| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 |
- ---
- - name: Prepare for the strategies exercise
- hosts: workstation.lab.example.com
- gather_subset: min
- become: no
- vars:
- ge_nsp: deployments-stateful
- tasks:
- - name: Make sure kubeconfig is there on utility
- delegate_to: utility.lab.example.com
- file:
- path: /home/lab/{{ item }}/auth/kubeconfig
- state: file
- loop: "{{ clusters }}"
- - name: Create a temp dir
- file:
- path: tmp
- state: directory
- - name: Copy over the kubeconfig
- delegate_to: utility.lab.example.com
- fetch:
- src: /home/lab/{{ item }}/auth/kubeconfig
- dest: tmp/kubeconfig-{{ item }}
- flat: yes
- loop: "{{ clusters }}"
- - name: Check whether the namespace is already there
- k8s_info:
- kubeconfig: tmp/kubeconfig-ocp4
- validate_certs: no
- api_version: v1
- kind: namespace
- name: "{{ ge_nsp }}"
- register: ge_exists
- - name: Fail if the namespace exists
- fail:
- msg: "The exercise namespace already exists: {{ ge_nsp }}; please run strategy-finish.yml to clean up first and then re-run this playbook."
- when: ge_exists.resources | length > 0
- - name: Ensure there is a namespace for the exercise
- k8s:
- kubeconfig: tmp/kubeconfig-ocp4
- validate_certs: no
- api_version: v1
- kind: namespace
- name: "{{ ge_nsp }}"
- - name: Give developer admin role in the project
- k8s:
- kubeconfig: tmp/kubeconfig-ocp4
- validate_certs: no
- api_version: rbac.authorization.k8s.io/v1
- kind: rolebinding
- namespace: "{{ ge_nsp }}"
- name: dev-admin
- definition:
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: admin
- subjects:
- - apiGroup: rbac.authorization.k8s.io
- kind: User
- name: developer
- ...
|
