KubeADM: Label namespaces

This PS removes the duplicate labeling of K8s namespaces everytime
the kubeadm image is run - as this action is performed by the
container itself while deploying k8s. It also updates the playbook
to label the kube-public ns.

Change-Id: Icfaabe54d263e0bbc52f2ac11835cb5d92ad32a4

tools/gate/playbooks/deploy-kubeadm-aio-common/tasks/util-kubeadm-aio-run.yaml

@@ -69,9 +69,3 @@
       docker_container:
         name: "kubeadm-{{ kubeadm_aio_action }}"
         state: absent
-    - name: add labels to namespace
-      command: kubectl label --overwrite namespace {{ item }} name={{ item }}
-      with_items:
-        - default
-        - kube-system
-      ignore_errors: True

tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubeadm-master/tasks/main.yaml

@@ -192,6 +192,14 @@
       when: kube_public_configmap_rolebinding_exists | failed
       command: kubectl --kubeconfig /mnt/rootfs/etc/kubernetes/admin.conf -n kube-public create rolebinding kubeadm:bootstrap-signer-clusterinfo --role system:bootstrap-signer-clusterinfo --user system:anonymous
 
+- name: adding labels to namespace to support network policy
+  delegate_to: 127.0.0.1
+  command: kubectl --kubeconfig=/mnt/rootfs/etc/kubernetes/admin.conf  label --overwrite namespace {{ item }} name={{ item }}
+  with_items:
+    - default
+    - kube-system
+    - kube-public
+
 - name: converting the cluster to be selfhosted
   when: k8s.selfHosted|bool == true
   delegate_to: 127.0.0.1
@@ -219,11 +227,3 @@
         owner: "{{ vars.user.uid }}"
         group: "{{ vars.user.gid }}"
         mode: 0600
-
-- name: add labels to namespace
-  delegate_to: 127.0.0.1
-  command: kubectl label --overwrite namespace {{ item }} name={{ item }}
-  with_items:
-    - default
-    - kube-system
-  ignore_errors: True