From 1b2bea2d88f68d104e10e899838fa3f773dd72f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Montagne?= Date: Fri, 17 Nov 2023 11:15:30 +0100 Subject: [PATCH 1/2] =?UTF-8?q?feat:=20:sparkles:=20Nous=20=C3=A9vitons=20?= =?UTF-8?q?d'installer=20cert-manager=20si=20d=C3=A9j=C3=A0=20pr=C3=A9sent?= =?UTF-8?q?.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- roles/cert-manager/tasks/main.yaml | 107 +++++++++++++++++------------ roles/cloudnativepg/tasks/main.yml | 2 +- 2 files changed, 63 insertions(+), 46 deletions(-) diff --git a/roles/cert-manager/tasks/main.yaml b/roles/cert-manager/tasks/main.yaml index 3fcbb192..f6ade16f 100644 --- a/roles/cert-manager/tasks/main.yaml +++ b/roles/cert-manager/tasks/main.yaml @@ -1,56 +1,73 @@ --- -- name: Add cert-manager helm repo - kubernetes.core.helm_repository: - name: jetstack - repo_url: https://charts.jetstack.io +- name: Get cluster infos + kubernetes.core.k8s_cluster_info: + register: cluster_infos -# Installation des CRDs indépendamment du chart helm. -# Recommandé en production. -# Voir : https://cert-manager.io/docs/installation/helm -- name: Download cert-manager CRDs - ansible.builtin.uri: - url: https://github.com/cert-manager/cert-manager/releases/download/{{ dsc.certmanager.chartVersion }}/cert-manager.crds.yaml - return_content: true - register: cert_manager_crds - -- name: Apply CRDs - kubernetes.core.k8s: - state: present - definition: "{{ cert_manager_crds.content | from_yaml_all }}" - -- name: Set cert-manager helm values +- name: Check if cert-manager api exists ansible.builtin.set_fact: - cm_values: {} + cm_api: "{{ cluster_infos.apis['cert-manager.io/v1'] | default('absent') }}" + +- name: Check if cert-manager-webhook exists + kubernetes.core.k8s_info: + kind: MutatingWebhookConfiguration + name: cert-manager-webhook + register: cm_mwhc -- name: Merge with proxy settings - when: dsc.proxy.enabled +- name: Install cert-manager + when: (cm_api == 'absent') or (cm_mwhc.resources | length == 0) block: - - name: Generate proxy values - ansible.builtin.set_fact: - cm_proxy_values: "{{ lookup('template', 'proxy-values.yaml.j2') | from_yaml }}" - - name: Merge with cm proxy values + - name: Add cert-manager helm repo + kubernetes.core.helm_repository: + name: jetstack + repo_url: https://charts.jetstack.io + + # Installation des CRDs indépendamment du chart helm. + # Recommandé en production. + # Voir : https://cert-manager.io/docs/installation/helm + - name: Download cert-manager CRDs + ansible.builtin.uri: + url: https://github.com/cert-manager/cert-manager/releases/download/{{ dsc.certmanager.chartVersion }}/cert-manager.crds.yaml + return_content: true + register: cert_manager_crds + + - name: Apply CRDs + kubernetes.core.k8s: + state: present + definition: "{{ cert_manager_crds.content | from_yaml_all }}" + + - name: Set cert-manager helm values ansible.builtin.set_fact: - cm_values: "{{ cm_values | combine(cm_proxy_values, recursive=True, list_merge='append') }}" + cm_values: {} -- name: Deploy helm - kubernetes.core.helm: - # force: true - name: cert-manager - chart_ref: jetstack/cert-manager - chart_version: "{{ dsc.certmanager.chartVersion }}" - release_namespace: cert-manager - create_namespace: true - values: "{{ cm_values }}" + - name: Merge with proxy settings + when: dsc.proxy.enabled + block: + - name: Generate proxy values + ansible.builtin.set_fact: + cm_proxy_values: "{{ lookup('template', 'proxy-values.yaml.j2') | from_yaml }}" + - name: Merge with cm proxy values + ansible.builtin.set_fact: + cm_values: "{{ cm_values | combine(cm_proxy_values, recursive=True, list_merge='append') }}" -- name: Wait cert-manager to initialize - kubernetes.core.k8s_info: - kind: Endpoints - namespace: cert-manager - name: cert-manager-webhook - register: endpoint - until: endpoint.resources[0].subsets[0].addresses[0] is defined - retries: 15 - delay: 5 + - name: Deploy helm + kubernetes.core.helm: + # force: true + name: cert-manager + chart_ref: jetstack/cert-manager + chart_version: "{{ dsc.certmanager.chartVersion }}" + release_namespace: cert-manager + create_namespace: true + values: "{{ cm_values }}" + + - name: Wait cert-manager to initialize + kubernetes.core.k8s_info: + kind: Endpoints + namespace: cert-manager + name: cert-manager-webhook + register: endpoint + until: endpoint.resources[0].subsets[0].addresses[0] is defined + retries: 15 + delay: 5 - name: Create Let's Encrypt ClusterIssuer kubernetes.core.k8s: diff --git a/roles/cloudnativepg/tasks/main.yml b/roles/cloudnativepg/tasks/main.yml index f86f7ac9..efba4cc4 100644 --- a/roles/cloudnativepg/tasks/main.yml +++ b/roles/cloudnativepg/tasks/main.yml @@ -7,7 +7,7 @@ ansible.builtin.set_fact: cnpg_api: "{{ cluster_infos.apis['postgresql.cnpg.io/v1'] | default('absent') }}" -- name: Chek if cnpg-mutating-webhook-configuration exists +- name: Check if cnpg-mutating-webhook-configuration exists kubernetes.core.k8s_info: kind: MutatingWebhookConfiguration name: cnpg-mutating-webhook-configuration From eb3fe800c745861972df6850fc9a7c88ed231ebb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Montagne?= Date: Fri, 17 Nov 2023 14:15:10 +0100 Subject: [PATCH 2/2] =?UTF-8?q?feat:=20:sparkles:=20Nous=20=C3=A9vitons=20?= =?UTF-8?q?d'installer=20kubed=20si=20d=C3=A9j=C3=A0=20pr=C3=A9sent.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- roles/confSyncer/tasks/main.yaml | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/roles/confSyncer/tasks/main.yaml b/roles/confSyncer/tasks/main.yaml index 0b0d767f..1e133d91 100644 --- a/roles/confSyncer/tasks/main.yaml +++ b/roles/confSyncer/tasks/main.yaml @@ -1,13 +1,23 @@ --- -- name: Add helm repo - kubernetes.core.helm_repository: - name: appscode - repo_url: https://charts.appscode.com/stable/ +- name: Get existing kubed pods + kubernetes.core.k8s_info: + kind: Pod + label_selectors: + - "app.kubernetes.io/name=kubed" + register: kubed_pods -- name: Deploy helm - kubernetes.core.helm: - name: kubed - chart_ref: appscode/kubed - chart_version: "{{ dsc.kubed.chartVersion }}" - release_namespace: openshift-infra - create_namespace: true +- name: Install kubed + when: kubed_pods.resources | length == 0 + block: + - name: Add helm repo + kubernetes.core.helm_repository: + name: appscode + repo_url: https://charts.appscode.com/stable/ + + - name: Deploy helm + kubernetes.core.helm: + name: kubed + chart_ref: appscode/kubed + chart_version: "{{ dsc.kubed.chartVersion }}" + release_namespace: openshift-infra + create_namespace: true