kubernetes - Manage Kubernetes resources.

New in version 2.1.

Synopsis

  • This module can manage Kubernetes resources on an existing cluster using the Kubernetes server API. Users can specify in-line API data, or specify an existing Kubernetes YAML file. Currently, this module, Only supports HTTP Basic Auth Only supports ‘strategic merge’ for update, http://goo.gl/fCPYxT SSL certs are not working, use ‘validate_certs=off’ to disable

Options

parameter required default choices comments
api_endpoint
yes
The IPv4 API endpoint of the Kubernetes cluster.
aliases: endpoint
certificate_authority_data
no
Certificate Authority data for Kubernetes server. Should be in either standard PEM format or base64 encoded PEM data. Note that certificate verification is broken until ansible supports a version of 'match_hostname' that can match the IP address against the CA data.
file_reference
no
Specify full path to a Kubernets YAML file to send to API endpoint. This option is mutually exclusive with 'inline_data'.
inline_data
yes
The Kubernetes YAML data to send to the API endpoint. This option is mutually exclusive with 'file_reference'.
insecure
no
Reverts the connection to using HTTP instead of HTTPS. This option should only be used when execuing the 'kubernetes' module local to the Kubernetes cluster using the insecure local port (locahost:8080 by default).
patch_operation
(added in 2.4)
no Strategic Merge Patch
  • JSON Patch
  • Merge Patch
  • Strategic Merge Patch
- Specify patch operation for Kubernetes resource update. For details, see the description of PATCH operations at https://github.com/kubernetes/kubernetes/blob/release-1.5/docs/devel/api-conventions.md#patch-operations.
aliases: patch_strategy
state
yes present
  • present
  • absent
  • update
  • replace
The desired action to take on the Kubernetes data.
url_password
no
The HTTP Basic Auth password for the API endpoint. This should be set unless using the 'insecure' option.
aliases: password
url_username
no admin
The HTTP Basic Auth username for the API endpoint. This should be set unless using the 'insecure' option.
aliases: username
validate_certs
no
Enable/disable certificate validation. Note that this is set to false until Ansible can support IP address based certificate hostname matching (exists in >= python3.5.0).

Examples

# Create a new namespace with in-line YAML.
- name: Create a kubernetes namespace
  kubernetes:
    api_endpoint: 123.45.67.89
    url_username: admin
    url_password: redacted
    inline_data:
      kind: Namespace
      apiVersion: v1
      metadata:
        name: ansible-test
        labels:
          label_env: production
          label_ver: latest
        annotations:
          a1: value1
          a2: value2
    state: present

# Create a new namespace from a YAML file.
- name: Create a kubernetes namespace
  kubernetes:
    api_endpoint: 123.45.67.89
    url_username: admin
    url_password: redacted
    file_reference: /path/to/create_namespace.yaml
    state: present

# Do the same thing, but using the insecure localhost port
- name: Create a kubernetes namespace
  kubernetes:
    api_endpoint: 123.45.67.89
    insecure: true
    file_reference: /path/to/create_namespace.yaml
    state: present

Return Values

Common return values are documented here Return Values, the following are the fields unique to this module:

name description returned type sample
api_response
Raw response from Kubernetes API, content varies with API.
success complex
contains:
name description returned type sample
status
kind
spec
apiVersion
metadata

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/kubernetes_module.html