feat(olm): install olm operator

!9 nofusscomputing/infrastructure/configuration-management/project-production!4

defaults/main.yml

@@ -7,6 +7,7 @@ Kubernetes_Master: false                                   # Optional, Boolean.
 
 ContainerDioVersion: 1.6.20-1
 KubernetesVersion: '1.26.2'                                # must match the repository release version
+kubernetes_version_olm: '0.26.0'
 
 KubernetesVersion_k8s_prefix: '-00'
 KubernetesVersion_k3s_prefix: '+k3s1'
@@ -25,6 +26,9 @@ kubelet_arg_system_reserved_cpu: 450m
 kubelet_arg_system_reserved_memory: 512Mi
 kubelet_arg_system_reserved_storage: 8Gi
 
+# kubernetes_olm_install: true # optional, boolean. default=true
+
+
 nfc_kubernetes:
   enable_firewall: true             # Optional, bool enable firewall rules from role 'nfc_firewall'
 

docs/projects/ansible/roles/kubernetes/index.md

@@ -43,6 +43,8 @@ This role deploys a K3s cluster. In addition it has the following features:
 
 - _[ToDo-#5](https://gitlab.com/nofusscomputing/projects/ansible/kubernetes/-/issues/5)_ Restore backup on fresh install of a cluster
 
+- Installs OLM for operator subscriptions
+
 
 ## Role Workflow
 

tasks/k3s/install.yaml

@@ -100,7 +100,7 @@
     nfc_kubernetes_install_architectures: "{{ nfc_kubernetes_install_architectures | default({}) | combine({ansible_architecture: ''}) }}"
 
 
-- name: Download Install Script
+- name: Download Install Scripts
   ansible.builtin.uri:
     url: "{{ item.url }}"
     method: GET
@@ -121,6 +121,8 @@
     download_files:
       - dest: /tmp/install.sh
         url: https://get.k3s.io
+      - dest: /tmp/install_olm.sh
+        url: https://raw.githubusercontent.com/operator-framework/operator-lifecycle-manager/v{{ kubernetes_version_olm }}/scripts/install.sh
 
 
 - name: Download K3s Binary
@@ -176,13 +178,18 @@
     group: root
   when: hash_sha256_k3s_existing_binary.stat.checksum | default('0') != hash_sha256_k3s_downloaded_binary
 
-- name: Copy install script to Host
+- name: Copy install scripts to Host
   ansible.builtin.copy:
-    src: "/tmp/install.sh"
-    dest: "/tmp/install.sh"
+    src: "{{ item }}"
+    dest: "{{ item }}"
     mode: '755'
     owner: root
     group: root
+  loop: "{{ install_scripts }}"
+  vars:
+    install_scripts:
+      - "/tmp/install.sh"
+      - "/tmp/install_olm.sh"
   # when: hash_sha256_k3s_existing_binary.stat.checksum | default('0') != hash_sha256_k3s_downloaded_binary
 
 - name: Required Initial config files
@@ -275,6 +282,16 @@
   failed_when: kubernetes_ready_check.rc != 0
 
 
+- name: Install olm
+  ansible.builtin.shell:
+    cmd: |
+      /tmp/install_olm.sh v{{ kubernetes_version_olm }}
+  changed_when: false
+  when: >
+    kubernetes_config.cluster.prime.name == inventory_hostname
+      and
+    kubernetes_olm_install | default(true) | bool
+
 - name: Enable Cluster Encryption
   ansible.builtin.command:
     cmd: kubectl patch felixconfiguration default --type='merge' -p '{"spec":{"wireguardEnabled":true,"wireguardEnabledV6":true}}'