--- # Clean up old kubeconfig directories - name: Delete all files in kubeconfig directories ansible.builtin.file: path: "{{ playbook_dir }}/files/{{ item }}" state: absent loop: - kubeconfig-iks-cas - kubeconfig-iks-karpenter - kubeconfig-eks-cas - kubeconfig-eks-karpenter - name: Recreate kubeconfig directories ansible.builtin.file: path: "{{ playbook_dir }}/files/{{ item }}" state: directory mode: '0755' loop: - kubeconfig-iks-cas - kubeconfig-iks-karpenter - kubeconfig-eks-cas - kubeconfig-eks-karpenter # Define variables first - name: Set role variables set_fact: cloud_provider_env: AWS_ACCESS_KEY_ID: "{{ AWS_ACCESS_KEY_ID | default(omit) }}" AWS_SECRET_ACCESS_KEY: "{{ AWS_SECRET_ACCESS_KEY | default(omit) }}" AWS_DEFAULT_REGION: "{{ 'us-east-1' if cloud_provider == 'eks' else omit }}" iks_zones: - name: us-south-1 subnet_id: "{{ SUBNET_ID.US_SOUTH_1 }}" - name: us-south-2 subnet_id: "{{ SUBNET_ID.US_SOUTH_2 }}" - name: us-south-3 subnet_id: "{{ SUBNET_ID.US_SOUTH_3 }}" # Set provider-specific Terraform variables - name: Set Terraform variables set_fact: terraform_vars: "{{ eks_vars if cloud_provider == 'eks' else iks_vars }}" vars: eks_vars: tag_uuid: "{{ tag_uuid }}" aws_secret_key: "{{ AWS_SECRET_ACCESS_KEY }}" aws_access_key: "{{ AWS_ACCESS_KEY_ID }}" flavour: "m5.large" kube_version: "1.29" worker_count: 1 worker_pool_count: 3 iks_vars: tag_uuid: "{{ tag_uuid }}" ibmcloud_api_key: "{{ IBM_CLOUD_TOKEN }}" flavour: "bx2.2x8" kube_version: "1.29.11" worker_count: 1 worker_pool_count: 1 resource_group: "{{ RESOURCE_GROUP_ID }}" region: "us-south" vpc_name: "kscale-workload-vpc" vpc_id: "{{ VPC_ID }}" zones: "{{ iks_zones }}" kube_config_path: "{{ playbook_dir }}" # Create clusters with Terraform - name: Create clusters community.general.terraform: project_path: "{{ playbook_dir }}/../terraform-{{ cloud_provider }}" state: present force_init: true complex_vars: true variables: "{{ terraform_vars }}" environment: "{{ cloud_provider_env }}" async: 7200 # Allow up to 2 hour for cluster creation poll: 0 # Don't wait for completion register: terraform_create_cluster - name: Wait for terraform cluster creation async_status: jid: "{{ terraform_create_cluster.ansible_job_id }}" register: job_result until: job_result.finished retries: 720 # Check for 2 hour (720 * 10 seconds) delay: 10 # Check every 10 seconds # Register Terraform outputs - name: Get Terraform outputs community.general.terraform: project_path: "{{ playbook_dir }}/../terraform-{{ cloud_provider }}" state: present force_init: false variables: "{{ terraform_vars }}" # Pass the same variables used during creation environment: "{{ cloud_provider_env }}" register: terraform_output_result when: cloud_provider == 'eks' # Set persistent fact for Terraform outputs - name: Set terraform cluster result fact set_fact: terraform_cluster_result_eks: "{{ terraform_output_result }}" cacheable: yes when: cloud_provider == 'eks' # Ensure kubeconfig directories exist (only for EKS) - name: Create kubeconfig directories file: path: "{{ playbook_dir }}/files/kubeconfig-{{ cloud_provider }}-{{ item }}" state: directory mode: '0755' loop: - karpenter - cas # Configure cluster access (only for EKS) - name: Generate kubeconfig for EKS clusters command: > aws eks update-kubeconfig --name {{ item }}-eks --region us-east-1 --kubeconfig {{ playbook_dir }}/files/kubeconfig-{{ cloud_provider }}-{{ item }}/config.yml loop: - karpenter - cas environment: "{{ cloud_provider_env }}" when: cloud_provider == 'eks' # Handle IKS kubeconfig (only for IKS) - name: Find IKS kubeconfig paths find: paths: "{{ playbook_dir }}/files/kubeconfig-iks-{{ item }}" patterns: "config.yml" recurse: yes file_type: file loop: - karpenter - cas register: iks_kubeconfig_files when: cloud_provider == 'iks' - name: Set IKS kubeconfig facts set_fact: "KUBECONFIG_IKS_{{ item.item | upper }}": "{{ (item.files | sort(attribute='mtime', reverse=true))[0].path }}" loop: "{{ iks_kubeconfig_files.results }}" when: - cloud_provider == 'iks' - item.matched > 0 # Set kubeconfig facts for EKS - name: Set kubeconfig facts for EKS set_fact: "KUBECONFIG_{{ cloud_provider | upper }}_{{ item | upper }}": "{{ playbook_dir }}/files/kubeconfig-{{ cloud_provider }}-{{ item }}/config.yml" loop: - karpenter - cas when: cloud_provider == 'eks' # Verify cluster access - name: Wait for cluster API access command: > kubectl --kubeconfig {{ lookup('vars', 'KUBECONFIG_' ~ cloud_provider | upper ~ '_' ~ (item | upper)) }} get --raw /api register: cluster_api_check until: cluster_api_check.rc == 0 retries: 30 delay: 10 loop: - karpenter - cas environment: "{{ cloud_provider_env }}" # Wait for nodes - name: Wait for cluster nodes to be ready shell: | kubectl get nodes --no-headers | awk '{print $2}' | grep -v 'Ready' | wc -l register: nodes_not_ready until: nodes_not_ready.stdout == "0" retries: 20 delay: 30 loop: - karpenter - cas environment: "{{ eks_env if cloud_provider == 'eks' else iks_env }}" vars: eks_env: KUBECONFIG: "{{ lookup('vars', 'KUBECONFIG_' ~ cloud_provider | upper ~ '_' ~ (item | upper)) }}" AWS_ACCESS_KEY_ID: "{{ AWS_ACCESS_KEY_ID }}" AWS_SECRET_ACCESS_KEY: "{{ AWS_SECRET_ACCESS_KEY }}" AWS_DEFAULT_REGION: "us-east-1" iks_env: KUBECONFIG: "{{ lookup('vars', 'KUBECONFIG_' ~ cloud_provider | upper ~ '_' ~ (item | upper)) }}"