---
- name: Setup the vpc and the master node group
  hosts: localhost
  tasks:
  - name: get provisioning vars
    include_vars: vars.yml

  - name: create default vpc
    include_role:
      name: openshift_aws_vpc
    vars:
      r_openshift_aws_vpc_clusterid: "{{ provision.clusterid }}"
      r_openshift_aws_vpc_cidr: "{{ provision.vpc.cidr }}"
      r_openshift_aws_vpc_subnets: "{{ provision.vpc.subnets }}"
      r_openshift_aws_vpc_region: "{{ provision.region }}"
      r_openshift_aws_vpc_tags: "{{ provision.vpc.tags }}"
      r_openshift_aws_vpc_name: "{{ provision.vpc.name | default(provision.clusterid) }}"

  - name: create aws ssh keypair
    include_role:
      name: openshift_aws_ssh_keys
    vars:
      r_openshift_aws_ssh_keys_users: "{{ provision.instance_users }}"
      r_openshift_aws_ssh_keys_region: "{{ provision.region }}"

  - when: provision.openshift_registry_s3 | default(false)
    name: create s3 bucket for registry
    include_role:
      name: openshift_aws_s3
    vars:
      r_openshift_aws_s3_clusterid: "{{ provision.clusterid }}-docker-registry"
      r_openshift_aws_s3_region: "{{ provision.region }}"
      r_openshift_aws_s3_mode: create

  - name: include scale group creation for master
    include: build_node_group.yml
    vars:
      openshift_build_node_type: master

  - name: fetch new master instances
    ec2_remote_facts:
      region: "{{ provision.region }}"
      filters:
        "tag:clusterid": "{{ provision.clusterid }}"
        "tag:host-type": master
        instance-state-name: running
    register: instancesout
    retries: 20
    delay: 3
    until: instancesout.instances|length > 0

  - name: bring iam_cert23 into scope
    include_role:
      name: lib_utils

  - name: upload certificates to AWS IAM
    iam_cert23:
      state: present
      name: "{{ provision.clusterid }}-master-external"
      cert: "{{ provision.iam_cert_ca.cert_path }}"
      key: "{{ provision.iam_cert_ca.key_path }}"
      cert_chain: "{{ provision.iam_cert_ca.chain_path | default(omit) }}"
    register: elb_cert_chain
    failed_when:
    - "'failed' in elb_cert_chain"
    - elb_cert_chain.failed
    - "'msg' in elb_cert_chain"
    - "'already exists' not in elb_cert_chain.msg"
    when: provision.iam_cert_ca is defined

  - debug: var=elb_cert_chain

  - name: create our master external and internal load balancers
    include_role:
      name: openshift_aws_elb
    vars:
      r_openshift_aws_elb_clusterid: "{{ provision.clusterid }}"
      r_openshift_aws_elb_region: "{{ provision.region }}"
      r_openshift_aws_elb_instance_filter:
        "tag:clusterid": "{{ provision.clusterid }}"
        "tag:host-type": master
        instance-state-name: running
      r_openshift_aws_elb_type: master
      r_openshift_aws_elb_direction: "{{ elb_item }}"
      r_openshift_aws_elb_idle_timout: 400
      r_openshift_aws_elb_scheme: internet-facing
      r_openshift_aws_elb_security_groups:
      - "{{ provision.clusterid }}"
      - "{{ provision.clusterid }}_master"
      r_openshift_aws_elb_subnet_name: "{{ provision.vpc.subnets[provision.region][0].az }}"
      r_openshift_aws_elb_name: "{{ provision.clusterid }}-master-{{ elb_item }}"
      r_openshift_aws_elb_cert_arn: "{{ elb_cert_chain.arn }}"
    with_items:
    - internal
    - external
    loop_control:
      loop_var: elb_item

  - name: add new master to masters group
    add_host:
      groups: "masters,etcd,nodes"
      name: "{{ item.public_ip_address }}"
      hostname: "{{ provision.clusterid }}-master-{{ item.id[:-5] }}"
    with_items: "{{ instancesout.instances }}"

  - name: set facts for group normalization
    set_fact:
      cluster_id: "{{ provision.clusterid }}"
      cluster_env: "{{ provision.node_group_config.tags.environment | default('dev') }}"

  - name: wait for ssh to become available
    wait_for:
      port: 22
      host: "{{ item.public_ip_address }}"
      timeout: 300
      search_regex: OpenSSH
    with_items: "{{ instancesout.instances }}"


- name: set the master facts for hostname to elb
  hosts: masters
  gather_facts: no
  remote_user: root
  tasks:
  - name: include vars
    include_vars: vars.yml

  - name: fetch elbs
    ec2_elb_facts:
      region: "{{ provision.region }}"
      names:
      - "{{ item }}"
    with_items:
    - "{{ provision.clusterid }}-master-external"
    - "{{ provision.clusterid }}-master-internal"
    delegate_to: localhost
    register: elbs

  - debug: var=elbs

  - name: set fact
    set_fact:
      openshift_master_cluster_hostname: "{{ elbs.results[1].elbs[0].dns_name }}"
      osm_custom_cors_origins:
      - "{{ elbs.results[1].elbs[0].dns_name }}"
      - "console.{{ provision.clusterid }}.openshift.com"
      - "api.{{ provision.clusterid }}.openshift.com"
    with_items: "{{ groups['masters'] }}"

- name: normalize groups
  include: ../../byo/openshift-cluster/initialize_groups.yml

- name: run the std_include
  include: ../../common/openshift-cluster/std_include.yml

- name: run the config
  include: ../../common/openshift-cluster/config.yml