---
#- name: Add kubernetes repository
#  yumrepo:
#    name: kubernetes
#    description: "Kubernetes Repository"
#    baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-$releasever-x86_64
#    gpgcheck: yes
#    enabled: yes
#    gpgkey: https://packages.cloud.google.com/yum/doc/yum-key.gpg
#    state: present

- name: Add Official kubernetes's repo
  template:
    src: "etc/yum.repos.d/kubernetes.repo.j2"
    dest: "/etc/yum.repos.d/kubernetes.repo"
    group: root
    owner: root
    mode: 0644
  when:
    - not ansible_machine == "armv7l"
    - not ansible_machine == "armv6l"
    - kubernetes_cri != "k3s"

- name: Register kubernetes firewalld service
  template:
    src: "etc/firewalld/services/kubernetes.xml.j2"
    dest: "/etc/firewalld/services/kubernetes.xml"
    group: root
    owner: root
    mode: 0644
  register: need_firewalld_reload
  when:
    - kubernetes_server|bool

- name: Reload firewalld configuration
  service:
    name: firewalld
    state: reloaded
    enabled: yes
  when:
    - kubernetes_server|bool
    - need_firewalld_reload is changed

#- name: reload firewalld to refresh service list
#  command: firewall-cmd --reload
#  when:
#    - need_firewalld_reload is changed
#    - kubernetes_server|bool

# Définir interface
- name: Open Firewalld
  firewalld:
    service: kubernetes
    permanent: true
    state: enabled
    immediate: true
  when:
#    - need_firewall|bool
#    - firewall_name == "firewalld"
    - kubernetes_server|bool

- name: Create kubernetes firewalld zone
  firewalld:
    zone: kubernetes
    permanent: true
    state: present
  when:
    - kubernetes_server|bool
- name: Add PODs network to kubernetes firewalld zone
  firewalld:
    zone: kubernetes
    permanent: true
    state: enabled
    source: "{{ kubernetes_pods_network }}"
  when:
    - kubernetes_server|bool
- name: Add Services network to kubernetes firewalld zone
  firewalld:
    zone: kubernetes
    permanent: true
    state: enabled
    source: "10.96.0.0/12"
  when:
    - kubernetes_server|bool

- name: Install kubernetes tools
  dnf:
    name: "{{ kubernetes_package_name }}"
    enablerepo: "kubernetes"
    state: present
    update_cache: yes
#  notify: Restart kubelet
  when:
    - ansible_pkg_mgr == "dnf"
    - (not kubernetes_server|bool) or ( kubernetes_server|bool and kubernetes_cri != "k3s")

- name: Install kubernetes tools
  yum:
    name: "{{ kubernetes_package_name }}"
    enablerepo: "kubernetes"
    state: present
    update_cache: yes
#  notify: Restart kubelet
  when:
    - ansible_pkg_mgr == "yum"
    - (not kubernetes_server|bool) or ( kubernetes_server|bool and kubernetes_cri != "k3s")