Use a variable for standardizing kubectl invocation (#8329)

* Add kubectl variable * Replace kubectl usage by kubectl variable in roles * Remove redundant --kubeconfig on kubectl usage * Replace unecessary shell usage with command
2026-03-17 17:07:36 -02:30 · 2022-01-05 11:26:32 +01:00
parent 3eab1129b9
commit cb54eb40ce
25 changed files with 73 additions and 55 deletions
--- a/roles/network_plugin/calico/tasks/pre.yml
+++ b/roles/network_plugin/calico/tasks/pre.yml
@@ -19,7 +19,7 @@

 - name: Calico | Get kubelet hostname
  shell: >-
-    set -o pipefail && {{ bin_dir }}/kubectl get node -o custom-columns='NAME:.metadata.name,INTERNAL-IP:.status.addresses[?(@.type=="InternalIP")].address'
+    set -o pipefail && {{ kubectl }} get node -o custom-columns='NAME:.metadata.name,INTERNAL-IP:.status.addresses[?(@.type=="InternalIP")].address'
    | egrep "{{ ansible_all_ipv4_addresses | join('$|') }}$" | cut -d" " -f1
  args:
    executable: /bin/bash
--- a/roles/network_plugin/calico/tasks/typha_certs.yml
+++ b/roles/network_plugin/calico/tasks/typha_certs.yml
@@ -1,6 +1,6 @@
 ---
 - name: Calico | Check if typha-server exists
-  command: "{{ bin_dir }}/kubectl -n kube-system get secret typha-server"
+  command: "{{ kubectl }} -n kube-system get secret typha-server"
  register: typha_server_secret
  changed_when: false
  failed_when: false
@@ -35,7 +35,7 @@

 - name: Calico | Create typha tls secrets
  command: >-
-    {{ bin_dir }}/kubectl -n kube-system
+    {{ kubectl }} -n kube-system
    create secret tls {{ item.name }}
    --cert {{ item.cert }}
    --key {{ item.key }}
--- a/roles/network_plugin/cilium/tasks/apply.yml
+++ b/roles/network_plugin/cilium/tasks/apply.yml
@@ -11,7 +11,7 @@
  when: inventory_hostname == groups['kube_control_plane'][0] and not item is skipped

 - name: Cilium | Wait for pods to run
-  command: "{{ bin_dir }}/kubectl -n kube-system get pods -l k8s-app=cilium -o jsonpath='{.items[?(@.status.containerStatuses[0].ready==false)].metadata.name}'"  # noqa 601
+  command: "{{ kubectl }} -n kube-system get pods -l k8s-app=cilium -o jsonpath='{.items[?(@.status.containerStatuses[0].ready==false)].metadata.name}'"  # noqa 601
  register: pods_not_ready
  until: pods_not_ready.stdout.find("cilium")==-1
  retries: 30
--- a/roles/network_plugin/kube-ovn/tasks/main.yml
+++ b/roles/network_plugin/kube-ovn/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 - name: Kube-OVN | Label ovn-db node
  command: >-
-    {{ bin_dir }}/kubectl label --overwrite node {{ groups['kube_control_plane'] | first }} kube-ovn/role=master
+    {{ kubectl }} label --overwrite node {{ groups['kube_control_plane'] | first }} kube-ovn/role=master
  when:
    - inventory_hostname == groups['kube_control_plane'][0]

--- a/roles/network_plugin/kube-router/tasks/annotate.yml
+++ b/roles/network_plugin/kube-router/tasks/annotate.yml
@@ -1,20 +1,20 @@
 ---
 - name: kube-router | Add annotations on kube_control_plane
-  command: "{{ bin_dir }}/kubectl annotate --overwrite node {{ ansible_hostname }} {{ item }}"
+  command: "{{ kubectl }} annotate --overwrite node {{ ansible_hostname }} {{ item }}"
  with_items:
  - "{{ kube_router_annotations_master }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
  when: kube_router_annotations_master is defined and inventory_hostname in groups['kube_control_plane']

 - name: kube-router | Add annotations on kube_node
-  command: "{{ bin_dir }}/kubectl annotate --overwrite node {{ ansible_hostname }} {{ item }}"
+  command: "{{ kubectl }} annotate --overwrite node {{ ansible_hostname }} {{ item }}"
  with_items:
  - "{{ kube_router_annotations_node }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
  when: kube_router_annotations_node is defined and inventory_hostname in groups['kube_node']

 - name: kube-router | Add common annotations on all servers
-  command: "{{ bin_dir }}/kubectl annotate --overwrite node {{ ansible_hostname }} {{ item }}"
+  command: "{{ kubectl }} annotate --overwrite node {{ ansible_hostname }} {{ item }}"
  with_items:
  - "{{ kube_router_annotations_all }}"
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
--- a/roles/network_plugin/macvlan/tasks/main.yml
+++ b/roles/network_plugin/macvlan/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Macvlan | Retrieve Pod Cidr
-  command: "{{ bin_dir }}/kubectl get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
+  command: "{{ kubectl }} get nodes {{ kube_override_hostname | default(inventory_hostname) }} -o jsonpath='{.spec.podCIDR}'"
  changed_when: false
  register: node_pod_cidr_cmd
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
--- a/roles/network_plugin/ovn4nfv/tasks/main.yml
+++ b/roles/network_plugin/ovn4nfv/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+- name: ovn4nfv | Label control-plane node
+  command: >-
+    {{ kubectl }} label --overwrite node {{ groups['kube_control_plane'] | first }} ovn4nfv-k8s-plugin=ovn-control-plane
+  when:
+    - inventory_hostname == groups['kube_control_plane'][0]
+
+- name: ovn4nfv | Create ovn4nfv-k8s manifests
+  template:
+    src: "{{ item.file }}.j2"
+    dest: "{{ kube_config_dir }}/{{ item.file }}"
+  with_items:
+    - {name: ovn-daemonset, file: ovn-daemonset.yml}
+    - {name: ovn4nfv-k8s-plugin, file: ovn4nfv-k8s-plugin.yml}
+  register: ovn4nfv_node_manifests