Optimize kube resources creation (#4572)

contrib/metallb/roles/provision/tasks/main.yml

@@ -8,11 +8,9 @@
     - "inventory_hostname == groups['kube-master'][0]"
 - name: "Kubernetes Apps | Install and configure MetalLB"
   kube:
-    name: "MetalLB"
     kubectl: "{{bin_dir}}/kubectl"
-    filename: "{{ kube_config_dir }}/{{ item.item }}"
+    filename: "{{ rendering.results | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "{{ item.changed | ternary('latest','present') }}"
   become: true
-  with_items: "{{ rendering.results }}"
   when:
     - "inventory_hostname == groups['kube-master'][0]"

contrib/network-storage/glusterfs/roles/kubernetes-pv/ansible/tasks/main.yaml

@@ -10,11 +10,8 @@
 
 - name: Kubernetes Apps | Set GlusterFS endpoint and PV
   kube:
-    name: glusterfs
     namespace: default
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.dest}}"
+    filename: "{{ gluster_pv.results | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "{{item.changed | ternary('latest','present') }}"
-  with_items: "{{ gluster_pv.results }}"
   when: inventory_hostname == groups['kube-master'][0] and groups['gfs-cluster'] is defined

roles/kubernetes-apps/ansible/tasks/dashboard.yml

@@ -21,11 +21,8 @@
 
 - name: Kubernetes Apps | Start dashboard
   kube:
-    name: "{{ item.item.name }}"
     namespace: "kube-system"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/{{ item.item.file }}"
+    filename: "{{ manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items: "{{ manifests.results }}"
   when: inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/ansible/tasks/main.yml

@@ -38,20 +38,13 @@
 
 - name: Kubernetes Apps | Start Resources
   kube:
-    name: "{{ item.item.name }}"
     namespace: "kube-system"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/{{ item.item.file }}"
+    filename: "{{ (coredns_manifests.results|default([]) + coredns_secondary_manifests.results|default([]) + nodelocaldns_manifests.results|default([])) | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items:
-    - "{{ coredns_manifests.results | default({}) }}"
-    - "{{ coredns_secondary_manifests.results | default({}) }}"
-    - "{{ nodelocaldns_manifests.results | default({}) }}"
   when:
     - dns_mode != 'none'
     - inventory_hostname == groups['kube-master'][0]
-    - not item is skipped
   register: resource_result
   until: resource_result is succeeded
   retries: 4
@@ -59,8 +52,6 @@
   tags:
     - coredns
     - nodelocaldns
-  loop_control:
-    label: "{{ item.item.file }}"
 
 - name: Kubernetes Apps | Netchecker
   import_tasks: tasks/netchecker.yml

roles/kubernetes-apps/ansible/tasks/netchecker.yml

@@ -62,11 +62,8 @@
 
 - name: Kubernetes Apps | Start Netchecker Resources
   kube:
-    name: "{{item.item.name}}"
     namespace: "{{netcheck_namespace}}"
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.file}}"
+    filename: "{{ manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items: "{{ manifests.results }}"
-  when: inventory_hostname == groups['kube-master'][0] and not item is skipped
+  when: inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/cluster_roles/tasks/main.yml

@@ -41,21 +41,16 @@
 
 - name: Kubernetes Apps | Add policies, roles, bindings for PodSecurityPolicy
   kube:
-    name: "{{item.item.name}}"
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.file}}"
+    filename: "{{ psp_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
   register: result
   until: result is succeeded
   retries: 10
   delay: 6
-  with_items: "{{ psp_manifests.results }}"
   when:
+    - podsecuritypolicy_enabled
     - inventory_hostname == groups['kube-master'][0]
-    - not item is skipped
-  loop_control:
-    label: "{{ item.item.file }}"
 
 - name: Kubernetes Apps | Add ClusterRoleBinding to admit nodes
   template:

roles/kubernetes-apps/container_engine_accelerator/nvidia_gpu/tasks/main.yml

@@ -42,13 +42,9 @@
 
 - name: Container Engine Acceleration Nvidia GPU | Apply manifests for nvidia accelerators
   kube:
-    name: "{{ item.item.name }}"
     namespace: "kube-system"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/addons/container_engine_accelerator/{{ item.item.file }}"
+    filename: "{{ container_engine_accelerator_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/addons/container_engine_accelerator/\\1') | list }}"
     state: "latest"
-  with_items:
-    - "{{container_engine_accelerator_manifests.results}}"
   when:
     - inventory_hostname == groups['kube-master'][0] and nvidia_driver_install_container and nvidia_driver_install_supported

roles/kubernetes-apps/external_provisioner/cephfs_provisioner/tasks/main.yml

@@ -69,11 +69,8 @@
 
 - name: CephFS Provisioner | Apply manifests
   kube:
-    name: "{{ item.item.name }}"
     namespace: "{{ cephfs_provisioner_namespace }}"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/addons/cephfs_provisioner/{{ item.item.file }}"
+    filename: "{{ cephfs_provisioner_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/addons/cephfs_provisioner/\\1') | list }}"
     state: "latest"
-  with_items: "{{ cephfs_provisioner_manifests.results }}"
   when: inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/external_provisioner/local_path_provisioner/tasks/main.yml

@@ -30,11 +30,8 @@
 
 - name: Local Path Provisioner | Apply manifests
   kube:
-    name: "{{ item.item.name }}"
     namespace: "{{ local_path_provisioner_namespace }}"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/addons/local_path_provisioner/{{ item.item.file }}"
+    filename: "{{ local_path_provisioner_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/addons/local_path_provisioner/\\1') | list }}"
     state: "latest"
-  with_items: "{{ local_path_provisioner_manifests.results }}"
   when: inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/external_provisioner/local_volume_provisioner/tasks/main.yml

@@ -50,13 +50,8 @@
 
 - name: Local Volume Provisioner | Apply manifests
   kube:
-    name: "{{ item.item.name }}"
     namespace: "{{ local_volume_provisioner_namespace }}"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/addons/local_volume_provisioner/{{ item.item.file }}"
+    filename: "{{ local_volume_provisioner_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/addons/local_volume_provisioner/\\1') | list }}"
     state: "latest"
-  with_items: "{{ local_volume_provisioner_manifests.results }}"
   when: inventory_hostname == groups['kube-master'][0]
-  loop_control:
-    label: "{{ item.item.file }}"

roles/kubernetes-apps/helm/tasks/main.yml

@@ -20,13 +20,10 @@
 
 - name: Helm | Apply Helm Manifests (RBAC)
   kube:
-    name: "{{item.item.name}}"
     namespace: "{{ tiller_namespace }}"
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.file}}"
+    filename: "{{ manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items: "{{ manifests.results }}"
   when:
     - dns_mode != 'none'
     - inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/ingress_controller/cert_manager/tasks/main.yml

@@ -47,12 +47,8 @@
 
 - name: Cert Manager | Apply manifests
   kube:
-    name: "{{ item.item.name }}"
     namespace: "{{ cert_manager_namespace }}"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/addons/cert_manager/{{ item.item.file }}"
+    filename: "{{ cert_manager_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/addons/cert_manager/\\1') | list }}"
     state: "latest"
-  with_items: "{{ cert_manager_manifests.results }}"
-  when:
-    - inventory_hostname == groups['kube-master'][0]
+  when: inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/ingress_controller/ingress_nginx/tasks/main.yml

@@ -61,12 +61,9 @@
 
 - name: NGINX Ingress Controller | Apply manifests
   kube:
-    name: "{{ item.item.name }}"
     namespace: "{{ ingress_nginx_namespace }}"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/addons/ingress_nginx/{{ item.item.file }}"
+    filename: "{{ ingress_nginx_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/addons/ingress_nginx/\\1') | list }}"
     state: "latest"
-  with_items: "{{ ingress_nginx_manifests.results }}"
   when:
     - inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/metrics_server/tasks/main.yml

@@ -47,11 +47,8 @@
 
 - name: Metrics Server | Apply manifests
   kube:
-    name: "{{ item.item.name }}"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/addons/metrics_server/{{ item.item.file }}"
+    filename: "{{ metrics_server_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/addons/metrics_server/\\1') | list }}"
     state: "latest"
-  with_items: "{{ metrics_server_manifests.results }}"
   when:
     - inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/network_plugin/calico/tasks/main.yml

 ---
 - name: Start Calico resources
   kube:
-    name: "{{item.item.name}}"
     namespace: "kube-system"
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.file}}"
+    filename: "{{ calico_node_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items:
-    - "{{ calico_node_manifests.results }}"
   when:
-    - inventory_hostname == groups['kube-master'][0] and not item is skipped
-  loop_control:
-    label: "{{ item.item.file }}"
+    - inventory_hostname == groups['kube-master'][0]
 
 - name: "calico upgrade complete"
   shell: "{{ bin_dir }}/calico-upgrade complete --no-prompts --apiconfigv1 /etc/calico/etcdv2.yml --apiconfigv3 /etc/calico/etcdv3.yml"

roles/kubernetes-apps/network_plugin/canal/tasks/main.yml

 ---
 - name: Canal | Start Resources
   kube:
-    name: "{{item.item.name}}"
     namespace: "kube-system"
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.file}}"
+    filename: "{{ canal_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items: "{{ canal_manifests.results }}"
-  when: inventory_hostname == groups['kube-master'][0] and not item is skipped
+  when: inventory_hostname == groups['kube-master'][0]

roles/kubernetes-apps/network_plugin/cilium/tasks/main.yml

 ---
 - name: Cilium | Start Resources
   kube:
-    name: "{{item.item.name}}"
     namespace: "kube-system"
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.file}}"
+    filename: "{{ cilium_node_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items: "{{ cilium_node_manifests.results }}"
-  when: inventory_hostname == groups['kube-master'][0] and not item is skipped
+  when: inventory_hostname == groups['kube-master'][0]
 
 - name: Cilium | Wait for pods to run
   command: "{{bin_dir}}/kubectl -n kube-system get pods -l k8s-app=cilium -o jsonpath='{.items[?(@.status.containerStatuses[0].ready==false)].metadata.name}'"  # noqa 601

roles/kubernetes-apps/network_plugin/contiv/tasks/main.yml

@@ -2,13 +2,10 @@
 
 - name: Contiv | Create Kubernetes resources
   kube:
-    name: "{{ item.item.name }}"
     namespace: "kube-system"
     kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ contiv_config_dir }}/{{ item.item.file }}"
+    filename: "{{contiv_manifests_results.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', contiv_config_dir+'/\\1') | list }}"
     state: "{{ item.changed | ternary('latest','present') }}"
-  with_items: "{{ contiv_manifests_results.results }}"
   run_once: true
 
 - import_tasks: configure.yml

roles/kubernetes-apps/network_plugin/flannel/tasks/main.yml

 ---
 - name: Flannel | Start Resources
   kube:
-    name: "{{item.item.name}}"
     namespace: "kube-system"
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.file}}"
+    filename: "{{ flannel_node_manifests.results | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items: "{{ flannel_node_manifests.results }}"
-  when: inventory_hostname == groups['kube-master'][0] and not item is skipped
+  when: inventory_hostname == groups['kube-master'][0]
 
 - name: Flannel | Wait for flannel subnet.env file presence
   wait_for:

roles/kubernetes-apps/network_plugin/multus/tasks/main.yml

 ---
 - name: Multus | Start resources
   kube:
-    name: "{{item.item.name}}"
     namespace: "kube-system"
     kubectl: "{{bin_dir}}/kubectl"
-    resource: "{{item.item.type}}"
-    filename: "{{kube_config_dir}}/{{item.item.file}}"
+    filename: "{{ (multus_manifest_1.results + multus_manifest_2.results) | selectattr('skipped', 'undefined') | map(attribute='item') | map(attribute='file') | map('regex_replace', '^(.*)$', kube_config_dir+'/\\1') | list }}"
     state: "latest"
-  with_items: "{{ multus_manifest_1.results }} + {{multus_manifest_2.results }}"
-  when: inventory_hostname == groups['kube-master'][0] and not item|skipped
+  when: inventory_hostname == groups['kube-master'][0]