ansible-role-k8s-storage/tasks/longhorn.yml

---
- name: longhorn need to be present
  block:
    - name: Defined longhorn repository
      kubernetes.core.helm_repository:
        name: longhorn
        repo_url: "https://charts.longhorn.io"
    - name: Deploy latest version of longhorn
      kubernetes.core.helm:
        context: "{{ my_context }}"
        name: longhorn
        chart_ref: longhorn/longhorn
        chart_version: "{{ storage_longhorn_version }}"
        create_namespace: true
        release_namespace: "{{ storage_longhorn_namespace }}"
        values: "{{ lookup('template', 'longhorn/longhorn-values.yaml.j2') | from_yaml }}"

    - name: Configure Longhorn
      kubernetes.core.k8s:
        state: present
        context: "{{ my_context }}"
        definition:
          kind: Setting
          apiVersion: longhorn.io/v1beta1
          metadata:
            name: "{{ item.name }}"
            namespace: "{{ storage_longhorn_namespace }}"
          value: "{{ item.value }}"
      with_items:
        - { name: "guaranteed-engine-manager-cpu", value: "6" }
        - { name: "guaranteed-replica-manager-cpu", value: "6" }
        - { name: "default-data-locality", value: "best-effort" }

    - name: Install longhorn Recurring Jobs
      kubernetes.core.k8s:
        state: present
        context: "{{ my_context }}"
        apply: true
        namespace: "{{ storage_longhorn_namespace }}"
        resource_definition: "{{ lookup('template', 'longhorn/longhorn_recurringjob.yml.j2') | from_yaml }}"
      with_items:
        - { name: "snapshot", cron: "1 * * * *", task: "snapshot", retain: 25 }
        - { name: "backup-daily", cron: "0 1 * * *", task: "backup", retain: 8 }

    - name: Add longhorn-crypt StorageClass
      kubernetes.core.k8s:
        state: present
        context: "{{ my_context }}"
        definition:
          apiVersion: storage.k8s.io/v1
          kind: StorageClass
          metadata:
            annotations:
              storageclass.kubernetes.io/is-default-class: "false"
            name: longhorn-crypt
          provisioner: driver.longhorn.io
          reclaimPolicy: Delete
          volumeBindingMode: Immediate
          allowVolumeExpansion: true
          parameters:
            numberOfReplicas: "3"
            staleReplicaTimeout: "2880"
            dataLocality: best-effort
            fromBackup: ""
            encrypted: "true"
            csi.storage.k8s.io/provisioner-secret-name: "longhorn-crypto"
            csi.storage.k8s.io/provisioner-secret-namespace: ${pvc.namespace}
            csi.storage.k8s.io/node-publish-secret-name: "longhorn-crypto"
            csi.storage.k8s.io/node-publish-secret-namespace: ${pvc.namespace}
            csi.storage.k8s.io/node-stage-secret-name: "longhorn-crypto"
            csi.storage.k8s.io/node-stage-secret-namespace: ${pvc.namespace}
            csi.storage.k8s.io/fsType: ext4
            recurringJobSelector: '[{"name":"snapshot","isGroup":true}, {"name":"backup-daily","isGroup":true}]'

    - name: Install Prometheus rules
      kubernetes.core.k8s:
        state: "present"
        context: "{{ my_context }}"
        namespace: "{{ storage_longhorn_namespace }}"
        apply: yes
        resource_definition: "{{ lookup('file', 'longhorn/' + item) | from_yaml_all }}"
      with_items:
        - longhorn_prometheusRules.yml

  when:
    - storage_longhorn_enabled
  tags:
    - longhorn
    - storage

- name: longhorn need to be absent
  block:
    - name: Deploy latest version of longhorn
      kubernetes.core.helm:
        context: "{{ my_context }}"
        name: longhorn
        state: absent
        release_namespace: "{{ storage_longhorn_namespace }}"

    - name: Remove Ingress for longhorn UI
      kubernetes.core.k8s:
        state: absent
        context: "{{ my_context }}"
        namespace: "{{ storage_longhorn_namespace }}"
        resource_definition: "{{ lookup('template', 'longhorn/' + item) | from_yaml }}"
      with_items:
#        - "longhorn_ingressroute.yaml.j2"
        - "longhorn-namespace.yml.j2"

    - name: Remove longhorn-crypt StorageClass
      kubernetes.core.k8s:
        state: absent
        context: "{{ my_context }}"
        definition:
          apiVersion: storage.k8s.io/v1
          kind: StorageClass
          metadata:
            name: longhorn-crypt

  #  - name: Remove longhorn Recurring Jobs
  #    kubernetes.core.k8s:
  #      state: absent
  #      context: "{{ my_context }}"
  #      namespace: "{{ storage_longhorn_namespace }}"
  #      resource_definition: "{{ lookup('template', 'longhorn/longhorn_recurringjob.yml.j2') | from_yaml }}"
  #    with_items:
  #      - { name: "snapshot", cron: "1 * * * *", task: "snapshot", retain: 25 }
  #      - { name: "backup-daily", cron: "0 1 * * *", task: "backup", retain: 8 }

  when:
    - not storage_longhorn_enabled
  tags:
    - longhorn
    - storage