabled: "{{ apparmor_status.rc == 0 }}" when: - inventory_hostname == groups['kube_control_plane'][0] - name: Kubernetes Apps | Netchecker Templates list set_fact: netchecker_templates: - {file: netchecker-ns.yml, type: ns, name: netchecker-namespace} - {file: netchecker-agent-sa.yml, type: sa, name: netchecker-agent} - {file: netchecker-agent-ds.yml, type: ds, name: netchecker-agent} - {file: netchecker-agent-hostnet-ds.yml, type: ds, name: netchecker-agent-hostnet} - {file: netchecker-server-sa.yml, type: sa, name: netchecker-server} - {file: netchecker-server-clusterrole.yml, type: clusterrole, name: netchecker-server} - {file: netchecker-server-clusterrolebinding.yml, type: clusterrolebinding, name: netchecker-server} - {file: netchecker-server-deployment.yml, type: deployment, name: netchecker-server} - {file: netchecker-server-svc.yml, type: svc, name: netchecker-service} - name: Kubernetes Apps | Lay Down Netchecker Template template: src: "{{ item.file }}.j2" dest: "{{ kube_config_dir }}/{{ item.file }}" mode: "0644" with_items: "{{ netchecker_templates }}" register: manifests when: - inventory_hostname == groups['kube_control_plane'][0] - name: Kubernetes Apps | Start Netchecker Resources kube: name: "{{ item.item.name }}" namespace: "{{ netcheck_namespace }}" kubectl: "{{ bin_dir }}/kubectl" resource: "{{ item.item.type }}" filename: "{{ kube_config_dir }}/{{ item.item.file }}" state: "latest" with_items: "{{ manifests.results }}" when: inventory_hostname == groups['kube_control_plane'][0] and not item is skipped