aws_eks_cluster: Add wait functionality (#42259)

* aws_eks_cluster: Improve output documentation

This data is already returned by the module, it just wasn't documented. These
fields are required for accessing the created Kubernetes API with e.g. the
k8s_raw module.

* aws_eks_cluster: Add wait functionality

This enables further cluster configuration once it's created and active.

20 minutes was chosen as an arbitrary default, so that if it takes longer than
the documented "usually less than 10 minutes" it's still likely to succeed.

* Correct security group name in aws_eks tests

* Improve teardown of aws_eks tests

Fix minor teardown issues. The `pause` step is a placeholder until
a waiter for `state: absent`
This commit is contained in:
Deiwin Sarjas 2018-07-04 15:30:57 +03:00 committed by Will Thames
commit 6412cbf84b
4 changed files with 125 additions and 4 deletions

View file

@ -21,7 +21,7 @@ eks_security_groups:
from_port: 1025
to_port: 65535
proto: tcp
- name: "{{ eks_cluster_name }}-worker-sg"
- name: "{{ eks_cluster_name }}-workers-sg"
description: "EKS Worker Security Group"
rules:
- group_name: "{{ eks_cluster_name }}-workers-sg"

View file

@ -106,6 +106,27 @@
- eks_create is changed
- eks_create.name == eks_cluster_name
- name: create EKS cluster with same details but wait for it to become active
aws_eks_cluster:
name: "{{ eks_cluster_name }}"
security_groups: "{{ eks_security_groups | json_query('[].name') }}"
subnets: "{{ setup_subnets.results | json_query('[].subnet.id') }}"
role_arn: "{{ iam_role.arn }}"
wait: yes
<<: *aws_connection_info
register: eks_create
- name: Check that EKS cluster is active and has CA and endpoint data
assert:
that:
- eks_create is not changed
- eks_create.name == eks_cluster_name
- eks_create.status == "ACTIVE"
- eks_create.certificate_authority.data is defined
- eks_create.certificate_authority.data != ""
- eks_create.endpoint is defined
- eks_create.endpoint != ""
- name: create EKS cluster with same details but using SG ids
aws_eks_cluster:
name: "{{ eks_cluster_name }}"
@ -146,6 +167,9 @@
register: eks_delete
ignore_errors: yes
- pause:
minutes: 5
- debug:
msg: "{{ eks_security_groups|reverse|list }}"
@ -154,6 +178,19 @@
additional_eks_sg:
- name: "{{ eks_cluster_name }}-workers-sg"
- name: set all security group rule lists to empty to remove circular dependency
ec2_group:
name: "{{ item.name }}"
description: "{{ item.description }}"
state: present
rules: []
rules_egress: []
purge_rules: yes
purge_rules_egress: yes
vpc_id: '{{ setup_vpc.vpc.id }}'
<<: *aws_connection_info
with_items: "{{ eks_security_groups }}"
- name: remove security groups
ec2_group:
name: '{{ item.name }}'