75 lines
1.9 KiB
YAML
75 lines
1.9 KiB
YAML
---
|
|
|
|
- name: Local Container Registry
|
|
ansible.builtin.copy:
|
|
content: |
|
|
#
|
|
# Private Container Registries for Kubernetes
|
|
#
|
|
# Managed By ansible/role/nfc_kubernetes
|
|
#
|
|
# Dont edit this file directly as it will be overwritten.
|
|
#
|
|
|
|
{% set registries = kubernetes_private_container_registry | default([]) -%}
|
|
|
|
{% if registries | length > 0 %}mirrors:
|
|
{% for entry in registries %}
|
|
|
|
{{ entry.name }}:
|
|
endpoint:
|
|
- "{{ entry.url }}"
|
|
|
|
{%- endfor %}
|
|
{% endif %}
|
|
dest: /etc/rancher/k3s/registries.yaml
|
|
owner: root
|
|
mode: '700'
|
|
# notify: "restart ContainerD"
|
|
# with_items: "{{ containerd.repositories }}"
|
|
# when:
|
|
# ansible_os_family == 'Debian'
|
|
# and
|
|
# Kubernetes_private_container_registry | default([]) | length > 0
|
|
|
|
|
|
- name: Additional config files
|
|
ansible.builtin.copy:
|
|
content: |
|
|
{{ item.content }}
|
|
dest: "{{ item.path }}/{{ item.name }}"
|
|
mode: '740'
|
|
owner: root
|
|
group: root
|
|
loop: "{{ k3s.files }}"
|
|
|
|
|
|
- name: Copy Templates
|
|
ansible.builtin.template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
owner: root
|
|
mode: '700'
|
|
force: true
|
|
notify: "{{ item.notify | default(omit) }}"
|
|
loop: "{{ templates_to_apply }}"
|
|
vars:
|
|
templates_to_apply:
|
|
- src: "calico.yaml.j2"
|
|
dest: /var/lib/rancher/k3s/server/manifests/calico.yaml
|
|
|
|
- src: kubernetes-manifest-rbac.yaml.j2
|
|
dest: /var/lib/rancher/k3s/server/manifests/rbac-authorization-common.yaml
|
|
|
|
- src: iptables-kubernetes.rules.j2
|
|
dest: "/etc/iptables.rules.d/iptables-kubernetes.rules"
|
|
notify: firewall_reloader
|
|
|
|
- src: k3s-registries.yaml.j2
|
|
dest: /etc/rancher/k3s/registries.yaml
|
|
notify: kubernetes_restart
|
|
|
|
- src: k3s-config.yaml.j2
|
|
dest: /etc/rancher/k3s/config.yaml
|
|
notify: kubernetes_restart
|