---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Install cinder server
  hosts: cinder_all
  max_fail_percentage: 20
  user: root
  pre_tasks:
    - name: Use the lxc-openstack aa profile
      lxc_container:
        name: "{{ container_name }}"
        container_config:
          - "lxc.aa_profile=unconfined"
      delegate_to: "{{ physical_host }}"
      register: container_config
      when: >
        not is_metal | bool and
        inventory_hostname in groups['cinder_volume']
      tags:
        - lxc-aa-profile
    - name: Add volume group block device to cinder
      shell: |
        {% if item.value.volume_group is defined %}
        if [ "$(pvdisplay | grep -B1 {{ item.value.volume_group }} | awk '/PV/ {print $3}')" ];then
          for device in `pvdisplay | grep -B1 {{ item.value.volume_group }} | awk '/PV/ {print $3}'`
            do lxc-device -n {{ container_name }} add $device
          done
        fi
        {% else %}
        echo "{{ item.key }} volume_group not defined"
        {% endif %}
      with_dict: cinder_backends|default({})
      when: physical_host != container_name
      delegate_to: "{{ physical_host }}"
      tags:
        - cinder-lxc-devices
    - name: Cinder volume extra lxc config
      lxc_container:
        name: "{{ container_name }}"
        container_config:
          - "lxc.autodev=0"
          - "lxc.cgroup.devices.allow=a *:* rmw"
          - "lxc.mount.entry=udev dev devtmpfs defaults 0 0"
      delegate_to: "{{ physical_host }}"
      when: >
        not is_metal | bool and
        inventory_hostname in groups['cinder_volume'] and
        cinder_backend_lvm_inuse
      tags:
        - cinder-container-setup
      register: lxc_config
    - name: udevadm trigger
      command: udevadm trigger
      tags:
        - cinder-container-setup
      delegate_to: "{{ physical_host }}"
      when: lxc_config is defined and lxc_config | changed
    - name: Wait for container ssh
      wait_for:
        port: "22"
        delay: "{{ ssh_delay }}"
        search_regex: "OpenSSH"
        host: "{{ ansible_ssh_host }}"
      delegate_to: "{{ physical_host }}"
      when: >
            (container_config is defined and container_config | changed) or
            (lxc_config is defined and lxc_config | changed)
      register: ssh_wait_check
      until: ssh_wait_check|success
      retries: 3
      tags:
        - ssh-wait
    - name: Sort the rabbitmq servers
      dist_sort:
        value_to_lookup: "{{ container_name }}"
        ref_list: "{{ groups['cinder_all'] }}"
        src_list: "{{ rabbitmq_servers }}"
      register: servers
      tags:
        - always
    - name: Set rabbitmq servers
      set_fact:
        rabbitmq_servers: "{{ servers.sorted_list }}"
      tags:
        - always
    - name: Create log dir
      file:
        path: "{{ item.path }}"
        state: directory
      with_items:
        - { path: "/openstack/log/{{ inventory_hostname }}-cinder" }
      when: is_metal | bool
      tags:
        - cinder-logs
        - cinder-log-dirs
    - name: Create log aggregation links
      file:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        state: "{{ item.state }}"
        force: "yes"
      with_items:
        - { src: "/openstack/log/{{ inventory_hostname }}-cinder", dest: "/var/log/cinder", state: "link" }
      when: is_metal | bool
      tags:
        - cinder-logs
    - name: Ensure Rabbitmq vhost
      rabbitmq_vhost:
        name: "{{ cinder_rabbitmq_vhost }}"
        state: "present"
      delegate_to: "{{ groups['rabbitmq_all'][0] }}"
      when:
        - inventory_hostname == groups['cinder_all'][0]
        - groups['rabbitmq_all']|length > 0
      tags:
        - cinder-rabbitmq
        - cinder-rabbitmq-vhost
    - name: Ensure rabbitmq user
      rabbitmq_user:
        user: "{{ cinder_rabbitmq_userid }}"
        password: "{{ cinder_rabbitmq_password }}"
        vhost: "{{ cinder_rabbitmq_vhost }}"
        configure_priv: ".*"
        read_priv: ".*"
        write_priv: ".*"
        state: "present"
      delegate_to: "{{ groups['rabbitmq_all'][0] }}"
      when:
        - inventory_hostname == groups['cinder_all'][0]
        - groups['rabbitmq_all']|length > 0
      tags:
        - cinder-rabbitmq
        - cinder-rabbitmq-user
    - name: Create DB for service
      mysql_db:
        login_user: "{{ galera_root_user }}"
        login_password: "{{ galera_root_password }}"
        login_host: "{{ cinder_galera_address }}"
        name: "{{ cinder_galera_database }}"
        state: "present"
      when: inventory_hostname == groups['cinder_all'][0]
      delegate_to: "{{ groups['galera_all'][0] }}"
      tags:
        - mysql-db-setup
    - name: Grant access to the DB for the service
      mysql_user:
        login_user: "{{ galera_root_user }}"
        login_password: "{{ galera_root_password }}"
        login_host: "{{ cinder_galera_address }}"
        name: "{{ cinder_galera_user }}"
        password: "{{ cinder_container_mysql_password }}"
        host: "{{ item }}"
        state: "present"
        priv: "{{ cinder_galera_database }}.*:ALL"
      when: inventory_hostname == groups['cinder_all'][0]
      delegate_to: "{{ groups['galera_all'][0] }}"
      with_items:
        - "localhost"
        - "%"
      tags:
        - mysql-db-setup
    - name: Set cinder storage bridge (is_metal)
      set_fact:
        storage_bridge: "{{ 'ansible_' + hostvars[inventory_hostname]['container_networks']['storage_address']['bridge'] | replace('-', '_') }}"
      when:
        - hostvars[inventory_hostname]['container_networks']['storage_address']['bridge'] is defined
        - is_metal | bool
      tags:
        - cinder-config
    - name: Set cinder storage address (is_metal)
      set_fact:
        storage_address: "{{ hostvars[inventory_hostname][storage_bridge]['ipv4']['address'] }}"
      when:
        - hostvars[inventory_hostname]['container_networks']['storage_address']['bridge'] is defined
        - is_metal | bool
      tags:
        - cinder-config
    - name: Set cinder storage bridge (is_metal no storage network)
      set_fact:
        storage_address: "{{ ansible_ssh_host }}"
      when:
        - hostvars[inventory_hostname]['container_networks']['storage_address']['bridge'] is undefined
        - is_metal | bool
      tags:
        - cinder-config
    - name: Set cinder storage address (container)
      set_fact:
        storage_address: "{{ hostvars[inventory_hostname]['container_networks']['storage_address']['address'] }}"
      when:
        - hostvars[inventory_hostname]['container_networks']['storage_address']['address'] is defined
        - not is_metal | bool
      tags:
        - cinder-config
    - name: Set cinder storage address (container no storage network)
      set_fact:
        storage_address: "{{ ansible_ssh_host }}"
      when:
        - hostvars[inventory_hostname]['container_networks']['storage_address']['address'] is undefined
        - not is_metal | bool
      tags:
        - cinder-config
  roles:
    - role: "os_cinder"
      cinder_venv_tag: "{{ openstack_release }}"
      cinder_venv_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ ansible_distribution | lower }}/cinder-{{ openstack_release }}.tgz"
      cinder_management_address: "{{ ansible_ssh_host }}"
      cinder_glance_host: "{{ internal_lb_vip_address }}"
      cinder_glance_service_port: "{{ glance_service_port }}"
      pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}"
      tags:
        - "os-cinder"
    - role: "ceph_client"
      cinder_venv_bin: "/openstack/venvs/cinder-{{ openstack_release }}/bin"
      openstack_service_system_user: "{{ cinder_system_user_name }}"
      openstack_service_venv_bin: "{{ cinder_venv_bin if cinder_venv_enabled|default(True) else None }}"
      tags:
        - "cinder-ceph-client"
        - "ceph-client"
    - role: "rsyslog_client"
      rsyslog_client_log_rotate_file: cinder_log_rotate
      rsyslog_client_log_dir: "/var/log/cinder"
      rsyslog_client_config_name: "99-cinder-rsyslog-client.conf"
      tags:
        - "cinder-rsyslog-client"
        - "rsyslog-client"
    - role: "system_crontab_coordination"
      tags:
        - "system-crontab-coordination"
  vars:
    galera_address: "{{ internal_lb_vip_address }}"
    is_metal: "{{ properties.is_metal|default(false) }}"
    cinder_galera_user: cinder
    cinder_galera_database: cinder
    cinder_galera_address: "{{ galera_address }}"
    cinder_rabbitmq_userid: cinder
    cinder_rabbitmq_vhost: /cinder
    cinder_rabbitmq_servers: "{{ rabbitmq_servers }}"
    cinder_rabbitmq_port: "{{ rabbitmq_port }}"
    cinder_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"