kubernetes-cluster.yml

---
  - name: Get token for adding hosts
    hosts: ansible
    tasks:
    - set_fact:
        environment_url_fact: "{{ rancher_api[env].host }}/{{ rancher_api.environments_path }}/{{ rancher_api[env].id }}"
    - name: Get environment information
      uri:
        url: "{{ environment_url_fact }}"
        method: GET
        user: "{{ rancher_api[env].access_key }}"
        password: "{{ rancher_api[env].secret_key }}"
        return_content: yes
      register: environment_info_fact
    - name: Get existing tokens
      uri:
        url: "{{ environment_info_fact.json['links']['registrationTokens'] }}"
        method: GET
        user: "{{ rancher_api[env].access_key }}"
        password: "{{ rancher_api[env].secret_key }}"
        return_content: yes
      register: existing_tokens_fact
    - name: Create new token.
      uri:
        url: "{{ environment_info_fact.json['links']['registrationTokens'] }}"
        method: POST
        status_code: 201
        user: "{{ rancher_api[env].access_key }}"
        password: "{{ rancher_api[env].secret_key }}"
        return_content: yes
      when: existing_tokens_fact.json['data']|length == 0
    - name: Get existing tokens
      uri:
        url: "{{ environment_info_fact.json['links']['registrationTokens'] }}"
        method: GET
        user: "{{ rancher_api[env].access_key }}"
        password: "{{ rancher_api[env].secret_key }}"
        return_content: yes
      register: existing_tokens_fact
  - name: Create cluster
    hosts: ansible
    roles:
      - kubernetes_iam_profile
      - { role: alb_target_group,
          alb_target_group_name: "{{ env }}-kubernetes-ingress",
          alb_target_group_protocol: HTTP,
          alb_target_group_health_check_interval_seconds: 5,
          alb_target_group_health_check_timeout_seconds: 2,
          alb_target_group_port: 80}
      - { role: alb,
          alb_default_action_target_group: "{{ env }}-kubernetes-ingress",
          alb_app_name: kubernetes,
          alb_allow_http: true }
      - { role: security_group,
          useEnv: true,
          appName: kubernetes,
          security_group_intra_group_udp_ports: [4500, 500],
          security_group_intra_group_all_ports: true,
          security_group_custom_port_rules: [{proto: tcp, from_port: 80, to_port: 80, group_id: "{{ alb.load_balancer.security_groups[0] }}"}]}
      - { role: rancher_cluster,
          rancher_cluster_instance_profile_name: "{{ kubernetes_iam_profile_role_name }}", # This gets set in kubernetes_iam_profile role
          rancher_cluster_name: "{{ env }}-kubernetes-etcd-cluster",
          rancher_cluster_instance_type: t2.small,
          rancher_cluster_launch_configuration_version: 1,
          rancher_cluster_min_size: 3,
          rancher_cluster_max_size: 3,
          rancher_cluster_is_data_plane: true,
          rancher_cluster_host_volume_size: 30,
          rancher_cluster_registration_url: "{{ existing_tokens_fact.json['data'][0]['registrationUrl'] }}" }
      - { role: rancher_cluster,
          rancher_cluster_instance_profile_name: "{{ kubernetes_iam_profile_role_name }}", # This gets set in kubernetes_iam_profile role
          rancher_cluster_name: "{{ env }}-kubernetes-orchestration-cluster",
          rancher_cluster_instance_type: t2.medium,
          rancher_cluster_launch_configuration_version: 1,
          rancher_cluster_min_size: 2,
          rancher_cluster_max_size: 2,
          rancher_cluster_is_orchestration_plane: true,
          rancher_cluster_host_volume_size: 30,
          rancher_cluster_registration_url: "{{ existing_tokens_fact.json['data'][0]['registrationUrl'] }}" }
      - { role: rancher_cluster,
          rancher_cluster_instance_profile_name: "{{ kubernetes_iam_profile_role_name }}", # This gets set in kubernetes_iam_profile role
          rancher_cluster_name: "{{ env }}-kubernetes-cluster",
          rancher_cluster_instance_type: t2.medium,
          rancher_cluster_launch_configuration_version: 1,
          rancher_cluster_min_size: 2,
          rancher_cluster_is_compute_plane: true,
          rancher_cluster_registration_url: "{{ existing_tokens_fact.json['data'][0]['registrationUrl'] }}",
          rancher_cluster_target_group_arn: "{{ alb_target_group_created.TargetGroups[0].TargetGroupArn }}" }