Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / offline-installer / 76e017afde67940e80efeaec546c04bef2dadff2 / . / ansible / roles / rancher / tasks / rancher_server.yml
blob: f467ff3fb841647682fed4954c454c030e0ab0b2 [file] [log] [blame]
Michal Ptacek89134622018-12-19 12:10:34 +0000[diff] [blame]1---
2# DO NOT ADD SPACE AROUND ';'
Tomáš Levora21c39f02019-04-05 11:25:01 +0200[diff] [blame]3- name: Start rancher server container
Michal Ptacek89134622018-12-19 12:10:34 +0000[diff] [blame]4 docker_container:
Samuli Silviusc580efe2019-03-17 18:06:33 +0200[diff] [blame]5 name: rancher-server
Tomáš Levora21c39f02019-04-05 11:25:01 +0200[diff] [blame]6 image: "{{ rancher_server_image }}"
Michal Ptacek89134622018-12-19 12:10:34 +0000[diff] [blame]7 command: ["sh", "-c", "/usr/sbin/update-ca-certificates;/usr/bin/entry /usr/bin/s6-svscan /service"]
8 ports: 8080:8080
9 state: started
10 restart_policy: unless-stopped
11 volumes:
12 - "{{ app_data_path }}/certs:/usr/local/share/ca-certificates/extra:ro"
13
14- name: Wait for rancher server to be ready
15 uri:
16 url: "{{ rancher_server_url }}/v2-beta"
17 register: response
18 retries: 10
19 delay: 30
20 until: not response.failed
21
Samuli Silvius673677a2019-03-17 19:28:33 +0200[diff] [blame]22- name: Create rancher kubernetes environment
Michal Ptacek89134622018-12-19 12:10:34 +0000[diff] [blame]23 rancher_k8s_environment:
24 name: "{{ app_name }}"
25 descr: "Kubernetes environment for {{ app_name }}"
26 server: "{{ rancher_server_url }}"
27 delete_other_k8s: "{{ rancher_remove_other_env }}"
28 force: "{{ rancher_redeploy_k8s_env }}"
29 host_os: "{{ ansible_os_family }}"
30 register: env
31 retries: 10
32 delay: 5
33 until: env.data is defined
34
Petr Ospalý72b09b12019-04-08 04:55:47 +0200[diff] [blame]35# There is a lack of idempotency in the previous task and so there are new api
36# key-pairs created with each run.
37#
38# ToDo: fix idempotency of rancher role
39#
40# Anyway as rke will be default k8s orchestrator in Dublin, it's supposed to be
41# low prio topic. The following tasks dealing with the API are ignoring this problem
42# and they simply use the new created API key-pair, which is set as a fact here:
Michal Ptacek89134622018-12-19 12:10:34 +0000[diff] [blame]43- name: Set apikey values
44 set_fact:
45 k8s_env_id: "{{ env.data.environment.id }}"
46 key_public: "{{ env.data.apikey.public }}"
47 key_private: "{{ env.data.apikey.private }}"
48 rancher_agent_image: "{{ env.data.registration_tokens.image }}"
49 rancher_agent_reg_url: "{{ env.data.registration_tokens.reg_url }}"
Petr Ospalý2bfe0f92019-03-26 22:13:00 +0100[diff] [blame]50
Petr Ospalý3a6558a2019-04-08 08:39:41 +0200[diff] [blame]51# By default disabled - when enabled this playbook cannot be run more than once.
Petr Ospalý72b09b12019-04-08 04:55:47 +0200[diff] [blame]52- name: Setup rancher admin password and enable authentication
53 rancher1_api:
54 server: "{{ rancher_server_url }}"
55 account_key: "{{ key_public }}:{{ key_private }}"
56 mode: access_control
57 data:
Bartek Grzybowskiee157b52019-04-26 13:26:45 +0200[diff] [blame]58 account_id: 1a1 # default rancher admin account
Petr Ospalý72b09b12019-04-08 04:55:47 +0200[diff] [blame]59 password: "{{ rancher.admin_password }}"
Petr Ospalý3a6558a2019-04-08 08:39:41 +0200[diff] [blame]60 when: "rancher.auth_enabled is defined and rancher.auth_enabled"
Petr Ospalý72b09b12019-04-08 04:55:47 +0200[diff] [blame]61
Petr Ospalý2bfe0f92019-03-26 22:13:00 +0100[diff] [blame]62- name: Configure the size of the rancher cattle db and logs
63 block:
64 - name: Main tables
65 rancher1_api:
66 server: "{{ rancher_server_url }}"
Petr Ospalý9dee2012019-04-05 09:57:03 +0200[diff] [blame]67 account_key: "{{ key_public }}:{{ key_private }}"
68 mode: settings
69 data:
70 option: main_tables.purge.after.seconds
71 value: "{{ rancher.main_tables_purge_after_seconds }}"
Petr Ospalý2bfe0f92019-03-26 22:13:00 +0100[diff] [blame]72 - name: Events
73 rancher1_api:
74 server: "{{ rancher_server_url }}"
Petr Ospalý9dee2012019-04-05 09:57:03 +0200[diff] [blame]75 account_key: "{{ key_public }}:{{ key_private }}"
76 mode: settings
77 data:
78 option: events.purge.after.seconds
79 value: "{{ rancher.events_purge_after_seconds }}"
Petr Ospalý2bfe0f92019-03-26 22:13:00 +0100[diff] [blame]80 - name: Service log
81 rancher1_api:
82 server: "{{ rancher_server_url }}"
Petr Ospalý9dee2012019-04-05 09:57:03 +0200[diff] [blame]83 account_key: "{{ key_public }}:{{ key_private }}"
84 mode: settings
85 data:
86 option: service_log.purge.after.seconds
87 value: "{{ rancher.service_log_purge_after_seconds }}"
Petr Ospalý2bfe0f92019-03-26 22:13:00 +0100[diff] [blame]88 - name: Audit log
89 rancher1_api:
90 server: "{{ rancher_server_url }}"
Petr Ospalý9dee2012019-04-05 09:57:03 +0200[diff] [blame]91 account_key: "{{ key_public }}:{{ key_private }}"
92 mode: settings
93 data:
94 option: audit_log.purge.after.seconds
95 value: "{{ rancher.audit_log_purge_after_seconds }}"
Michal Zegan119f7602019-04-23 16:34:58 +0200[diff] [blame]96
97- name: Ensure .kube directory exists
98 file:
99 path: "{{ kube_directory }}"
100 state: directory
101
102- name: Create kube config
103 template:
104 src: kube_config.j2
105 dest: "{{ kube_directory }}/config"