|
|
---
- name: Kubernetes Apps | Check AppArmor status
command: which apparmor_parser
register: apparmor_status
when:
- inventory_hostname == groups['kube_control_plane'][0]
failed_when: false
- name: Kubernetes Apps | Set apparmor_enabled
set_fact:
apparmor_enabled: "{{ apparmor_status.rc == 0 }}"
when:
- inventory_hostname == groups['kube_control_plane'][0]
- name: Kubernetes Apps | Netchecker Templates list
set_fact:
netchecker_templates:
- {file: netchecker-ns.yml, type: ns, name: netchecker-namespace}
- {file: netchecker-agent-sa.yml, type: sa, name: netchecker-agent}
- {file: netchecker-agent-ds.yml, type: ds, name: netchecker-agent}
- {file: netchecker-agent-hostnet-ds.yml, type: ds, name: netchecker-agent-hostnet}
- {file: netchecker-server-sa.yml, type: sa, name: netchecker-server}
- {file: netchecker-server-clusterrole.yml, type: clusterrole, name: netchecker-server}
- {file: netchecker-server-clusterrolebinding.yml, type: clusterrolebinding, name: netchecker-server}
- {file: netchecker-server-deployment.yml, type: deployment, name: netchecker-server}
- {file: netchecker-server-svc.yml, type: svc, name: netchecker-service}
- name: Kubernetes Apps | Lay Down Netchecker Template
template:
src: "{{ item.file }}.j2"
dest: "{{ kube_config_dir }}/{{ item.file }}"
mode: "0644"
with_items: "{{ netchecker_templates }}"
register: manifests
when:
- inventory_hostname == groups['kube_control_plane'][0]
- name: Kubernetes Apps | Start Netchecker Resources
kube:
name: "{{ item.item.name }}"
namespace: "{{ netcheck_namespace }}"
kubectl: "{{ bin_dir }}/kubectl"
resource: "{{ item.item.type }}"
filename: "{{ kube_config_dir }}/{{ item.item.file }}"
state: "latest"
with_items: "{{ manifests.results }}"
when: inventory_hostname == groups['kube_control_plane'][0] and not item is skipped
|
