kubespray/roles/network_plugin/kube-router/tasks/main.yml

---
- name: kube-router | Create annotations
  import_tasks: annotate.yml
  tags: annotate

- name: kube-router | Create config directory
  file:
    path: /var/lib/kube-router
    state: directory
    owner: "{{ kube_owner }}"
    recurse: true
    mode: 0755

- name: kube-router | Create kubeconfig
  template:
    src: kubeconfig.yml.j2
    dest: /var/lib/kube-router/kubeconfig
    mode: 0644
    owner: "{{ kube_owner }}"
  notify:
    - reset_kube_router

- name: kube-router | Slurp cni config
  slurp:
    src: /etc/cni/net.d/10-kuberouter.conflist
  register: cni_config_slurp
  ignore_errors: true  # noqa ignore-errors

- name: kube-router | Set cni_config variable
  set_fact:
    cni_config: "{{ cni_config_slurp.content | b64decode | from_json }}"
  when:
    - not cni_config_slurp.failed

- name: kube-router | Set host_subnet variable
  set_fact:
    host_subnet: "{{ cni_config | json_query('plugins[?bridge==`kube-bridge`].ipam.subnet') | first }}"
  when:
    - cni_config is defined
    - cni_config | json_query('plugins[?bridge==`kube-bridge`].ipam.subnet') | length > 0

- name: kube-router | Create cni config
  template:
    src: cni-conf.json.j2
    dest: /etc/cni/net.d/10-kuberouter.conflist
    mode: 0644
    owner: "{{ kube_owner }}"
  notify:
    - reset_kube_router

- name: kube-router | Delete old configuration
  file:
    path: /etc/cni/net.d/10-kuberouter.conf
    state: absent

- name: kube-router | Create manifest
  template:
    src: kube-router.yml.j2
    dest: "{{ kube_config_dir }}/kube-router.yml"
    mode: 0644
  delegate_to: "{{ groups['kube_control_plane'] | first }}"
  run_once: true