--- - name: Registry | check registry_service_type value fail: msg: "registry_service_type can only be 'ClusterIP', 'LoadBalancer' or 'NodePort'" when: registry_service_type not in ['ClusterIP', 'LoadBalancer', 'NodePort'] - name: Registry | Stop if registry_service_cluster_ip is defined when registry_service_type is not 'ClusterIP' fail: msg: "registry_service_cluster_ip support only compatible with ClusterIP." when: - registry_service_cluster_ip is defined and registry_service_cluster_ip|length > 0 - registry_service_type != "ClusterIP" - name: Registry | Stop if registry_service_loadbalancer_ip is defined when registry_service_type is not 'LoadBalancer' fail: msg: "registry_service_loadbalancer_ip support only compatible with LoadBalancer." when: - registry_service_loadbalancer_ip is defined and registry_service_loadbalancer_ip|length > 0 - registry_service_type != "LoadBalancer" - name: Registry | Stop if registry_service_nodeport is defined when registry_service_type is not 'NodePort' fail: msg: "registry_service_nodeport support only compatible with NodePort." when: - registry_service_nodeport is defined and registry_service_nodeport|length > 0 - registry_service_type != "NodePort" - name: Registry | Create addon dir file: path: "{{ kube_config_dir }}/addons/registry" state: directory owner: root group: root mode: 0755 - name: Registry | Templates list set_fact: registry_templates: - { name: registry-ns, file: registry-ns.yml, type: ns } - { name: registry-sa, file: registry-sa.yml, type: sa } - { name: registry-svc, file: registry-svc.yml, type: svc } - { name: registry-secrets, file: registry-secrets.yml, type: secrets } - { name: registry-cm, file: registry-cm.yml, type: cm } - { name: registry-rs, file: registry-rs.yml, type: rs } registry_templates_for_psp: - { name: registry-psp, file: registry-psp.yml, type: psp } - { name: registry-cr, file: registry-cr.yml, type: clusterrole } - { name: registry-crb, file: registry-crb.yml, type: rolebinding } - name: Registry | Append extra templates to Registry Templates list for PodSecurityPolicy set_fact: registry_templates: "{{ registry_templates[:2] + registry_templates_for_psp + registry_templates[2:] }}" when: - podsecuritypolicy_enabled - registry_namespace != "kube-system" - name: Registry | Append nginx ingress templates to Registry Templates list when ingress enabled set_fact: registry_templates: "{{ registry_templates + [item] }}" with_items: - [{ name: registry-ing, file: registry-ing.yml, type: ing }] when: ingress_nginx_enabled or ingress_alb_enabled - name: Registry | Create manifests template: src: "{{ item.file }}.j2" dest: "{{ kube_config_dir }}/addons/registry/{{ item.file }}" mode: 0644 with_items: "{{ registry_templates }}" register: registry_manifests when: inventory_hostname == groups['kube_control_plane'][0] - name: Registry | Apply manifests kube: name: "{{ item.item.name }}" namespace: "{{ registry_namespace }}" kubectl: "{{ bin_dir }}/kubectl" resource: "{{ item.item.type }}" filename: "{{ kube_config_dir }}/addons/registry/{{ item.item.file }}" state: "latest" with_items: "{{ registry_manifests.results }}" when: inventory_hostname == groups['kube_control_plane'][0] - name: Registry | Create PVC manifests template: src: "{{ item.file }}.j2" dest: "{{ kube_config_dir }}/addons/registry/{{ item.file }}" mode: 0644 with_items: - { name: registry-pvc, file: registry-pvc.yml, type: pvc } register: registry_manifests when: - registry_storage_class != none and registry_storage_class - registry_disk_size != none and registry_disk_size - inventory_hostname == groups['kube_control_plane'][0] - name: Registry | Apply PVC manifests kube: name: "{{ item.item.name }}" namespace: "{{ registry_namespace }}" kubectl: "{{ bin_dir }}/kubectl" resource: "{{ item.item.type }}" filename: "{{ kube_config_dir }}/addons/registry/{{ item.item.file }}" state: "latest" with_items: "{{ registry_manifests.results }}" when: - registry_storage_class != none and registry_storage_class - registry_disk_size != none and registry_disk_size - inventory_hostname == groups['kube_control_plane'][0]