---
- name: prepare variables and do some sanity checks
  hosts: _kubernetes_nodes_
  gather_facts: no
  tasks:
  - name: sanity checks for kubeguard
    when: kubernetes_network_plugin == 'kubeguard'
    run_once: yes
    block:
    - name: check whether every node has a node_index assigned
      assert:
        msg: "There are nodes without an assigned node_index: {{ groups['_kubernetes_nodes_'] | difference(kubeguard.node_index.keys()) | join(', ') }}"
        that: groups['_kubernetes_nodes_'] | difference(kubeguard.node_index.keys()) | length == 0

    - name: check whether node indizes are unique
      assert:
        msg: "There are duplicate entries in the node_index table, every node_index is only allowed once"
        that: (kubeguard.node_index.keys() | length) == (kubeguard.node_index.values() | unique | length)

    - name: check whether node indizes are all > 0
      assert:
        msg: "At least one node_index is < 1 (indizes start at 1)"
        that: (kubeguard.node_index.values() | min) > 0

    - name: check whether overlay node ip is configured
      run_once: no
      any_errors_fatal: yes
      assert:
        msg: "For kubeguard to work you need to configure kubernetes_overlay_node_ip"
        that: kubernetes_overlay_node_ip is defined

  - name: make sure all nodes do belong to the kubernetes-cluster group
    any_errors_fatal: yes
    assert:
      msg: "The host '{{ inventory_hostname }}' does not belong to the group 'kubernetes-cluster'"
      that: "'kubernetes-cluster' in group_names"

########
- name: kubernetes base installation
  hosts: _kubernetes_nodes_
  roles:
  - role: apt-repo/spreadspace
  - role: kubernetes/base
  - role: kubernetes/kubeadm/base

- name: configure primary kubernetes control-plane node
  hosts: _kubernetes_primary_controlplane_node_
  roles:
  - role: kubernetes/kubeadm/control-plane

- name: configure secondary kubernetes control-plane nodes
  hosts: _kubernetes_controlplane_nodes_:!_kubernetes_primary_controlplane_node_
  roles:
  - role: kubernetes/kubeadm/control-plane

- name: configure kubernetes worker nodes
  hosts: _kubernetes_nodes_:!_kubernetes_controlplane_nodes_
  roles:
  - role: kubernetes/kubeadm/worker

- name: finalize nodes
  hosts: _kubernetes_nodes_
  roles:
  - role: kubernetes/decorations