Update deployment

2024-10-23 14:52:55 +02:00 · 2024-10-23 14:52:55 +02:00 · 427e1357a0
commit 427e1357a0
parent 974d8fb7c7
6 changed files with 41 additions and 43 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,5 +1,5 @@
 ---
- name: calico setup
+- name: Diun setup
  block:
 #   - name: Include vars
 #     ansible.builtin.include_vars: "diun-files.yaml"
@ -8,15 +8,13 @@
      kubernetes.core.k8s:
        state: present
        context: "{{ my_context }}"
-        merge_type: merge
-        resource_definition: "{{ lookup('template', item) | from_yaml }}"
+        apply: true
+        namespace: "duin"
+        resource_definition: "{{ lookup('template', item) | from_yaml_all }}"
      with_items:
-        - diun-ServiceAccount.yml.j2
-        - diun-ClusterRole.yml.j2
-        - diun-ClusterRoleBinding.yml.j2
+        - diun-RBAC.yml.j2
        - diun-ConfigMap.yml.j2
        - diun-Deployment.yml.j2

-
  tags:
    - diun
--- a/templates/diun-ClusterRole.yml.j2
+++ b/templates/diun-ClusterRole.yml.j2
@ -1,14 +0,0 @@
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: diun
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-    verbs:
-      - get
-      - watch
-      - list
--- a/templates/diun-ClusterRoleBinding.yml.j2
+++ b/templates/diun-ClusterRoleBinding.yml.j2
@ -1,13 +0,0 @@
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: diun
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: diun
-subjects:
-  - kind: ServiceAccount
-    name: diun
-    namespace: default
--- a/templates/diun-Deployment.yml.j2
+++ b/templates/diun-Deployment.yml.j2
@ -2,7 +2,6 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  namespace: default
  name: diun
 spec:
  replicas: 1
@ -34,6 +33,8 @@ spec:
              value: "20"
            - name: DIUN_WATCH_SCHEDULE
              value: "0 */6 * * *"
+            - name: DIUN_WATCH_JITTER
+              value: "30s"
            - name: DIUN_PROVIDERS_KUBERNETES
              value: "true"
          volumeMounts:
@ -50,7 +51,7 @@ spec:
          hostPath:
            path: "/data"
            type: Directory
-        - configMap:
+        - name: config
+          configMap:
            defaultMode: 420
            name: diun-conf
-          name: config
--- a/templates/diun-RBAC.yml.j2
+++ b/templates/diun-RBAC.yml.j2
@ -0,0 +1,32 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: diun
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: diun
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - get
+      - watch
+      - list
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: diun
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: diun
+subjects:
+  - kind: ServiceAccount
+    name: diun
+    namespace: default
--- a/templates/diun-ServiceAccount.yml.j2
+++ b/templates/diun-ServiceAccount.yml.j2
@ -1,6 +0,0 @@
---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  namespace: default
-  name: diun