cert issuer and ingress controller

2022-12-09 21:26:01 +13:00
parent b352a796e0
commit a985895225
7 changed files with 1458 additions and 3 deletions
--- a/ansible/roles/k8s_ingress_controller/tasks/main.yaml
+++ b/ansible/roles/k8s_ingress_controller/tasks/main.yaml
@ -0,0 +1,59 @@
+---
+- name: download the ingress controller manifest
+  ansible.builtin.uri:
+    url: https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v{{ ingress_controller_version | string }}/deploy/static/provider/cloud/deploy.yaml
+    dest: "{{ ansible_search_path[0] }}/files/ingress_controller_{{ ingress_controller_version }}.yaml"
+    creates: "{{ ansible_search_path[0] }}/files/ingress_controller_{{ ingress_controller_version }}.yaml"
+    mode: 0664
+
+- name: install ingress controller manifest to cluster
+  kubernetes.core.k8s:
+    state: present
+    src: "{{ ansible_search_path[0] }}/files/ingress_controller_{{ ingress_controller_version | string }}.yaml"
+
+- name: create replacement fact for ingress controller service
+  ansible.builtin.set_fact:
+    ingress_controller_service:
+      apiVersion: v1
+      kind: Service
+      metadata:
+        labels:
+          app.kubernetes.io/component: controller
+          app.kubernetes.io/instance: ingress-nginx
+          app.kubernetes.io/name: ingress-nginx
+          app.kubernetes.io/part-of: ingress-nginx
+          app.kubernetes.io/version: "{{ ingress_controller_version }}"
+        name: ingress-nginx-controller
+        namespace: ingress-nginx
+      spec:
+        externalTrafficPolicy: Local
+        ipFamilyPolicy: RequireDualStack
+        ipFamilies:
+          - IPv4
+          - IPv6
+        ports:
+        - appProtocol: http
+          name: http
+          port: 80
+          protocol: TCP
+          targetPort: http
+        - appProtocol: https
+          name: https
+          port: 443
+          protocol: TCP
+          targetPort: https
+        selector:
+          app.kubernetes.io/component: controller
+          app.kubernetes.io/instance: ingress-nginx
+          app.kubernetes.io/name: ingress-nginx
+        type: ClusterIP
+
+- name: write out ingress controller service definition to file
+  ansible.builtin.copy:
+    content: "{{ ingress_controller_service | to_nice_yaml }}"
+    dest: "{{ ansible_search_path[0] }}/files/ingress_controller_service.yaml"
+
+- name: install ingress controller manifest to cluster
+  kubernetes.core.k8s:
+    state: present
+    src: "{{ ansible_search_path[0] }}/files/ingress_controller_service.yaml"