From 546880b4667f789ee1993b572f30e88cd1fae721 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Fri, 19 Aug 2022 22:42:47 +0200
Subject: kubernetes: add support for ansible managed node annotations,labels
 and taints

---
 roles/kubernetes/decorations/tasks/taints.yml | 44 +++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 roles/kubernetes/decorations/tasks/taints.yml

(limited to 'roles/kubernetes/decorations/tasks/taints.yml')

diff --git a/roles/kubernetes/decorations/tasks/taints.yml b/roles/kubernetes/decorations/tasks/taints.yml
new file mode 100644
index 00000000..fd60ef88
--- /dev/null
+++ b/roles/kubernetes/decorations/tasks/taints.yml
@@ -0,0 +1,44 @@
+---
+- name: get list of current taints
+  delegate_to: "{{ groups['_kubernetes_primary_controlplane_node_'] | first }}"
+  check_mode: no
+  command: kubectl --kubeconfig /etc/kubernetes/admin.conf get node '{{ kubernetes_node_name }}' -o jsonpath='{.spec.taints}'
+  changed_when: false
+  register: kubectl_list_taints
+
+- set_fact:
+    current_taints: "{{ kubectl_list_taints.stdout | ternary(kubectl_list_taints.stdout, '[]') | from_json }}"
+
+- name: add taints to node
+  delegate_to: "{{ groups['_kubernetes_primary_controlplane_node_'] | first }}"
+  loop: "{{ kubernetes_node_taints | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}={{ item.value }}"
+  when: "item.key not in current_taints or current_taints[item.key] != item.value"
+  command: kubectl --kubeconfig /etc/kubernetes/admin.conf taint --overwrite node '{{ kubernetes_node_name }}' '{{ item.key }}={{ item.value }}'
+
+- name: add stamp files for managed taints
+  loop: "{{ kubernetes_node_taints | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}={{ item.value }}"
+  copy:
+    dest: "/etc/kubernetes/decorations/taints/{{ item.key }}"
+    content: "{{ item.value }}"
+
+- name: get list of managed taints
+  find:
+    path: /etc/kubernetes/decorations/taints
+  register: managed_taints
+
+- name: remove superflous taints from node
+  delegate_to: "{{ groups['_kubernetes_primary_controlplane_node_'] | first }}"
+  loop: "{{ managed_taints.files | map(attribute='path') | map('basename') }}"
+  when: "item not in kubernetes_node_taints"
+  command: kubectl --kubeconfig /etc/kubernetes/admin.conf taint --overwrite node '{{ kubernetes_node_name }}' '{{ item }}-'
+
+- name: remove stamp files for superflous taints
+  loop: "{{ managed_taints.files | map(attribute='path') | map('basename') }}"
+  when: "item not in kubernetes_node_taints"
+  file:
+    path: "/etc/kubernetes/decorations/taints/{{ item }}"
+    state: absent
-- 
cgit v1.2.3