Convert dashboard to kubectl_apply_stdin

2026-01-11 01:57:37 -03:30 · 2024-11-09 15:21:04 +01:00 · 2024-11-09 15:21:04 +01:00 · 27ccfc7c66
commit 27ccfc7c66
parent 990d2a1358
3 changed files with 13 additions and 40 deletions
--- a/roles/kubernetes-apps/ansible/tasks/dashboard.yml
+++ b/roles/kubernetes-apps/ansible/tasks/dashboard.yml
@ -1,21 +0,0 @@
---
- name: Kubernetes Apps | Lay down dashboard template
-  template:
-    src: "{{ item.file }}.j2"
-    dest: "{{ kube_config_dir }}/{{ item.file }}"
-    mode: "0644"
-  with_items:
-    - { file: dashboard.yml, type: deploy, name: kubernetes-dashboard }
-  register: manifests
-  when: inventory_hostname == groups['kube_control_plane'][0]
-
- name: Kubernetes Apps | Start dashboard
-  kube:
-    name: "{{ item.item.name }}"
-    namespace: "{{ dashboard_namespace }}"
-    kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/{{ item.item.file }}"
-    state: "latest"
-  with_items: "{{ manifests.results }}"
-  when: inventory_hostname == groups['kube_control_plane'][0]
--- a/roles/kubernetes-apps/ansible/tasks/main.yml
+++ b/roles/kubernetes-apps/ansible/tasks/main.yml
@ -67,7 +67,13 @@
    - netchecker

 - name: Kubernetes Apps | Dashboard
-  import_tasks: dashboard.yml
+  command:
+    cmd: "{{ kubectl_apply_stdin }}"
+    stdin: "{{ lookup('template', 'dashboard.yml.j2') }}"
+  delegate_to: "{{ groups['kube_control_plane'][0] }}"
+  run_once: true
+  vars:
+    namespace: "{{ dashboard_namespace }}"
  when: dashboard_enabled
  tags:
    - dashboard
--- a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
@ -17,16 +17,15 @@
 #
 # Example usage: kubectl create -f <this_file>

-{% if dashboard_namespace != "kube-system" %}
+{% if namespace != 'kube-system' %}
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: {{ dashboard_namespace }}
+  name: {{ namespace }}
  labels:
-    name: {{ dashboard_namespace }}
+    name: {{ namespace }}
 {% endif %}
-
 ---
 # ------------------- Dashboard Secrets ------------------- #
 apiVersion: v1
@ -35,7 +34,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-certs
-  namespace: {{ dashboard_namespace }}
 type: Opaque

 ---
@ -45,7 +43,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-csrf
-  namespace: {{ dashboard_namespace }}
 type: Opaque
 data:
  csrf: ""
@ -57,7 +54,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-key-holder
-  namespace: {{ dashboard_namespace }}
 type: Opaque

 ---
@ -68,7 +64,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-settings
-  namespace: {{ dashboard_namespace }}

 ---
 # ------------------- Dashboard Service Account ------------------- #
@ -79,7 +74,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
-  namespace: {{ dashboard_namespace }}

 ---
 # ------------------- Dashboard Role & Role Binding ------------------- #
@ -89,7 +83,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
-  namespace: {{ dashboard_namespace }}
 rules:
  # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
  - apiGroups: [""]
@ -118,7 +111,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
-  namespace: {{ dashboard_namespace }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
@ -126,7 +118,7 @@ roleRef:
 subjects:
  - kind: ServiceAccount
    name: kubernetes-dashboard
-    namespace: {{ dashboard_namespace }}
+    namespace: {{ namespace }}

 ---
 apiVersion: rbac.authorization.k8s.io/v1
@ -140,7 +132,7 @@ roleRef:
 subjects:
  - kind: ServiceAccount
    name: kubernetes-dashboard
-    namespace: {{ dashboard_namespace }}
+    namespace: {{ namespace }}

 ---
 # ------------------- Dashboard Deployment ------------------- #
@ -151,7 +143,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
-  namespace: {{ dashboard_namespace }}
 spec:
  replicas: {{ dashboard_replicas }}
  revisionHistoryLimit: 10
@ -182,7 +173,7 @@ spec:
            - containerPort: 8443
              protocol: TCP
          args:
-            - --namespace={{ dashboard_namespace }}
+            - --namespace={{ namespace }}
 {% if dashboard_use_custom_certs %}
            - --tls-key-file={{ dashboard_tls_key_file }}
            - --tls-cert-file={{ dashboard_tls_cert_file }}
@ -238,7 +229,6 @@ metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
-  namespace: {{ dashboard_namespace }}
 spec:
  ports:
    - port: 443
@ -270,7 +260,6 @@ metadata:
  labels:
    k8s-app: kubernetes-metrics-scraper
  name: dashboard-metrics-scraper
-  namespace: {{ dashboard_namespace }}
 spec:
  ports:
    - port: 8000
@ -287,7 +276,6 @@ metadata:
  labels:
    k8s-app: kubernetes-metrics-scraper
  name: kubernetes-metrics-scraper
-  namespace: {{ dashboard_namespace }}
 spec:
  replicas: 1
  revisionHistoryLimit: 10