---
# SPDX-license-identifier: Apache-2.0
##############################################################################
# Copyright (c) 2018
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
- hosts: ovn-central:ovn-controller
  become: yes
  tasks:
    - name: Load distribution variables
      include_vars:
        file: "{{ item }}"
      with_items:
        - "{{ ansible_os_family }}.yml"
    - name: get Wand GPI files
      get_url:
        url: https://packages.wand.net.nz/keyring.gpg
        dest: /etc/apt/trusted.gpg.d/wand.gpg
    - name: add WAND Debian Repo
      apt_repository:
        repo: "deb https://packages.wand.net.nz {{ ansible_lsb.codename }} main"
        state: present
    - name: install OpenVSwitch packages
      package:
        name: "{{ item }}"
        state: present
      with_items: "{{ openvswitch_pkgs }}"
    - name: install Open Virtual Network components
      package:
        name: "{{ item }}"
        state: present
      with_items: "{{ ovn_pkgs }}"
    - name: start OpenVSwitch services
      service:
        name: "{{ openvswitch_service }}"
        state: started

- hosts: ovn-central
  become: yes
  tasks:
    - name: Load distribution variables
      include_vars:
        file: "{{ item }}"
      with_items:
        - "{{ ansible_os_family }}.yml"
    - name: install Open Virtual Network central components
      package:
        name: "{{ item }}"
        state: present
      with_items: "{{ ovn_central_pkgs }}"
    - name: enable remote connections to southbound and northbound dbs
      lineinfile:
        path: /etc/default/ovn-central
        line: "OVN_CTL_OPTS=\" --db-sb-create-insecure-remote=yes --db-nb-create-insecure-remote=yes\""
        state: present
      when: ansible_os_family == "Debian"
    - name: start OVN northbound database services
      service:
        name: "{{ ovn_central_service }}"
        state: restarted

- hosts: ovn-controller
  become: yes
  vars:
    ovn_central_ips: "{{ groups['ovn-central'] | map('extract', hostvars, ['ansible_ssh_host']) | join(',') }}"
  tasks:
    - name: Load distribution variables
      include_vars:
        file: "{{ item }}"
      with_items:
        - "{{ ansible_os_family }}.yml"
    - name: stop the ovn-controller service
      service:
        name: "{{ ovn_controller_service }}"
        state: stopped
    - name: configure OpenVSwitch databases
      openvswitch_db:
        table: Open_vSwitch
        record: .
        col: external_ids
        key: ovn-remote
        value: \""tcp:{{ item }}:6642"\"
      with_items: "{{ ovn_central_ips }}"
    - name: enable overlay network protocols
      openvswitch_db:
        table: Open_vSwitch
        record: .
        col: external_ids
        key: ovn-encap-type
        value: geneve
    - name: configure the overlay network local endpoint IP address.
      openvswitch_db:
        table: Open_vSwitch
        record: .
        col: external_ids
        key: ovn-encap-ip
        value: "{{ ansible_default_ipv4.address }}"
    - name: start the ovn-controller service
      service:
        name: "{{ ovn_controller_service }}"
        state: started
    - name: ensuring that br-int bridge exists
      openvswitch_bridge:
        bridge: br-int
        state: present
        fail_mode: secure