main.yml

---
local_release_dir: /tmp/releases

# Used to only evaluate vars from download role
skip_downloads: false

# if this is set to true will only download files once. Doesn't work
# on Container Linux by CoreOS unless the download_localhost is true and localhost
# is running another OS type. Default compress level is 1 (fastest).
download_run_once: False
download_compress: 1

# if this is set to true, uses the localhost for download_run_once mode
# (requires docker and sudo to access docker). You may want this option for
# local caching of docker images or for Container Linux by CoreOS cluster nodes.
# Otherwise, uses the first node in the kube-master group to store images
# in the download_run_once mode.
download_localhost: False

# Always pull images if set to True. Otherwise check by the repo's tag/digest.
download_always_pull: False

# Use the first kube-master if download_localhost is not set
download_delegate: "{% if download_localhost %}localhost{% else %}{{groups['kube-master'][0]}}{% endif %}"

# Versions
kube_version: v1.10.4
kubeadm_version: "{{ kube_version }}"
etcd_version: v3.2.18
# TODO(mattymo): Move calico versions to roles/network_plugins/calico/defaults
# after migration to container download
calico_version: "v2.6.8"
calico_ctl_version: "v1.6.3"
calico_cni_version: "v1.11.4"
calico_policy_version: "v1.0.3"
calico_rr_version: "v0.4.2"
flannel_version: "v0.10.0"
flannel_cni_version: "v0.3.0"
istio_version: "0.2.6"
vault_version: 0.10.1
weave_version: 2.3.0
pod_infra_version: 3.0
contiv_version: 1.1.7
cilium_version: "v1.0.0-rc8"

# Download URLs
istioctl_download_url: "https://storage.googleapis.com/istio-release/releases/{{ istio_version }}/istioctl/istioctl-linux"
kubeadm_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kubeadm_version }}/bin/linux/amd64/kubeadm"
vault_download_url: "https://releases.hashicorp.com/vault/{{ vault_version }}/vault_{{ vault_version }}_linux_amd64.zip"

# Checksums
istioctl_checksum: fd703063c540b8c0ab943f478c05ab257d88ae27224c746a27d0526ddbf7c370
kubeadm_checksum: 7e1169bbbeed973ab402941672dec957638dea5952a1e8bc89a37d5e709cc4b4
vault_binary_checksum: 3c4d70ba71619a43229e65c67830e30e050eab7a81ac6b28325ff707e5914188

# Containers
etcd_image_repo: "quay.io/coreos/etcd"
etcd_image_tag: "{{ etcd_version }}"
flannel_image_repo: "quay.io/coreos/flannel"
flannel_image_tag: "{{ flannel_version }}"
flannel_cni_image_repo: "quay.io/coreos/flannel-cni"
flannel_cni_image_tag: "{{ flannel_cni_version }}"
calicoctl_image_repo: "quay.io/calico/ctl"
calicoctl_image_tag: "{{ calico_ctl_version }}"
calico_node_image_repo: "quay.io/calico/node"
calico_node_image_tag: "{{ calico_version }}"
calico_cni_image_repo: "quay.io/calico/cni"
calico_cni_image_tag: "{{ calico_cni_version }}"
calico_policy_image_repo: "quay.io/calico/kube-controllers"
calico_policy_image_tag: "{{ calico_policy_version }}"
calico_rr_image_repo: "quay.io/calico/routereflector"
calico_rr_image_tag: "{{ calico_rr_version }}"
istio_proxy_image_repo: docker.io/istio/proxy
istio_proxy_image_tag: "{{ istio_version }}"
istio_proxy_init_image_repo: docker.io/istio/proxy_init
istio_proxy_init_image_tag: "{{ istio_version }}"
istio_ca_image_repo: docker.io/istio/istio-ca
istio_ca_image_tag: "{{ istio_version }}"
istio_mixer_image_repo: docker.io/istio/mixer
istio_mixer_image_tag: "{{ istio_version }}"
istio_pilot_image_repo: docker.io/istio/pilot
istio_pilot_image_tag: "{{ istio_version }}"
istio_proxy_debug_image_repo: docker.io/istio/proxy_debug
istio_proxy_debug_image_tag: "{{ istio_version }}"
istio_sidecar_initializer_image_repo: docker.io/istio/sidecar_initializer
istio_sidecar_initializer_image_tag: "{{ istio_version }}"
istio_statsd_image_repo: prom/statsd-exporter
istio_statsd_image_tag: latest
hyperkube_image_repo: "gcr.io/google-containers/hyperkube"
hyperkube_image_tag: "{{ kube_version }}"
pod_infra_image_repo: "gcr.io/google_containers/pause-amd64"
pod_infra_image_tag: "{{ pod_infra_version }}"
install_socat_image_repo: "xueshanf/install-socat"
install_socat_image_tag: "latest"
netcheck_version: "v1.2.2"
netcheck_agent_img_repo: "mirantis/k8s-netchecker-agent"
netcheck_agent_tag: "{{ netcheck_version }}"
netcheck_server_img_repo: "mirantis/k8s-netchecker-server"
netcheck_server_tag: "{{ netcheck_version }}"
weave_kube_image_repo: "weaveworks/weave-kube"
weave_kube_image_tag: "{{ weave_version }}"
weave_npc_image_repo: "weaveworks/weave-npc"
weave_npc_image_tag: "{{ weave_version }}"
contiv_image_repo: "contiv/netplugin"
contiv_image_tag: "{{ contiv_version }}"
contiv_auth_proxy_image_repo: "contiv/auth_proxy"
contiv_auth_proxy_image_tag: "{{ contiv_version }}"
contiv_etcd_init_image_repo: "ferest/etcd-initer"
contiv_etcd_init_image_tag: latest
cilium_image_repo: "docker.io/cilium/cilium"
cilium_image_tag: "{{ cilium_version }}"
nginx_image_repo: nginx
nginx_image_tag: 1.13
dnsmasq_version: 2.78
dnsmasq_image_repo: "andyshinn/dnsmasq"
dnsmasq_image_tag: "{{ dnsmasq_version }}"
kubedns_version: 1.14.10
kubedns_image_repo: "gcr.io/google_containers/k8s-dns-kube-dns-amd64"
kubedns_image_tag: "{{ kubedns_version }}"
coredns_version: 1.1.2
coredns_image_repo: "docker.io/coredns/coredns"
coredns_image_tag: "{{ coredns_version }}"
dnsmasq_nanny_image_repo: "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64"
dnsmasq_nanny_image_tag: "{{ kubedns_version }}"
dnsmasq_sidecar_image_repo: "gcr.io/google_containers/k8s-dns-sidecar-amd64"
dnsmasq_sidecar_image_tag: "{{ kubedns_version }}"
dnsmasqautoscaler_version: 1.1.2
dnsmasqautoscaler_image_repo: "gcr.io/google_containers/cluster-proportional-autoscaler-amd64"
dnsmasqautoscaler_image_tag: "{{ dnsmasqautoscaler_version }}"
kubednsautoscaler_version: 1.1.2
kubednsautoscaler_image_repo: "gcr.io/google_containers/cluster-proportional-autoscaler-amd64"
kubednsautoscaler_image_tag: "{{ kubednsautoscaler_version }}"
test_image_repo: busybox
test_image_tag: latest
elasticsearch_version: "v5.6.4"
elasticsearch_image_repo: "k8s.gcr.io/elasticsearch"
elasticsearch_image_tag: "{{ elasticsearch_version }}"
fluentd_version: "v2.0.4"
fluentd_image_repo: "k8s.gcr.io/fluentd-elasticsearch"
fluentd_image_tag: "{{ fluentd_version }}"
kibana_version: "5.6.4"
kibana_image_repo: "docker.elastic.co/kibana/kibana"
kibana_image_tag: "{{ kibana_version }}"
helm_version: "v2.9.1"
helm_image_repo: "lachlanevenson/k8s-helm"
helm_image_tag: "{{ helm_version }}"
tiller_image_repo: "gcr.io/kubernetes-helm/tiller"
tiller_image_tag: "{{ helm_version }}"
vault_image_repo: "vault"
vault_image_tag: "{{ vault_version }}"
registry_image_repo: "registry"
registry_image_tag: "2.6"
registry_proxy_image_repo: "gcr.io/google_containers/kube-registry-proxy"
registry_proxy_image_tag: "0.4"
local_volume_provisioner_image_repo: "quay.io/external_storage/local-volume-provisioner"
local_volume_provisioner_image_tag: "v2.0.0"
cephfs_provisioner_image_repo: "quay.io/external_storage/cephfs-provisioner"
cephfs_provisioner_image_tag: "v1.1.0-k8s1.10"
ingress_nginx_controller_image_repo: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller"
ingress_nginx_controller_image_tag: "0.15.0"
ingress_nginx_default_backend_image_repo: "gcr.io/google_containers/defaultbackend"
ingress_nginx_default_backend_image_tag: "1.4"
cert_manager_version: "v0.3.2"
cert_manager_controller_image_repo: "quay.io/jetstack/cert-manager-controller"
cert_manager_controller_image_tag: "{{ cert_manager_version }}"

downloads:
  netcheck_server:
    enabled: "{{ deploy_netchecker }}"
    container: true
    repo: "{{ netcheck_server_img_repo }}"
    tag: "{{ netcheck_server_tag }}"
    sha256: "{{ netcheck_server_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  netcheck_agent:
    enabled: "{{ deploy_netchecker }}"
    container: true
    repo: "{{ netcheck_agent_img_repo }}"
    tag: "{{ netcheck_agent_tag }}"
    sha256: "{{ netcheck_agent_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  etcd:
    enabled: true
    container: true
    repo: "{{ etcd_image_repo }}"
    tag: "{{ etcd_image_tag }}"
    sha256: "{{ etcd_digest_checksum|default(None) }}"
    groups:
      - etcd
  kubeadm:
    enabled: "{{ kubeadm_enabled }}"
    file: true
    version: "{{ kubeadm_version }}"
    dest: "kubeadm"
    sha256: "{{ kubeadm_checksum }}"
    source_url: "{{ kubeadm_download_url }}"
    url: "{{ kubeadm_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
      - k8s-cluster
  istioctl:
    enabled: "{{ istio_enabled }}"
    file: true
    version: "{{ istio_version }}"
    dest: "istio/istioctl"
    sha256: "{{ istioctl_checksum }}"
    source_url: "{{ istioctl_download_url }}"
    url: "{{ istioctl_download_url }}"
    unarchive: false
    owner: "root"
    mode: "0755"
    groups:
      - kube-master
  istio_proxy:
    enabled: "{{ istio_enabled }}"
    container: true
    repo: "{{ istio_proxy_image_repo }}"
    tag: "{{ istio_proxy_image_tag }}"
    sha256: "{{ istio_proxy_digest_checksum|default(None) }}"
    groups:
      - kube-node
  istio_proxy_init:
    enabled: "{{ istio_enabled }}"
    container: true
    repo: "{{ istio_proxy_init_image_repo }}"
    tag: "{{ istio_proxy_init_image_tag }}"
    sha256: "{{ istio_proxy_init_digest_checksum|default(None) }}"
    groups:
      - kube-node
  istio_ca:
    enabled: "{{ istio_enabled }}"
    container: true
    repo: "{{ istio_ca_image_repo }}"
    tag: "{{ istio_ca_image_tag }}"
    sha256: "{{ istio_ca_digest_checksum|default(None) }}"
    groups:
      - kube-node
  istio_mixer:
    enabled: "{{ istio_enabled }}"
    container: true
    repo: "{{ istio_mixer_image_repo }}"
    tag: "{{ istio_mixer_image_tag }}"
    sha256: "{{ istio_mixer_digest_checksum|default(None) }}"
    groups:
      - kube-node
  istio_pilot:
    enabled: "{{ istio_enabled }}"
    container: true
    repo: "{{ istio_pilot_image_repo }}"
    tag: "{{ istio_pilot_image_tag }}"
    sha256: "{{ istio_pilot_digest_checksum|default(None) }}"
    groups:
      - kube-node
  istio_proxy_debug:
    enabled: "{{ istio_enabled }}"
    container: true
    repo: "{{ istio_proxy_debug_image_repo }}"
    tag: "{{ istio_proxy_debug_image_tag }}"
    sha256: "{{ istio_proxy_debug_digest_checksum|default(None) }}"
    groups:
      - kube-node
  istio_sidecar_initializer:
    enabled: "{{ istio_enabled }}"
    container: true
    repo: "{{ istio_sidecar_initializer_image_repo }}"
    tag: "{{ istio_sidecar_initializer_image_tag }}"
    sha256: "{{ istio_sidecar_initializer_digest_checksum|default(None) }}"
    groups:
      - kube-node
  istio_statsd:
    enabled: "{{ istio_enabled }}"
    container: true
    repo: "{{ istio_statsd_image_repo }}"
    tag: "{{ istio_statsd_image_tag }}"
    sha256: "{{ istio_statsd_digest_checksum|default(None) }}"
    groups:
      - kube-node
  hyperkube:
    enabled: true
    container: true
    repo: "{{ hyperkube_image_repo }}"
    tag: "{{ hyperkube_image_tag }}"
    sha256: "{{ hyperkube_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  cilium:
    enabled: "{{ kube_network_plugin == 'cilium' }}"
    container: true
    repo: "{{ cilium_image_repo }}"
    tag: "{{ cilium_image_tag }}"
    sha256: "{{ cilium_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  flannel:
    enabled: "{{ kube_network_plugin == 'flannel' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ flannel_image_repo }}"
    tag: "{{ flannel_image_tag }}"
    sha256: "{{ flannel_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  flannel_cni:
    enabled: "{{ kube_network_plugin == 'flannel' }}"
    container: true
    repo: "{{ flannel_cni_image_repo }}"
    tag: "{{ flannel_cni_image_tag }}"
    sha256: "{{ flannel_cni_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  calicoctl:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calicoctl_image_repo }}"
    tag: "{{ calicoctl_image_tag }}"
    sha256: "{{ calicoctl_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  calico_node:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_node_image_repo }}"
    tag: "{{ calico_node_image_tag }}"
    sha256: "{{ calico_node_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  calico_cni:
    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_cni_image_repo }}"
    tag: "{{ calico_cni_image_tag }}"
    sha256: "{{ calico_cni_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  calico_policy:
    enabled: "{{ enable_network_policy or kube_network_plugin == 'canal' }}"
    container: true
    repo: "{{ calico_policy_image_repo }}"
    tag: "{{ calico_policy_image_tag }}"
    sha256: "{{ calico_policy_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  calico_rr:
    enabled: "{{ peer_with_calico_rr is defined and peer_with_calico_rr and kube_network_plugin == 'calico' }}"
    container: true
    repo: "{{ calico_rr_image_repo }}"
    tag: "{{ calico_rr_image_tag }}"
    sha256: "{{ calico_rr_digest_checksum|default(None) }}"
    groups:
      - calico-rr
  weave_kube:
    enabled: "{{ kube_network_plugin == 'weave' }}"
    container: true
    repo: "{{ weave_kube_image_repo }}"
    tag: "{{ weave_kube_image_tag }}"
    sha256: "{{ weave_kube_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  weave_npc:
    enabled: "{{ kube_network_plugin == 'weave' }}"
    container: true
    repo: "{{ weave_npc_image_repo }}"
    tag: "{{ weave_npc_image_tag }}"
    sha256: "{{ weave_npc_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  contiv:
    enabled: "{{ kube_network_plugin == 'contiv' }}"
    container: true
    repo: "{{ contiv_image_repo }}"
    tag: "{{ contiv_image_tag }}"
    sha256: "{{ contiv_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  contiv_auth_proxy:
    enabled: "{{ kube_network_plugin == 'contiv' }}"
    container: true
    repo: "{{ contiv_auth_proxy_image_repo }}"
    tag: "{{ contiv_auth_proxy_image_tag }}"
    sha256: "{{ contiv_auth_proxy_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  contiv_etcd_init:
    enabled: "{{ kube_network_plugin == 'contiv' }}"
    container: true
    repo: "{{ contiv_etcd_init_image_repo }}"
    tag: "{{ contiv_etcd_init_image_tag }}"
    sha256: "{{ contiv_etcd_init_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  pod_infra:
    enabled: true
    container: true
    repo: "{{ pod_infra_image_repo }}"
    tag: "{{ pod_infra_image_tag }}"
    sha256: "{{ pod_infra_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  install_socat:
    enabled: "{{ ansible_os_family in ['CoreOS', 'Container Linux by CoreOS'] }}"
    container: true
    repo: "{{ install_socat_image_repo }}"
    tag: "{{ install_socat_image_tag }}"
    sha256: "{{ install_socat_digest_checksum|default(None) }}"
    groups:
      - k8s-cluster
  nginx:
    enabled: "{{ loadbalancer_apiserver_localhost }}"
    container: true
    repo: "{{ nginx_image_repo }}"
    tag: "{{ nginx_image_tag }}"
    sha256: "{{ nginx_digest_checksum|default(None) }}"
    groups:
      - kube-node
  dnsmasq:
    enabled: "{{ dns_mode == 'dnsmasq_kubedns' }}"
    container: true
    repo: "{{ dnsmasq_image_repo }}"
    tag: "{{ dnsmasq_image_tag }}"
    sha256: "{{ dnsmasq_digest_checksum|default(None) }}"
    groups:
      - kube-node
  kubedns:
    enabled: "{{ dns_mode in ['kubedns', 'dnsmasq_kubedns'] }}"
    container: true
    repo: "{{ kubedns_image_repo }}"
    tag: "{{ kubedns_image_tag }}"
    sha256: "{{ kubedns_digest_checksum|default(None) }}"
    groups:
      - kube-node
  coredns:
    enabled: "{{ dns_mode in ['coredns', 'coredns_dual'] }}"
    container: true
    repo: "{{ coredns_image_repo }}"
    tag: "{{ coredns_image_tag }}"
    sha256: "{{ coredns_digest_checksum|default(None) }}"
    groups:
      - kube-node
  dnsmasq_nanny:
    enabled: "{{ dns_mode in ['kubedns', 'dnsmasq_kubedns'] }}"
    container: true
    repo: "{{ dnsmasq_nanny_image_repo }}"
    tag: "{{ dnsmasq_nanny_image_tag }}"
    sha256: "{{ dnsmasq_nanny_digest_checksum|default(None) }}"
    groups:
      - kube-node
  dnsmasq_sidecar:
    enabled: "{{ dns_mode in ['kubedns', 'dnsmasq_kubedns'] }}"
    container: true
    repo: "{{ dnsmasq_sidecar_image_repo }}"
    tag: "{{ dnsmasq_sidecar_image_tag }}"
    sha256: "{{ dnsmasq_sidecar_digest_checksum|default(None) }}"
    groups:
      - kube-node
  kubednsautoscaler:
    enabled: "{{ dns_mode in ['kubedns', 'dnsmasq_kubedns'] }}"
    container: true
    repo: "{{ kubednsautoscaler_image_repo }}"
    tag: "{{ kubednsautoscaler_image_tag }}"
    sha256: "{{ kubednsautoscaler_digest_checksum|default(None) }}"
    groups:
      - kube-node
  testbox:
    enabled: false
    container: true
    repo: "{{ test_image_repo }}"
    tag: "{{ test_image_tag }}"
    sha256: "{{ testbox_digest_checksum|default(None) }}"
  elasticsearch:
    enabled: "{{ efk_enabled }}"
    container: true
    repo: "{{ elasticsearch_image_repo }}"
    tag: "{{ elasticsearch_image_tag }}"
    sha256: "{{ elasticsearch_digest_checksum|default(None) }}"
    groups:
      - kube-node
  fluentd:
    enabled: "{{ efk_enabled }}"
    container: true
    repo: "{{ fluentd_image_repo }}"
    tag: "{{ fluentd_image_tag }}"
    sha256: "{{ fluentd_digest_checksum|default(None) }}"
    groups:
      - kube-node
  kibana:
    enabled: "{{ efk_enabled }}"
    container: true
    repo: "{{ kibana_image_repo }}"
    tag: "{{ kibana_image_tag }}"
    sha256: "{{ kibana_digest_checksum|default(None) }}"
    groups:
      - kube-node
  helm:
    enabled: "{{ helm_enabled }}"
    container: true
    repo: "{{ helm_image_repo }}"
    tag: "{{ helm_image_tag }}"
    sha256: "{{ helm_digest_checksum|default(None) }}"
    groups:
      - kube-node
  tiller:
    enabled: "{{ helm_enabled }}"
    container: true
    repo: "{{ tiller_image_repo }}"
    tag: "{{ tiller_image_tag }}"
    sha256: "{{ tiller_digest_checksum|default(None) }}"
    groups:
      - kube-node
  vault:
    enabled: "{{ cert_management == 'vault' }}"
    container: "{{ vault_deployment_type != 'host' }}"
    file: "{{ vault_deployment_type == 'host' }}"
    dest: "vault/vault_{{ vault_version }}_linux_amd64.zip"
    mode: "0755"
    owner: "vault"
    repo: "{{ vault_image_repo }}"
    sha256: "{{ vault_binary_checksum if vault_deployment_type == 'host' else vault_digest_checksum|d(none) }}"
    source_url: "{{ vault_download_url }}"
    tag: "{{ vault_image_tag }}"
    unarchive: true
    url: "{{ vault_download_url }}"
    version: "{{ vault_version }}"
    groups:
      - vault
  registry:
    enabled: "{{ registry_enabled }}"
    container: true
    repo: "{{ registry_image_repo }}"
    tag: "{{ registry_image_tag }}"
    sha256: "{{ registry_digest_checksum|default(None) }}"
    groups:
      - kube-node
  registry_proxy:
    enabled: "{{ registry_enabled }}"
    container: true
    repo: "{{ registry_proxy_image_repo }}"
    tag: "{{ registry_proxy_image_tag }}"
    sha256: "{{ registry_proxy_digest_checksum|default(None) }}"
    groups:
      - kube-node
  local_volume_provisioner:
    enabled: "{{ local_volume_provisioner_enabled }}"
    container: true
    repo: "{{ local_volume_provisioner_image_repo }}"
    tag: "{{ local_volume_provisioner_image_tag }}"
    sha256: "{{ local_volume_provisioner_digest_checksum|default(None) }}"
    groups:
      - kube-node
  cephfs_provisioner:
    enabled: "{{ cephfs_provisioner_enabled }}"
    container: true
    repo: "{{ cephfs_provisioner_image_repo }}"
    tag: "{{ cephfs_provisioner_image_tag }}"
    sha256: "{{ cephfs_provisioner_digest_checksum|default(None) }}"
    groups:
      - kube-node
  ingress_nginx_controller:
    enabled: "{{ ingress_nginx_enabled }}"
    container: true
    repo: "{{ ingress_nginx_controller_image_repo }}"
    tag: "{{ ingress_nginx_controller_image_tag }}"
    sha256: "{{ ingress_nginx_controller_digest_checksum|default(None) }}"
    groups:
      - kube-ingress
  ingress_nginx_default_backend:
    enabled: "{{ ingress_nginx_enabled }}"
    container: true
    repo: "{{ ingress_nginx_default_backend_image_repo }}"
    tag: "{{ ingress_nginx_default_backend_image_tag }}"
    sha256: "{{ ingress_nginx_default_backend_digest_checksum|default(None) }}"
    groups:
      - kube-ingress
  cert_manager_controller:
    enabled: "{{ cert_manager_enabled }}"
    container: true
    repo: "{{ cert_manager_controller_image_repo }}"
    tag: "{{ cert_manager_controller_image_tag }}"
    sha256: "{{ cert_manager_controller_digest_checksum|default(None) }}"
    groups:
      - kube-node

download_defaults:
  container: false
  file: false
  repo: None
  tag: None
  enabled: false
  dest: None
  version: None
  url: None
  unarchive: false
  owner: kube
  mode: None