- name: traefik setup block: - name: namespace k8s: state: present context: "{{ my_context }}" merge_type: merge definition: api_version: v1 kind: Namespace metadata: name: '{{ traefik_namespace }}' labels: namespace: '{{ traefik_namespace }}' - name: Create a Secret object for basic authentification k8s: state: present context: "{{ my_context }}" namespace: '{{ traefik_namespace }}' definition: apiVersion: v1 kind: Secret metadata: name: basic-auth type: Opaque data: basic_auth: "{{ basic_auth_data | b64encode }}" when: - basic_auth|bool - name: Add host label for traefik deployment k8s: state: present context: "{{ my_context }}" definition: apiVersion: v1 kind: Node metadata: name: "{{ item }}" labels: entrypoint: traefik with_items: - '{{ traefik_node_selector }}' when: - traefik_node_selector is defined # - name: Get Deployment information object # k8s_info: # context: "{{ my_context }}" # api_version: v1 # kind: DaemonSet # name: traefik # namespace: '{{ traefik_namespace }}' # field_selectors: # - spec.template.spec.containers.image # register: traefik_actual_resources # # - name: Retreive actual traefik version # shell: echo "{{ traefik_actual_resources.resources }}" | sed "s/.*traefik:\([0-9]\.[0-9]*\).*/\1/" | uniq # register: traefik_actual_version # # - name: Remove old traefik version {{ traefik_actual_version.stdout }} # k8s: # state: "absent" # context: "{{ my_context }}" # resource_definition: "{{ lookup('template', item) | from_yaml }}" # with_items: # - "{{ lookup('vars', 'traefik_' + traefik_actual_version.stdout | regex_replace('[.]','_') + '_list') | reverse | list }}" ## - hostvars[inventory_hostname]['traefik_' + traefik_actual_version.stdout + '_list'] | reverse # when: # - not traefik_actual_version.stdout == "[]" # - not traefik_version == traefik_actual_version.stdout # - traefik_actual_version.stdout is version(traefik_version, '>') - name: Defined traefik repository kubernetes.core.helm_repository: name: traefik repo_url: "https://helm.traefik.io/traefik" tags: traefik - name: Deploy latest version of Traefik kubernetes.core.helm: context: "{{ my_context }}" name: traefik chart_ref: traefik/traefik release_namespace: "{{ traefik_namespace }}" values: image: tag: "{{ traefik_version }}" additionalArguments: - --configFile=/etc/traefik/traefik.yaml # podSecurityPolicy: # enabled: true service: enabled: false ingressRoute: dashboard: enabled: false ingressClass: enabled: true isDefaultClass: true # ports: # web: # redirectTo: websecure # hostPort: 80 # websecure: # hostPort: 443 # tls: # enabled: true # options: default volumes: - mountPath: /etc/traefik name: traefik-conf type: configMap - mountPath: /etc/traefik/file name: traefik-files type: configMap - mountPath: /etc/traefik/basic-auth name: basic-auth type: secret deployment: replicas: 1 podAnnotations: prometheus.io/port: '9000' prometheus.io/scrape: 'true' - name: Install traefik configuration k8s: state: "present" context: "{{ my_context }}" namespace: '{{ traefik_namespace }}' # merge_type: merge apply: yes resource_definition: "{{ lookup('template', item) | from_yaml }}" with_items: # - "{{ lookup('vars', 'traefik_' + traefik_version | regex_replace('[.]','_') + '_list') }}" - traefik-certificate.yml.j2 - traefik-cm.yml.j2 - traefik-files.yml.j2 # - traefik-sa.yml.j2 - traefik-ingressroute.yml.j2 - traefik-svc.yml.j2 tags: traefik