Adding rancher role

In kubernetes cluster configuration we still use rancher tool,
this ansible role is providing handling for both rancher server
and agent.

Change-Id: I508a42a98902788b940b06cf95009a899c50a3b8
Issue-ID: OOM-1551
Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com>

diff --git a/ansible/roles/rancher/tasks/main.yml b/ansible/roles/rancher/tasks/main.yml
new file mode 100644 (file)
index 0000000..1370a39
--- /dev/null
+++ b/ansible/roles/rancher/tasks/main.yml
@@ -0,0 +1,2 @@
+---
+- include_tasks: "rancher_{{ rancher_role }}.yml"

diff --git a/ansible/roles/rancher/tasks/rancher_agent.yml b/ansible/roles/rancher/tasks/rancher_agent.yml
new file mode 100644 (file)
index 0000000..4c9cb8d
--- /dev/null
+++ b/ansible/roles/rancher/tasks/rancher_agent.yml
@@ -0,0 +1,13 @@
+---
+- name: Add Rancher Agent
+  docker_container:
+    name: rancher_agent
+    image: "{{ server_hostvars.rancher_agent_image }}"
+    command: "{{ server_hostvars.rancher_agent_reg_url }}"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+      - "/var/lib/rancher:/var/lib/rancher"
+    auto_remove: yes
+    privileged: yes
+  vars:
+    server_hostvars: "{{ hostvars[groups.infrastructure.0] }}"

diff --git a/ansible/roles/rancher/tasks/rancher_server.yml b/ansible/roles/rancher/tasks/rancher_server.yml
new file mode 100644 (file)
index 0000000..9abf986
--- /dev/null
+++ b/ansible/roles/rancher/tasks/rancher_server.yml
@@ -0,0 +1,51 @@
+---
+# DO NOT ADD SPACE AROUND ';'
+- name: Start rancher/server:v1.6.14
+  docker_container:
+    name: rancher_server
+    image: rancher/server:v1.6.14
+    command: ["sh", "-c", "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service"]
+    ports: 8080:8080
+    state: started
+    restart_policy: unless-stopped
+    volumes:
+      - "{{ app_data_path }}/certs:/usr/local/share/ca-certificates/extra:ro"
+
+- name: Wait for rancher server to be ready
+  uri:
+    url: "{{ rancher_server_url }}/v2-beta"
+  register: response
+  retries: 10
+  delay: 30
+  until: not response.failed
+
+- name: Create kubernetes environment
+  rancher_k8s_environment:
+    name: "{{ app_name }}"
+    descr: "Kubernetes environment for {{ app_name }}"
+    server: "{{ rancher_server_url }}"
+    delete_other_k8s: "{{ rancher_remove_other_env }}"
+    force: "{{ rancher_redeploy_k8s_env }}"
+    host_os: "{{ ansible_os_family }}"
+  register: env
+  retries: 10
+  delay: 5
+  until: env.data is defined
+
+- name: Set apikey values
+  set_fact:
+    k8s_env_id: "{{ env.data.environment.id }}"
+    key_public: "{{ env.data.apikey.public }}"
+    key_private: "{{ env.data.apikey.private }}"
+    rancher_agent_image: "{{ env.data.registration_tokens.image }}"
+    rancher_agent_reg_url: "{{ env.data.registration_tokens.reg_url }}"
+
+- name: Ensure .kube directory exists
+  file:
+    path: "{{ kube_directory }}"
+    state: directory
+
+- name: Create kube config
+  template:
+    src: kube_config.j2
+    dest: "{{ kube_directory }}/config"

diff --git a/ansible/roles/rancher/templates/kube_config.j2 b/ansible/roles/rancher/templates/kube_config.j2
new file mode 100644 (file)
index 0000000..87f332e
--- /dev/null
+++ b/ansible/roles/rancher/templates/kube_config.j2
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Config
+clusters:
+- cluster:
+    api-version: v1
+    insecure-skip-tls-verify: true
+    server: "https://{{ ansible_host }}:8080/r/projects/{{ k8s_env_id }}/kubernetes:6443"
+  name: "{{ app_name }}"
+contexts:
+- context:
+    cluster: "{{ app_name }}"
+    user: "{{ app_name }}"
+  name: "{{ app_name }}"
+current-context: "{{ app_name }}"
+users:
+- name: "{{ app_name }}"
+  user:
+    token: "{{ (['Basic', [key_public, key_private] | join(':') | b64encode] | join(' ')) | b64encode }}"
+