community.okd.k8s – Manage OpenShift objects¶
Note
This plugin is part of the community.okd collection (version 1.0.0).
To install it use: ansible-galaxy collection install community.okd
.
To use it in a playbook, specify: community.okd.k8s
.
Synopsis¶
Use the OpenShift Python client to perform CRUD operations on K8s objects.
Pass the object definition from a source file or inline. See examples for reading files and using Jinja templates or vault-encrypted files.
Access to the full range of K8s APIs.
Use the k8s_info module to obtain a list of items about an object of type
kind
Authenticate using either a config file, certificates, password or token.
Supports check mode.
Optimized for OKD/OpenShift Kubernetes flavors
Requirements¶
The below requirements are needed on the host that executes this module.
python >= 2.7
openshift >= 0.6
PyYAML >= 3.11
Parameters¶
Notes¶
Note
If your OpenShift Python library is not 0.9.0 or newer and you are trying to remove an item from an associative array/dictionary, for example a label or an annotation, you will need to explicitly set the value of the item to be removed to null. Simply deleting the entry in the dictionary will not remove it from openshift or kubernetes.
The OpenShift Python client wraps the K8s Python client, providing full access to all of the APIS and models available on both platforms. For API version details and additional information visit https://github.com/openshift/openshift-restclient-python
To avoid SSL certificate validation errors when
validate_certs
is True, the full certificate chain for the API server must be provided viaca_cert
or in the kubeconfig file.
Examples¶
- name: Create a k8s namespace
community.okd.k8s:
name: testing
api_version: v1
kind: Namespace
state: present
- name: Create a Service object from an inline definition
community.okd.k8s:
state: present
definition:
apiVersion: v1
kind: Service
metadata:
name: web
namespace: testing
labels:
app: galaxy
service: web
spec:
selector:
app: galaxy
service: web
ports:
- protocol: TCP
targetPort: 8000
name: port-8000-tcp
port: 8000
- name: Remove an existing Service object
community.okd.k8s:
state: absent
api_version: v1
kind: Service
namespace: testing
name: web
# Passing the object definition from a file
- name: Create a Deployment by reading the definition from a local file
community.okd.k8s:
state: present
src: /testing/deployment.yml
- name: >-
Read definition file from the Ansible controller file system.
If the definition file has been encrypted with Ansible Vault it will automatically be decrypted.
community.okd.k8s:
state: present
definition: "{{ lookup('file', '/testing/deployment.yml') | from_yaml }}"
- name: Read definition file from the Ansible controller file system after Jinja templating
community.okd.k8s:
state: present
definition: "{{ lookup('template', '/testing/deployment.yml') | from_yaml }}"
- name: fail on validation errors
community.okd.k8s:
state: present
definition: "{{ lookup('template', '/testing/deployment.yml') | from_yaml }}"
validate:
fail_on_error: yes
- name: warn on validation errors, check for unexpected properties
community.okd.k8s:
state: present
definition: "{{ lookup('template', '/testing/deployment.yml') | from_yaml }}"
validate:
fail_on_error: no
strict: yes
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Authors¶
Chris Houseknecht (@chouseknecht)
Fabian von Feilitzsch (@fabianvf)