abril/roles/k3s_server_post/tasks/metallb.yml

---
- name: Create manifests directory for temp configuration
  ansible.builtin.file:
    path: /tmp/k3s
    state: directory
    owner: "{{ ansible_user_id }}"
    mode: "0755"
  with_items: "{{ groups[group_name_master | default('master')] }}"
  run_once: true

- name: Delete outdated metallb replicas
  ansible.builtin.shell: |-
    set -o pipefail

    REPLICAS=$(k3s kubectl --namespace='metallb-system' get replicasets \
      -l 'component=controller,app=metallb' \
      -o jsonpath='{.items[0].spec.template.spec.containers[0].image}, {.items[0].metadata.name}' 2>/dev/null || true)
    REPLICAS_SETS=$(echo ${REPLICAS} | grep -v '{{ metal_lb_controller_tag_version }}' | sed -e "s/^.*\s//g")
    if [ -n "${REPLICAS_SETS}" ] ; then
      for REPLICAS in "${REPLICAS_SETS}"
      do
        k3s kubectl --namespace='metallb-system' \
          delete rs "${REPLICAS}"
      done
    fi    
  args:
    executable: /bin/bash
  changed_when: false
  run_once: true
  with_items: "{{ groups[group_name_master | default('master')] }}"

- name: Copy metallb CRs manifest to first master
  ansible.builtin.template:
    src: metallb.crs.j2
    dest: /tmp/k3s/metallb-crs.yaml
    owner: "{{ ansible_user_id }}"
    mode: "0755"
  with_items: "{{ groups[group_name_master | default('master')] }}"
  run_once: true

- name: Test metallb-system namespace
  ansible.builtin.command: >-
    k3s kubectl -n metallb-system    
  changed_when: false
  with_items: "{{ groups[group_name_master | default('master')] }}"
  run_once: true

- name: Wait for MetalLB resources
  ansible.builtin.command: >-
    k3s kubectl wait {{ item.resource }}
    --namespace='metallb-system'
    {% if item.name | default(False) -%}{{ item.name }}{%- endif %}
    {% if item.selector | default(False) -%}--selector='{{ item.selector }}'{%- endif %}
    {% if item.condition | default(False) -%}{{ item.condition }}{%- endif %}
    --timeout='{{ metal_lb_available_timeout }}'    
  changed_when: false
  run_once: true
  with_items:
    - description: controller
      resource: deployment
      name: controller
      condition: --for condition=Available=True
    - description: webhook service
      resource: pod
      selector: component=controller
      condition: --for=jsonpath='{.status.phase}'=Running
    - description: pods in replica sets
      resource: pod
      selector: component=controller,app=metallb
      condition: --for condition=Ready
    - description: ready replicas of controller
      resource: replicaset
      selector: component=controller,app=metallb
      condition: --for=jsonpath='{.status.readyReplicas}'=1
    - description: fully labeled replicas of controller
      resource: replicaset
      selector: component=controller,app=metallb
      condition: --for=jsonpath='{.status.fullyLabeledReplicas}'=1
    - description: available replicas of controller
      resource: replicaset
      selector: component=controller,app=metallb
      condition: --for=jsonpath='{.status.availableReplicas}'=1
  loop_control:
    label: "{{ item.description }}"

- name: Set metallb webhook service name
  ansible.builtin.set_fact:
    metallb_webhook_service_name: >-
      {{
        (
          (metal_lb_controller_tag_version | regex_replace('^v', ''))
          is
          version('0.14.4', '<', version_type='semver')
        ) | ternary(
          'webhook-service',
          'metallb-webhook-service'
        )
      }}      

- name: Test metallb-system webhook-service endpoint
  ansible.builtin.command: >-
    k3s kubectl -n metallb-system get endpoints {{ metallb_webhook_service_name }}    
  changed_when: false
  with_items: "{{ groups[group_name_master | default('master')] }}"
  run_once: true

- name: Apply metallb CRs
  ansible.builtin.command: >-
    k3s kubectl apply -f /tmp/k3s/metallb-crs.yaml
    --timeout='{{ metal_lb_available_timeout }}'    
  register: this
  changed_when: false
  run_once: true
  until: this.rc == 0
  retries: 5

- name: Test metallb-system resources for Layer 2 configuration
  ansible.builtin.command: >-
    k3s kubectl -n metallb-system get {{ item }}    
  changed_when: false
  run_once: true
  when: metal_lb_mode == "layer2"
  with_items:
    - IPAddressPool
    - L2Advertisement

- name: Test metallb-system resources for BGP configuration
  ansible.builtin.command: >-
    k3s kubectl -n metallb-system get {{ item }}    
  changed_when: false
  run_once: true
  when: metal_lb_mode == "bgp"
  with_items:
    - IPAddressPool
    - BGPPeer
    - BGPAdvertisement