--- - name: Create test namespace command: "{{ bin_dir }}/kubectl create namespace test" changed_when: false - name: Run 2 agnhost pods in test ns command: cmd: "{{ bin_dir }}/kubectl apply --namespace test -f -" stdin: | apiVersion: apps/v1 kind: Deployment metadata: name: agnhost spec: replicas: 2 selector: matchLabels: app: agnhost template: metadata: labels: app: agnhost spec: containers: - name: agnhost image: {{ test_image_repo }}:{{ test_image_tag }} command: ['/agnhost', 'netexec', '--http-port=8080'] securityContext: allowPrivilegeEscalation: false capabilities: drop: ['ALL'] runAsUser: 1000 runAsNonRoot: true seccompProfile: type: RuntimeDefault changed_when: false - name: Check that all pods are running and ready vars: pods: "{{ (pods_json.stdout | from_json)['items'] }}" block: - name: Check Deployment is ready command: "{{ bin_dir }}/kubectl rollout status deploy --namespace test agnhost --timeout=180s" changed_when: false - name: Get pod names command: "{{ bin_dir }}/kubectl get pods -n test -o json" changed_when: false register: pods_json - name: Check pods IP are in correct network assert: that: pods | selectattr('status.phase', '==', 'Running') | selectattr('status.podIP', 'ansible.utils.in_network', kube_pods_subnet) | length == 2 - name: Curl between pods is working command: "{{ bin_dir }}/kubectl -n test exec {{ item[0].metadata.name }} -- curl {{ item[1].status.podIP | ansible.utils.ipwrap}}:8080" with_nested: - "{{ pods }}" - "{{ pods }}" loop_control: label: "{{ item[0].metadata.name + ' --> ' + item[1].metadata.name }}" rescue: - name: List pods cluster-wide command: "{{ bin_dir }}/kubectl get pods --all-namespaces -owide" changed_when: false - import_role: # noqa name[missing] name: cluster-dump - fail: # noqa name[missing]