Skip to content

Commit

Permalink
Using kubectl apply instead of create
Browse files Browse the repository at this point in the history
  • Loading branch information
Soufiane Jounaid committed Jun 18, 2024
1 parent 9502705 commit c568f96
Showing 1 changed file with 1 addition and 22 deletions.
23 changes: 1 addition & 22 deletions roles/k3s/tasks/config-calico.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,30 +45,9 @@
dest: /usr/local/bin/kubectl-calico
mode: u=rwx,g=rx,o=rx

- name: Initialize policy existence facts
set_fact:
policy_existence: {}

- name: Check if Calico global network policies exist
delegate_to: "{{ groups['deployment'][0] }}"
command: kubectl calico get globalnetworkpolicy {{ item }}
register: check_policy
ignore_errors: true
loop:
- default-deny
- allow-ping
changed_when: false
failed_when: false

- name: Update policy existence facts
set_fact:
policy_existence: "{{ policy_existence | combine({item.item: (item.rc == 0)}) }}"
loop: "{{ check_policy.results }}"

- name: Apply Calico global network policies
delegate_to: "{{ groups['deployment'][0] }}"
command: kubectl calico create --filename="{{ role_path }}/files/calico-global-networkpolicy-{{ item }}.yaml"
when: not policy_existence[item]
command: kubectl calico apply --filename="{{ role_path }}/files/calico-global-networkpolicy-{{ item }}.yaml"
loop:
- default-deny
- allow-ping

0 comments on commit c568f96

Please sign in to comment.