From c580efee7cf133d479fdc4b736ebfeab09d2f246 Mon Sep 17 00:00:00 2001 From: Samuli Silvius Date: Sun, 17 Mar 2019 18:06:33 +0200 Subject: Improve rancher role testability Move functionality from playbook to rancher role. Introduce defaults for holding default values in rancher role. Other small changes noticed while testing rancher role with molecule. Issue-ID: OOM-1729 Change-Id: I83befa9f0964c67e209d3def76bafd2a61c1ef33 Signed-off-by: Samuli Silvius --- ansible/roles/kubectl/defaults/main.yml | 5 +++++ ansible/roles/kubectl/tasks/main.yml | 10 ++++++++++ ansible/roles/kubectl/templates/kube_config.j2 | 19 +++++++++++++++++++ ansible/roles/rancher/defaults/main.yml | 4 ++++ ansible/roles/rancher/tasks/main.yml | 2 +- ansible/roles/rancher/tasks/rancher_agent.yml | 4 ++-- ansible/roles/rancher/tasks/rancher_health.yml | 8 ++++++++ ansible/roles/rancher/tasks/rancher_server.yml | 12 +----------- ansible/roles/rancher/templates/kube_config.j2 | 19 ------------------- 9 files changed, 50 insertions(+), 33 deletions(-) create mode 100644 ansible/roles/kubectl/defaults/main.yml create mode 100644 ansible/roles/kubectl/templates/kube_config.j2 create mode 100644 ansible/roles/rancher/defaults/main.yml create mode 100644 ansible/roles/rancher/tasks/rancher_health.yml delete mode 100644 ansible/roles/rancher/templates/kube_config.j2 (limited to 'ansible/roles') diff --git a/ansible/roles/kubectl/defaults/main.yml b/ansible/roles/kubectl/defaults/main.yml new file mode 100644 index 00000000..78c15c75 --- /dev/null +++ b/ansible/roles/kubectl/defaults/main.yml @@ -0,0 +1,5 @@ +--- +kubectl_bin_dir: /usr/local/bin +kube_directory: ~/.kube +# Defaulting to rancher setup +kube_server: "https://{{ ansible_host }}:8080/r/projects/{{ k8s_env_id | mandatory }}/kubernetes:6443" \ No newline at end of file diff --git a/ansible/roles/kubectl/tasks/main.yml b/ansible/roles/kubectl/tasks/main.yml index 7c77c3c5..9ecb5c44 100644 --- a/ansible/roles/kubectl/tasks/main.yml +++ b/ansible/roles/kubectl/tasks/main.yml @@ -5,3 +5,13 @@ dest: "{{ kubectl_bin_dir }}/kubectl" remote_src: true mode: 0755 + +- name: Ensure .kube directory exists + file: + path: "{{ kube_directory }}" + state: directory + +- name: Create kube config + template: + src: kube_config.j2 + dest: "{{ kube_directory }}/config" diff --git a/ansible/roles/kubectl/templates/kube_config.j2 b/ansible/roles/kubectl/templates/kube_config.j2 new file mode 100644 index 00000000..586c59d4 --- /dev/null +++ b/ansible/roles/kubectl/templates/kube_config.j2 @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Config +clusters: +- cluster: + api-version: v1 + insecure-skip-tls-verify: true + server: "{{ kube_server }}" + name: "{{ app_name }}" +contexts: +- context: + cluster: "{{ app_name }}" + user: "{{ app_name }}" + name: "{{ app_name }}" +current-context: "{{ app_name }}" +users: +- name: "{{ app_name }}" + user: + token: "{{ (['Basic', [key_public, key_private] | join(':') | b64encode] | join(' ')) | b64encode }}" + diff --git a/ansible/roles/rancher/defaults/main.yml b/ansible/roles/rancher/defaults/main.yml new file mode 100644 index 00000000..8edc5180 --- /dev/null +++ b/ansible/roles/rancher/defaults/main.yml @@ -0,0 +1,4 @@ +--- +rancher_server_url: "http://{{ hostvars[groups.infrastructure.0].ansible_host }}:8080" +rancher_remove_other_env: true +rancher_redeploy_k8s_env: true diff --git a/ansible/roles/rancher/tasks/main.yml b/ansible/roles/rancher/tasks/main.yml index 1370a39f..045363d0 100644 --- a/ansible/roles/rancher/tasks/main.yml +++ b/ansible/roles/rancher/tasks/main.yml @@ -1,2 +1,2 @@ --- -- include_tasks: "rancher_{{ rancher_role }}.yml" +- include_tasks: "rancher_{{ mode }}.yml" diff --git a/ansible/roles/rancher/tasks/rancher_agent.yml b/ansible/roles/rancher/tasks/rancher_agent.yml index 4c9cb8dd..091503c7 100644 --- a/ansible/roles/rancher/tasks/rancher_agent.yml +++ b/ansible/roles/rancher/tasks/rancher_agent.yml @@ -7,7 +7,7 @@ volumes: - "/var/run/docker.sock:/var/run/docker.sock" - "/var/lib/rancher:/var/lib/rancher" - auto_remove: yes - privileged: yes + auto_remove: true + privileged: true vars: server_hostvars: "{{ hostvars[groups.infrastructure.0] }}" diff --git a/ansible/roles/rancher/tasks/rancher_health.yml b/ansible/roles/rancher/tasks/rancher_health.yml new file mode 100644 index 00000000..b0323739 --- /dev/null +++ b/ansible/roles/rancher/tasks/rancher_health.yml @@ -0,0 +1,8 @@ +--- +- name: Check cluster health + uri: + url: "{{ rancher_server_url }}/v2-beta/projects/{{ k8s_env_id }}" + register: env_info + retries: 30 + delay: 15 + until: "env_info.json.healthState == 'healthy'" diff --git a/ansible/roles/rancher/tasks/rancher_server.yml b/ansible/roles/rancher/tasks/rancher_server.yml index 64b35e4c..d30be729 100644 --- a/ansible/roles/rancher/tasks/rancher_server.yml +++ b/ansible/roles/rancher/tasks/rancher_server.yml @@ -2,7 +2,7 @@ # DO NOT ADD SPACE AROUND ';' - name: Start rancher/server:{{ rancher_server_version }} docker_container: - name: rancher_server + name: rancher-server image: rancher/server:{{ rancher_server_version }} command: ["sh", "-c", "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service"] ports: 8080:8080 @@ -39,13 +39,3 @@ key_private: "{{ env.data.apikey.private }}" rancher_agent_image: "{{ env.data.registration_tokens.image }}" rancher_agent_reg_url: "{{ env.data.registration_tokens.reg_url }}" - -- name: Ensure .kube directory exists - file: - path: "{{ kube_directory }}" - state: directory - -- name: Create kube config - template: - src: kube_config.j2 - dest: "{{ kube_directory }}/config" diff --git a/ansible/roles/rancher/templates/kube_config.j2 b/ansible/roles/rancher/templates/kube_config.j2 deleted file mode 100644 index 87f332e6..00000000 --- a/ansible/roles/rancher/templates/kube_config.j2 +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Config -clusters: -- cluster: - api-version: v1 - insecure-skip-tls-verify: true - server: "https://{{ ansible_host }}:8080/r/projects/{{ k8s_env_id }}/kubernetes:6443" - name: "{{ app_name }}" -contexts: -- context: - cluster: "{{ app_name }}" - user: "{{ app_name }}" - name: "{{ app_name }}" -current-context: "{{ app_name }}" -users: -- name: "{{ app_name }}" - user: - token: "{{ (['Basic', [key_public, key_private] | join(':') | b64encode] | join(' ')) | b64encode }}" - -- cgit 1.2.3-korg