okd/roles/etcd/tasks/main.yml

---
- include: server_certificates.yml

- name: Set hostname and ip facts
  set_fact:
    # Store etcd_hostname and etcd_ip such that they will be available
    # in hostvars. Defaults for these variables are set in etcd_common.
    etcd_hostname: "{{ etcd_hostname }}"
    etcd_ip: "{{ etcd_ip }}"

- name: setup firewall
  include: firewall.yml
  static: yes

- name: Install etcd
  package: name=etcd{{ '-' + etcd_version if etcd_version is defined else '' }} state=present
  when: not etcd_is_containerized | bool

- include_role:
    name: etcd_common
  vars:
    r_etcd_common_action: drop_etcdctl
  when:
  - openshift_etcd_etcdctl_profile | default(true) | bool

- block:
  - name: Pull etcd container
    command: docker pull {{ openshift.etcd.etcd_image }}
    register: pull_result
    changed_when: "'Downloaded newer image' in pull_result.stdout"

  - name: Install etcd container service file
    template:
      dest: "/etc/systemd/system/etcd_container.service"
      src: etcd.docker.service
  when:
  - etcd_is_containerized | bool
  - not openshift.common.is_etcd_system_container | bool

# Start secondary etcd instance for third party integrations
# TODO: Determine an alternative to using thirdparty variable
- block:
  - name: Create configuration directory
    file:
      path: "{{ etcd_conf_dir }}"
      state: directory
      mode: 0700

  # TODO: retest with symlink to confirm it does or does not function
  - name: Copy service file for etcd instance
    copy:
      src: /usr/lib/systemd/system/etcd.service
      dest: "/etc/systemd/system/{{ etcd_service }}.service"
      remote_src: True

  - name: Create third party etcd service.d directory exists
    file:
      path: "{{ etcd_systemd_dir }}"
      state: directory

  - name: Configure third part etcd service unit file
    template:
      dest: "{{ etcd_systemd_dir }}/custom.conf"
      src: custom.conf.j2
  when: etcd_is_thirdparty

  # TODO: this task may not be needed with Validate permissions
- name: Ensure etcd datadir exists
  file:
    path: "{{ etcd_data_dir }}"
    state: directory
    mode: 0700
  when: etcd_is_containerized | bool

- name: Ensure etcd datadir ownership for thirdparty datadir
  file:
    path: "{{ etcd_data_dir }}"
    state: directory
    mode: 0700
    owner: etcd
    group: etcd
    recurse: True
  when: etcd_is_thirdparty | bool

  # TODO: Determine if the below reload would work here, for now just reload
- name:
  command: systemctl daemon-reload
  when: etcd_is_thirdparty | bool

- block:
  - name: Disable system etcd when containerized
    systemd:
      name: etcd
      state: stopped
      enabled: no
      masked: yes
      daemon_reload: yes
    when: not openshift.common.is_etcd_system_container | bool
    register: task_result
    failed_when: task_result|failed and 'could not' not in task_result.msg|lower

  - name: Install etcd container service file
    template:
      dest: "/etc/systemd/system/etcd_container.service"
      src: etcd.docker.service
    when: not openshift.common.is_etcd_system_container | bool

  - name: Install Etcd system container
    include: system_container.yml
    when: openshift.common.is_etcd_system_container | bool
  when: etcd_is_containerized | bool

- name: Validate permissions on the config dir
  file:
    path: "{{ etcd_conf_dir }}"
    state: directory
    owner: "{{ 'etcd' if not etcd_is_containerized | bool else omit }}"
    group: "{{ 'etcd' if not etcd_is_containerized | bool else omit }}"
    mode: 0700

- name: Write etcd global config file
  template:
    src: etcd.conf.j2
    dest: "{{ etcd_conf_file }}"
    backup: true
  notify:
  - restart etcd

- name: Enable etcd
  systemd:
    name: "{{ etcd_service }}"
    state: started
    enabled: yes
  register: start_result

- name: Set fact etcd_service_status_changed
  set_fact:
    etcd_service_status_changed: "{{ start_result | changed }}"