okd/roles/openshift_openstack/tasks/populate-dns.yml

# TODO: use nsupdate to populate the DNS servers using the keys
# specified in the inventory.

# this is an optional step -- the deployers may do whatever else they
# wish here.


# TODO: build records
# TODO: run nsupdate


- name: "Generate list of private A records"
  set_fact:
    private_records: "{{ [ { 'type': 'A', 'hostname': hostvars[item]['ansible_hostname'], 'ip': hostvars[item]['private_v4'] } ] }}"
  with_items: "{{ groups['cluster_hosts'] }}"

# - name: "Add wildcard records to the private A records for infrahosts"
#   set_fact:
#     private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'hostname': '*.' + openshift_app_domain, 'ip': hostvars[item]['private_v4'] } ] }}"
#   with_items: "{{ groups['infra_hosts'] }}"

# - name: "Add public master cluster hostname records to the private A records (single master)"
#   set_fact:
#     private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(full_dns_domain, ''))[:-1], 'ip': hostvars[groups.masters[0]].private_v4 } ] }}"
#   when:
#     - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
#     - openstack_num_masters == 1

# - name: "Add public master cluster hostname records to the private A records (multi-master)"
#   set_fact:
#     private_records: "{{ private_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(full_dns_domain, ''))[:-1], 'ip': hostvars[groups.lb[0]].private_v4 } ] }}"
#   when:
#     - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
#     - openstack_num_masters > 1

- name: "Set the private DNS server to use the external value (if provided)"
  set_fact:
    nsupdate_server_private: "{{ external_nsupdate_keys['private']['server'] }}"
    nsupdate_key_secret_private: "{{ external_nsupdate_keys['private']['key_secret'] }}"
    nsupdate_key_algorithm_private: "{{ external_nsupdate_keys['private']['key_algorithm'] }}"
    nsupdate_private_key_name: "{{ external_nsupdate_keys['private']['key_name']|default('private-' + full_dns_domain) }}"
  when:
    - external_nsupdate_keys is defined
    - external_nsupdate_keys['private'] is defined


- name: "Generate the private Add section for DNS"
  set_fact:
    private_named_records:
      - view: "private"
        zone: "{{ full_dns_domain }}"
        server: "{{ nsupdate_server_private }}"
        key_name: "{{ nsupdate_private_key_name|default('private-' + full_dns_domain) }}"
        key_secret: "{{ nsupdate_key_secret_private }}"
        key_algorithm: "{{ nsupdate_key_algorithm_private | lower }}"
        entries: "{{ private_records }}"

# - name: "Generate list of public A records"
#   set_fact:
#     public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': hostvars[item]['ansible_hostname'], 'ip': hostvars[item]['public_v4'] } ] }}"
#   with_items: "{{ groups['cluster_hosts'] }}"
#   when: hostvars[item]['public_v4'] is defined

# - name: "Add wildcard records to the public A records"
#   set_fact:
#     public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': '*.' + openshift_app_domain, 'ip': hostvars[item]['public_v4'] } ] }}"
#   with_items: "{{ groups['infra_hosts'] }}"
#   when: hostvars[item]['public_v4'] is defined

# - name: "Add public master cluster hostname records to the public A records (single master)"
#   set_fact:
#     public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(full_dns_domain, ''))[:-1], 'ip': hostvars[groups.masters[0]].public_v4 } ] }}"
#   when:
#     - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
#     - openstack_num_masters == 1
#     - not use_bastion|bool

# - name: "Add public master cluster hostname records to the public A records (single master behind a bastion)"
#   set_fact:
#     public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(full_dns_domain, ''))[:-1], 'ip': hostvars[groups.bastions[0]].public_v4 } ] }}"
#   when:
#     - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
#     - openstack_num_masters == 1
#     - use_bastion|bool

# - name: "Add public master cluster hostname records to the public A records (multi-master)"
#   set_fact:
#     public_records: "{{ public_records | default([]) + [ { 'type': 'A', 'hostname': (hostvars[groups.masters[0]].openshift_master_cluster_public_hostname | replace(full_dns_domain, ''))[:-1], 'ip': hostvars[groups.lb[0]].public_v4 } ] }}"
#   when:
#     - hostvars[groups.masters[0]].openshift_master_cluster_public_hostname is defined
#     - openstack_num_masters > 1

# - name: "Set the public DNS server details to use the external value (if provided)"
#   set_fact:
#     nsupdate_server_public: "{{ external_nsupdate_keys['public']['server'] }}"
#     nsupdate_key_secret_public: "{{ external_nsupdate_keys['public']['key_secret'] }}"
#     nsupdate_key_algorithm_public: "{{ external_nsupdate_keys['public']['key_algorithm'] }}"
#     nsupdate_public_key_name: "{{ external_nsupdate_keys['public']['key_name']|default('public-' + full_dns_domain) }}"
#   when:
#     - external_nsupdate_keys is defined
#     - external_nsupdate_keys['public'] is defined

# - name: "Set the public DNS server details to use the provisioned value"
#   set_fact:
#     nsupdate_server_public: "{{ hostvars[groups['dns'][0]].public_v4 }}"
#     nsupdate_key_secret_public: "{{ hostvars[groups['dns'][0]].nsupdate_keys['public-' + full_dns_domain].key_secret }}"
#     nsupdate_key_algorithm_public: "{{ hostvars[groups['dns'][0]].nsupdate_keys['public-' + full_dns_domain].key_algorithm }}"
#   when:
#     - nsupdate_server_public is undefined

# - name: "Generate the public Add section for DNS"
#   set_fact:
#     public_named_records:
#       - view: "public"
#         zone: "{{ full_dns_domain }}"
#         server: "{{ nsupdate_server_public }}"
#         key_name: "{{ nsupdate_public_key_name|default('public-' + full_dns_domain) }}"
#         key_secret: "{{ nsupdate_key_secret_public }}"
#         key_algorithm: "{{ nsupdate_key_algorithm_public | lower }}"
#         entries: "{{ public_records }}"






- name: "Generate the final dns_records_add"
  set_fact:
    # TODO(shadower): enable this when we add public records
    #dns_records_add: "{{ private_named_records + public_named_records }}"
    dns_records_add: "{{ private_named_records }}"



# RUN NSUPDATE

- name: "Remove any deleted DNS A records"
  nsupdate:
    key_name: "{{ item.0.key_name }}"
    key_secret: "{{ item.0.key_secret }}"
    key_algorithm: "{{ item.0.key_algorithm }}"
    server: "{{ item.0.server }}"
    zone: "{{ item.0.zone }}"
    record: "{{ item.1.hostname }}"
    type: "{{ item.1.type }}"
    state: absent
  with_subelements:
  - "{{ dns_records_rm | default({}) }}"
  - entries
  register: nsupdate_remove_result
  until: nsupdate_remove_result|succeeded
  retries: 10
  delay: 1

- name: "Add DNS A records"
  nsupdate:
    key_name: "{{ item.0.key_name }}"
    key_secret: "{{ item.0.key_secret }}"
    key_algorithm: "{{ item.0.key_algorithm }}"
    server: "{{ item.0.server }}"
    zone: "{{ item.0.zone }}"
    record: "{{ item.1.hostname }}"
    value: "{{ item.1.ip }}"
    type: "{{ item.1.type }}"
    state: present
  with_subelements:
  - "{{ dns_records_add | default({}) }}"
  - entries
  register: nsupdate_add_result
  until: nsupdate_add_result|succeeded
  retries: 10
  delay: 1