--- - name: kube-router | Create annotations include: annotate.yml tags: annotate - name: kube-router | Set cni directory permissions file: path: /opt/cni/bin state: directory owner: kube recurse: true mode: 0755 - name: kube-router | Copy cni plugins unarchive: src: "{{ local_release_dir }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz" dest: "/opt/cni/bin" mode: 0755 owner: kube remote_src: yes - name: kube-router | Create config directory file: path: /var/lib/kube-router state: directory owner: kube recurse: true mode: 0755 - name: kube-router | Create kubeconfig template: src: kubeconfig.yml.j2 dest: /var/lib/kube-router/kubeconfig owner: kube notify: - reset_kube_router - name: kube-router | Slurp cni config slurp: src: /etc/cni/net.d/10-kuberouter.conf register: cni_config_slurp ignore_errors: true - name: kube-router | Set cni_config variable set_fact: cni_config: "{{ cni_config_slurp.content | b64decode | from_json }}" when: - not cni_config_slurp.failed - name: kube-router | Set host_subnet variable set_fact: host_subnet: "{{ cni_config.ipam.subnet }}" when: - cni_config is defined - cni_config.ipam is defined - cni_config.ipam.subnet is defined - name: kube-router | Set wanted cni config variable set_fact: wanted_cni_config: "{{ lookup('template', 'cni-conf.json.j2') }}" - name: kube-router | Set wanted_cni_config variable set_fact: wanted_cni_config: "{{ wanted_cni_config | combine({ 'ipam': { 'subnet': host_subnet }}, recursive=True) }}" when: host_subnet is defined - name: kube-router | Create cni config copy: content: "{{ wanted_cni_config | to_nice_json }}" dest: /etc/cni/net.d/10-kuberouter.conf owner: kube changed_when: wanted_cni_config != cni_config notify: - reset_kube_router - name: kube-router | Create manifest template: src: kube-router.yml.j2 dest: "{{ kube_config_dir }}/kube-router.yml" delegate_to: "{{ groups['kube-master'] | first }}" run_once: true