Update roles
This commit is contained in:
@@ -0,0 +1,58 @@
|
||||
---
|
||||
- name: Deploy container-pod-yaml with validation
|
||||
block:
|
||||
- name: Make sure unzip is installed
|
||||
become: true
|
||||
ansible.builtin.package:
|
||||
name: unzip
|
||||
state: present
|
||||
|
||||
- name: Set correct kubeval version for 64bit
|
||||
ansible.builtin.set_fact:
|
||||
kubeval_arch: amd64
|
||||
when: ansible_architecture == "x86_64"
|
||||
|
||||
- name: Set correct kubeval version for 64bit
|
||||
ansible.builtin.set_fact:
|
||||
kubeval_arch: 386
|
||||
when: ansible_architecture == "i386"
|
||||
|
||||
- name: Continue without validation as we can't get kubeval for this arch
|
||||
ansible.builtin.set_fact:
|
||||
container_pod_yaml_template_validation: false
|
||||
when: kubeval_arch is undefined
|
||||
|
||||
- name: Get latest kubeval version
|
||||
become: true
|
||||
ansible.builtin.unarchive:
|
||||
src: "{{ kubeval_url }}/download/kubeval-linux-{{ kubeval_arch }}.tar.gz"
|
||||
dest: "/usr/local/bin"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0755"
|
||||
exclude:
|
||||
- README.md
|
||||
- LICENSE
|
||||
remote_src: true
|
||||
keep_newer: true
|
||||
|
||||
- name: Deploy container configuration
|
||||
ansible.builtin.template:
|
||||
src: "{{ container_pod_yaml_template }}"
|
||||
dest: "{{ container_pod_yaml }}"
|
||||
owner: "{{ container_run_as_user }}"
|
||||
group: "{{ container_run_as_group }}"
|
||||
mode: '0640'
|
||||
validate: /usr/local/bin/kubeval %s
|
||||
notify: restart service
|
||||
when: container_pod_yaml_template_validation
|
||||
|
||||
- name: container-pod-yaml without validation
|
||||
ansible.builtin.template:
|
||||
src: "{{ container_pod_yaml_template }}"
|
||||
dest: "{{ container_pod_yaml }}"
|
||||
owner: "{{ container_run_as_user }}"
|
||||
group: "{{ container_run_as_group }}"
|
||||
mode: '0640'
|
||||
notify: restart service
|
||||
when: not container_pod_yaml_template_validation
|
||||
@@ -0,0 +1,98 @@
|
||||
apiVersion: {{ container_pod_apiversion | default('v1') }}
|
||||
kind: Pod
|
||||
metadata:
|
||||
{% if container_pod_labels is defined %}
|
||||
labels:
|
||||
{% for key, value in container_pod_labels.items() %}
|
||||
{{ key }}: {{ value }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
name: {{ container_name }}
|
||||
spec:
|
||||
{% if container_pod_volumes is defined %}
|
||||
#
|
||||
# define exported volumes for permanent data
|
||||
#
|
||||
volumes:
|
||||
{% for volume in container_pod_volumes %}
|
||||
- name: {{ volume.name }}
|
||||
{% for key, value in volume.items() %}
|
||||
{% if key != 'name' %}
|
||||
{% if value is mapping %}
|
||||
{{ key }}:
|
||||
{% for key, value in value.items() %}
|
||||
{{ key }}: {{ value }}
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
{{ key }}: {{ value }}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if container_pod_containers is defined %}
|
||||
#
|
||||
# container definition
|
||||
#
|
||||
containers:
|
||||
{% for container in container_pod_containers %}
|
||||
- name: {{ container.name }}
|
||||
{% if container.command is defined %}
|
||||
commmand: {{ container.command }}
|
||||
{% endif %}
|
||||
{% if container.args is defined %}
|
||||
args: {{ container.args }}
|
||||
{% endif %}
|
||||
{% if container.workingDir is defined %}
|
||||
workingDir: {{ container.workingDir }}
|
||||
{% endif %}
|
||||
image: {{ container.image }}
|
||||
{% if container.env is defined %}
|
||||
env:
|
||||
{% for key, value in container.env.items() %}
|
||||
- name: {{ key }}
|
||||
value: {{ value }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if container.volumeMounts is defined %}
|
||||
volumeMounts:
|
||||
{% for volume in container.volumeMounts %}
|
||||
- name: {{ volume.name }}
|
||||
mountPath: {{ volume.mountPath }}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if container.ports is defined %}
|
||||
ports:
|
||||
{% for port in container.ports %}
|
||||
- containerPort: {{ port.containerPort }}
|
||||
{% if port.hostIP is defined %}
|
||||
hostIP: {{ port.hostIP }}
|
||||
{% endif %}
|
||||
{% if port.hostPort is defined %}
|
||||
hostPort: {{ port.hostPort }}
|
||||
{% endif %}
|
||||
{% if port.name is defined %}
|
||||
name: {{ port.name }}
|
||||
{% endif %}
|
||||
{% if port.protocol is defined %}
|
||||
protocol: {{ port.protocol }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if container.securityContext is defined %}
|
||||
securityContext:
|
||||
{% for key, value in container.securityContext.items() %}
|
||||
{% if value is mapping %}
|
||||
{{ key }}:
|
||||
{% for key, value in value.items() %}
|
||||
{{ key }}: {{ value }}
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
{{ key }}: {{ value }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
Reference in New Issue
Block a user