---
#- name: Add kubernetes repository
#  yumrepo:
#    name: kubernetes
#    description: "Kubernetes Repository"
#    baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-$releasever-x86_64
#    gpgcheck: yes
#    enabled: yes
#    gpgkey: https://packages.cloud.google.com/yum/doc/yum-key.gpg
#    state: present

#- name: Add Official kubernetes's repo
#  template:
#    src: "etc/yum.repos.d/kubernetes.repo.j2"
#    dest: "/etc/yum.repos.d/kubernetes.repo"
#    group: root
#    owner: root
#    mode: 0644
#  when:
#    - not ansible_machine == "armv7l"
#    - not ansible_machine == "armv6l"
#    - kubernetes_cri != "k3s"

- name: Add Official kubernetes's repo
  yum_repository:
    name: kubernetes
    description: Kubernetes
    baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch
    enabled: true
    gpgcheck: true
    repo_gpgcheck: true
    gpgkey: https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
    exclude: kubelet kubeadm kubectl
  become: true
  when:
    - not ansible_machine == "armv7l"
    - not ansible_machine == "armv6l"
    - kubernetes_cri != "k3s"

#- name: redhat | Installing K8s Packages
#  package:
#    name:
#      - kubectl
#      - kubelet
#      - kubeadm
#      - iproute-tc
#      - ipvsadm
#    state: present
#    disable_excludes: kubernetes
#  become: true
#  register: result
#  until: result is successful

#- name: Register kubernetes firewalld service
#  template:
#    src: "etc/firewalld/services/kubernetes.xml.j2"
#    dest: "/etc/firewalld/services/kubernetes.xml"
#    group: root
#    owner: root
#    mode: 0644
#  register: need_firewalld_reload
#  when:
#    - kubernetes_server|bool
#
#- name: Reload firewalld configuration
#  service:
#    name: firewalld
#    state: reloaded
#    enabled: yes
#  when:
#    - kubernetes_server|bool
#    - need_firewalld_reload is changed
#
## Définir interface
#- name: Open Firewalld
#  firewalld:
#    zone: external
#    service: kubernetes
#    permanent: true
#    state: enabled
#    immediate: true
#  when:
##    - need_firewall|bool
##    - firewall_name == "firewalld"
#    - kubernetes_server|bool

#- name: Create kubernetes firewalld zone
#  firewalld:
#    zone: kubernetes
#    permanent: true
#    state: present
#  when:
#    - kubernetes_server|bool
- name: Add kubernetes networks to trusted firewalld zone
  firewalld:
#    zone: kubernetes
    zone: trusted
    permanent: true
    state: enabled
    source: "{{ item }}"
  when:
    - kubernetes_server|bool
  with_items:
    - "{{ (lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.network + '/' + lookup('vars', 'ansible_' + kubernetes_interface ).ipv4.netmask) | ipaddr('net') }}"
    - "{{ kubernetes_pods_network }}"
    - "10.96.0.0/12"

- name: Install kubernetes tools
  dnf:
    name: "{{ kubernetes_package_name }}"
    enablerepo: "kubernetes"
    state: present
    update_cache: yes
    disable_excludes: kubernetes
#  notify: Restart kubelet
  when:
    - ansible_pkg_mgr == "dnf"
    - (not kubernetes_server|bool) or ( kubernetes_server|bool and kubernetes_cri != "k3s")

- name: Install kubernetes tools
  yum:
    name: "{{ kubernetes_package_name }}"
    enablerepo: "kubernetes"
    state: present
    update_cache: yes
#  notify: Restart kubelet
  when:
    - ansible_pkg_mgr == "yum"
    - (not kubernetes_server|bool) or ( kubernetes_server|bool and kubernetes_cri != "k3s")