72 lines
2.9 KiB
YAML
72 lines
2.9 KiB
YAML
---
|
|
|
|
- name: Kubernetes Apps | Check if netchecker-server manifest already exists
|
|
stat:
|
|
path: "{{ kube_config_dir }}/netchecker-server-deployment.yml"
|
|
register: netchecker_server_manifest
|
|
tags:
|
|
- facts
|
|
- upgrade
|
|
|
|
- name: Kubernetes Apps | Apply netchecker-server manifest to update annotations
|
|
kube:
|
|
name: "netchecker-server"
|
|
namespace: "{{ netcheck_namespace }}"
|
|
filename: "{{ netchecker_server_manifest.stat.path }}"
|
|
kubectl: "{{bin_dir}}/kubectl"
|
|
resource: "deploy"
|
|
state: latest
|
|
when: inventory_hostname == groups['kube-master'][0] and netchecker_server_manifest.stat.exists
|
|
tags:
|
|
- upgrade
|
|
|
|
- name: Kubernetes Apps | Netchecker Templates list
|
|
set_fact:
|
|
netchecker_templates:
|
|
- {file: netchecker-agent-sa.yml, type: sa, name: netchecker-agent}
|
|
- {file: netchecker-agent-ds.yml, type: ds, name: netchecker-agent}
|
|
- {file: netchecker-agent-hostnet-ds.yml, type: ds, name: netchecker-agent-hostnet}
|
|
- {file: netchecker-server-sa.yml, type: sa, name: netchecker-server}
|
|
- {file: netchecker-server-clusterrole.yml, type: clusterrole, name: netchecker-server}
|
|
- {file: netchecker-server-clusterrolebinding.yml, type: clusterrolebinding, name: netchecker-server}
|
|
- {file: netchecker-server-deployment.yml, type: deployment, name: netchecker-server}
|
|
- {file: netchecker-server-svc.yml, type: svc, name: netchecker-service}
|
|
netchecker_templates_for_psp:
|
|
- {file: netchecker-agent-hostnet-psp.yml, type: podsecuritypolicy, name: netchecker-agent-hostnet-policy}
|
|
- {file: netchecker-agent-hostnet-clusterrole.yml, type: clusterrole, name: netchecker-agent}
|
|
- {file: netchecker-agent-hostnet-clusterrolebinding.yml, type: clusterrolebinding, name: netchecker-agent}
|
|
|
|
- name: Kubernetes Apps | Append extra templates to Netchecker Templates list for PodSecurityPolicy
|
|
set_fact:
|
|
netchecker_templates: "{{ netchecker_templates_for_psp + netchecker_templates}}"
|
|
when: podsecuritypolicy_enabled
|
|
|
|
- name: Kubernetes Apps | Lay Down Netchecker Template
|
|
template:
|
|
src: "{{item.file}}.j2"
|
|
dest: "{{kube_config_dir}}/{{item.file}}"
|
|
with_items: "{{ netchecker_templates }}"
|
|
register: manifests
|
|
when:
|
|
- inventory_hostname == groups['kube-master'][0]
|
|
|
|
- name: Kubernetes Apps | Purge old Netchecker server
|
|
kube:
|
|
name: "netchecker-server"
|
|
namespace: "{{ netcheck_namespace }}"
|
|
kubectl: "{{bin_dir}}/kubectl"
|
|
resource: "po"
|
|
state: absent
|
|
when: inventory_hostname == groups['kube-master'][0]
|
|
|
|
- name: Kubernetes Apps | Start Netchecker Resources
|
|
kube:
|
|
name: "{{item.item.name}}"
|
|
namespace: "{{netcheck_namespace}}"
|
|
kubectl: "{{bin_dir}}/kubectl"
|
|
resource: "{{item.item.type}}"
|
|
filename: "{{kube_config_dir}}/{{item.item.file}}"
|
|
state: "latest"
|
|
with_items: "{{ manifests.results }}"
|
|
when: inventory_hostname == groups['kube-master'][0] and not item is skipped
|