[CE-363] Generate kubeconfig locally for ansible agent

Generate kubeconfig locally to allow running kubectl from local and copy kubeconfig to worker nodes in kubernetes cluster. This patch set fixed an error in previous patch which fails in certain conditions. Change-Id: Ic1e9be4b87fd765329f4c5a1b3f343839d6ddf2b Signed-off-by: Tong Li <litong01@us.ibm.com>
hyperledger-cello · May 15, 2018 · 1cb8546 · 1cb8546
1 parent 0071edf
commit 1cb8546
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 5 deletions.
diff --git a/src/agent/ansible/roles/env_k8s/master/tasks/apply.yml b/src/agent/ansible/roles/env_k8s/master/tasks/apply.yml
@@ -116,10 +116,23 @@
     - kube-controller-manager
     - kube-scheduler
 
+- set_fact:
+    k8stokens: "{{ k8stokens | default([]) + [{'token': item.split(',')[0], 'name': item.split(',')[1]}] }}"
+  with_lines: cat "{{ playbook_dir }}/../../secrets/users/token.csv"
+  tags: "kubeconfig"
+
 - name: Generate kubeconfig
   template:
     src: "{{ playbook_dir }}/../env_k8s/master/templates/kubeconfig.j2"
-    dest: "~/.kube/config"
+    dest: "/etc/kubernetes/kubeconfig"
     mode: 0600
   become: false
-  delegate_to: cloud
+  tags: "kubeconfig"
+
+- name: Get the kubeconfig to the ansible controller
+  fetch:
+    src: "/etc/kubernetes/kubeconfig"
+    dest: "{{ playbook_dir }}/../../vars/kubeconfig"
+    flat: yes
+  become: false
+  tags: "kubeconfig"
diff --git a/src/agent/ansible/roles/env_k8s/master/templates/kubeconfig.j2 b/src/agent/ansible/roles/env_k8s/master/templates/kubeconfig.j2
@@ -2,14 +2,24 @@ apiVersion: v1
 clusters:
 - cluster:
     insecure-skip-tls-verify: true
+{% if cluster.node_ip | default('private_ip') == 'private_ip' %}
     server: http://{{ private_ip }}:8080
+{% else %}
+    server: https://{{ public_ip }}:6443
+{% endif %}
   name: k8sonos
 contexts:
 - context:
     cluster: k8sonos
-    user: ""
+    user: "admin"
   name: k8s
 current-context: k8s
 kind: Config
 preferences: {}
-users: []
+users:
+{% for token in k8stokens %}
+  - name: {{ token.name }}
+    user:
+      token: {{ token.token }}
+{% endfor %}
+
diff --git a/src/agent/ansible/roles/env_k8s/worker/tasks/apply.yml b/src/agent/ansible/roles/env_k8s/worker/tasks/apply.yml
@@ -45,7 +45,7 @@
 
 - name: Copy kubeconfig for each node
   copy:
-    src: "~/.kube/config"
+    src: "{{ playbook_dir }}/../../vars/kubeconfig"
     dest: "{{ item }}"
     mode: 0600
   with_items: