deploy cilium ansible playbook & roles

ansible/inventory/dev.ini

@@ -5,9 +5,6 @@ dev-k8s-master ansible_host= # TODO Add IP
 dev-k8s-worker-01 ansible_host= # TODO Add IP
 dev-k8s-worker-02 ansible_host= # TODO Add IP
 
-[monitoring]
-dev-monitoring ansible_host= # TODO Add IP
-
 [k8s_cluster:children]
 k8s_masters
 k8s_workers

ansible/inventory/prd.ini

@@ -5,9 +5,6 @@ prd-k8s-master ansible_host= # TODO Add IP
 prd-k8s-worker-01 ansible_host= # TODO Add IP
 prd-k8s-worker-02 ansible_host= # TODO Add IP
 
-[monitoring]
-prd-monitoring ansible_host= # TODO Add IP
-
 [k8s_cluster:children]
 k8s_masters
 k8s_workers

ansible/inventory/staging.ini

@@ -5,9 +5,6 @@ staging-k8s-master ansible_host= # TODO Add IP
 staging-k8s-worker-01 ansible_host= # TODO Add IP
 staging-k8s-worker-02 ansible_host= # TODO Add IP
 
-[monitoring]
-staging-monitoring ansible_host= # TODO Add IP
-
 [k8s_cluster:children]
 k8s_masters
 k8s_workers

ansible/playbooks/deploy-cilium.yml

@@ -0,0 +1,7 @@
+- hosts: kubernetes_masters[0]
+  become: yes
+  roles:
+    - role: cilium-deploy
+      vars:
+        cilium_version: "1.9.8"
+        hubble_enabled: true

ansible/roles/cilium-deploy/defaults/main.yml

@@ -0,0 +1,3 @@
+# defaults/main.yml
+cilium_version: "1.9.5"
+hubble_enabled: true

ansible/roles/cilium-deploy/tasks/main.yml

@@ -0,0 +1,14 @@
+# tasks/main.yml
+- name: Check if Cilium is already installed
+  ansible.builtin.shell: kubectl get namespace cilium | grep -c 'cilium'
+  register: cilium_namespace
+  ignore_errors: true
+
+- name: Deploy Cilium with Helm
+  ansible.builtin.shell: |
+    helm upgrade --install cilium cilium/cilium --version {{ cilium_version }}
+    --namespace kube-system
+    --set hubble.relay.enabled={{ hubble_enabled }}
+    --set hubble.ui.enabled={{ hubble_enabled }}
+    --set global.hubble.metrics.enabled="{dns,drop,tcp,flow,port-distribution,icmp,http}"
+  when: cilium_namespace.stdout == "0"