README.md

Ansible Role jm1.cloudy.kubernetes_resources

This role helps with managing Kubernetes workloads and applications from Ansible variables. For example, it allows to create, update and delete Kubernetes API objects such as Deployment, ConfigMap, Secret, DaemonSet and other objects with kubectl or OpenShift Client aka oc or modules from Ansible collection kubernetes.core.

Variable kubernetes_resources_config defines a list of tasks which will be run by this role. Each task calls an Ansible module similar to tasks in roles or playbooks except that only few keywords such as become and when are supported.

For example, to deploy Apache HTTP Server aka httpd on a Kubernetes cluster, define variable kubernetes_resources_config in group_vars or host_vars as such:

kubernetes_resources_config:
- # Create a Kubernetes Deployment object for running Apache HTTP server
  kubernetes.core.k8s:
    definition:
      apiVersion: apps/v1
      kind: Deployment
      metadata:
        name: httpd-deployment
      spec:
        selector:
          matchLabels:
            app: httpd
        minReadySeconds: 5
        template:
          metadata:
            labels:
              app: httpd
          spec:
            containers:
            - name: httpd
              image: httpd:latest
              ports:
              - containerPort: 80
    state: present
    wait: true

This role will run all tasks listed in kubernetes_resources_config. Once all tasks have finished and if anything has changed, then special task variable handlers will be evaluated for any changed tasks and all tasks defined in handlers will be run.

NOTE: Ansible module kubernetes.core.k8s from collection kubernetes.core requires Python modules jsonpatch, kubernetes and PyYAML to be installed at the host that executes the module. On Debian 11 (Bullseye), Debian 12 (Bookworm) and Ubuntu 22.04 LTS (Jammy Jellyfish) use apt install python3-jsonpatch python3-kubernetes python3-yaml to install these modules. On CentOS 8 / 9, Fedora or Red Hat Enterprise Linux (RHEL) 8 / 9 enable EPEL and then run dnf install python3-jsonpatch python3-kubernetes python3-pyyaml.

Tested OS images

• Cloud image (amd64) of Debian 10 (Buster)
• Cloud image (amd64) of Debian 11 (Bullseye)
• Cloud image (amd64) of Debian 12 (Bookworm)
• Cloud image (amd64) of Debian 13 (Trixie)
• Cloud image (amd64) of CentOS 7 (Core)
• Cloud image (amd64) of CentOS 8 (Stream)
• Cloud image (amd64) of CentOS 9 (Stream)
• Cloud image (amd64) of Fedora Cloud Base 40
• Cloud image (amd64) of Ubuntu 18.04 LTS (Bionic Beaver)
• Cloud image (amd64) of Ubuntu 20.04 LTS (Focal Fossa)
• Cloud image (amd64) of Ubuntu 22.04 LTS (Jammy Jellyfish)
• Cloud image (amd64) of Ubuntu 24.04 LTS (Noble Numbat)

Available on Ansible Galaxy in Collection jm1.cloudy.

Requirements

This role uses module(s) from collection jm1.ansible. To install this collection you may follow the steps described in README.md using the provided requirements.yml.

Variables

Name	Default value	Required	Description
kubernetes_resources_config	[]	false	List of tasks to run 1 2 3, e.g. to declaratively manage Kubernetes workloads and applications with kubectl or OpenShift Client aka oc

Dependencies

None.

Example Playbook

- hosts: all
  roles:
  - name: Manage Kubernetes resources
    role: jm1.cloudy.kubernetes_resources
    tags: ["jm1.cloudy.kubernetes_resources"]

For a complete example on how to use this role, refer to host lvrt-lcl-session-srv-430-okd-ipi-provisioner from the provided examples inventory. The top-level README.md describes how this host can be provisioned with playbook playbooks/site.yml.

For instructions on how to run Ansible playbooks have look at Ansible's Getting Started Guide.

License

GNU General Public License v3.0 or later

See LICENSE.md to see the full text.

Author

Jakob Meng @jm1 (github, galaxy, web)

Footnotes

1. Useful Ansible modules in this context could be blockinfile, command, copy, file, lineinfile, template and modules from Ansible collection kubernetes.core such as kubernetes.core.k8s. ↩

2. Tasks will be executed with jm1.ansible.execute_module which supports keywords become, become_exe, become_flags, become_method, become_user, delay, environment, retries, when and special keyword handlers only. Task keyword handlers defines a list of handlers which will be notified and run when a task has changed anything. Handlers will also be executed with jm1.ansible.execute_module and thus only keywords become, become_exe, become_flags, become_method, become_user, delay, environment, retries and when are supported. NOTE: Keywords related to become will not inherit values from the role's caller. For example, when become is defined in a playbook it will not be passed on to a task or handler here. ↩

3. Tasks will be executed with jm1.ansible.execute_module which supports modules and action plugins only. Some Ansible modules such as ansible.builtin.meta and ansible.builtin.{include,import}_{playbook,role,tasks} are core features of Ansible, in fact not implemented as modules and thus cannot be called from jm1.ansible.execute_module. Doing so causes Ansible to raise errors such as MODULE FAILURE\nSee stdout/stderr for the exact error. (Only exception is meta: flush_handlers which is fully supported). In addition, Ansible does not support free-form parameters for arbitrary modules, so for example, change from - debug: msg="" to - debug: { msg: "" }. ↩