Split config, update metallb template

2022-07-27 10:47:28 +02:00 · 2022-07-27 10:47:28 +02:00 · 83bb00ca8f
commit 83bb00ca8f
parent 80531a0a1e
6 changed files with 1769 additions and 255 deletions
--- a/roles/kubernetes-apps/metallb/tasks/main.yml
+++ b/roles/kubernetes-apps/metallb/tasks/main.yml
@ -15,8 +15,8 @@
  fail:
    msg: "metallb_peers is mandatory when metallb_protocol is bgp and metallb_speaker_enabled"
  when:
-    - metallb_protocol == 'bgp' and metallb_speaker_enabled
+    - metallb_config.layer3 is defined and metallb_speaker_enabled
-    - metallb_peers is not defined or not metallb_peers
+    - metallb_config.metallb_peers is not defined or not metallb_config.metallb_peers
 - name: Kubernetes Apps | Check that the deprecated 'matallb_auto_assign' variable is not used anymore
  fail:
@ -45,11 +45,29 @@
    src: "{{ item }}.j2"
    dest: "{{ kube_config_dir }}/{{ item }}"
    mode: 0644
-  with_items: ["metallb.yml", "metallb-config.yml"]
+  with_items: ["metallb.yml", "metallb-config.yml", "pools.yaml", "layer2.yaml", "layer3.yaml"]
  register: "rendering"
  when:
    - "inventory_hostname == groups['kube_control_plane'][0]"
 - name: Kubernetes Apps | Create MetalLB resources and replace existing
  k8s:
    definition: "{{ lookup('template', 'metallb.yaml') }}"
 - name: Kubernetes Apps | Wait for MetalLB controller to be running
  k8s_info:
    kind: Deployment
    namespace: "{{ namespace_name }}"
    name: controller
    wait: True
    wait_sleep: 10
    wait_timeout: 360
    wait_condition:
      status: "True"
      type: Available
  register: result
  until: result is not failed
 - name: Kubernetes Apps | Install and configure MetalLB
  kube:
    name: "MetalLB"
@ -60,3 +78,10 @@
  with_items: "{{ rendering.results }}"
  when:
    - "inventory_hostname == groups['kube_control_plane'][0]"
 - name: Kubernetes Apps | Delete MetalLB ConfigMap
  k8s:
    name: config
    kind: ConfigMap
    namespace: "{{ namespace_name }}"
    state: absent
--- a/roles/kubernetes-apps/metallb/templates/layer2.yaml.j2
+++ b/roles/kubernetes-apps/metallb/templates/layer2.yaml.j2
@ -0,0 +1,18 @@
 #jinja2: trim_blocks: True, lstrip_blocks: True
 # yamllint disable-file
 ---
 # Create layer2 configuration
 {% for entry in metallb_config.layer2 %}
 # L2 Configuration
 apiVersion: metallb.io/v1beta1
 kind: L2Advertisement
 metadata:
  name: "{{ entry }}"
  namespace: "{{ namespace_name }}"
 spec:
  ipAddressPools:
  - "{{ entry }}"
 {% endfor %}
--- a/roles/kubernetes-apps/metallb/templates/layer3.yaml.j2
+++ b/roles/kubernetes-apps/metallb/templates/layer3.yaml.j2
@ -0,0 +1,103 @@
 #jinja2: trim_blocks: True, lstrip_blocks: True
 # yamllint disable-file
 ---
 # Create layer3 configuration
 {% for community_name, community in metallb_config.layer3.communities.items() %}
 ---
 apiVersion: metallb.io/v1beta1
 kind: Community
 metadata:
  name: "{{ community_name }}"
  namespace: "{{ namespace_name }}"
 spec:
  community:
  - name: "{{ community_name }}"
    value: "{{ community }}"
 {% endfor %}
 {% for peer_name, peer in metallb_config.layer3.metallb_peers.items() %}
 # BGPAdvertisement is used to advertise the specified address pool to the BGP peer.
 # Local BGP Advertisement specifies that the IP specified in the address pool will be used as source address for traffic entering your cluster from the remote peer.
 ---
 apiVersion: metallb.io/v1beta1
 kind: BGPAdvertisement
 metadata:
  name: "{{ peer_name }}-local"
  namespace: "{{ namespace_name }}"
 spec:
  ipAddressPools:
  {% for address_pool in peer.address_pool %}
  - "{{ address_pool }}"
  {% endfor %}
  {% if peer.advanced | length > 0 %}
  aggregationLength: 32
  localpref: "{{ peer.localpref | default ("100") }}"
  communities:
  {% for community in peer.communities %}
  - "{{ community }}"
  {% endfor %}
  {% endif %}
 # External GBP Advertisement. The IP range specied in the address pool is advertized to the BGP peer.
 ---
 apiVersion: metallb.io/v1beta1
 kind: BGPAdvertisement
 metadata:
  name: "{{ peer_name }}-external"
  namespace: "{{ namespace_name }}"
 spec:
  ipAddressPools:
  {% for address_pool in peer.address_pool %}
  - "{{ address_pool }}"
  {% endfor %}
  {% if peer.advanced | length > 0 %}
  aggregationLength: "{{ peer.aggregation_length }}"
  {% endif %}
 # Configuration for the GBP peer.
 ---
 apiVersion: metallb.io/v1beta2
 kind: BGPPeer
 metadata:
  name: "{{ peer_name }}"
  namespace: "{{ namespace_name }}"
 spec:
  myASN: {{ peer.my_asn }}
  peerASN: {{ peer.peer_asn }}
  peerAddress: {{ peer.peer_address }}
  {% if peer.peer_port is defined %}
  peerPort: {{ peer.peer_port }}
  {% else %}
  peerPort: {{ metallb_config.layer3.defaults.peer_port }}
  {% endif %}
  {% if peer.password is defined %}
  password: "{{ peer.password }}"
  {% endif %}
  {% if peer.router_id is defined %}
  routerID: "{{ peer.router_id }}"
  {% endif %}
  {% if peer.hold_time is defined %}
  holdTime: {{ peer.hold_time }}
  {% else %}
  holdTime: {{ metallb_config.layer3.defaults.hold_time }}
  {% endif %}
  {% if peer.keepalive_time is defined %}
  keepaliveTime: {{ peer.keepalive_time }}
  {% else %}
  keepaliveTime: {{ metallb_config.layer3.defaults.keepalive_time }}
  {% endif %}
  {% if peer.multihop is defined %}
  elayer3MultiHop: "{{ peer.multihop }}"
  {% endif %}
 {% endfor %}
--- a/roles/kubernetes-apps/metallb/templates/metallb-config.yml.j2
+++ b/roles/kubernetes-apps/metallb/templates/metallb-config.yml.j2
@ -1,54 +0,0 @@
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  namespace: metallb-system
  name: config
 data:
  config: |
 {% if metallb_peers | length > 0 %}
    peers:
 {% for peer in metallb_peers %}
    - peer-address: {{ peer.peer_address }}
      peer-asn: {{ peer.peer_asn }}
      my-asn: {{ peer.my_asn }}
 {% if peer.password is defined %}
      password: "{{ peer.password }}"
 {% endif %}
 {% if peer.source_address is defined %}
      source-address: {{ peer.source_address }}
 {% endif %}
 {% if peer.node_selectors is defined %}
      node-selectors:
        {{ peer.node_selectors | to_yaml(indent=2, width=1337) | indent(8) }}
 {% endif %}
 {% endfor %}
 {% endif %}
    address-pools:
    - name: {{ metallb_pool_name }}
      protocol: {{ metallb_protocol }}
      addresses:
 {% for ip_range in metallb_ip_range %}
      - {{ ip_range }}
 {% endfor %}
 {% if metallb_auto_assign == false %}
      auto-assign: false
 {% endif %}
 {% if metallb_avoid_buggy_ips == true %}
      avoid-buggy-ips: true
 {% endif %}
 {% if metallb_additional_address_pools is defined %}{% for pool in metallb_additional_address_pools %}
    - name: {{ pool }}
      protocol: {{ metallb_additional_address_pools[pool].protocol }}
      addresses:
 {% for ip_range in metallb_additional_address_pools[pool].ip_range %}
      - {{ ip_range }}
 {% endfor %}
 {% if metallb_additional_address_pools[pool].auto_assign is defined %}
      auto-assign: {{ metallb_additional_address_pools[pool].auto_assign }}
 {% endif %}
 {% if metallb_additional_address_pools[pool].avoid_buggy_ips is defined %}
      avoid-buggy-ips: {{ metallb_additional_address_pools[pool].avoid_buggy_ips }}
 {% endif %}
 {% endfor %}
 {% endif %}
--- a/roles/kubernetes-apps/metallb/templates/metallb.yml.j2
+++ b/roles/kubernetes-apps/metallb/templates/metallb.yml.j2
--- a/roles/kubernetes-apps/metallb/templates/pools.yaml.j2
+++ b/roles/kubernetes-apps/metallb/templates/pools.yaml.j2
@ -0,0 +1,22 @@
 #jinja2: trim_blocks: True, lstrip_blocks: True
 # yamllint disable-file
 ---
 # Create all pools
 {% for pool_name, pool in metallb_config.address_pools.items() %}
 ---
 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
  namespace: "{{ namespace_name }}"
  name: "{{ pool_name }}"
 spec:
 {% for ip_range in pool.ip_range %}
  addresses:
  - "{{ ip_range }}"
 {% endfor %}
  auto-assign: "{{ pool.auto_assign }}"
  avoidBuggyIPs: true
 {% endfor %}