diff --git a/roles/kubernetes-apps/ansible/tasks/dashboard.yml b/roles/kubernetes-apps/ansible/tasks/dashboard.yml
deleted file mode 100644
index 5872674775a929d05bef6be5789d8ce8c6dc86c5..0000000000000000000000000000000000000000
--- a/roles/kubernetes-apps/ansible/tasks/dashboard.yml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-- name: Kubernetes Apps | Lay down dashboard template
- template:
- src: "{{ item.file }}.j2"
- dest: "{{ kube_config_dir }}/{{ item.file }}"
- mode: "0644"
- with_items:
- - { file: dashboard.yml, type: deploy, name: kubernetes-dashboard }
- register: manifests
- when: inventory_hostname == groups['kube_control_plane'][0]
-
-- name: Kubernetes Apps | Start dashboard
- kube:
- name: "{{ item.item.name }}"
- namespace: "{{ dashboard_namespace }}"
- kubectl: "{{ bin_dir }}/kubectl"
- resource: "{{ item.item.type }}"
- filename: "{{ kube_config_dir }}/{{ item.item.file }}"
- state: "latest"
- with_items: "{{ manifests.results }}"
- when: inventory_hostname == groups['kube_control_plane'][0]
diff --git a/roles/kubernetes-apps/ansible/tasks/main.yml b/roles/kubernetes-apps/ansible/tasks/main.yml
index 18deee8053e6514e70693bf5aeaab990af5010fb..b88b8d89791a0fc4577e4140dcbbaefb094442ef 100644
--- a/roles/kubernetes-apps/ansible/tasks/main.yml
+++ b/roles/kubernetes-apps/ansible/tasks/main.yml
@@ -67,7 +67,13 @@
- netchecker
- name: Kubernetes Apps | Dashboard
- import_tasks: dashboard.yml
+ command:
+ cmd: "{{ kubectl_apply_stdin }}"
+ stdin: "{{ lookup('template', 'dashboard.yml.j2') }}"
+ delegate_to: "{{ groups['kube_control_plane'][0] }}"
+ run_once: true
+ vars:
+ namespace: "{{ dashboard_namespace }}"
when: dashboard_enabled
tags:
- dashboard
diff --git a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2 b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
index e0b60e7514130413bd23bb02c69a026ffc103221..3a88010d105b83b28dffe3d3a8d460da9a830a67 100644
--- a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
@@ -17,16 +17,15 @@
#
# Example usage: kubectl create -f <this_file>
-{% if dashboard_namespace != "kube-system" %}
+{% if namespace != 'kube-system' %}
---
apiVersion: v1
kind: Namespace
metadata:
- name: {{ dashboard_namespace }}
+ name: {{ namespace }}
labels:
- name: {{ dashboard_namespace }}
+ name: {{ namespace }}
{% endif %}
-
---
# ------------------- Dashboard Secrets ------------------- #
apiVersion: v1
@@ -35,7 +34,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
- namespace: {{ dashboard_namespace }}
type: Opaque
---
@@ -45,7 +43,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
- namespace: {{ dashboard_namespace }}
type: Opaque
data:
csrf: ""
@@ -57,7 +54,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-key-holder
- namespace: {{ dashboard_namespace }}
type: Opaque
---
@@ -68,7 +64,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-settings
- namespace: {{ dashboard_namespace }}
---
# ------------------- Dashboard Service Account ------------------- #
@@ -79,7 +74,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
- namespace: {{ dashboard_namespace }}
---
# ------------------- Dashboard Role & Role Binding ------------------- #
@@ -89,7 +83,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
- namespace: {{ dashboard_namespace }}
rules:
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]
@@ -118,7 +111,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
- namespace: {{ dashboard_namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
@@ -126,7 +118,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
- namespace: {{ dashboard_namespace }}
+ namespace: {{ namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
@@ -140,7 +132,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
- namespace: {{ dashboard_namespace }}
+ namespace: {{ namespace }}
---
# ------------------- Dashboard Deployment ------------------- #
@@ -151,7 +143,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
- namespace: {{ dashboard_namespace }}
spec:
replicas: {{ dashboard_replicas }}
revisionHistoryLimit: 10
@@ -182,7 +173,7 @@ spec:
- containerPort: 8443
protocol: TCP
args:
- - --namespace={{ dashboard_namespace }}
+ - --namespace={{ namespace }}
{% if dashboard_use_custom_certs %}
- --tls-key-file={{ dashboard_tls_key_file }}
- --tls-cert-file={{ dashboard_tls_cert_file }}
@@ -238,7 +229,6 @@ metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
- namespace: {{ dashboard_namespace }}
spec:
ports:
- port: 443
@@ -270,7 +260,6 @@ metadata:
labels:
k8s-app: kubernetes-metrics-scraper
name: dashboard-metrics-scraper
- namespace: {{ dashboard_namespace }}
spec:
ports:
- port: 8000
@@ -287,7 +276,6 @@ metadata:
labels:
k8s-app: kubernetes-metrics-scraper
name: kubernetes-metrics-scraper
- namespace: {{ dashboard_namespace }}
spec:
replicas: 1
revisionHistoryLimit: 10