sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kubernetes and all, test to cron playbook

Browse Source
This commit is contained in:
sgratias
2023-10-01 17:39:11 +02:00
parent 1d51266e6b
commit 8df61ab3dc
4 changed files with 243 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
all.yml
View File

@@ -51,7 +51,7 @@
dest: "/usr/local/scripts/alerts.sh" dest: "/usr/local/scripts/alerts.sh"
owner: root owner: root
group: root group: root
mode: 0744 mode: 0755
tags: tags:
- alerts - alerts

9
group_vars/local.yml
View File

@@ -239,3 +239,12 @@ dockerapp_compose:
# KUBERNETES # # KUBERNETES #
############## ##############
kubernetes_tree_base_dir:
- /opt
- /opt/kubernetes
kubernetes_service: infra

221
host_vars/vagrant.yml
View File

@@ -4,6 +4,7 @@ docker_install_compose: false
kubernetes_version: 1.28 kubernetes_version: 1.28
kubernetes_apiserver_advertise_address: 192.168.33.10 kubernetes_apiserver_advertise_address: 192.168.33.10
kubernetes_load_balancer_public_ip: 192.168.33.11
kubernetes_pod_network: kubernetes_pod_network:
# Flannel CNI. # Flannel CNI.
cni: 'flannel' cni: 'flannel'
@@ -18,11 +19,11 @@ kubernetes_pod_network:
# - "--pod-network-cidr=10.244.0.0/16" # - "--pod-network-cidr=10.244.0.0/16"
# - "--control-plane-endpoint=192.168.33.10" # - "--control-plane-endpoint=192.168.33.10"
kubernetes_namespaces: # kubernetes_namespaces:
- apiVersion: v1 # - apiVersion: v1
kind: Namespace # kind: Namespace
metadata: # metadata:
name: argocd # name: argocd
# kubernetes_namespace: toto # kubernetes_namespace: toto
@@ -90,6 +91,216 @@ kubernetes_alias_bashrc:
# - complete -F __start_kubectl k # - complete -F __start_kubectl k
#- echo "function kname() {k config set-context --current --namespace $1}" >> ~/.bashrc #- echo "function kname() {k config set-context --current --namespace $1}" >> ~/.bashrc
kubernetes_namespaces_crd:
- namespace: argocd
url: https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
file: install
- namespace: traefik
url: https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
file: kubernetes-crd-definition-v1
# - namespace: traefik
# url: https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
# file: kubernetes-crd-rbac
kubernetes_namespaces: "{{ kubernetes_namespaces_crd }}"
kubernetes_traefik_objects:
- namespace: traefik
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
definition:
metadata:
name: traefik-role
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
- ingressclasses
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses/status
verbs:
- update
- apiGroups:
- traefik.io
resources:
- middlewares
- middlewaretcps
- ingressroutes
- traefikservices
- ingressroutetcps
- ingressrouteudps
- tlsoptions
- tlsstores
- serverstransports
- serverstransporttcps
verbs:
- get
- list
- watch
- namespace: traefik
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
definition:
metadata:
name: traefik-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: traefik-role
subjects:
- kind: ServiceAccount
name: traefik-account
namespace: traefik
- namespace: traefik
apiVersion: v1
kind: ServiceAccount
definition:
metadata:
name: traefik-account
- namespace: traefik
kind: Deployment
apiVersion: apps/v1
definition:
metadata:
name: traefik-deployment
labels:
app: traefik
spec:
replicas: 1
selector:
matchLabels:
app: traefik
template:
metadata:
labels:
app: traefik
spec:
serviceAccountName: traefik-account
hostNetwork: true
containers:
- name: traefik
image: traefik:v2.10
args:
- --accessLog
- --api.insecure=false
- --api.dashboard
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entryPoint.to=websecure
- --entrypoints.websecure.address=:443
- --providers.kubernetesingress=true
- --providers.kubernetescrd=true
- --log.level=debug
- --metrics.prometheus=true
- --metrics.prometheus.buckets=0.1,0.3,1.2,5.0
- --metrics.prometheus.addEntryPointsLabels=true
- --metrics.prometheus.addrouterslabels=true
- --metrics.prometheus.addServicesLabels=true
- --metrics.prometheus.manualrouting=true
#Cela signifie que Traefik ne vérifiera pas la validité du certificat SSL/TLS du serveur vers lequel il dirige le trafic
# Ok en dev (self-signed) NOK en prod
# Utilisé pour argocd - 500 Internal Error traefik
- --serverstransport.insecureskipverify=true
ports:
- name: web
containerPort: 80
- name: websecure
containerPort: 443
- namespace: traefik
apiVersion: v1
kind: Secret
definition:
data:
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZsekNDQTM4Q0ZGSjc1dnE5KzhJUGNIR0RHcU5EM1ZnRzZyU1FNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1JR0gKTVFzd0NRWURWUVFHRXdKR1VqRVBNQTBHQTFVRUNBd0dSbkpoYm1ObE1RNHdEQVlEVlFRSERBVlFZWEpwY3pFTwpNQXdHQTFVRUNnd0ZTMFZaV1U4eERqQU1CZ05WQkFzTUJVdEZXVmxQTVJrd0Z3WURWUVFEREJCMFpYTjBMblJ5CllXVm1hV3N1Ym1WME1Sd3dHZ1lKS29aSWh2Y05BUWtCRmcxMFpYTjBRSFJsYzNRdVkyOXRNQjRYRFRJek1EZ3kKTnpFME5ESXhObG9YRFRJek1Ea3lOakUwTkRJeE5sb3dnWWN4Q3pBSkJnTlZCQVlUQWtaU01ROHdEUVlEVlFRSQpEQVpHY21GdVkyVXhEakFNQmdOVkJBY01CVkJoY21sek1RNHdEQVlEVlFRS0RBVkxSVmxaVHpFT01Bd0dBMVVFCkN3d0ZTMFZaV1U4eEdUQVhCZ05WQkFNTUVIUmxjM1F1ZEhKaFpXWnBheTV1WlhReEhEQWFCZ2txaGtpRzl3MEIKQ1FFV0RYUmxjM1JBZEdWemRDNWpiMjB3Z2dJaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQ0R3QXdnZ0lLQW9JQwpBUURNbG9aSE4yOE04SERMU2t5WkJ5SzhvWEtTcDB0WHFnL3FrM1FpeHQ5UEpnOWduYWs1NThtVEgwemNzQk1VCmFndEtTWXU1akdQSGFSQ3dXNDdrTGp6TUlLL2RYdWlDRE1nUUN6RFB0cWM2Qm9KQy95UTZHV1VwU2hhSmVQUVUKRFRVK09NamNpd09LSmkxOTFKMnR3ZGxpb21FbXZYWUFHcStzSkRVa25WL1FadVBZMlpmcVZibnBwQkt5U0FvegpJWVVGRzdOSTk2K3o3TW5IelVWNG94V1lkQkNjTWNvMllFV3lNU2hhR0hDV3Z3dUtXalZJWXJWSGI1dlQyWVF4CjRCbHlUa2dEQ1o3bTZWMlhLcFJIalp4cjJJVHh1T0FybzhoZ3FHSGprbnptVGh6ZnZKK1NuWk8xK253OXEvNnMKN1lxbkI1RUh2UVdBSks5UkYrZDZsOGZTam1iUGs0VGl1cWNqRkljUXprSnVUV2ZSbk1MN0YybXQ4Z0p6azlZRwpsaW1jcTdkSTdENFFDaEJadGt1Ny93TmUrSTI2Y0MwM0l5QnR0SFRqeUlvbWJ4K1JVOFJBaGFKNDZtY3Y4ZUdCCjNIeS9hVjZERFB6SWdUc1JQWTNuekhlYWhmOHJmamNRcDcrZGNuNmxDV0pROW0rQVFNN0hZZGtJdXQ5QlF0aEQKemlHZFFLd3ZBdmFTV3krRjdQc2kxUXQwTDhxZ01OT2JDTUl6ZUdCYXg0ZkdZQnJjNFQ3UXFVNzBKakZXWXhQUwpzU1UzRm5sWFhLbXFTZ29naFd3Y2tqWUJCakJnb1E4dmZJNDhqTDlycmJkZWFxSWJXSkRSeXc4R0ZGNDVDMzNQCkxRWC9zWEN3Wno0YjVHYkZZNWRzbVBGdFVnUG9TVWtZWm9KVU8waUw3NXhMRVFJREFRQUJNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElDQVFDWU0vY2tKUDBYelk1bTJsQlRWdm9hUzg1MVJlRTA5YmFqaXlMbnYrTFpLRTNyVzFQTAo1citubzNXVCtZWmxYUzVGS0Z4cGZMdXdJRGZtZTZjOUVldzRLbkdxaTVVTXJrVjJxb3lPUmxIRzdESG1ocW5NCjlNK1J2Zks4QldaUmMwQ0lwOGQ3dnBhWW1xQ0tFdURYajZZd2FSUmJHejdkcE1MYnFsNWViaU5md2c5em1aaE0KNmxXcVphN3JxTzBwMEp3NXNOLzZUS2F1QXlkUitaS1NGdzVVVWFCN20veW1MN0lWVk5WRVBzRm5aYnViRm40YwpZQm93NHA1V3NjUHoyQTVmUG83QzlkZkNaaWpCYmlodXNYdTIzMDEwSU9ITys4SjlOMFBtUit5Y0J3dHd2MmhRCmpzbThPTTV0YTFUZkJmeHUzeWNQZjl2Um5SVlJHVkg0eEdLN2tTMnNwKzZiS0xEM2hKNFN2VkRNdVBHQW5zb2gKbGFOb2JqL2l0NU1MQ08wcDhMclJ2OHdwTUdnVUZ0eVNtR2FDa0MvM0pqQ1BTbnI2S1d3a3VQVnRVVlZpSjhpagpKREhBcW9hSWhLVzcwOXZTdWlFbHZUTlIwUmJWWHVaRDZqRHRDTGdmaXB1T2E1endoeEd3aVhHL1g1bUszaUxkCnRCUi9JeGw0ZUlQV1BVbEtnZHBMVzFIU2I3aU42cG05cjQveGpEbDkzeGowR2ZYZktKalhFY0RtTklhZUl1cVUKRUpDK0Q3YVU4bkdoMlN3WTIrbWlQckFQU0gwSjBxMjhzTHErMXZKWG11MEsxUVZNejErY3hrVER5WVRpTnBwcQpTOXJoWkJoTzNPZEd4Z0ZYSVc5V1dqSStEdXZ3cTJrV1Qwb3VKTHZNbkpDcU5vYkgzVXlHTGg0WmNnPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpSQUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1M0d2dna3FBZ0VBQW9JQ0FRRE1sb1pITjI4TThIREwKU2t5WkJ5SzhvWEtTcDB0WHFnL3FrM1FpeHQ5UEpnOWduYWs1NThtVEgwemNzQk1VYWd0S1NZdTVqR1BIYVJDdwpXNDdrTGp6TUlLL2RYdWlDRE1nUUN6RFB0cWM2Qm9KQy95UTZHV1VwU2hhSmVQUVVEVFUrT01qY2l3T0tKaTE5CjFKMnR3ZGxpb21FbXZYWUFHcStzSkRVa25WL1FadVBZMlpmcVZibnBwQkt5U0FveklZVUZHN05JOTYrejdNbkgKelVWNG94V1lkQkNjTWNvMllFV3lNU2hhR0hDV3Z3dUtXalZJWXJWSGI1dlQyWVF4NEJseVRrZ0RDWjdtNlYyWApLcFJIalp4cjJJVHh1T0FybzhoZ3FHSGprbnptVGh6ZnZKK1NuWk8xK253OXEvNnM3WXFuQjVFSHZRV0FKSzlSCkYrZDZsOGZTam1iUGs0VGl1cWNqRkljUXprSnVUV2ZSbk1MN0YybXQ4Z0p6azlZR2xpbWNxN2RJN0Q0UUNoQloKdGt1Ny93TmUrSTI2Y0MwM0l5QnR0SFRqeUlvbWJ4K1JVOFJBaGFKNDZtY3Y4ZUdCM0h5L2FWNkREUHpJZ1RzUgpQWTNuekhlYWhmOHJmamNRcDcrZGNuNmxDV0pROW0rQVFNN0hZZGtJdXQ5QlF0aER6aUdkUUt3dkF2YVNXeStGCjdQc2kxUXQwTDhxZ01OT2JDTUl6ZUdCYXg0ZkdZQnJjNFQ3UXFVNzBKakZXWXhQU3NTVTNGbmxYWEttcVNnb2cKaFd3Y2tqWUJCakJnb1E4dmZJNDhqTDlycmJkZWFxSWJXSkRSeXc4R0ZGNDVDMzNQTFFYL3NYQ3daejRiNUdiRgpZNWRzbVBGdFVnUG9TVWtZWm9KVU8waUw3NXhMRVFJREFRQUJBb0lDQUd4bE9FSFZVZ1kyQWwwRFFiQTJncVlVCm1DS3hkbzY4OE8vbExqd2F5RWdrTHpPT2RSSFVDQTNtSUpBd3pmc2I4RjFzdUJZWUZ1bVpkaGtxZVh2V0w2b3IKaTJJcm5kOEJyS0lyZTdJaDRWb3lCcVEra0ZBa0VtQWMrL0hjWHQyYzNkL1lzRHVCZjkrYk9MRVpqRzE2YnBYKwoyS0J3ODJzOHVHVHBUaXJYSXVQRkQrVmQ3RXBoSHo1MkN0M2dvMTdSM0t1SE1LZHhhK3RWZ3RkVW9BRTV6d0JXClJsS3JZcXNLdVFLZlh2VFZUQm5pb05ldDBkdEhTU3JQTEczREtuSk9mTXorUXRNeExyckRYQzN5aGx1ZTRRaVcKMEdGT0JaKzVpRG9HSE04NVZ1bWk2MU56bWN4UnB1aGREYVNUVXowR0lsYzdBQkZzaWRTS0cwVkkrQUVSRi9JNQpyM0IyWFBoQVVTNFVlTCttTVJoNW4xWjAzemY4dnRTbnJydUhTditlT25GMVpmcy9tS0NwSnV3YXFHVU4ycjU5CjR1SUNLeXExeUdWaXhNUFU1Zk9QU3poeVd3dUNyVEIydlZqb2J4OUtwVGZGb1dQbU1nSW1rVDRiZy9oVE5naWQKcm9mMmMrVE12cVBQdERKTnRyNW8vQm5jbFIvMXloOVVYdnZSN1dxT21UcEREZUtRUmZlb253TFhNRW1xbmlVYgpTQzZBWnZ4M05yeE14Sk9iRkNDQ01rbXNhS3o2VE9jN2FCRU9ocEZaK1VtN3ZhWWpCZE4vTVlDQmxQZEJ2R090CnRJNk43TVJuc0tid09zOE5wU0FZRWVoWkF3M285KzJzaGIrL3hTUnFocGpURE9tY25KSGRSN3B6RnpGZzA0QzYKT01kU09ycTNrdnpHWWlnNnduYkJBb0lCQVFEbnhtbERwbHRyUUdYMXZmcTRzTFBHTnhmbktabVg3SzdvTlEvegp3NlBFKzlwSi8zSU1VL3NXMGFmcDhvQnc1ZndNT21jN0FqL3VEeTBZYks5Mk55VG5OSzBoZzZPcXNodFdYdDZOCjlnU0hCV3ArcG9pMHVxS3pEblhReEpZUzQ5MDVvTmxvdmhabHMvOG1jbm91TmlhSUlHcXQ0L2dOMUZINmN0bDUKMTRrbm1SUDFRNnZzWXNHNXlKSThsNldDTnJzT21RQmFzR0RrWGJ1dzFWTVYxMzhRR3lCUDdVK2J6Sy9vZ1VqQgpiKzY3Q3JSZ0dIRDc0eS9QNVp3MDJMV3F2WWVHZVJhZHMwQUIyNUlqeTVMWHVERkdWUVZsRlNjTGNkNFZSVXdzCnVqWVdqem1CQmJsVE9tMW1vSjRmRm1haGdLM2RiSW12UGFjQkprQXhnbDJ4MGlVcEFvSUJBUURoK0t2TzBxV08KMXZSbklJWmE3TzQ2SWdmN3E4cVdlanhsbmtUamVkYm5xakpxM1VQMHRxZmpid1V2a3J2amhWaHJmR1lVelBrTApINm9seGh5VmpLM0EvYUNPTlNnWXpDd1grWHllSUdtUnpNNlV5aGFzYVFzTHU1dnhYRTBmZ0VxdGxUb3VrZkIvCjBVUm9TTittQjd5VXBKSTBDQkZmZGN0aVR6a2Q5cDRlU2VSZDNHSWFFMU0vUXBSTTVyN2h1S3dkSXdOdDJSeHEKQ2szY3dVd1psZkpSZ1NZL3pjK3VuZFlYYmN5aFFKRTIya29yNVQ4Nll1S1NPcU1RdlhNRkJkSFlMNVJBZzBRYgpQSkxUWm9hNU9qbkc3VHNsaWxFbUVMSUg3eHp4ZStYVEY3MERSdkhuOWlnY2hHbmhkSTEvWU1DbTNuSHlqWVRNCmFML1BlcTRxSVF1cEFvSUJBUUNMMEdiRGhtRHphOStWeEVxd2l2ZUhoTWlJaTlHNWtlOVk2Rmw5SlBGdjdMV2IKbWRyRWtReVFrVnlIaGQveE91czJ2U3gwcmtDK2JLMDVaS2JiMnh3SjFQN3pqcU4yWHdhYXJaUDNjd2I4SkVvLwpxRm9qRzhyMTFLMUJpTFUzSS9uWnY2d213VFJsbVpVN0xpZUNKT3hOaGJDVXdVWnJvVDdxbzhtSTlIb3FSdStCCkxwZFJlNmw5VnY3UVNuSnZBSEVLdDBVOWI5U2pMZUFCSms1K2lJWi93cjFWT2NTaUtYR2NBaEZQanlRbDlLa20KcHRmUk94VW1oazRhbXZmTHpaVXBpM1lYSDRCbkhuc2oyTFAyS1lpZjhyM1VZbFF4VlRrdy82S2FBS0tNTFUzMQpCT3pzeGZ3a3dwTmdFWFZMeTRJV1psa1FPMUs1SU1mc2xjWExkUWN4QW9JQkFRRGR4MUxRRlR1NTJreGEzcmdlCmkwVXdOdkJBMkJWbjVLWmNVWjVvNTg2ODVmUy9uMVF2M0FrZ2xYaXdmVUg4aG9ZR1VEeGNFK1FsUDdtZGd6ZlEKcXhacFFFT1E3cWpnMVpvOUdYWnVOMytGUWs1S0I2R0RLMEZWRFpkNnBrMW5LbUdneGNJcHJNQXVvbk9TS2x1ZQpOeCtsZjNPaXIzeGxoVlhNc2Rac0N2eWEyNGpQZWhtcVgrY25RakFNM2JiZ0VJQ1R4Q1o4YkVhUDZIY012NFh4CjRwSEYzb3hzdUpFcFh1MmRadjBjRWlPemcwQ2lua2VWQlRJN3RHTVFiZTl5TVlrSHRZSzZZbHE0cEpXeDk0RW8KVC9ZZXYveDUxcXZZUVRDSnl1dE1NbjZZMUVhRTdkOUQrdnJaS2poRXQwQ2NrSmZqN3BSRkt4SDRFS0tZZmw1cgpLSzJwQW9JQkFRRFFJOUp4N2YraW53Y1EydWtHckN2bmVJN2VnaXVqWmoxUEdKbTZLMU5hM3ZVT0xJem9iV3dNCk01dmpRcXAweDdFc3BjQXpBSVF6TytQcUNPQ21iMUx6VGVwejhyc2FiRW84Z04rOEV6SkQzdnF2NTNMR0NCMFMKM2RhdHlmZ0xmeGFvYVFTUk9jUWUxYlpwZy9MUzloZ2pmZjlEbUtaZ3VOTzN0eUZhRGJ4MHQ0RS9GZkJkNVNPWApPdU0vZVU5R1ZZdzFJSW1FeGF2bll4eEtzUXd0VlAyQjNYMG9MbFNhemk0bG9Jb21SRE81TEhTUXp0TDZ6UFZrClRUT0JML2t4Umx1K3UvYStXQ2NrNytSKzc3dmU3d0taV2lJNmdyYnpjNW1VSXlHbEpTUjRvRlVSSzhiL20vOHQKVkJBZzhUYllDYms3aG1RWitHN0lac1NQWE9od2lzWHYKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=
metadata:
name: test-ssl-secret
namespace: traefik
type: kubernetes.io/tls
- namespace: traefik
apiVersion: v1
kind: Secret
definition:
metadata:
name: traefik-auth-secret-dashboard
type: kubernetes.io/basic-auth
stringData:
username: admin
password: dashboard
- namespace: traefik
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
definition:
metadata:
name: traefik-auth-dashboard
spec:
basicAuth:
secret: traefik-auth-secret-dashboard
- namespace: traefik
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
definition:
metadata:
name: traefik-dashboard
namespace: traefik
spec:
entryPoints:
- websecure
routes:
- match: Host(`test.traefik.net`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
kind: Rule
services:
- name: api@internal
kind: TraefikService
middlewares:
- name: traefik-auth-dashboard
namespace: traefik
tls:
secretName: test-ssl-secret
- namespace: traefik
apiVersion: v1
kind: Service
definition:
metadata:
name: traefik-service
namespace: traefik
spec:
type: LoadBalancer
externalIPs:
- "{{ kubernetes_load_balancer_public_ip }}"
ports:
- protocol: TCP
port: 443
targetPort: websecure
name: websecure
- protocol: TCP
targetPort: web
port: 80
name: web
selector:
app: traefik
# for github # for github
management_user_list: management_user_list:

26
kube.yml
View File

@@ -77,7 +77,7 @@
- "{{ kubernetes_tree_base_dir | last }}" - "{{ kubernetes_tree_base_dir | last }}"
- "{{ kubernetes_tree_base_dir | last }}/{{ kubernetes_service }}" - "{{ kubernetes_tree_base_dir | last }}/{{ kubernetes_service }}"
tags: tags:
- git - test
#kubectl label node <node name> node-role.kubernetes.io/<role name>=<key #kubectl label node <node name> node-role.kubernetes.io/<role name>=<key
@@ -91,27 +91,35 @@
# need pip kubernetes to use k8s module # need pip kubernetes to use k8s module
- name: Create all k8s namespace - name: Create all k8s namespace
kubernetes.core.k8s: kubernetes.core.k8s:
name: argocd name: "{{ item.namespace }}"
api_version: v1 api_version: v1
kind: Namespace kind: Namespace
state: present state: present
loop: "{{ kubernetes_namespaces }}"
when: kubernetes_role == 'control_plane'
tags: tags:
- test - test
# Download and apply manifest # Download and apply manifest
- name: Download all manifest to the cluster. - name: Download all manifests to the cluster.
ansible.builtin.get_url: ansible.builtin.get_url:
url: https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml url: "{{ item.url| default(omit) }}"
dest: "{{ kubernetes_tree_base_dir | last }}/{{ kubernetes_service }}/install.yaml" dest: "{{ kubernetes_tree_base_dir | last }}/{{ kubernetes_service }}/{{ item.namespace }}_{{ item.file }}.yaml"
mode: '0664' mode: '0664'
loop: "{{ kubernetes_namespaces }}"
when:
- kubernetes_role == 'control_plane'
tags: tags:
- test - test
- name: Apply argocd manifest to the cluster. - name: Apply all manifests to the cluster.
kubernetes.core.k8s: kubernetes.core.k8s:
state: present state: present
namespace: argocd namespace: "{{ item.namespace }}"
src: "{{ kubernetes_tree_base_dir | last }}/{{ kubernetes_service }}/install.yaml" src: "{{ kubernetes_tree_base_dir | last }}/{{ kubernetes_service }}/{{ item.namespace }}_{{ item.file }}.yaml"
loop: "{{ kubernetes_namespaces }}"
when:
- kubernetes_role == 'control_plane'
tags: tags:
- test - test
@@ -126,7 +134,7 @@
kind: "{{ item.kind }}" kind: "{{ item.kind }}"
definition: "{{ item.definition }}" definition: "{{ item.definition }}"
state: present state: present
loop: "{{ kubernetes_argocd_objects }}" loop: "{{ kubernetes_traefik_objects }}"
tags: tags:
- test - test
- last - last