summaryrefslogtreecommitdiffstats
path: root/ansible/roles/rancher
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/rancher')
-rw-r--r--ansible/roles/rancher/tasks/main.yml2
-rw-r--r--ansible/roles/rancher/tasks/rancher_agent.yml13
-rw-r--r--ansible/roles/rancher/tasks/rancher_server.yml51
-rw-r--r--ansible/roles/rancher/templates/kube_config.j219
4 files changed, 85 insertions, 0 deletions
diff --git a/ansible/roles/rancher/tasks/main.yml b/ansible/roles/rancher/tasks/main.yml
new file mode 100644
index 00000000..1370a39f
--- /dev/null
+++ b/ansible/roles/rancher/tasks/main.yml
@@ -0,0 +1,2 @@
+---
+- include_tasks: "rancher_{{ rancher_role }}.yml"
diff --git a/ansible/roles/rancher/tasks/rancher_agent.yml b/ansible/roles/rancher/tasks/rancher_agent.yml
new file mode 100644
index 00000000..4c9cb8dd
--- /dev/null
+++ b/ansible/roles/rancher/tasks/rancher_agent.yml
@@ -0,0 +1,13 @@
+---
+- name: Add Rancher Agent
+ docker_container:
+ name: rancher_agent
+ image: "{{ server_hostvars.rancher_agent_image }}"
+ command: "{{ server_hostvars.rancher_agent_reg_url }}"
+ volumes:
+ - "/var/run/docker.sock:/var/run/docker.sock"
+ - "/var/lib/rancher:/var/lib/rancher"
+ auto_remove: yes
+ privileged: yes
+ vars:
+ server_hostvars: "{{ hostvars[groups.infrastructure.0] }}"
diff --git a/ansible/roles/rancher/tasks/rancher_server.yml b/ansible/roles/rancher/tasks/rancher_server.yml
new file mode 100644
index 00000000..9abf986b
--- /dev/null
+++ b/ansible/roles/rancher/tasks/rancher_server.yml
@@ -0,0 +1,51 @@
+---
+# DO NOT ADD SPACE AROUND ';'
+- name: Start rancher/server:v1.6.14
+ docker_container:
+ name: rancher_server
+ image: rancher/server:v1.6.14
+ command: ["sh", "-c", "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service"]
+ ports: 8080:8080
+ state: started
+ restart_policy: unless-stopped
+ volumes:
+ - "{{ app_data_path }}/certs:/usr/local/share/ca-certificates/extra:ro"
+
+- name: Wait for rancher server to be ready
+ uri:
+ url: "{{ rancher_server_url }}/v2-beta"
+ register: response
+ retries: 10
+ delay: 30
+ until: not response.failed
+
+- name: Create kubernetes environment
+ rancher_k8s_environment:
+ name: "{{ app_name }}"
+ descr: "Kubernetes environment for {{ app_name }}"
+ server: "{{ rancher_server_url }}"
+ delete_other_k8s: "{{ rancher_remove_other_env }}"
+ force: "{{ rancher_redeploy_k8s_env }}"
+ host_os: "{{ ansible_os_family }}"
+ register: env
+ retries: 10
+ delay: 5
+ until: env.data is defined
+
+- name: Set apikey values
+ set_fact:
+ k8s_env_id: "{{ env.data.environment.id }}"
+ key_public: "{{ env.data.apikey.public }}"
+ key_private: "{{ env.data.apikey.private }}"
+ rancher_agent_image: "{{ env.data.registration_tokens.image }}"
+ rancher_agent_reg_url: "{{ env.data.registration_tokens.reg_url }}"
+
+- name: Ensure .kube directory exists
+ file:
+ path: "{{ kube_directory }}"
+ state: directory
+
+- name: Create kube config
+ template:
+ src: kube_config.j2
+ dest: "{{ kube_directory }}/config"
diff --git a/ansible/roles/rancher/templates/kube_config.j2 b/ansible/roles/rancher/templates/kube_config.j2
new file mode 100644
index 00000000..87f332e6
--- /dev/null
+++ b/ansible/roles/rancher/templates/kube_config.j2
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Config
+clusters:
+- cluster:
+ api-version: v1
+ insecure-skip-tls-verify: true
+ server: "https://{{ ansible_host }}:8080/r/projects/{{ k8s_env_id }}/kubernetes:6443"
+ name: "{{ app_name }}"
+contexts:
+- context:
+ cluster: "{{ app_name }}"
+ user: "{{ app_name }}"
+ name: "{{ app_name }}"
+current-context: "{{ app_name }}"
+users:
+- name: "{{ app_name }}"
+ user:
+ token: "{{ (['Basic', [key_public, key_private] | join(':') | b64encode] | join(' ')) | b64encode }}"
+