---
# Required from inventory:
#   calico_rr_ip - which specific IP to use for RR, defaults to
#   "ip" from inventory or "ansible_default_ipv4.address"

- name: Calico-rr | Set IP fact
  set_fact:
    rr_ip: "{{ calico_rr_ip | default(ip) | default(fallback_ips[inventory_hostname]) }}"

- name: Calico-rr | Create calico certs directory
  file:
    dest: "{{ calico_cert_dir }}"
    state: directory
    mode: 0750
    owner: root
    group: root

- name: Calico-rr | Link etcd certificates for calico-node
  file:
    src: "{{ etcd_cert_dir }}/{{ item.s }}"
    dest: "{{ calico_cert_dir }}/{{ item.d }}"
    state: hard
    force: yes
  with_items:
    - {s: "{{ kube_etcd_cacert_file }}", d: "ca_cert.crt"}
    - {s: "{{ kube_etcd_cert_file }}", d: "cert.crt"}
    - {s: "{{ kube_etcd_key_file }}", d: "key.pem"}

- name: Calico-rr | Create dir for logs
  file:
    path: /var/log/calico-rr
    state: directory
    mode: 0755
    owner: root
    group: root

- name: Calico-rr | Write calico-rr.env for systemd init file
  template:
    src: calico-rr.env.j2
    dest: /etc/calico/calico-rr.env
  notify: restart calico-rr

- name: Calico-rr | Write calico-rr systemd init file
  template:
    src: calico-rr-docker.service.j2
    dest: /etc/systemd/system/calico-rr.service
  notify: restart calico-rr
  when:
    - container_manager in ['crio', 'docker', 'rkt']

- name: Calico-rr | Write calico-rr systemd init file
  template:
    src: calico-rr-containerd.service.j2
    dest: /etc/systemd/system/calico-rr.service
  notify: restart calico-rr
  when:
    - container_manager == 'containerd'

- name: Calico-rr | Configure route reflector
  command: |-
    {{ bin_dir }}/etcdctl \
    --endpoints={{ etcd_access_addresses }} \
    put /calico/bgp/v1/rr_v4/{{ rr_ip }} \
    '{
       "ip": "{{ rr_ip }}",
       "cluster_id": "{{ cluster_id }}"
     }'
  environment:
    ETCDCTL_API: 3
    ETCDCTL_CERT: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}.pem"
    ETCDCTL_KEY: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}-key.pem"
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  delegate_to: "{{ groups['etcd'][0] }}"
  when:
    - calico_version is version("v3.0.0", ">=")

- name: Calico-rr | Configure route reflector (legacy)
  command: |-
    {{ bin_dir }}/etcdctl \
    --peers={{ etcd_access_addresses }} \
    set /calico/bgp/v1/rr_v4/{{ rr_ip }} \
    '{
       "ip": "{{ rr_ip }}",
       "cluster_id": "{{ cluster_id }}"
     }'
  environment:
    ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}.pem"
    ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}-key.pem"
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  delegate_to: "{{ groups['etcd'][0] }}"
  when:
    - calico_version is version("v3.0.0", "<")

- meta: flush_handlers

- name: Calico-rr | Enable calico-rr
  service:
    name: calico-rr
    state: started
    enabled: yes