2016-09-07 18:02:06 +00:00
|
|
|
---
|
2017-04-21 02:51:27 +00:00
|
|
|
- name: Helm | Make sure HELM_HOME directory exists
|
|
|
|
file: path={{ helm_home_dir }} state=directory
|
|
|
|
|
2017-03-17 11:56:25 +00:00
|
|
|
- name: Helm | Set up helm launcher
|
|
|
|
template:
|
|
|
|
src: helm-container.j2
|
|
|
|
dest: "{{ bin_dir }}/helm"
|
|
|
|
owner: root
|
|
|
|
mode: 0755
|
|
|
|
register: helm_container
|
|
|
|
|
2017-06-16 14:28:23 +00:00
|
|
|
- name: Helm | Configure tiller service account for RBAC
|
2017-06-16 15:21:59 +00:00
|
|
|
command: kubectl create serviceaccount tiller --namespace={{ system_namespace }}
|
2017-06-16 14:28:23 +00:00
|
|
|
ignore_errors: yes
|
|
|
|
when: rbac_enabled
|
|
|
|
|
|
|
|
- name: Helm | Configure tiller rolebindings for RBAC
|
2017-06-16 15:21:59 +00:00
|
|
|
command: kubectl create clusterrolebinding tiller --clusterrole=cluster-admin --serviceaccount={{ system_namespace }}:tiller
|
2017-06-16 14:28:23 +00:00
|
|
|
ignore_errors: yes
|
|
|
|
when: rbac_enabled
|
|
|
|
|
2017-03-17 11:56:25 +00:00
|
|
|
- name: Helm | Install/upgrade helm
|
2017-05-08 07:27:06 +00:00
|
|
|
command: "{{ bin_dir }}/helm init --upgrade --tiller-image={{ tiller_image_repo }}:{{ tiller_image_tag }}"
|
2017-03-17 11:56:25 +00:00
|
|
|
when: helm_container.changed
|
|
|
|
|
2017-06-16 14:28:23 +00:00
|
|
|
- name: Helm | Patch tiller deployment for RBAC
|
|
|
|
shell: >
|
2017-06-16 15:21:59 +00:00
|
|
|
kubectl --namespace={{ system_namespace }} get deployment tiller-deploy -o json | \
|
2017-06-16 14:28:23 +00:00
|
|
|
python -c 'import sys,json;a=json.load(sys.stdin);a["spec"]["template"]["spec"]["serviceAccount"]="tiller";json.dump(a,sys.stdout)' | \
|
2017-06-16 15:21:59 +00:00
|
|
|
kubectl apply -n {{ system_namespace }} -f -
|
2017-06-16 14:28:23 +00:00
|
|
|
when: rbac_enabled
|
|
|
|
|
2017-03-17 11:56:25 +00:00
|
|
|
- name: Helm | Set up bash completion
|
|
|
|
shell: "umask 022 && {{ bin_dir }}/helm completion >/etc/bash_completion.d/helm.sh"
|
2017-04-10 16:07:15 +00:00
|
|
|
when: ( helm_container.changed and not ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] )
|
2017-06-16 14:28:23 +00:00
|
|
|
|