diff --git a/README.md b/README.md index d9a1b1ea340..7b468563f6a 100644 --- a/README.md +++ b/README.md @@ -160,7 +160,6 @@ Note: Upstart/SysV init based OS types are not supported. - [ovn4nfv](https://github.com/opnfv/ovn4nfv-k8s-plugin) v1.1.0 - [weave](https://github.com/weaveworks/weave) v2.8.1 - Application - - [ambassador](https://github.com/datawire/ambassador): v1.5 - [cephfs-provisioner](https://github.com/kubernetes-incubator/external-storage) v2.1.0-k8s1.11 - [rbd-provisioner](https://github.com/kubernetes-incubator/external-storage) v2.1.1-k8s1.11 - [cert-manager](https://github.com/jetstack/cert-manager) v1.5.4 @@ -230,8 +229,6 @@ See also [Network checker](docs/netcheck.md). ## Ingress Plugins -- [ambassador](docs/ambassador.md): the Ambassador Ingress Controller and API gateway. - - [nginx](https://kubernetes.github.io/ingress-nginx): the NGINX Ingress Controller. - [metallb](docs/metallb.md): the MetalLB bare-metal service LoadBalancer provider. diff --git a/docs/_sidebar.md b/docs/_sidebar.md index 225ef035e0d..404c439cef0 100644 --- a/docs/_sidebar.md +++ b/docs/_sidebar.md @@ -20,7 +20,6 @@ * [OVN4NFV](docs/ovn4nfv.md) * Ingress * [ALB Ingress](docs/ingress_controller/alb_ingress_controller.md) - * [Ambassador](docs/ingress_controller/ambassador.md) * [MetalLB](docs/metallb.md) * [Nginx Ingress](docs/ingress_controller/ingress_nginx.md) * [Cloud providers](docs/cloud.md) diff --git a/docs/ansible.md b/docs/ansible.md index 5b588809f32..044397f9f0f 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -100,7 +100,6 @@ The following tags are defined in playbooks: | Tag name | Used for |--------------------------------|--------- -| ambassador | Ambassador Ingress Controller | annotate | Create kube-router annotation | apps | K8s apps definitions | asserts | Check tasks for download role diff --git a/docs/ingress_controller/ambassador.md b/docs/ingress_controller/ambassador.md deleted file mode 100644 index 0185d59cebc..00000000000 --- a/docs/ingress_controller/ambassador.md +++ /dev/null @@ -1,97 +0,0 @@ - -# Ambassador - -The [Ambassador API Gateway](https://github.com/datawire/ambassador) provides all the functionality of a traditional ingress controller -(e.g., path-based routing) while exposing many additional capabilities such as authentication, -URL rewriting, CORS, rate limiting, and automatic metrics collection. - -## Installation - -### Configuration - -* `ingress_ambassador_namespace` (default `ambassador`): namespace for installing Ambassador. -* `ingress_ambassador_update_window` (default `0 0 * * SUN`): _crontab_-like expression - for specifying when the Operator should try to update the Ambassador API Gateway. -* `ingress_ambassador_version` (default: `*`): SemVer rule for versions allowed for - installation/updates. -* `ingress_ambassador_secure_port` (default: 443): HTTPS port to listen at. -* `ingress_ambassador_insecure_port` (default: 80): HTTP port to listen at. -* `ingress_ambassador_multi_namespaces` (default `false`): By default, Ambassador will only - watch the `ingress_ambassador_namespace` namespace for `AmbassadorInstallation` CRD resources. - When set to `true`, this value will tell the Ambassador Operator to watch **all** namespaces - for CRDs. If you want to run multiple Ambassador ingress instances, set this to `true`. - -### Ingress annotations - -The Ambassador API Gateway will automatically load balance `Ingress` resources -that include the annotation `kubernetes.io/ingress.class=ambassador`. All the other -resources will be just ignored. - -### Ambassador Operator - -This Ambassador addon deploys the Ambassador Operator, which in turn will install -the [Ambassador API Gateway](https://github.com/datawire/ambassador) in -a Kubernetes cluster. - -The Ambassador Operator is a Kubernetes Operator that controls Ambassador's complete lifecycle -in your cluster, automating many of the repeatable tasks you would otherwise have to perform -yourself. Once installed, the Operator will complete installations and seamlessly upgrade to new -versions of Ambassador as they become available. - -## Usage - -The following example creates simple http-echo services and an `Ingress` object -to route to these services. - -Note well that the [Ambassador API Gateway](https://github.com/datawire/ambassador) will automatically load balance `Ingress` resources -that include the annotation `kubernetes.io/ingress.class=ambassador`. All the other -resources will be just ignored. - -```yaml -kind: Pod -apiVersion: v1 -metadata: - name: foo-app - labels: - app: foo -spec: - containers: - - name: foo-app - image: hashicorp/http-echo - args: - - "-text=foo" ---- -kind: Service -apiVersion: v1 -metadata: - name: foo-service -spec: - selector: - app: foo - ports: - # Default port used by the image - - port: 5678 ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: example-ingress - annotations: - kubernetes.io/ingress.class: ambassador -spec: - rules: - - http: - paths: - - path: /foo - backend: - serviceName: foo-service - servicePort: 5678 -``` - -Now you can test that the ingress is working with curl: - -```console -$ export AMB_IP=$(kubectl get service ambassador -n ambassador -o 'go-template={{range .status.loadBalancer.ingress}}{{print .ip "\n"}}{{end}}') -$ curl $AMB_IP/foo -foo -``` diff --git a/inventory/sample/group_vars/k8s_cluster/addons.yml b/inventory/sample/group_vars/k8s_cluster/addons.yml index 76ef60f0f5c..5f5e37f443c 100644 --- a/inventory/sample/group_vars/k8s_cluster/addons.yml +++ b/inventory/sample/group_vars/k8s_cluster/addons.yml @@ -118,12 +118,6 @@ ingress_publish_status_address: "" # - --default-ssl-certificate=default/foo-tls # ingress_nginx_class: nginx -# ambassador ingress controller deployment -ingress_ambassador_enabled: false -# ingress_ambassador_namespace: "ambassador" -# ingress_ambassador_version: "*" -# ingress_ambassador_multi_namespaces: false - # ALB ingress controller deployment ingress_alb_enabled: false # alb_ingress_aws_region: "us-east-1" diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml index d6c9201f616..b812ff36519 100644 --- a/roles/download/defaults/main.yml +++ b/roles/download/defaults/main.yml @@ -590,8 +590,6 @@ local_path_provisioner_image_repo: "{{ docker_image_repo }}/rancher/local-path-p local_path_provisioner_image_tag: "v0.0.19" ingress_nginx_controller_image_repo: "{{ kube_image_repo }}/ingress-nginx/controller" ingress_nginx_controller_image_tag: "v1.0.4" -ingress_ambassador_image_repo: "{{ quay_image_repo }}/datawire/ambassador-operator" -ingress_ambassador_image_tag: "v1.2.9" alb_ingress_image_repo: "{{ docker_image_repo }}/amazon/aws-alb-ingress-controller" alb_ingress_image_tag: "v1.1.9" cert_manager_version: "v1.5.4" @@ -1213,15 +1211,6 @@ downloads: groups: - kube_node - ingress_ambassador_controller: - enabled: "{{ ingress_ambassador_enabled }}" - container: true - repo: "{{ ingress_ambassador_image_repo }}" - tag: "{{ ingress_ambassador_image_tag }}" - sha256: "{{ ingress_ambassador_digest_checksum|default(None) }}" - groups: - - kube_node - ingress_alb_controller: enabled: "{{ ingress_alb_enabled }}" container: true diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/defaults/main.yml b/roles/kubernetes-apps/ingress_controller/ambassador/defaults/main.yml deleted file mode 100644 index a71645a109c..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/defaults/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -ingress_ambassador_namespace: "ambassador" -ingress_ambassador_version: "*" -ingress_ambassador_update_window: "0 0 * * SUN" -ingress_ambassador_replicas: 1 -ingress_ambassador_insecure_port: 80 -ingress_ambassador_secure_port: 443 -ingress_ambassador_extra_args: [] -ingress_ambassador_host_network: false -ingress_ambassador_multi_namespaces: false diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/tasks/main.yml b/roles/kubernetes-apps/ingress_controller/ambassador/tasks/main.yml deleted file mode 100644 index e4cbc8bcc41..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/tasks/main.yml +++ /dev/null @@ -1,72 +0,0 @@ ---- - -- name: Ambassador | Create addon dir - file: - path: "{{ kube_config_dir }}/addons/ambassador" - state: directory - owner: root - group: root - mode: 0755 - when: - - inventory_hostname == groups['kube_control_plane'][0] - -- name: Ambassador | Templates list - set_fact: - ingress_ambassador_templates: - - { name: 00-namespace, file: 00-namespace.yml, type: ns } - - { name: crd-ambassador-installation, file: crd-ambassador-installation.yml, type: customresourcedefinition } - - { name: sa-ambassador, file: sa-ambassador.yml, type: sa } - - { name: clusterrole-ambassador, file: clusterrole-ambassador.yml, type: clusterrole } - - { name: clusterrolebinding-ambassador, file: clusterrolebinding-ambassador.yml, type: clusterrolebinding } - - { name: role-ambassador, file: role-ambassador.yml, type: role } - - { name: rolebinding-ambassador, file: rolebinding-ambassador.yml, type: rolebinding } - - { name: deploy-ambassador, file: deploy-ambassador.yml, type: deploy } - -- name: Ambassador | Create manifests - template: - src: "{{ item.file }}.j2" - dest: "{{ kube_config_dir }}/addons/ambassador/{{ item.file }}" - loop: "{{ ingress_ambassador_templates }}" - register: ingress_ambassador_manifests - when: - - inventory_hostname == groups['kube_control_plane'][0] - -- name: Ambassador | Apply manifests - kube: - name: "{{ item.item.name }}" - namespace: "{{ ingress_ambassador_namespace }}" - kubectl: "{{ bin_dir }}/kubectl" - resource: "{{ item.item.type }}" - filename: "{{ kube_config_dir }}/addons/ambassador/{{ item.item.file }}" - state: "latest" - loop: "{{ ingress_ambassador_manifests.results }}" - when: - - inventory_hostname == groups['kube_control_plane'][0] - -# load the AmbassadorInstallation _after_ the CustomResourceDefinition has been loaded - -- name: Ambassador | AmbassadorInstallation template - set_fact: - ingress_ambassador_cr_templates: - - { name: cr-ambassador-installation, file: cr-ambassador-installation.yml, type: cr } - -- name: Ambassador | Create installation manifests - template: - src: "{{ item.file }}.j2" - dest: "{{ kube_config_dir }}/addons/ambassador/{{ item.file }}" - loop: "{{ ingress_ambassador_cr_templates }}" - register: ingress_ambassador_cr_manifests - when: - - inventory_hostname == groups['kube_control_plane'][0] - -- name: Ambassador | Apply AmbassadorInstallation - kube: - name: "{{ item.item.name }}" - namespace: "{{ ingress_ambassador_namespace }}" - kubectl: "{{ bin_dir }}/kubectl" - resource: "{{ item.item.type }}" - filename: "{{ kube_config_dir }}/addons/ambassador/{{ item.item.file }}" - state: "latest" - loop: "{{ ingress_ambassador_cr_manifests.results }}" - when: - - inventory_hostname == groups['kube_control_plane'][0] diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/00-namespace.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/00-namespace.yml.j2 deleted file mode 100644 index 17545693dc5..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/00-namespace.yml.j2 +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: {{ ingress_ambassador_namespace }} - labels: - name: {{ ingress_ambassador_namespace }} diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/clusterrole-ambassador.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/clusterrole-ambassador.yml.j2 deleted file mode 100644 index 11810d2b02d..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/clusterrole-ambassador.yml.j2 +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: ambassador-operator-cluster - labels: - app.kubernetes.io/name: ambassador-operator - app.kubernetes.io/part-of: ambassador-operator -rules: - - apiGroups: ['*'] - resources: ['*'] - verbs: ['*'] - - nonResourceURLs: ['*'] - verbs: ['*'] diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/clusterrolebinding-ambassador.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/clusterrolebinding-ambassador.yml.j2 deleted file mode 100644 index d9dd8a3cfcb..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/clusterrolebinding-ambassador.yml.j2 +++ /dev/null @@ -1,16 +0,0 @@ ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: ambassador-operator-cluster - labels: - app.kubernetes.io/name: ambassador-operator - app.kubernetes.io/part-of: ambassador-operator -subjects: - - kind: ServiceAccount - name: ambassador-operator - namespace: {{ ingress_ambassador_namespace }} -roleRef: - kind: ClusterRole - name: ambassador-operator-cluster - apiGroup: rbac.authorization.k8s.io diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/cr-ambassador-installation.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/cr-ambassador-installation.yml.j2 deleted file mode 100644 index 8449cd5b8a0..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/cr-ambassador-installation.yml.j2 +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: getambassador.io/v2 -kind: AmbassadorInstallation -metadata: - name: ambassador - labels: - app.kubernetes.io/name: ambassador-operator - app.kubernetes.io/part-of: ambassador-operator -spec: - installOSS: true -{% if ingress_ambassador_update_window %} - updateWindow: "{{ ingress_ambassador_update_window }}" -{% endif %} -{% if ingress_ambassador_version %} - version: "{{ ingress_ambassador_version }}" -{% endif %} - helmValues: - tolerations: - - key: "node-role.kubernetes.io/master" - effect: NoSchedule - - key: "node-role.kubernetes.io/control-plane" - effect: NoSchedule - deploymentTool: amb-oper-kubespray -{% if ingress_ambassador_host_network %} - hostNetwork: true -{% endif %} - replicaCount: {{ ingress_ambassador_replicas }} - service: - ports: - - name: http - port: 80 - hostPort: {{ ingress_ambassador_insecure_port }} - targetPort: 8080 - protocol: TCP - - name: https - port: 443 - hostPort: {{ ingress_ambassador_secure_port }} - targetPort: 8443 - protocol: TCP diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/crd-ambassador-installation.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/crd-ambassador-installation.yml.j2 deleted file mode 100644 index 287b706639f..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/crd-ambassador-installation.yml.j2 +++ /dev/null @@ -1,186 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: ambassadorinstallations.getambassador.io -spec: - additionalPrinterColumns: - - JSONPath: .spec.version - name: VERSION - type: string - - JSONPath: .spec.updateWindow - name: UPDATE-WINDOW - type: integer - - JSONPath: .status.lastCheckTime - description: Last time checked - name: LAST-CHECK - type: string - - JSONPath: .status.conditions[?(@.type=='Deployed')].status - description: Indicates if deployment has completed - name: DEPLOYED - type: string - - JSONPath: .status.conditions[?(@.type=='Deployed')].reason - description: Reason for deployment completed - name: REASON - priority: 1 - type: string - - JSONPath: .status.conditions[?(@.type=='Deployed')].message - description: Message for deployment completed - name: MESSAGE - priority: 1 - type: string - - JSONPath: .status.deployedRelease.appVersion - description: Deployed version of Ambassador - name: DEPLOYED-VERSION - type: string - - JSONPath: .status.deployedRelease.flavor - description: Deployed flavor of Ambassador (OSS or AES) - name: DEPLOYED-FLAVOR - type: string - group: getambassador.io - names: - kind: AmbassadorInstallation - listKind: AmbassadorInstallationList - plural: ambassadorinstallations - singular: ambassadorinstallation - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: AmbassadorInstallation is the Schema for the ambassadorinstallations - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AmbassadorInstallationSpec defines the desired state of AmbassadorInstallation - properties: - baseImage: - description: An (optional) image to use instead of the image specified - in the Helm chart. - type: string - helmRepo: - description: An (optional) Helm repository. - type: string - installOSS: - description: 'Installs [Ambassador OSS](https://www.getambassador.io/docs/latest/topics/install/install-ambassador-oss/) - instead of [AES](https://www.getambassador.io/docs/latest/topics/install/). - Default is false which means it installs AES by default. TODO: 1. - AES/AOSS is not installed and the user installs using `installOSS: - true`, then we straightaway install AOSS. 2. AOSS is installed via - operator and the user sets `installOSS: false`, then we perform the - migration as detailed here - https://www.getambassador.io/docs/latest/topics/install/upgrade-to-edge-stack/ - 3. AES is installed and the user sets `installOSS: true`, then we - point users to the docs which gives them pointers on how to do - that themselves.' - type: boolean - logLevel: - description: 'An (optional) log level: debug, info...' - enum: - - info - - debug - - warn - - warning - - error - - critical - - fatal - type: string - updateWindow: - description: "`updateWindow` is an optional item that will control when - the updates can take place. This is used to force system updates to - happen late at night if that’s what the sysadmins want. \n * There - can be any number of `updateWindow` entries (separated by commas). - \ * `Never` turns off automatic updates even if there are other entries - in the comma-separated list. `Never` is used by sysadmins to disable - all updates during blackout periods by doing a `kubectl apply` - or using our Edge Policy Console to set this. * Each `updateWindow` - is in crontab format (see https://crontab.guru/) Some examples of - `updateWindows` are: - `* 0-6 * * * SUN`: every Sunday, from _0am_ - to _6am_ - `* 5 1 * * *`: every first day of the month, at _5am_ - * The Operator cannot guarantee minute time granularity, so specifying - \ a minute in the crontab expression can lead to some updates happening - \ sooner/later than expected." - type: string - version: - description: "We are using SemVer for the version number and it can - be specified with any level of precision and can optionally end in - `*`. These are interpreted as: \n * `1.0` = exactly version 1.0 * - `1.1` = exactly version 1.1 * `1.1.*` = version 1.1 and any bug fix - versions `1.1.1`, `1.1.2`, `1.1.3`, etc. * `2.*` = version 2.0 and - any incremental and bug fix versions `2.0`, `2.0.1`, `2.0.2`, `2.1`, - `2.2`, `2.2.1`, etc. * `*` = all versions. * `3.0-ea` = version `3.0-ea1` - and any subsequent EA releases on `3.0`. Also selects the final - 3.0 once the final GA version is released. * `4.*-ea` = version `4.0-ea1` - and any subsequent EA release on `4.0`. Also selects the final GA - `4.0`. Also selects any incremental and bug fix versions `4.*` and - `4.*.*`. Also selects the most recent `4.*` EA release i.e., if - `4.0.5` is the last GA version and there is a `4.1-EA3`, then this - \ selects `4.1-EA3` over the `4.0.5` GA. \n You can find the reference - docs about the SemVer syntax accepted [here](https://github.com/Masterminds/semver#basic-comparisons)." - type: string - type: object - status: - description: AmbassadorInstallationStatus defines the observed state of - AmbassadorInstallation - properties: - conditions: - description: List of conditions the installation has experienced. - items: - description: AmbInsCondition defines an Ambassador installation condition, - as well as the last time there was a transition to this condition.. - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - deployedRelease: - description: the currently deployed Helm chart - nullable: true - properties: - appVersion: - type: string - flavor: - type: string - manifest: - type: string - name: - type: string - version: - type: string - type: object - lastCheckTime: - description: Last time a successful update check was performed. - format: date-time - nullable: true - type: string - required: - - conditions - type: object - type: object - version: v2 - versions: - - name: v2 - served: true - storage: true diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/deploy-ambassador.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/deploy-ambassador.yml.j2 deleted file mode 100644 index 41bdbdc64a9..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/deploy-ambassador.yml.j2 +++ /dev/null @@ -1,47 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: ambassador-operator - namespace: {{ ingress_ambassador_namespace }} - labels: - app.kubernetes.io/name: ambassador-operator - app.kubernetes.io/part-of: ambassador-operator - getambassador.io/installer: operator -spec: - replicas: 1 - selector: - matchLabels: - name: ambassador-operator - app.kubernetes.io/name: ambassador-operator - app.kubernetes.io/part-of: ambassador-operator - template: - metadata: - labels: - name: ambassador-operator - getambassador.io/installer: operator - app.kubernetes.io/name: ambassador-operator - app.kubernetes.io/part-of: ambassador-operator - spec: - serviceAccountName: ambassador-operator - containers: - - name: ambassador-operator - image: {{ ingress_ambassador_image_repo }}:{{ ingress_ambassador_image_tag }} - command: - - ambassador-operator - imagePullPolicy: {{ k8s_image_pull_policy }} - env: - - name: WATCH_NAMESPACE -{% if ingress_ambassador_multi_namespaces %} - value: '' -{% else %} - valueFrom: - fieldRef: - fieldPath: metadata.namespace -{% endif %} - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: "ambassador-operator" diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/role-ambassador.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/role-ambassador.yml.j2 deleted file mode 100644 index 5209cfab593..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/role-ambassador.yml.j2 +++ /dev/null @@ -1,82 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - creationTimestamp: null - name: ambassador-operator -rules: - - apiGroups: - - "" - resources: - - pods - - services - - services/finalizers - - endpoints - - persistentvolumeclaims - - events - - configmaps - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps - resources: - - deployments - - daemonsets - - replicasets - - statefulsets - - customresourcedefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - verbs: - - get - - create - - apiGroups: - - apps - resourceNames: - - ambassador-operator - resources: - - deployments/finalizers - verbs: - - update - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - apiGroups: - - apps - resources: - - replicasets - - deployments - verbs: - - get - - apiGroups: - - getambassador.io - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/rolebinding-ambassador.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/rolebinding-ambassador.yml.j2 deleted file mode 100644 index 96403bec50c..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/rolebinding-ambassador.yml.j2 +++ /dev/null @@ -1,12 +0,0 @@ ---- -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: ambassador-operator -subjects: - - kind: ServiceAccount - name: ambassador-operator -roleRef: - kind: Role - name: ambassador-operator - apiGroup: rbac.authorization.k8s.io diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/sa-ambassador.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/sa-ambassador.yml.j2 deleted file mode 100644 index 1673532f54f..00000000000 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/sa-ambassador.yml.j2 +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ambassador-operator - namespace: {{ ingress_ambassador_namespace }} - labels: - app.kubernetes.io/name: ambassador-operator - app.kubernetes.io/part-of: ambassador-operator diff --git a/roles/kubernetes-apps/ingress_controller/meta/main.yml b/roles/kubernetes-apps/ingress_controller/meta/main.yml index 800a3d4cdba..b269607fd00 100644 --- a/roles/kubernetes-apps/ingress_controller/meta/main.yml +++ b/roles/kubernetes-apps/ingress_controller/meta/main.yml @@ -7,13 +7,6 @@ dependencies: - ingress-controller - ingress-nginx - - role: kubernetes-apps/ingress_controller/ambassador - when: ingress_ambassador_enabled - tags: - - apps - - ingress-controller - - ambassador - - role: kubernetes-apps/ingress_controller/cert_manager when: cert_manager_enabled tags: diff --git a/roles/kubespray-defaults/defaults/main/main.yaml b/roles/kubespray-defaults/defaults/main/main.yaml index 4cba6ef8c80..a4a02efad00 100644 --- a/roles/kubespray-defaults/defaults/main/main.yaml +++ b/roles/kubespray-defaults/defaults/main/main.yaml @@ -372,7 +372,6 @@ persistent_volumes_enabled: false cephfs_provisioner_enabled: false rbd_provisioner_enabled: false ingress_nginx_enabled: false -ingress_ambassador_enabled: false ingress_alb_enabled: false cert_manager_enabled: false expand_persistent_volumes: false diff --git a/tests/files/packet_opensuse-canal.yml b/tests/files/packet_opensuse-canal.yml index aec66b88b83..8fa2b03d29d 100644 --- a/tests/files/packet_opensuse-canal.yml +++ b/tests/files/packet_opensuse-canal.yml @@ -9,7 +9,4 @@ kube_network_plugin: canal deploy_netchecker: true dns_min_replicas: 1 -# test Ambassador -ingress_ambassador_enabled: true - auto_renew_certificates: true