---
- name: Ensure we have a working directory to save runtime files
  file: "path={{ playbook_dir }}/run state=directory"

- name: Setup host couple variables
  set_fact:
    target_interpreter: "/home/core/bin/python"
    wgroups: "cworkers"
    mgroups: "cmasters"
  when: app_env.target_os == "coreos"

- name: Setup couple variables
  set_fact:
    target_interpreter: "python"
    wgroups: "uworkers"
    mgroups: "umasters"
  when: app_env.target_os == "ubuntu"

- name: Retrieve specified flavor
  os_flavor_facts:
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
    availability_zone: "{{ app_env.availability_zone }}"
    validate_certs: "{{ app_env.validate_certs }}"
    name: "{{ app_env.flavor_name }}"

- name: Create a key-pair
  os_keypair:
    state: "present"
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
    availability_zone: "{{ app_env.availability_zone }}"
    validate_certs: "{{ app_env.validate_certs }}"
    name: "k8s"
    public_key_file: "{{ app_env.public_key_file }}"

- name: Create security group
  os_security_group:
    state: present
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
    availability_zone: "{{ app_env.availability_zone }}"
    validate_certs: "{{ app_env.validate_certs }}"
    name: k8s_sg
    description: security group for kubernetes cluster

- name: Add security rules
  os_security_group_rule:
    state: present
    auth: "{{ auth }}"
    region_name: "{{ app_env.region_name }}"
    availability_zone: "{{ app_env.availability_zone }}"
    validate_certs: "{{ app_env.validate_certs }}"
    security_group: k8s_sg
    protocol: "{{ item.protocol }}"
    direction: "{{ item.dir }}"
    port_range_min: "{{ item.p_min }}"
    port_range_max: "{{ item.p_max }}"
    remote_ip_prefix: 0.0.0.0/0
  with_items:
    - { p_min: 22, p_max: 22, dir: ingress, protocol: tcp }
    - { p_min: 80, p_max: 80, dir: ingress, protocol: tcp }
    - { p_min: 53, p_max: 53, dir: ingress, protocol: udp }
    - { p_min: 53, p_max: 53, dir: egress, protocol: udp }
    - { p_min: 8080, p_max: 8080, dir: ingress, protocol: tcp }
    - { p_min: 8090, p_max: 8090, dir: ingress, protocol: tcp }
    - { p_min: 8285, p_max: 8285, dir: ingress, protocol: udp }
    - { p_min: 2379, p_max: 2380, dir: ingress, protocol: tcp }
    - { p_min: 2379, p_max: 2380, dir: egress, protocol: tcp }
    - { p_min: 10250, p_max: 10250, dir: ingress, protocol: tcp }
    - { p_min: 20000, p_max: 32767, dir: ingress, protocol: tcp }
    - { p_min: -1, p_max: -1, dir: ingress, protocol: icmp }
    - { p_min: -1, p_max: -1, dir: egress, protocol: icmp }

- name: Add provisioning host group
  add_host:
    name: "worker-{{ item }}"
    targetgroup: "{{ wgroups }}"
    ansible_host: "127.0.0.1"
    ansible_python_interpreter: "python"
    groups: "prohosts"
  with_sequence: count={{ app_env.stack_size - 1 }}
  no_log: True

- name: Add provisioning host group
  add_host:
    name: "master"
    targetgroup: "{{ mgroups }}"
    ansible_host: "127.0.0.1"
    ansible_python_interpreter: "python"
    groups: "prohosts"
  no_log: True