Adrien Reslinger
23413944f5
All checks were successful
continuous-integration/drone/push Build is passing
135 lines
3.9 KiB
YAML
135 lines
3.9 KiB
YAML
- name: traefik setup
|
|
block:
|
|
- name: namespace
|
|
k8s:
|
|
state: present
|
|
context: "{{ my_context }}"
|
|
merge_type: merge
|
|
definition:
|
|
api_version: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: traefik
|
|
labels:
|
|
namespace: '{{ traefik_namespace }}'
|
|
|
|
- name: Create a Secret object for basic authentification
|
|
k8s:
|
|
state: present
|
|
context: "{{ my_context }}"
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: basic-auth
|
|
namespace: '{{ traefik_namespace }}'
|
|
type: Opaque
|
|
data:
|
|
basic_auth: "{{ basic_auth_data | b64encode }}"
|
|
when:
|
|
- basic_auth|bool
|
|
|
|
- name: Add host label for traefik deployment
|
|
k8s:
|
|
state: present
|
|
context: "{{ my_context }}"
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Node
|
|
metadata:
|
|
name: "{{ item }}"
|
|
labels:
|
|
entrypoint: traefik
|
|
with_items:
|
|
- '{{ traefik_node_selector }}'
|
|
when:
|
|
- traefik_node_selector is defined
|
|
|
|
# - name: Get Deployment information object
|
|
# k8s_info:
|
|
# context: "{{ my_context }}"
|
|
# api_version: v1
|
|
# kind: DaemonSet
|
|
# name: traefik
|
|
# namespace: '{{ traefik_namespace }}'
|
|
# field_selectors:
|
|
# - spec.template.spec.containers.image
|
|
# register: traefik_actual_resources
|
|
#
|
|
# - name: Retreive actual traefik version
|
|
# shell: echo "{{ traefik_actual_resources.resources }}" | sed "s/.*traefik:\([0-9]\.[0-9]*\).*/\1/" | uniq
|
|
# register: traefik_actual_version
|
|
#
|
|
# - name: Remove old traefik version {{ traefik_actual_version.stdout }}
|
|
# k8s:
|
|
# state: "absent"
|
|
# context: "{{ my_context }}"
|
|
# resource_definition: "{{ lookup('template', item) | from_yaml }}"
|
|
# with_items:
|
|
# - "{{ lookup('vars', 'traefik_' + traefik_actual_version.stdout | regex_replace('[.]','_') + '_list') | reverse | list }}"
|
|
## - hostvars[inventory_hostname]['traefik_' + traefik_actual_version.stdout + '_list'] | reverse
|
|
# when:
|
|
# - not traefik_actual_version.stdout == "[]"
|
|
# - not traefik_version == traefik_actual_version.stdout
|
|
# - traefik_actual_version.stdout is version(traefik_version, '>')
|
|
|
|
- name: Defined traefik repository
|
|
community.kubernetes.helm_repository:
|
|
name: traefik
|
|
repo_url: "https://helm.traefik.io/traefik"
|
|
tags: traefik
|
|
- name: Deploy latest version of Traefik
|
|
community.kubernetes.helm:
|
|
context: "{{ my_context }}"
|
|
name: traefik
|
|
chart_ref: traefik/traefik
|
|
release_namespace: "{{ traefik_namespace }}"
|
|
values:
|
|
image:
|
|
tag: "{{ traefik_version_2_3 }}"
|
|
additionalArguments:
|
|
- --configFile=/etc/traefik/traefik.yaml
|
|
podSecurityPolicy:
|
|
enabled: true
|
|
service:
|
|
enabled: false
|
|
ingressRoute:
|
|
dashboard:
|
|
enabled: false
|
|
ingressClass:
|
|
enabled: true
|
|
isDefaultClass: true
|
|
ports:
|
|
web:
|
|
redirectTo: websecure
|
|
hostPort: 80
|
|
websecure:
|
|
hostPort: 443
|
|
volumes:
|
|
- mountPath: /etc/traefik
|
|
name: traefik-conf
|
|
type: configMap
|
|
- mountPath: /etc/traefik/file
|
|
name: traefik-files
|
|
type: configMap
|
|
- mountPath: /etc/traefik/basic-auth
|
|
name: basic-auth
|
|
type: secret
|
|
|
|
- name: Install traefik configuration
|
|
k8s:
|
|
state: "present"
|
|
context: "{{ my_context }}"
|
|
namespace: '{{ traefik_namespace }}'
|
|
# merge_type: merge
|
|
apply: yes
|
|
resource_definition: "{{ lookup('template', item) | from_yaml }}"
|
|
with_items:
|
|
# - "{{ lookup('vars', 'traefik_' + traefik_version | regex_replace('[.]','_') + '_list') }}"
|
|
- traefik-cm.yml.j2
|
|
- traefik-files.yml.j2
|
|
# - traefik-sa.yml.j2
|
|
- traefik-ingressroute.yml.j2
|
|
- traefik-svc.yml.j2
|
|
|
|
tags: traefik
|