[metallb] Add variable for the metallb namespace

inventory/sample/group_vars/k8s_cluster/addons.yml

@@ -171,6 +171,7 @@ cert_manager_enabled: false
 # MetalLB deployment
 metallb_enabled: false
 metallb_speaker_enabled: "{{ metallb_enabled }}"
+metallb_namespace: "metallb-system"
 # metallb_version: v0.13.9
 # metallb_protocol: "layer2"
 # metallb_port: "7472"

roles/kubernetes-apps/metallb/tasks/main.yml

@@ -33,7 +33,7 @@
     - inventory_hostname == groups['kube_control_plane'][0]
 
 - name: Kubernetes Apps | Wait for MetalLB controller to be running
-  command: "{{ bin_dir }}/kubectl rollout status -n metallb-system deployment -l app=metallb,component=controller --timeout=2m"
+  command: "{{ bin_dir }}/kubectl rollout status -n {{ metallb_namespace }} deployment -l app=metallb,component=controller --timeout=2m"
   become: true
   when:
     - inventory_hostname == groups['kube_control_plane'][0]
@@ -104,5 +104,5 @@
     name: config
     kubectl: "{{ bin_dir }}/kubectl"
     resource: ConfigMap
-    namespace: metallb-system
+    namespace: "{{ metallb_namespace }}"
     state: absent

roles/kubernetes-apps/metallb/templates/layer2.yaml.j2

@@ -11,7 +11,7 @@ apiVersion: metallb.io/v1beta1
 kind: L2Advertisement
 metadata:
   name: "{{ entry }}"
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   ipAddressPools:
   - "{{ entry }}"

roles/kubernetes-apps/metallb/templates/layer3.yaml.j2

@@ -9,7 +9,7 @@ apiVersion: metallb.io/v1beta1
 kind: Community
 metadata:
   name: "{{ community_name }}"
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   communities:
   - name: "{{ community_name }}"
@@ -21,7 +21,7 @@ apiVersion: metallb.io/v1beta1
 kind: Community
 metadata:
   name: well-known
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   communities:
   - name: no-export
@@ -51,7 +51,7 @@ apiVersion: metallb.io/v1beta1
 kind: BGPAdvertisement
 metadata:
   name: "{{ peer_name }}-local"
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   aggregationLength: 32
   aggregationLengthV6: 128
@@ -70,7 +70,7 @@ apiVersion: metallb.io/v1beta1
 kind: BGPAdvertisement
 metadata:
   name: "{{ peer_name }}-external"
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   {% if peer.aggregation_length is defined and peer.aggregation_length <= 30 %}
   aggregationLength: {{ peer.aggregation_length }}
@@ -93,7 +93,7 @@ apiVersion: metallb.io/v1beta2
 kind: BGPPeer
 metadata:
   name: "{{ peer_name }}"
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   myASN: {{ peer.my_asn }}
   peerASN: {{ peer.peer_asn }}

roles/kubernetes-apps/metallb/templates/metallb.yaml.j2

@@ -6,7 +6,7 @@ metadata:
     pod-security.kubernetes.io/audit: privileged
     pod-security.kubernetes.io/enforce: privileged
     pod-security.kubernetes.io/warn: privileged
-  name: metallb-system
+  name: {{ metallb_namespace }}
 
 ---
 apiVersion: apiextensions.k8s.io/v1
@@ -23,7 +23,7 @@ spec:
         caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
         service:
           name: webhook-service
-          namespace: metallb-system
+          namespace: "{{ metallb_namespace }}"
           path: /convert
       conversionReviewVersions:
       - v1alpha1
@@ -544,7 +544,7 @@ spec:
         caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
         service:
           name: webhook-service
-          namespace: metallb-system
+          namespace: "{{ metallb_namespace }}"
           path: /convert
       conversionReviewVersions:
       - v1beta1
@@ -1291,7 +1291,7 @@ metadata:
     pod-security.kubernetes.io/enforce: privileged
     pod-security.kubernetes.io/warn: privileged
   name: controller
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 
 {% if metallb_speaker_enabled %}
 ---
@@ -1301,7 +1301,7 @@ metadata:
   labels:
     app: metallb
   name: speaker
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 {% endif %}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
@@ -1310,7 +1310,7 @@ metadata:
   labels:
     app: metallb
   name: controller
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 rules:
 - apiGroups:
   - ""
@@ -1402,7 +1402,7 @@ metadata:
   labels:
     app: metallb
   name: pod-lister
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 rules:
 - apiGroups:
   - ""
@@ -1480,7 +1480,7 @@ kind: ClusterRole
 metadata:
   labels:
     app: metallb
-  name: metallb-system:controller
+  name: {{ metallb_namespace }}:controller
 rules:
 - apiGroups:
   - ""
@@ -1561,7 +1561,7 @@ kind: ClusterRole
 metadata:
   labels:
     app: metallb
-  name: metallb-system:speaker
+  name: {{ metallb_namespace }}:speaker
 rules:
 - apiGroups:
   - ""
@@ -1598,15 +1598,15 @@ metadata:
   labels:
     app: metallb
   name: controller
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: controller
 subjects:
 - kind: ServiceAccount
   name: controller
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 
 ---
 apiVersion: rbac.authorization.k8s.io/v1
@@ -1615,31 +1615,31 @@ metadata:
   labels:
     app: metallb
   name: pod-lister
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: pod-lister
 subjects:
 - kind: ServiceAccount
   name: speaker
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   labels:
     app: metallb
-  name: metallb-system:controller
+  name: {{ metallb_namespace }}:controller
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: metallb-system:controller
+  name: {{ metallb_namespace }}:controller
 subjects:
 - kind: ServiceAccount
   name: controller
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 
 {% if metallb_speaker_enabled %}
 ---
@@ -1648,30 +1648,30 @@ kind: ClusterRoleBinding
 metadata:
   labels:
     app: metallb
-  name: metallb-system:speaker
+  name: {{ metallb_namespace }}:speaker
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: metallb-system:speaker
+  name: {{ metallb_namespace }}:speaker
 subjects:
 - kind: ServiceAccount
   name: speaker
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 {% endif %}
 
 ---
 apiVersion: v1
 kind: Secret
 metadata:
   name: webhook-server-cert
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: webhook-service
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   ports:
   - port: 443
@@ -1687,7 +1687,7 @@ metadata:
     app: metallb
     component: controller
   name: controller
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   revisionHistoryLimit: 3
   selector:
@@ -1782,7 +1782,7 @@ metadata:
     app: metallb
     component: speaker
   name: speaker
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
 spec:
   selector:
     matchLabels:
@@ -1888,7 +1888,7 @@ webhooks:
   clientConfig:
     service:
       name: webhook-service
-      namespace: metallb-system
+      namespace: "{{ metallb_namespace }}"
       path: /validate-metallb-io-v1beta2-bgppeer
   failurePolicy: Fail
   name: bgppeersvalidationwebhook.metallb.io
@@ -1908,7 +1908,7 @@ webhooks:
   clientConfig:
     service:
       name: webhook-service
-      namespace: metallb-system
+      namespace: "{{ metallb_namespace }}"
       path: /validate-metallb-io-v1beta1-addresspool
   failurePolicy: Fail
   name: addresspoolvalidationwebhook.metallb.io
@@ -1928,7 +1928,7 @@ webhooks:
   clientConfig:
     service:
       name: webhook-service
-      namespace: metallb-system
+      namespace: "{{ metallb_namespace }}"
       path: /validate-metallb-io-v1beta1-bfdprofile
   failurePolicy: Fail
   name: bfdprofilevalidationwebhook.metallb.io
@@ -1948,7 +1948,7 @@ webhooks:
   clientConfig:
     service:
       name: webhook-service
-      namespace: metallb-system
+      namespace: "{{ metallb_namespace }}"
       path: /validate-metallb-io-v1beta1-bgpadvertisement
   failurePolicy: Fail
   name: bgpadvertisementvalidationwebhook.metallb.io
@@ -1968,7 +1968,7 @@ webhooks:
   clientConfig:
     service:
       name: webhook-service
-      namespace: metallb-system
+      namespace: "{{ metallb_namespace }}"
       path: /validate-metallb-io-v1beta1-community
   failurePolicy: Fail
   name: communityvalidationwebhook.metallb.io
@@ -1988,7 +1988,7 @@ webhooks:
   clientConfig:
     service:
       name: webhook-service
-      namespace: metallb-system
+      namespace: "{{ metallb_namespace }}"
       path: /validate-metallb-io-v1beta1-ipaddresspool
   failurePolicy: Fail
   name: ipaddresspoolvalidationwebhook.metallb.io
@@ -2008,7 +2008,7 @@ webhooks:
   clientConfig:
     service:
       name: webhook-service
-      namespace: metallb-system
+      namespace: "{{ metallb_namespace }}"
       path: /validate-metallb-io-v1beta1-l2advertisement
   failurePolicy: Fail
   name: l2advertisementvalidationwebhook.metallb.io

roles/kubernetes-apps/metallb/templates/pools.yaml.j2

@@ -9,7 +9,7 @@
 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
-  namespace: metallb-system
+  namespace: "{{ metallb_namespace }}"
   name: "{{ pool_name }}"
 spec:
   addresses: