ansible/roles/ccm/tasks/main.yml

---
- name: Check if Hetzner CCM is already deployed
  command: kubectl get namespace hetzner-cloud-system
  register: ccm_namespace
  failed_when: false
  changed_when: false

- name: Create Hetzner CCM namespace
  command: kubectl create namespace hetzner-cloud-system
  when: ccm_namespace.rc != 0
  changed_when: true

- name: Create Hetzner cloud secret
  kubernetes.core.k8s:
    state: present
    definition:
      apiVersion: v1
      kind: Secret
      metadata:
        name: hcloud
        namespace: hetzner-cloud-system
      stringData:
        token: "{{ hcloud_token }}"
        network: "{{ cluster_name }}-network"
  no_log: true
  when: hcloud_token is defined

- name: Deploy Hetzner CCM
  kubernetes.core.k8s:
    state: present
    src: "{{ item }}"
  loop:
    - https://raw.githubusercontent.com/hetznercloud/hcloud-cloud-controller-manager/main/deploy/ccm-networks.yaml
  when: ccm_namespace.rc != 0

- name: Wait for CCM pods to be ready
  command: kubectl rollout status deployment/hcloud-cloud-controller-manager -n hetzner-cloud-system
  changed_when: false
  retries: 30
  delay: 10
feat: Add HA Kubernetes cluster with Terraform + Ansible - 3x CX23 control plane nodes (HA) - 4x CX33 worker nodes - k3s with embedded etcd - Hetzner CCM for load balancers - Gitea CI/CD workflows - Backblaze B2 for Terraform state 2026-02-28 20:24:55 +00:00			`---`
			`- name: Check if Hetzner CCM is already deployed`
			`command: kubectl get namespace hetzner-cloud-system`
			`register: ccm_namespace`
			`failed_when: false`
			`changed_when: false`

			`- name: Create Hetzner CCM namespace`
			`command: kubectl create namespace hetzner-cloud-system`
			`when: ccm_namespace.rc != 0`
			`changed_when: true`

			`- name: Create Hetzner cloud secret`
			`kubernetes.core.k8s:`
			`state: present`
			`definition:`
			`apiVersion: v1`
			`kind: Secret`
			`metadata:`
			`name: hcloud`
			`namespace: hetzner-cloud-system`
			`stringData:`
			`token: "{{ hcloud_token }}"`
			`network: "{{ cluster_name }}-network"`
			`no_log: true`
			`when: hcloud_token is defined`

			`- name: Deploy Hetzner CCM`
			`kubernetes.core.k8s:`
			`state: present`
			`src: "{{ item }}"`
			`loop:`
			`- https://raw.githubusercontent.com/hetznercloud/hcloud-cloud-controller-manager/main/deploy/ccm-networks.yaml`
			`when: ccm_namespace.rc != 0`

			`- name: Wait for CCM pods to be ready`
			`command: kubectl rollout status deployment/hcloud-cloud-controller-manager -n hetzner-cloud-system`
			`changed_when: false`
			`retries: 30`
			`delay: 10`