Convert netchecker to kubectl_apply_stdin

Not that the Apparmor check result is no longer used since the PSP removal.
2 weeks ago · 150890100d
2 changed files with 17 additions and 48 deletions
--- a/roles/kubernetes-apps/ansible/tasks/main.yml
+++ b/roles/kubernetes-apps/ansible/tasks/main.yml
@ -86,10 +86,26 @@
    - etcd_metrics

 - name: Kubernetes Apps | Netchecker
-  import_tasks: netchecker.yml
+  command:
+    cmd: "{{ kubectl_apply_stdin }}"
+    stdin: "{{ lookup('template', item) }}"
+  delegate_to: "{{ groups['kube_control_plane'][0] }}"
+  run_once: true
+  vars:
+    namespace: "{{ netcheck_namespace }}"
  when: deploy_netchecker
  tags:
    - netchecker
+  loop:
+    - netchecker-ns.yml.j2
+    - netchecker-agent-sa.yml.j2
+    - netchecker-agent-ds.yml.j2
+    - netchecker-agent-hostnet-ds.yml.j2
+    - netchecker-server-sa.yml.j2
+    - netchecker-server-clusterrole.yml.j2
+    - netchecker-server-clusterrolebinding.yml.j2
+    - netchecker-server-deployment.yml.j2
+    - netchecker-server-svc.yml.j2

 - name: Kubernetes Apps | Dashboard
  command:
--- a/roles/kubernetes-apps/ansible/tasks/netchecker.yml
+++ b/roles/kubernetes-apps/ansible/tasks/netchecker.yml
@ -1,47 +0,0 @@
---
- name: Kubernetes Apps | Check AppArmor status
-  command: which apparmor_parser
-  register: apparmor_status
-  when:
-    - inventory_hostname == groups['kube_control_plane'][0]
-  failed_when: false
-
- name: Kubernetes Apps | Set apparmor_enabled
-  set_fact:
-    apparmor_enabled: "{{ apparmor_status.rc == 0 }}"
-  when:
-    - inventory_hostname == groups['kube_control_plane'][0]
-
- name: Kubernetes Apps | Netchecker Templates list
-  set_fact:
-    netchecker_templates:
-      - {file: netchecker-ns.yml, type: ns, name: netchecker-namespace}
-      - {file: netchecker-agent-sa.yml, type: sa, name: netchecker-agent}
-      - {file: netchecker-agent-ds.yml, type: ds, name: netchecker-agent}
-      - {file: netchecker-agent-hostnet-ds.yml, type: ds, name: netchecker-agent-hostnet}
-      - {file: netchecker-server-sa.yml, type: sa, name: netchecker-server}
-      - {file: netchecker-server-clusterrole.yml, type: clusterrole, name: netchecker-server}
-      - {file: netchecker-server-clusterrolebinding.yml, type: clusterrolebinding, name: netchecker-server}
-      - {file: netchecker-server-deployment.yml, type: deployment, name: netchecker-server}
-      - {file: netchecker-server-svc.yml, type: svc, name: netchecker-service}
-
- name: Kubernetes Apps | Lay Down Netchecker Template
-  template:
-    src: "{{ item.file }}.j2"
-    dest: "{{ kube_config_dir }}/{{ item.file }}"
-    mode: "0644"
-  with_items: "{{ netchecker_templates }}"
-  register: manifests
-  when:
-    - inventory_hostname == groups['kube_control_plane'][0]
-
- name: Kubernetes Apps | Start Netchecker Resources
-  kube:
-    name: "{{ item.item.name }}"
-    namespace: "{{ netcheck_namespace }}"
-    kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/{{ item.item.file }}"
-    state: "latest"
-  with_items: "{{ manifests.results }}"
-  when: inventory_hostname == groups['kube_control_plane'][0] and not item is skipped