---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Install glance server
  hosts: glance_all
  max_fail_percentage: 20
  user: root
  pre_tasks:
    - name: Use the lxc-openstack aa profile
      lxc_container:
        name: "{{ container_name }}"
        container_config:
          - "lxc.aa_profile=lxc-openstack"
      delegate_to: "{{ physical_host }}"
      when: not is_metal | bool
      register: container_config
      tags:
        - lxc-aa-profile
    - name: Glance extra lxc config
      lxc_container:
        name: "{{ container_name }}"
        container_command: |
          [[ ! -d "/var/lib/glance/images" ]] && mkdir -p "/var/lib/glance/images"
        container_config:
          - "lxc.mount.entry=/openstack/{{ container_name }} var/lib/glance/images none bind 0 0"
      delegate_to: "{{ physical_host }}"
      when: >
            (not is_metal | bool) and
            (glance_default_store == "file") and
            (glance_nfs_client is not defined)
      register: container_extra_config
      tags:
        - glance-cache-dir
    - name: Wait for container ssh
      wait_for:
        port: "22"
        delay: "{{ ssh_delay }}"
        search_regex: "OpenSSH"
        host: "{{ ansible_ssh_host }}"
      delegate_to: "{{ physical_host }}"
      when: >
            (container_config is defined and container_config | changed) or
            (container_extra_config is defined and container_config | changed)
      register: ssh_wait_check
      until: ssh_wait_check | success
      retries: 3
      tags:
        - ssh-wait
    - name: Sort the rabbitmq servers
      dist_sort:
        value_to_lookup: "{{ container_name }}"
        ref_list: "{{ groups['glance_all'] }}"
        src_list: "{{ rabbitmq_servers }}"
      register: servers
      tags:
        - always
    - name: Set rabbitmq servers
      set_fact:
        rabbitmq_servers: "{{ servers.sorted_list }}"
      tags:
        - always
    - name: Create log dir
      file:
        path: "{{ item.path }}"
        state: directory
      with_items:
        - { path: "/openstack/log/{{ inventory_hostname }}-glance" }
      when: is_metal | bool
      tags:
        - glance-logs
        - glance-log-dirs
    - name: Create log aggregation links
      file:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        state: "{{ item.state }}"
        force: "yes"
      with_items:
        - { src: "/openstack/log/{{ inventory_hostname }}-glance", dest: "/var/log/glance", state: "link" }
      when: is_metal | bool
      tags:
        - glance-logs
    - name: Ensure Rabbitmq vhost
      rabbitmq_vhost:
        name: "{{ glance_rabbitmq_vhost }}"
        state: "present"
      delegate_to: "{{ groups['rabbitmq_all'][0] }}"
      when:
        - inventory_hostname == groups['glance_all'][0]
        - groups['rabbitmq_all']|length > 0
      tags:
        - glance-rabbitmq
        - glance-rabbitmq-vhost
    - name: Ensure rabbitmq user
      rabbitmq_user:
        user: "{{ glance_rabbitmq_userid }}"
        password: "{{ glance_rabbitmq_password }}"
        vhost: "{{ glance_rabbitmq_vhost }}"
        configure_priv: ".*"
        read_priv: ".*"
        write_priv: ".*"
        state: "present"
      delegate_to: "{{ groups['rabbitmq_all'][0] }}"
      when:
        - inventory_hostname == groups['glance_all'][0]
        - groups['rabbitmq_all']|length > 0
      tags:
        - glance-rabbitmq
        - glance-rabbitmq-user
    - name: Create DB for service
      mysql_db:
        login_user: "{{ galera_root_user }}"
        login_password: "{{ galera_root_password }}"
        login_host: "{{ glance_galera_address }}"
        name: "{{ glance_galera_database }}"
        state: "present"
      when: inventory_hostname == groups['glance_all'][0]
      delegate_to: "{{ groups['galera_all'][0] }}"
      tags:
        - mysql-db-setup
    - name: Grant access to the DB for the service
      mysql_user:
        login_user: "{{ galera_root_user }}"
        login_password: "{{ galera_root_password }}"
        login_host: "{{ glance_galera_address }}"
        name: "{{ glance_galera_user }}"
        password: "{{ glance_container_mysql_password }}"
        host: "{{ item }}"
        state: "present"
        priv: "{{ glance_galera_database }}.*:ALL"
      when: inventory_hostname == groups['glance_all'][0]
      delegate_to: "{{ groups['galera_all'][0] }}"
      with_items:
        - "localhost"
        - "%"
      tags:
        - mysql-db-setup
  roles:
    - role: "os_glance"
      glance_venv_tag: "{{ openstack_release }}"
      glance_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/glance-{{ openstack_release }}.tgz"
      pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}"
      tags:
        - "os-glance"
    - { role: "openstack_openrc", tags: [ "openstack-openrc" ] }
    - role: "ceph_client"
      glance_venv_bin: "/openstack/venvs/glance-{{ openstack_release }}/bin"
      openstack_service_system_user: "{{ glance_system_user_name }}"
      openstack_service_venv_bin: "{{ glance_venv_bin if glance_venv_enabled|default(True) else None }}"
      tags:
        - "glance-ceph-client"
        - "ceph-client"
    - role: "rsyslog_client"
      rsyslog_client_log_rotate_file: glance_log_rotate
      rsyslog_client_log_dir: "/var/log/glance"
      rsyslog_client_config_name: "99-glance-rsyslog-client.conf"
      tags:
        - "glance-rsyslog-client"
        - "rsyslog-client"
    - role: "system_crontab_coordination"
      tags:
        - "system-crontab-coordination"
  vars:
    galera_address: "{{ internal_lb_vip_address }}"
    is_metal: "{{ properties.is_metal|default(false) }}"
    glance_galera_user: glance
    glance_galera_database: glance
    glance_galera_address: "{{ galera_address }}"
    glance_rabbitmq_userid: glance
    glance_rabbitmq_vhost: /glance
    glance_rabbitmq_servers: "{{ rabbitmq_servers }}"
    glance_rabbitmq_port: "{{ rabbitmq_port }}"
    glance_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"