From df476b0088f5e3ba4126231268eb9ff59962ede7 Mon Sep 17 00:00:00 2001
From: Jan Jungnickel <jan@jungnickel.com>
Date: Mon, 7 Nov 2016 12:11:16 +0100
Subject: [PATCH] Initial support for vsphere as cloud provider

---
 inventory/group_vars/all.yml                  |  2 +-
 .../manifests/kube-apiserver.manifest.j2      |  2 +-
 roles/kubernetes/node/templates/kubelet.j2    |  2 +-
 roles/kubernetes/preinstall/defaults/main.yml | 10 +++++++
 roles/kubernetes/preinstall/tasks/main.yml    | 16 ++++++----
 .../tasks/vsphere-credential-check.yml        | 30 +++++++++++++++++++
 .../templates/vsphere-cloud-config.j2         |  9 ++++++
 7 files changed, 62 insertions(+), 9 deletions(-)
 create mode 100644 roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml
 create mode 100644 roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2

diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index 56a777e05..12ca18d9b 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -47,7 +47,7 @@
 
 ## There are some changes specific to the cloud providers
 ## for instance we need to encapsulate packets with some network plugins
-## If set the possible values are either 'gce', 'aws', 'azure' or 'openstack'
+## If set the possible values are either 'gce', 'aws', 'azure', 'openstack', or 'vsphere'
 ## When openstack is used make sure to source in the openstack credentials
 ## like you would do when using nova-client before starting the playbook.
 #cloud_provider:
diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
index c05030697..c4882bd56 100644
--- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
+++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
@@ -51,7 +51,7 @@ spec:
 {% endif %}
     - --v={{ kube_log_level }}
     - --allow-privileged=true
-{% if cloud_provider is defined and cloud_provider in ["openstack", "azure"] %}
+{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %}
     - --cloud-provider={{ cloud_provider }}
     - --cloud-config={{ kube_config_dir }}/cloud_config
 {% elif cloud_provider is defined and cloud_provider == "aws" %}
diff --git a/roles/kubernetes/node/templates/kubelet.j2 b/roles/kubernetes/node/templates/kubelet.j2
index 8ec348a05..54d3b38aa 100644
--- a/roles/kubernetes/node/templates/kubelet.j2
+++ b/roles/kubernetes/node/templates/kubelet.j2
@@ -42,7 +42,7 @@ KUBELET_NETWORK_PLUGIN="--hairpin-mode=promiscuous-bridge --network-plugin=kuben
 {% endif %}
 # Should this cluster be allowed to run privileged docker containers
 KUBE_ALLOW_PRIV="--allow-privileged=true"
-{% if cloud_provider is defined and cloud_provider in ["openstack", "azure"] %}
+{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere" ] %}
 KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }} --cloud-config={{ kube_config_dir }}/cloud_config"
 {% elif cloud_provider is defined and cloud_provider == "aws" %}
 KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }}"
diff --git a/roles/kubernetes/preinstall/defaults/main.yml b/roles/kubernetes/preinstall/defaults/main.yml
index 59076c204..517b91b72 100644
--- a/roles/kubernetes/preinstall/defaults/main.yml
+++ b/roles/kubernetes/preinstall/defaults/main.yml
@@ -32,3 +32,13 @@ openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID')|default(lookup('env','OS_P
 # Container Linux by CoreOS cloud init config file to define /etc/resolv.conf content
 # for hostnet pods and infra needs
 resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf
+
+# For the vSphere integration kubelet will need credentials to access
+# the api. Per default this values will be
+# read from the environment.
+vsphere_username: "{{ lookup('env', VSPHERE_USERNAME ) }}"
+vsphere_password: "{{ lookup('env', VSPHERE_PASSWORD ) }}"
+vsphere_server: "{{ lookup('env', VSPHERE_SERVER ) }}"
+vsphere_datacenter: "{{ lookup('env', VSPHERE_DATACENTER ) }}"
+vsphere_datastore: "{{ lookup('env', VSPHERE_DATASTORE ) }}"
+vsphere_working_dir: "{{ lookup('env', VSPHERE_WORKING_DIR ) }}"
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index 5b79c101d..8dd422353 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -64,8 +64,8 @@
 
 - name: check cloud_provider value
   fail:
-    msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'azure' or 'openstack'"
-  when: cloud_provider is defined and cloud_provider not in ['generic', 'gce', 'aws', 'openstack', 'azure']
+    msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'azure', 'vsphere',  or 'openstack'"
+  when: cloud_provider is defined and cloud_provider not in ['generic', 'gce', 'aws', 'openstack', 'azure', 'vsphere']
   tags: [cloud-provider, facts]
 
 - include: openstack-credential-check.yml
@@ -76,6 +76,10 @@
   when: cloud_provider is defined and cloud_provider == 'azure'
   tags: [cloud-provider, azure, facts]
 
+- include: vsphere-credential-check.yml
+  when: cloud_provider is defined and cloud_provider == 'vsphere'
+  tags: [cloud-provider, vsphere, facts]
+
 - name: Create cni directories
   file:
     path: "{{ item }}"
@@ -179,14 +183,14 @@
     state: present
   tags: bootstrap-os
 
-- name: Write openstack cloud-config
+- name: "Write {{ cloud_provider}} cloud-config"
   template:
-    src: openstack-cloud-config.j2
+    src: "{{ cloud_provider }}-cloud-config.j2"
     dest: "{{ kube_config_dir }}/cloud_config"
     group: "{{ kube_cert_group }}"
     mode: 0640
-  when: inventory_hostname in groups['k8s-cluster'] and cloud_provider is defined and cloud_provider == "openstack"
-  tags: [cloud-provider, openstack]
+  when: inventory_hostname in groups['k8s-cluster'] and cloud_provider is defined and cloud_provider in [ "openstack", "vsphere" ]
+  tags: [cloud-provider, openstack, vsphere]
 
 - name: Write azure cloud-config
   template:
diff --git a/roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml b/roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml
new file mode 100644
index 000000000..8f0b3ba50
--- /dev/null
+++ b/roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml
@@ -0,0 +1,30 @@
+---
+- name: check vsphere_username value
+  fail:
+    msg: "vsphere_username is missing"
+  when: vsphere_username is not defined or vsphere_username == ""
+
+- name: check vsphere_password value
+  fail:
+    msg: "vsphere_password is missing"
+  when: vsphere_password is not defined or vsphere_password == ""
+
+- name: check vsphere_server value
+  fail:
+    msg: "vsphere_server is missing"
+  when: vsphere_server is not defined or vsphere_server == ""
+
+- name: check vsphere_datacenter value
+  fail:
+    msg: "vsphere_datacenter is missing"
+  when: vsphere_datacenter is not defined or vsphere_datacenter == ""
+
+- name: check vsphere_datastore value
+  fail:
+    msg: "vsphere_datastore is missing"
+  when: vsphere_datastore is not defined or vsphere_datastore == ""
+
+- name: check vsphere_working_dir value
+  fail:
+    msg: "vsphere_working_dir is missing"
+  when: vsphere_working_dir is not defined or vsphere_working_dir == ""
diff --git a/roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2 b/roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2
new file mode 100644
index 000000000..d350f973c
--- /dev/null
+++ b/roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2
@@ -0,0 +1,9 @@
+[Global]
+user = {{ vsphere_username }}
+password = {{ vsphere_password }}
+server = {{ vsphere_server }}
+port = 443
+insecure-flag = true
+datacenter = {{ vsphere_datacenter }}
+datastore = {{ vsphere_datastore }}
+working-dir = {{ vsphere_working_dir }}
-- 
GitLab