Rename ansible groups to use _ instead of - (#7552)

* rename ansible groups to use _ instead of - k8s-cluster -> k8s_cluster k8s-node -> k8s_node calico-rr -> calico_rr no-floating -> no_floating Note: kube-node,k8s-cluster groups in upgrade CI need clean-up after v2.16 is tagged * ensure old groups are mapped to the new ones
2026-03-18 01:17:38 -02:30 · 2021-04-29 15:20:50 +03:00
parent d26191373a
commit 360aff4a57
106 changed files with 403 additions and 373 deletions
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -548,7 +548,7 @@ downloads:
    tag: "{{ netcheck_server_image_tag }}"
    sha256: "{{ netcheck_server_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  netcheck_agent:
    enabled: "{{ deploy_netchecker }}"
@@ -557,7 +557,7 @@ downloads:
    tag: "{{ netcheck_agent_image_tag }}"
    sha256: "{{ netcheck_agent_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  etcd:
    container: "{{ etcd_deployment_type != 'host' }}"
@@ -588,7 +588,7 @@ downloads:
    owner: "root"
    mode: "0755"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  kubeadm:
    enabled: true
@@ -601,7 +601,7 @@ downloads:
    owner: "root"
    mode: "0755"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  kubelet:
    enabled: true
@@ -614,7 +614,7 @@ downloads:
    owner: "root"
    mode: "0755"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  kubectl:
    enabled: true
@@ -640,7 +640,7 @@ downloads:
    owner: "root"
    mode: "0755"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  crun:
    file: true
@@ -653,7 +653,7 @@ downloads:
    owner: "root"
    mode: "0755"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  kata_containers:
    enabled: "{{ kata_containers_enabled }}"
@@ -666,7 +666,7 @@ downloads:
    owner: "root"
    mode: "0755"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  nerdctl:
    file: true
@@ -679,7 +679,7 @@ downloads:
    owner: "root"
    mode: "0755"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  cilium:
    enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
@@ -688,7 +688,7 @@ downloads:
    tag: "{{ cilium_image_tag }}"
    sha256: "{{ cilium_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  cilium_init:
    enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
@@ -697,7 +697,7 @@ downloads:
    tag: "{{ cilium_init_image_tag }}"
    sha256: "{{ cilium_init_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  cilium_operator:
    enabled: "{{ kube_network_plugin == 'cilium' or cilium_deploy_additionally | default(false) | bool }}"
@@ -706,7 +706,7 @@ downloads:
    tag: "{{ cilium_operator_image_tag }}"
    sha256: "{{ cilium_operator_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  multus:
    enabled: "{{ kube_network_plugin_multus }}"
@@ -715,7 +715,7 @@ downloads:
    tag: "{{ multus_image_tag }}"
    sha256: "{{ multus_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  flannel:
    enabled: "{{ kube_network_plugin == 'flannel' or kube_network_plugin == 'canal' }}"
@@ -724,7 +724,7 @@ downloads:
    tag: "{{ flannel_image_tag }}"
    sha256: "{{ flannel_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  calicoctl:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
@@ -737,7 +737,7 @@ downloads:
    owner: "root"
    mode: "0755"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  calico_node:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
@@ -746,7 +746,7 @@ downloads:
    tag: "{{ calico_node_image_tag }}"
    sha256: "{{ calico_node_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  calico_cni:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
@@ -755,7 +755,7 @@ downloads:
    tag: "{{ calico_cni_image_tag }}"
    sha256: "{{ calico_cni_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  calico_policy:
    enabled: "{{ enable_network_policy and kube_network_plugin in ['calico', 'canal'] }}"
@@ -764,7 +764,7 @@ downloads:
    tag: "{{ calico_policy_image_tag }}"
    sha256: "{{ calico_policy_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  calico_typha:
    enabled: "{{ typha_enabled }}"
@@ -773,7 +773,7 @@ downloads:
    tag: "{{ calico_typha_image_tag }}"
    sha256: "{{ calico_typha_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  calico_crds:
    file: true
@@ -799,7 +799,7 @@ downloads:
    tag: "{{ weave_kube_image_tag }}"
    sha256: "{{ weave_kube_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  weave_npc:
    enabled: "{{ kube_network_plugin == 'weave' }}"
@@ -808,7 +808,7 @@ downloads:
    tag: "{{ weave_npc_image_tag }}"
    sha256: "{{ weave_npc_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  ovn4nfv:
    enabled: "{{ kube_network_plugin == 'ovn4nfv' }}"
@@ -817,7 +817,7 @@ downloads:
    tag: "{{ ovn4nfv_k8s_plugin_image_tag }}"
    sha256: "{{ ovn4nfv_k8s_plugin_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  kube_ovn:
    enabled: "{{ kube_network_plugin == 'kube-ovn' }}"
@@ -826,7 +826,7 @@ downloads:
    tag: "{{ kube_ovn_container_image_tag }}"
    sha256: "{{ kube_ovn_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  kube_router:
    enabled: "{{ kube_network_plugin == 'kube-router' }}"
@@ -835,7 +835,7 @@ downloads:
    tag: "{{ kube_router_image_tag }}"
    sha256: "{{ kube_router_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  pod_infra:
    enabled: true
@@ -844,7 +844,7 @@ downloads:
    tag: "{{ pod_infra_image_tag }}"
    sha256: "{{ pod_infra_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  install_socat:
    enabled: "{{ ansible_os_family in ['Flatcar Container Linux by Kinvolk'] }}"
@@ -853,7 +853,7 @@ downloads:
    tag: "{{ install_socat_image_tag }}"
    sha256: "{{ install_socat_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  nginx:
    enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'nginx' }}"
@@ -862,7 +862,7 @@ downloads:
    tag: "{{ nginx_image_tag }}"
    sha256: "{{ nginx_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  haproxy:
    enabled: "{{ loadbalancer_apiserver_localhost and loadbalancer_apiserver_type == 'haproxy' }}"
@@ -871,7 +871,7 @@ downloads:
    tag: "{{ haproxy_image_tag }}"
    sha256: "{{ haproxy_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  coredns:
    enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
@@ -889,7 +889,7 @@ downloads:
    tag: "{{ nodelocaldns_image_tag }}"
    sha256: "{{ nodelocaldns_digest_checksum|default(None) }}"
    groups:
-    - k8s-cluster
+    - k8s_cluster

  dnsautoscaler:
    enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
@@ -927,7 +927,7 @@ downloads:
    tag: "{{ registry_image_tag }}"
    sha256: "{{ registry_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  registry_proxy:
    enabled: "{{ registry_enabled }}"
@@ -936,7 +936,7 @@ downloads:
    tag: "{{ registry_proxy_image_tag }}"
    sha256: "{{ registry_proxy_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  metrics_server:
    enabled: "{{ metrics_server_enabled }}"
@@ -964,7 +964,7 @@ downloads:
    tag: "{{ local_volume_provisioner_image_tag }}"
    sha256: "{{ local_volume_provisioner_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  cephfs_provisioner:
    enabled: "{{ cephfs_provisioner_enabled }}"
@@ -973,7 +973,7 @@ downloads:
    tag: "{{ cephfs_provisioner_image_tag }}"
    sha256: "{{ cephfs_provisioner_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  rbd_provisioner:
    enabled: "{{ rbd_provisioner_enabled }}"
@@ -982,7 +982,7 @@ downloads:
    tag: "{{ rbd_provisioner_image_tag }}"
    sha256: "{{ rbd_provisioner_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  local_path_provisioner:
    enabled: "{{ local_path_provisioner_enabled }}"
@@ -991,7 +991,7 @@ downloads:
    tag: "{{ local_path_provisioner_image_tag }}"
    sha256: "{{ local_path_provisioner_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  ingress_nginx_controller:
    enabled: "{{ ingress_nginx_enabled }}"
@@ -1000,7 +1000,7 @@ downloads:
    tag: "{{ ingress_nginx_controller_image_tag }}"
    sha256: "{{ ingress_nginx_controller_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  ingress_ambassador_controller:
    enabled: "{{ ingress_ambassador_enabled }}"
@@ -1009,7 +1009,7 @@ downloads:
    tag: "{{ ingress_ambassador_image_tag }}"
    sha256: "{{ ingress_ambassador_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  ingress_alb_controller:
    enabled: "{{ ingress_alb_enabled }}"
@@ -1018,7 +1018,7 @@ downloads:
    tag: "{{ alb_ingress_image_tag }}"
    sha256: "{{ ingress_alb_controller_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  cert_manager_controller:
    enabled: "{{ cert_manager_enabled }}"
@@ -1027,7 +1027,7 @@ downloads:
    tag: "{{ cert_manager_controller_image_tag }}"
    sha256: "{{ cert_manager_controller_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  cert_manager_cainjector:
    enabled: "{{ cert_manager_enabled }}"
@@ -1036,7 +1036,7 @@ downloads:
    tag: "{{ cert_manager_cainjector_image_tag }}"
    sha256: "{{ cert_manager_cainjector_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  cert_manager_webhook:
    enabled: "{{ cert_manager_enabled }}"
@@ -1045,7 +1045,7 @@ downloads:
    tag: "{{ cert_manager_webhook_image_tag }}"
    sha256: "{{ cert_manager_webhook_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  csi_attacher:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
@@ -1054,7 +1054,7 @@ downloads:
    tag: "{{ csi_attacher_image_tag }}"
    sha256: "{{ csi_attacher_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  csi_provisioner:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
@@ -1063,7 +1063,7 @@ downloads:
    tag: "{{ csi_provisioner_image_tag }}"
    sha256: "{{ csi_provisioner_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  csi_snapshotter:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
@@ -1072,7 +1072,7 @@ downloads:
    tag: "{{ csi_snapshotter_image_tag }}"
    sha256: "{{ csi_snapshotter_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  snapshot_controller:
    enabled: "{{ cinder_csi_enabled }}"
@@ -1081,7 +1081,7 @@ downloads:
    tag: "{{ snapshot_controller_image_tag }}"
    sha256: "{{ snapshot_controller_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  csi_resizer:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
@@ -1090,7 +1090,7 @@ downloads:
    tag: "{{ csi_resizer_image_tag }}"
    sha256: "{{ csi_resizer_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  csi_node_driver_registrar:
    enabled: "{{ cinder_csi_enabled or aws_ebs_csi_enabled }}"
@@ -1099,7 +1099,7 @@ downloads:
    tag: "{{ csi_node_driver_registrar_image_tag }}"
    sha256: "{{ csi_node_driver_registrar_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  cinder_csi_plugin:
    enabled: "{{ cinder_csi_enabled }}"
@@ -1108,7 +1108,7 @@ downloads:
    tag: "{{ cinder_csi_plugin_image_tag }}"
    sha256: "{{ cinder_csi_plugin_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  aws_ebs_csi_plugin:
    enabled: "{{ aws_ebs_csi_enabled }}"
@@ -1117,7 +1117,7 @@ downloads:
    tag: "{{ aws_ebs_csi_plugin_image_tag }}"
    sha256: "{{ aws_ebs_csi_plugin_digest_checksum|default(None) }}"
    groups:
-    - kube-node
+    - kube_node

  dashboard:
    enabled: "{{ dashboard_enabled }}"
--- a/roles/download/tasks/prep_kubeadm_images.yml
+++ b/roles/download/tasks/prep_kubeadm_images.yml
@@ -55,7 +55,7 @@
        container: true
        repo: "{{ item | regex_replace('^(.*):.*$','\\1') }}"
        tag: "{{ item | regex_replace('^.*:(.*)$','\\1') }}"
-        groups: k8s-cluster
+        groups: k8s_cluster
  loop: "{{ kubeadm_images_list | flatten(levels=1) }}"
  register: kubeadm_images_cooked
  run_once: true
--- a/roles/etcd/defaults/main.yml
+++ b/roles/etcd/defaults/main.yml
@@ -55,7 +55,7 @@ etcd_memory_limit: "{% if ansible_memtotal_mb < 4096 %}512M{% else %}0{% endif %

 etcd_blkio_weight: 1000

-etcd_node_cert_hosts: "{{ groups['k8s-cluster'] | union(groups.get('calico-rr', [])) }}"
+etcd_node_cert_hosts: "{{ groups['k8s_cluster'] | union(groups.get('calico_rr', [])) }}"

 etcd_compaction_retention: "8"

--- a/roles/etcd/tasks/check_certs.yml
+++ b/roles/etcd/tasks/check_certs.yml
@@ -33,8 +33,8 @@
  stat:
    path: "{{ etcd_cert_dir }}/{{ item }}"
  register: etcd_node_certs
-  when: (('calico-rr' in groups and inventory_hostname in groups['calico-rr']) or
-        inventory_hostname in groups['k8s-cluster'])
+  when: (('calico_rr' in groups and inventory_hostname in groups['calico_rr']) or
+        inventory_hostname in groups['k8s_cluster'])
  with_items:
    - ca.pem
    - node-{{ inventory_hostname }}.pem
@@ -56,7 +56,7 @@
        '{{ etcd_cert_dir }}/member-{{ host }}.pem',
        '{{ etcd_cert_dir }}/member-{{ host }}-key.pem',
      {% endfor %}
-      {% set k8s_nodes = groups['k8s-cluster']|union(groups['calico-rr']|default([]))|unique|sort %}
+      {% set k8s_nodes = groups['k8s_cluster']|union(groups['calico_rr']|default([]))|unique|sort %}
      {% for host in k8s_nodes %}
        '{{ etcd_cert_dir }}/node-{{ host }}.pem',
        '{{ etcd_cert_dir }}/node-{{ host }}-key.pem'
@@ -89,7 +89,7 @@
  set_fact:
    gen_node_certs: |-
      {
-      {% set k8s_nodes = groups['k8s-cluster']|union(groups['calico-rr']|default([]))|unique|sort -%}
+      {% set k8s_nodes = groups['k8s_cluster']|union(groups['calico_rr']|default([]))|unique|sort -%}
      {% set existing_certs = etcdcert_master.files|map(attribute='path')|list|sort %}
      {% for host in k8s_nodes -%}
        {% set host_cert = "%s/node-%s.pem"|format(etcd_cert_dir, host) %}
@@ -125,8 +125,8 @@
  set_fact:
    kubernetes_host_requires_sync: true
  when:
-    - (('calico-rr' in groups and inventory_hostname in groups['calico-rr']) or
-      inventory_hostname in groups['k8s-cluster']) and
+    - (('calico_rr' in groups and inventory_hostname in groups['calico_rr']) or
+      inventory_hostname in groups['k8s_cluster']) and
      inventory_hostname not in groups['etcd']
    - (not etcd_node_certs.results[0].stat.exists|default(false)) or
      (not etcd_node_certs.results[1].stat.exists|default(false)) or
--- a/roles/etcd/tasks/gen_certs_script.yml
+++ b/roles/etcd/tasks/gen_certs_script.yml
@@ -59,7 +59,7 @@
                    {{ m }}
                  {% endif %}
                {% endfor %}"
-    - HOSTS: "{% for h in (groups['k8s-cluster'] + groups['calico-rr']|default([]))|unique %}
+    - HOSTS: "{% for h in (groups['k8s_cluster'] + groups['calico_rr']|default([]))|unique %}
                {% if gen_node_certs[h] %}
                    {{ h }}
                {% endif %}
@@ -109,7 +109,7 @@
    src: "{{ item }}"
  register: etcd_master_node_certs
  with_items:
-    - "[{% for node in (groups['k8s-cluster'] + groups['calico-rr']|default([]))|unique %}
+    - "[{% for node in (groups['k8s_cluster'] + groups['calico_rr']|default([]))|unique %}
        '{{ etcd_cert_dir }}/node-{{ node }}.pem',
        '{{ etcd_cert_dir }}/node-{{ node }}-key.pem',
        {% endfor %}]"
@@ -144,8 +144,8 @@
 - name: "Check_certs | Set 'sync_certs' to true on nodes"
  set_fact:
    sync_certs: true
-  when: (('calico-rr' in groups and inventory_hostname in groups['calico-rr']) or
-        inventory_hostname in groups['k8s-cluster']) and
+  when: (('calico_rr' in groups and inventory_hostname in groups['calico_rr']) or
+        inventory_hostname in groups['k8s_cluster']) and
        inventory_hostname not in groups['etcd']
  with_items:
    - "{{ my_etcd_node_certs }}"
@@ -159,8 +159,8 @@
  register: etcd_node_certs
  check_mode: no
  delegate_to: "{{ groups['etcd'][0] }}"
-  when: (('calico-rr' in groups and inventory_hostname in groups['calico-rr']) or
-        inventory_hostname in groups['k8s-cluster']) and
+  when: (('calico_rr' in groups and inventory_hostname in groups['calico_rr']) or
+        inventory_hostname in groups['k8s_cluster']) and
        sync_certs|default(false) and inventory_hostname not in groups['etcd']

 - name: Gen_certs | Copy certs on nodes
@@ -170,8 +170,8 @@
  no_log: true
  changed_when: false
  check_mode: no
-  when: (('calico-rr' in groups and inventory_hostname in groups['calico-rr']) or
-        inventory_hostname in groups['k8s-cluster']) and
+  when: (('calico_rr' in groups and inventory_hostname in groups['calico_rr']) or
+        inventory_hostname in groups['k8s_cluster']) and
        sync_certs|default(false) and inventory_hostname not in groups['etcd']
  notify: set etcd_secret_changed

--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -20,7 +20,7 @@
  register: "etcd_client_cert_serial_result"
  changed_when: false
  when:
-    - inventory_hostname in groups['k8s-cluster']|union(groups['calico-rr']|default([]))|unique|sort
+    - inventory_hostname in groups['k8s_cluster']|union(groups['calico_rr']|default([]))|unique|sort
  tags:
    - master
    - network
@@ -29,7 +29,7 @@
  set_fact:
    etcd_client_cert_serial: "{{ etcd_client_cert_serial_result.stdout.split('=')[1] }}"
  when:
-    - inventory_hostname in groups['k8s-cluster']|union(groups['calico-rr']|default([]))|unique|sort
+    - inventory_hostname in groups['k8s_cluster']|union(groups['calico_rr']|default([]))|unique|sort
  tags:
    - master
    - network
--- a/roles/kubernetes-apps/csi_driver/cinder/tasks/main.yml
+++ b/roles/kubernetes-apps/csi_driver/cinder/tasks/main.yml
@@ -5,11 +5,11 @@
 - name: Cinder CSI Driver | Write cacert file
  include_tasks: cinder-write-cacert.yml
  run_once: true
-  loop: "{{ groups['k8s-cluster'] }}"
+  loop: "{{ groups['k8s_cluster'] }}"
  loop_control:
    loop_var: delegate_host_to_write_cacert
  when:
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
    - cinder_cacert is defined
    - cinder_cacert | length > 0
  tags: cinder-csi-driver
--- a/roles/kubernetes-apps/external_cloud_controller/openstack/tasks/main.yml
+++ b/roles/kubernetes-apps/external_cloud_controller/openstack/tasks/main.yml
@@ -5,11 +5,11 @@
 - name: External OpenStack Cloud Controller | Write cacert file
  include_tasks: openstack-write-cacert.yml
  run_once: true
-  loop: "{{ groups['k8s-cluster'] }}"
+  loop: "{{ groups['k8s_cluster'] }}"
  loop_control:
    loop_var: delegate_host_to_write_cacert
  when:
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
    - external_openstack_cacert is defined
    - external_openstack_cacert | length > 0
  tags: external-openstack
--- a/roles/kubernetes-apps/external_provisioner/local_volume_provisioner/tasks/main.yml
+++ b/roles/kubernetes-apps/external_provisioner/local_volume_provisioner/tasks/main.yml
@@ -4,7 +4,7 @@
  include_tasks: basedirs.yml
  loop_control:
    loop_var: delegate_host_base_dir
-  loop: "{{ groups['k8s-cluster'] | product(local_volume_provisioner_storage_classes.keys()) | list }}"
+  loop: "{{ groups['k8s_cluster'] | product(local_volume_provisioner_storage_classes.keys()) | list }}"

 - name: Local Volume Provisioner | Create addon dir
  file:
--- a/roles/kubernetes-apps/ingress_controller/cert_manager/README.md
+++ b/roles/kubernetes-apps/ingress_controller/cert_manager/README.md
@@ -33,7 +33,7 @@ LS0tLS1CRUdJTiBSU0Eg...

 For further information, read the official [Cert-Manager CA Configuration](https://cert-manager.io/docs/configuration/ca/) doc.

-Once the base64 encoded values have been added to `templates\secret-cert-manager.yml.j2`, cert-manager can now be enabled by editing your K8s cluster addons inventory e.g. `inventory\sample\group_vars\k8s-cluster\addons.yml` and setting `cert_manager_enabled` to true.
+Once the base64 encoded values have been added to `templates\secret-cert-manager.yml.j2`, cert-manager can now be enabled by editing your K8s cluster addons inventory e.g. `inventory\sample\group_vars\k8s_cluster\addons.yml` and setting `cert_manager_enabled` to true.

 ```ini
 # Cert manager deployment
@@ -46,7 +46,7 @@ If you don't have a TLS Root CA certificate and key available, you can create th

 A common use-case for cert-manager is requesting TLS signed certificates to secure your ingress resources. This can be done by simply adding annotations to your Ingress resources and cert-manager will facilitate creating the Certificate resource for you. A small sub-component of cert-manager, ingress-shim, is responsible for this.

-To enable the Nginx Ingress controller as part of your Kubespray deployment, simply edit your K8s cluster addons inventory e.g. `inventory\sample\group_vars\k8s-cluster\addons.yml` and set `ingress_nginx_enabled` to true.
+To enable the Nginx Ingress controller as part of your Kubespray deployment, simply edit your K8s cluster addons inventory e.g. `inventory\sample\group_vars\k8s_cluster\addons.yml` and set `ingress_nginx_enabled` to true.

 ```ini
 # Nginx ingress controller deployment
--- a/roles/kubernetes-apps/metallb/README.md
+++ b/roles/kubernetes-apps/metallb/README.md
@@ -11,7 +11,7 @@ It deploys MetalLB into Kubernetes and sets up a layer 2 or BGP load-balancer.

 In the default, MetalLB is not deployed into your Kubernetes cluster.
 You can override the defaults by copying the contents of roles/kubernetes-apps/metallb/defaults/main.yml
-to somewhere in inventory/mycluster/group_vars such as inventory/mycluster/groups_vars/k8s-cluster/addons.yml
+to somewhere in inventory/mycluster/group_vars such as inventory/mycluster/groups_vars/k8s_cluster/addons.yml
 and updating metallb_enabled option to `true`.
 In addition you need to update metallb_ip_range option on the addons.yml at least for suiting your network
 environment, because MetalLB allocates external IP addresses from this metallb_ip_range option.
--- a/roles/kubernetes-apps/metrics_server/tasks/main.yml
+++ b/roles/kubernetes-apps/metrics_server/tasks/main.yml
@@ -2,7 +2,7 @@
 # If all masters have node role, there are no tainted master and toleration should not be specified.
 - name: Check all masters are node or not
  set_fact:
-    masters_are_not_tainted: "{{ groups['kube-node'] | intersect(groups['kube_control_plane']) == groups['kube_control_plane'] }}"
+    masters_are_not_tainted: "{{ groups['kube_node'] | intersect(groups['kube_control_plane']) == groups['kube_control_plane'] }}"

 - name: Metrics Server | Delete addon dir
  file:
--- a/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
+++ b/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
@@ -192,5 +192,5 @@
  with_items:
    - "node-role.kubernetes.io/master:NoSchedule-"
    - "node-role.kubernetes.io/control-plane:NoSchedule-"
-  when: inventory_hostname in groups['kube-node']
+  when: inventory_hostname in groups['kube_node']
  failed_when: false
--- a/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2
+++ b/roles/kubernetes/control-plane/templates/kubeadm-config.v1beta2.yaml.j2
@@ -16,7 +16,7 @@ nodeRegistration:
 {% if kube_override_hostname|default('') %}
  name: {{ kube_override_hostname }}
 {% endif %}
-{% if inventory_hostname in groups['kube_control_plane'] and inventory_hostname not in groups['kube-node'] %}
+{% if inventory_hostname in groups['kube_control_plane'] and inventory_hostname not in groups['kube_node'] %}
  taints:
  - effect: NoSchedule
    key: node-role.kubernetes.io/master
--- a/roles/kubernetes/kubeadm/tasks/kubeadm_etcd_node.yml
+++ b/roles/kubernetes/kubeadm/tasks/kubeadm_etcd_node.yml
@@ -50,7 +50,7 @@
  register: "etcd_client_cert_serial_result"
  changed_when: false
  when:
-    - inventory_hostname in groups['k8s-cluster']|union(groups['calico-rr']|default([]))|unique|sort
+    - inventory_hostname in groups['k8s_cluster']|union(groups['calico_rr']|default([]))|unique|sort
  tags:
    - network

--- a/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta2.j2
+++ b/roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta2.j2
@@ -21,7 +21,7 @@ caCertPath: {{ kube_cert_dir }}/ca.crt
 nodeRegistration:
  name: {{ kube_override_hostname }}
  criSocket: {{ cri_socket }}
-{% if 'calico-rr' in group_names and 'kube-node' not in group_names %}
+{% if 'calico_rr' in group_names and 'kube_node' not in group_names %}
  taints:
  - effect: NoSchedule
    key: node-role.kubernetes.io/calico-rr
--- a/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
@@ -81,7 +81,7 @@ resolvConf: "{{ kube_resolv_conf }}"
 {% if kubelet_config_extra_args %}
 {{ kubelet_config_extra_args | to_nice_yaml(indent=2) }}
 {% endif %}
-{% if inventory_hostname in groups['kube-node'] and kubelet_node_config_extra_args %}
+{% if inventory_hostname in groups['kube_node'] and kubelet_node_config_extra_args %}
 {{ kubelet_node_config_extra_args | to_nice_yaml(indent=2) }}
 {% endif %}
 {% if tls_min_version is defined %}
--- a/roles/kubernetes/node/templates/kubelet.env.v1beta1.j2
+++ b/roles/kubernetes/node/templates/kubelet.env.v1beta1.j2
@@ -34,7 +34,7 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
 {%   endif %}
 {% endif %}

-KUBELET_ARGS="{{ kubelet_args_base }} {% if node_taints|default([]) %}--register-with-taints={{ node_taints | join(',') }} {% endif %} {% if kube_feature_gates %} --feature-gates={{ kube_feature_gates|join(',') }} {% endif %} {% if kubelet_custom_flags is string %} {{kubelet_custom_flags}} {% else %}{% for flag in kubelet_custom_flags %} {{flag}} {% endfor %}{% endif %}{% if inventory_hostname in groups['kube-node'] %}{% if kubelet_node_custom_flags is string %} {{kubelet_node_custom_flags}} {% else %}{% for flag in kubelet_node_custom_flags %} {{flag}} {% endfor %}{% endif %}{% endif %}"
+KUBELET_ARGS="{{ kubelet_args_base }} {% if node_taints|default([]) %}--register-with-taints={{ node_taints | join(',') }} {% endif %} {% if kube_feature_gates %} --feature-gates={{ kube_feature_gates|join(',') }} {% endif %} {% if kubelet_custom_flags is string %} {{kubelet_custom_flags}} {% else %}{% for flag in kubelet_custom_flags %} {{flag}} {% endfor %}{% endif %}{% if inventory_hostname in groups['kube_node'] %}{% if kubelet_node_custom_flags is string %} {{kubelet_node_custom_flags}} {% else %}{% for flag in kubelet_node_custom_flags %} {{flag}} {% endfor %}{% endif %}{% endif %}"
 {% if kubelet_flexvolumes_plugins_dir is defined %}
 KUBELET_VOLUME_PLUGIN="--volume-plugin-dir={{ kubelet_flexvolumes_plugins_dir }}"
 {% endif %}
--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@@ -1,10 +1,10 @@
 ---
- name: Stop if either kube_control_plane or kube-node group is empty
+- name: Stop if either kube_control_plane or kube_node group is empty
  assert:
    that: "groups.get('{{ item }}')"
  with_items:
    - kube_control_plane
-    - kube-node
+    - kube_node
  run_once: true
  when: not ignore_assert_errors

@@ -86,7 +86,7 @@
    that: ansible_memtotal_mb >= minimal_node_memory_mb
  when:
    - not ignore_assert_errors
-    - inventory_hostname in groups['kube-node']
+    - inventory_hostname in groups['kube_node']

 # This assertion will fail on the safe side: One can indeed schedule more pods
 # on a node than the CIDR-range has space for when additional pods use the host
@@ -99,7 +99,7 @@
    msg: "Do not schedule more pods on a node than inet addresses are available."
  when:
    - not ignore_assert_errors
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
    - kube_network_node_prefix is defined
    - kube_network_plugin != 'calico'

@@ -207,14 +207,14 @@
    - inventory_hostname == groups['kube_control_plane'][0]
  run_once: yes

- name: "Check that calico_rr nodes are in k8s-cluster group"
+- name: "Check that calico_rr nodes are in k8s_cluster group"
  assert:
    that:
-      - '"k8s-cluster" in group_names'
-    msg: "calico-rr must be a child group of k8s-cluster group"
+      - '"k8s_cluster" in group_names'
+    msg: "calico_rr must be a child group of k8s_cluster group"
  when:
    - kube_network_plugin == 'calico'
-    - '"calico-rr" in group_names'
+    - '"calico_rr" in group_names'

 - name: "Check that kube_service_addresses is a network range"
  assert:
--- a/roles/kubernetes/preinstall/tasks/0050-create_directories.yml
+++ b/roles/kubernetes/preinstall/tasks/0050-create_directories.yml
@@ -4,7 +4,7 @@
    path: "{{ item }}"
    state: directory
    owner: kube
-  when: inventory_hostname in groups['k8s-cluster']
+  when: inventory_hostname in groups['k8s_cluster']
  become: true
  tags:
    - kubelet
@@ -28,7 +28,7 @@
    path: "{{ item }}"
    state: directory
    owner: root
-  when: inventory_hostname in groups['k8s-cluster']
+  when: inventory_hostname in groups['k8s_cluster']
  become: true
  tags:
    - kubelet
@@ -51,7 +51,7 @@
    get_mime: no
  register: kube_cert_compat_dir_check
  when:
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
    - kube_cert_dir != kube_cert_compat_dir

 - name: Create kubernetes kubeadm compat cert dir (kubernetes/kubeadm issue 1498)
@@ -60,7 +60,7 @@
    dest: "{{ kube_cert_compat_dir }}"
    state: link
  when:
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
    - kube_cert_dir != kube_cert_compat_dir
    - not kube_cert_compat_dir_check.stat.exists

@@ -75,7 +75,7 @@
    - "/var/lib/calico"
  when:
    - kube_network_plugin in ["calico", "weave", "canal", "flannel", "cilium", "kube-ovn", "ovn4nfv", "kube-router", "macvlan"]
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
  tags:
    - network
    - cilium
@@ -96,7 +96,7 @@
    mode: "{{ local_volume_provisioner_directory_mode }}"
  with_items: "{{ local_volume_provisioner_storage_classes.keys() | list }}"
  when:
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
    - local_volume_provisioner_enabled
  tags:
    - persistent_volumes
--- a/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
+++ b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
@@ -2,7 +2,7 @@
 - name: Hosts | create list from inventory
  set_fact:
    etc_hosts_inventory_block: |-
-      {% for item in (groups['k8s-cluster'] + groups['etcd']|default([]) + groups['calico-rr']|default([]))|unique -%}
+      {% for item in (groups['k8s_cluster'] + groups['etcd']|default([]) + groups['calico_rr']|default([]))|unique -%}
      {% if 'access_ip' in hostvars[item] or 'ip' in hostvars[item] or 'ansible_default_ipv4' in hostvars[item] -%}
      {{ hostvars[item]['access_ip'] | default(hostvars[item]['ip'] | default(hostvars[item]['ansible_default_ipv4']['address'])) }}
      {%- if ('ansible_hostname' in hostvars[item] and item != hostvars[item]['ansible_hostname']) %} {{ hostvars[item]['ansible_hostname'] }}.{{ dns_domain }} {{ hostvars[item]['ansible_hostname'] }}{% endif %} {{ item }}.{{ dns_domain }} {{ item }}
--- a/roles/kubernetes/tokens/tasks/gen_tokens.yml
+++ b/roles/kubernetes/tokens/tasks/gen_tokens.yml
@@ -27,7 +27,7 @@
    TOKEN_DIR: "{{ kube_token_dir }}"
  with_nested:
    - [ 'system:kubelet' ]
-    - "{{ groups['kube-node'] }}"
+    - "{{ groups['kube_node'] }}"
  register: gentoken_node
  changed_when: "'Added' in gentoken_node.stdout"
  run_once: yes
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -147,8 +147,8 @@ kube_log_level: 2
 kube_network_plugin: calico
 kube_network_plugin_multus: false

-# Determines if calico-rr group exists
-peer_with_calico_rr: "{{ 'calico-rr' in groups and groups['calico-rr']|length > 0 }}"
+# Determines if calico_rr group exists
+peer_with_calico_rr: "{{ 'calico_rr' in groups and groups['calico_rr']|length > 0 }}"

 # Choose data store type for calico: "etcd" or "kdd" (kubernetes datastore)
 calico_datastore: "kdd"
--- a/roles/kubespray-defaults/tasks/fallback_ips.yml
+++ b/roles/kubespray-defaults/tasks/fallback_ips.yml
@@ -7,7 +7,7 @@
  tags: always
  include_tasks: fallback_ips_gather.yml
  when: hostvars[delegate_host_to_gather_facts].ansible_default_ipv4 is not defined
-  loop: "{{ groups['k8s-cluster']|default([]) + groups['etcd']|default([]) + groups['calico-rr']|default([]) }}"
+  loop: "{{ groups['k8s_cluster']|default([]) + groups['etcd']|default([]) + groups['calico_rr']|default([]) }}"
  loop_control:
    loop_var: delegate_host_to_gather_facts
  run_once: yes
@@ -16,7 +16,7 @@
  set_fact:
    fallback_ips_base: |
      ---
-      {% for item in (groups['k8s-cluster']|default([]) + groups['etcd']|default([]) + groups['calico-rr']|default([]))|unique %}
+      {% for item in (groups['k8s_cluster']|default([]) + groups['etcd']|default([]) + groups['calico_rr']|default([]))|unique %}
      {% set found = hostvars[item].get('ansible_default_ipv4') %}
      {{ item }}: "{{ found.get('address', '127.0.0.1') }}"
      {% endfor %}
--- a/roles/kubespray-defaults/tasks/no_proxy.yml
+++ b/roles/kubespray-defaults/tasks/no_proxy.yml
@@ -9,9 +9,9 @@
      {%- if no_proxy_exclude_workers | default(false) -%}
      {% set cluster_or_master = 'kube_control_plane' %}
      {%- else -%}
-      {% set cluster_or_master = 'k8s-cluster' %}
+      {% set cluster_or_master = 'k8s_cluster' %}
      {%- endif -%}
-      {%- for item in (groups[cluster_or_master] + groups['etcd']|default([]) + groups['calico-rr']|default([]))|unique -%}
+      {%- for item in (groups[cluster_or_master] + groups['etcd']|default([]) + groups['calico_rr']|default([]))|unique -%}
      {{ hostvars[item]['access_ip'] | default(hostvars[item]['ip'] | default(fallback_ips[item])) }},
      {%-   if item != hostvars[item].get('ansible_hostname', '') -%}
      {{ hostvars[item]['ansible_hostname'] }},
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@@ -193,7 +193,7 @@
    nodeToNodeMeshEnabled: "false"
  when:
    - peer_with_router|default(false) or peer_with_calico_rr|default(false)
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
  run_once: yes

 - name: Calico | Set up BGP Configuration
@@ -264,7 +264,7 @@
  until: output.rc == 0
  delay: "{{ retry_stagger | random + 3 }}"
  with_items:
-    - "{{ groups['calico-rr'] | default([]) }}"
+    - "{{ groups['calico_rr'] | default([]) }}"
  when:
    - inventory_hostname == groups['kube_control_plane'][0]
    - peer_with_calico_rr|default(false)
@@ -290,7 +290,7 @@
  until: output.rc == 0
  delay: "{{ retry_stagger | random + 3 }}"
  with_items:
-    - "{{ groups['calico-rr'] | default([]) }}"
+    - "{{ groups['calico_rr'] | default([]) }}"
  when:
    - inventory_hostname == groups['kube_control_plane'][0]
    - peer_with_calico_rr|default(false)
@@ -368,9 +368,9 @@
  delay: "{{ retry_stagger | random + 3 }}"
  when:
    - peer_with_router|default(false)
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
    - local_as is defined
-    - groups['calico-rr'] | default([]) | length == 0
+    - groups['calico_rr'] | default([]) | length == 0

 - name: Calico | Configure peering with router(s) at node scope
  command:
@@ -396,4 +396,4 @@
    - "{{ peers|selectattr('scope','undefined')|list|default([]) | union(peers|selectattr('scope','defined')|selectattr('scope','equalto', 'node')|list|default([])) }}"
  when:
    - peer_with_router|default(false)
-    - inventory_hostname in groups['k8s-cluster']
+    - inventory_hostname in groups['k8s_cluster']
--- a/roles/network_plugin/calico/templates/calico-config.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-config.yml.j2
@@ -22,6 +22,6 @@ data:
  cluster_type: "kubespray,bgp"
  calico_backend: "bird"
 {% endif %}
-{% if inventory_hostname in groups['k8s-cluster'] and peer_with_router|default(false) %}
+{% if inventory_hostname in groups['k8s_cluster'] and peer_with_router|default(false) %}
  as: "{{ local_as|default(global_as_num) }}"
 {% endif -%}
--- a/roles/network_plugin/kube-router/tasks/annotate.yml
+++ b/roles/network_plugin/kube-router/tasks/annotate.yml
@@ -6,16 +6,16 @@
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
  when: kube_router_annotations_master is defined and inventory_hostname in groups['kube_control_plane']

- name: kube-router | Add annotations on kube-node
+- name: kube-router | Add annotations on kube_node
  command: "{{ bin_dir }}/kubectl annotate --overwrite node {{ ansible_hostname }} {{ item }}"
  with_items:
  - "{{ kube_router_annotations_node }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
-  when: kube_router_annotations_node is defined and inventory_hostname in groups['kube-node']
+  when: kube_router_annotations_node is defined and inventory_hostname in groups['kube_node']

 - name: kube-router | Add common annotations on all servers
  command: "{{ bin_dir }}/kubectl annotate --overwrite node {{ ansible_hostname }} {{ item }}"
  with_items:
  - "{{ kube_router_annotations_all }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
-  when: kube_router_annotations_all is defined and inventory_hostname in groups['k8s-cluster']
+  when: kube_router_annotations_all is defined and inventory_hostname in groups['k8s_cluster']
--- a/roles/network_plugin/macvlan/templates/centos-routes-macvlan.cfg.j2
+++ b/roles/network_plugin/macvlan/templates/centos-routes-macvlan.cfg.j2
@@ -1,4 +1,4 @@
-{% for host in groups['kube-node'] %}
+{% for host in groups['kube_node'] %}
 {% if hostvars[host]['access_ip'] is defined  %}
 {% if hostvars[host]['node_pod_cidr'] != node_pod_cidr  %}
 {{ hostvars[host]['node_pod_cidr'] }} via {{ hostvars[host]['access_ip'] }}
--- a/roles/network_plugin/macvlan/templates/coreos-network-macvlan.cfg.j2
+++ b/roles/network_plugin/macvlan/templates/coreos-network-macvlan.cfg.j2
@@ -4,7 +4,7 @@ Name=mac0
 [Network]
 Address={{ node_pod_cidr|ipaddr('net')|ipaddr(1)|ipaddr('address') }}/{{ node_pod_cidr|ipaddr('prefix') }}

-{% for host in groups['kube-node'] %}
+{% for host in groups['kube_node'] %}
 {% if hostvars[host]['access_ip'] is defined  %}
 {% if hostvars[host]['node_pod_cidr'] != node_pod_cidr  %}
 [Route]
--- a/roles/network_plugin/macvlan/templates/debian-network-macvlan.cfg.j2
+++ b/roles/network_plugin/macvlan/templates/debian-network-macvlan.cfg.j2
@@ -5,7 +5,7 @@ iface mac0 inet static
    netmask {{ node_pod_cidr|ipaddr('netmask') }}
    broadcast {{ node_pod_cidr|ipaddr('broadcast') }}
    pre-up ip link add link {{ macvlan_interface }} mac0 type macvlan mode bridge
-{% for host in groups['kube-node'] %}
+{% for host in groups['kube_node'] %}
 {% if hostvars[host]['access_ip'] is defined  %}
 {% if hostvars[host]['node_pod_cidr'] != node_pod_cidr  %}
    post-up ip route add {{ hostvars[host]['node_pod_cidr'] }} via {{ hostvars[host]['access_ip'] }}
@@ -15,7 +15,7 @@ iface mac0 inet static
 {% if enable_nat_default_gateway %}
    post-up iptables -t nat -I POSTROUTING -s {{ node_pod_cidr|ipaddr('net') }} -o {{ node_default_gateway_interface }} -j MASQUERADE
 {% endif %}
-{% for host in groups['kube-node'] %}
+{% for host in groups['kube_node'] %}
 {% if hostvars[host]['access_ip'] is defined  %}
 {% if hostvars[host]['node_pod_cidr'] != node_pod_cidr  %}
    post-down ip route del {{ hostvars[host]['node_pod_cidr'] }} via {{ hostvars[host]['access_ip'] }}
--- a/roles/remove-node/pre-remove/tasks/main.yml
+++ b/roles/remove-node/pre-remove/tasks/main.yml
@@ -15,7 +15,7 @@
      --grace-period {{ drain_grace_period }}
      --timeout {{ drain_timeout }}
      --delete-local-data {{ hostvars[item]['kube_override_hostname']|default(item) }}
-  loop: "{{ node.split(',') | default(groups['kube-node']) }}"
+  loop: "{{ node.split(',') | default(groups['kube_node']) }}"
  # ignore servers that are not nodes
  when: hostvars[item]['kube_override_hostname']|default(item) in nodes.stdout_lines
  register: result
--- a/roles/reset/tasks/main.yml
+++ b/roles/reset/tasks/main.yml
@@ -207,7 +207,7 @@
 - name: Clear IPVS virtual server table
  command: "ipvsadm -C"
  when:
-    - kube_proxy_mode == 'ipvs' and inventory_hostname in groups['k8s-cluster']
+    - kube_proxy_mode == 'ipvs' and inventory_hostname in groups['k8s_cluster']

 - name: reset | check kube-ipvs0 network device
  stat: