Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[metallb] Add variable for the metallb namespace #11136

Merged
merged 1 commit into from
May 6, 2024
Merged

[metallb] Add variable for the metallb namespace #11136

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions inventory/sample/group_vars/k8s_cluster/addons.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -171,6 +171,7 @@ cert_manager_enabled: false
# MetalLB deployment
metallb_enabled: false
metallb_speaker_enabled: "{{ metallb_enabled }}"
metallb_namespace: "metallb-system"
# metallb_version: v0.13.9
# metallb_protocol: "layer2"
# metallb_port: "7472"
Expand Down
4 changes: 2 additions & 2 deletions roles/kubernetes-apps/metallb/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
- inventory_hostname == groups['kube_control_plane'][0]

- name: Kubernetes Apps | Wait for MetalLB controller to be running
command: "{{ bin_dir }}/kubectl rollout status -n metallb-system deployment -l app=metallb,component=controller --timeout=2m"
command: "{{ bin_dir }}/kubectl rollout status -n {{ metallb_namespace }} deployment -l app=metallb,component=controller --timeout=2m"
become: true
when:
- inventory_hostname == groups['kube_control_plane'][0]
Expand Down Expand Up @@ -104,5 +104,5 @@
name: config
kubectl: "{{ bin_dir }}/kubectl"
resource: ConfigMap
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
state: absent
2 changes: 1 addition & 1 deletion roles/kubernetes-apps/metallb/templates/layer2.yaml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: "{{ entry }}"
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
ipAddressPools:
- "{{ entry }}"
Expand Down
10 changes: 5 additions & 5 deletions roles/kubernetes-apps/metallb/templates/layer3.yaml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ apiVersion: metallb.io/v1beta1
kind: Community
metadata:
name: "{{ community_name }}"
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
communities:
- name: "{{ community_name }}"
Expand All @@ -21,7 +21,7 @@ apiVersion: metallb.io/v1beta1
kind: Community
metadata:
name: well-known
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
communities:
- name: no-export
Expand Down Expand Up @@ -51,7 +51,7 @@ apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: "{{ peer_name }}-local"
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
aggregationLength: 32
aggregationLengthV6: 128
Expand All @@ -70,7 +70,7 @@ apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: "{{ peer_name }}-external"
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
{% if peer.aggregation_length is defined and peer.aggregation_length <= 30 %}
aggregationLength: {{ peer.aggregation_length }}
Expand All @@ -93,7 +93,7 @@ apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: "{{ peer_name }}"
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
myASN: {{ peer.my_asn }}
peerASN: {{ peer.peer_asn }}
Expand Down
60 changes: 30 additions & 30 deletions roles/kubernetes-apps/metallb/templates/metallb.yaml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged
name: metallb-system
name: {{ metallb_namespace }}

---
apiVersion: apiextensions.k8s.io/v1
Expand All @@ -23,7 +23,7 @@ spec:
caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /convert
conversionReviewVersions:
- v1alpha1
Expand Down Expand Up @@ -544,7 +544,7 @@ spec:
caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /convert
conversionReviewVersions:
- v1beta1
Expand Down Expand Up @@ -1291,7 +1291,7 @@ metadata:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/warn: privileged
name: controller
namespace: metallb-system
namespace: "{{ metallb_namespace }}"

{% if metallb_speaker_enabled %}
---
Expand All @@ -1301,7 +1301,7 @@ metadata:
labels:
app: metallb
name: speaker
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
{% endif %}
---
apiVersion: rbac.authorization.k8s.io/v1
Expand All @@ -1310,7 +1310,7 @@ metadata:
labels:
app: metallb
name: controller
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
rules:
- apiGroups:
- ""
Expand Down Expand Up @@ -1402,7 +1402,7 @@ metadata:
labels:
app: metallb
name: pod-lister
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
rules:
- apiGroups:
- ""
Expand Down Expand Up @@ -1480,7 +1480,7 @@ kind: ClusterRole
metadata:
labels:
app: metallb
name: metallb-system:controller
name: {{ metallb_namespace }}:controller
rules:
- apiGroups:
- ""
Expand Down Expand Up @@ -1561,7 +1561,7 @@ kind: ClusterRole
metadata:
labels:
app: metallb
name: metallb-system:speaker
name: {{ metallb_namespace }}:speaker
rules:
- apiGroups:
- ""
Expand Down Expand Up @@ -1598,15 +1598,15 @@ metadata:
labels:
app: metallb
name: controller
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: controller
subjects:
- kind: ServiceAccount
name: controller
namespace: metallb-system
namespace: "{{ metallb_namespace }}"

---
apiVersion: rbac.authorization.k8s.io/v1
Expand All @@ -1615,31 +1615,31 @@ metadata:
labels:
app: metallb
name: pod-lister
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: pod-lister
subjects:
- kind: ServiceAccount
name: speaker
namespace: metallb-system
namespace: "{{ metallb_namespace }}"

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app: metallb
name: metallb-system:controller
name: {{ metallb_namespace }}:controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: metallb-system:controller
name: {{ metallb_namespace }}:controller
subjects:
- kind: ServiceAccount
name: controller
namespace: metallb-system
namespace: "{{ metallb_namespace }}"

{% if metallb_speaker_enabled %}
---
Expand All @@ -1648,30 +1648,30 @@ kind: ClusterRoleBinding
metadata:
labels:
app: metallb
name: metallb-system:speaker
name: {{ metallb_namespace }}:speaker
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: metallb-system:speaker
name: {{ metallb_namespace }}:speaker
subjects:
- kind: ServiceAccount
name: speaker
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
{% endif %}

---
apiVersion: v1
kind: Secret
metadata:
name: webhook-server-cert
namespace: metallb-system
namespace: "{{ metallb_namespace }}"

---
apiVersion: v1
kind: Service
metadata:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
ports:
- port: 443
Expand All @@ -1687,7 +1687,7 @@ metadata:
app: metallb
component: controller
name: controller
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
revisionHistoryLimit: 3
selector:
Expand Down Expand Up @@ -1782,7 +1782,7 @@ metadata:
app: metallb
component: speaker
name: speaker
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
spec:
selector:
matchLabels:
Expand Down Expand Up @@ -1888,7 +1888,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta2-bgppeer
failurePolicy: Fail
name: bgppeersvalidationwebhook.metallb.io
Expand All @@ -1908,7 +1908,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-addresspool
failurePolicy: Fail
name: addresspoolvalidationwebhook.metallb.io
Expand All @@ -1928,7 +1928,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-bfdprofile
failurePolicy: Fail
name: bfdprofilevalidationwebhook.metallb.io
Expand All @@ -1948,7 +1948,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-bgpadvertisement
failurePolicy: Fail
name: bgpadvertisementvalidationwebhook.metallb.io
Expand All @@ -1968,7 +1968,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-community
failurePolicy: Fail
name: communityvalidationwebhook.metallb.io
Expand All @@ -1988,7 +1988,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-ipaddresspool
failurePolicy: Fail
name: ipaddresspoolvalidationwebhook.metallb.io
Expand All @@ -2008,7 +2008,7 @@ webhooks:
clientConfig:
service:
name: webhook-service
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
path: /validate-metallb-io-v1beta1-l2advertisement
failurePolicy: Fail
name: l2advertisementvalidationwebhook.metallb.io
Expand Down
2 changes: 1 addition & 1 deletion roles/kubernetes-apps/metallb/templates/pools.yaml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
namespace: metallb-system
namespace: "{{ metallb_namespace }}"
name: "{{ pool_name }}"
spec:
addresses:
Expand Down