kubespray/roles/kubernetes-apps/metallb/tasks/main.yml

---
- name: Kubernetes Apps | Check cluster settings for MetalLB
  fail:
    msg: "MetalLB require kube_proxy_strict_arp = true, see https://github.com/danderson/metallb/issues/153#issuecomment-518651132"
  when:
    - "kube_proxy_mode == 'ipvs' and not kube_proxy_strict_arp"

- name: Kubernetes Apps | Check cluster settings for MetalLB
  fail:
    msg: "metallb_ip_range is mandatory to be specified for MetalLB"
  when:
    - metallb_ip_range is not defined or not metallb_ip_range

- name: Kubernetes Apps | Check BGP peers for MetalLB
  fail:
    msg: "metallb_peers is mandatory when metallb_protocol is bgp and metallb_speaker_enabled"
  when:
    - metallb_protocol == 'bgp' and metallb_speaker_enabled
    - metallb_peers is not defined or not metallb_peers

- name: Kubernetes Apps | Check AppArmor status
  command: which apparmor_parser
  register: apparmor_status
  when:
    - podsecuritypolicy_enabled
    - inventory_hostname == groups['kube_control_plane'][0]
  failed_when: false

- name: Kubernetes Apps | Set apparmor_enabled
  set_fact:
    apparmor_enabled: "{{ apparmor_status.rc == 0 }}"
  when:
    - podsecuritypolicy_enabled
    - inventory_hostname == groups['kube_control_plane'][0]

- name: Kubernetes Apps | Lay Down MetalLB
  become: true
  template:
    src: "{{ item }}.j2"
    dest: "{{ kube_config_dir }}/{{ item }}"
    mode: 0644
  with_items: ["metallb.yml", "metallb-config.yml"]
  register: "rendering"
  when:
    - "inventory_hostname == groups['kube_control_plane'][0]"

- name: Kubernetes Apps | Install and configure MetalLB
  kube:
    name: "MetalLB"
    kubectl: "{{ bin_dir }}/kubectl"
    filename: "{{ kube_config_dir }}/{{ item.item }}"
    state: "{{ item.changed | ternary('latest','present') }}"
  become: true
  with_items: "{{ rendering.results }}"
  when:
    - "inventory_hostname == groups['kube_control_plane'][0]"