---
- name: prepare variables and do some sanity checks
  hosts: k8s-emc
  gather_facts: no
  run_once: yes
  tasks:
  - name: setup variables
    set_fact:
      kubernetes_nodes: "{{ groups['k8s-emc'] }}"
      kubernetes_nodes_master: "{{ groups['k8s-emc-master'] | first }}"

  - name: check whether every node has a net_index assigned
    fail:
      msg: "There are nodes without an assigned net-index: {{ kubernetes_nodes | difference(kubernetes.net_index.keys()) | join(', ') }}"
    failed_when: kubernetes_nodes | difference(kubernetes.net_index.keys()) | length > 0

  - name: check whether net indezes are unique
    fail:
      msg: "There are duplicate entries in the net_index table, every net-index is only allowed once"
    failed_when: (kubernetes.net_index.keys() | length) != (kubernetes.net_index.values() | unique | length)

  - name: check whether net indezes are all > 0
    fail:
      msg: "At least one net-index is < 1 (indezes start at 1)"
    failed_when: (kubernetes.net_index.values() | min) < 1

########
- name: install kubernetes and overlay network
  hosts: k8s-emc
  roles:
  ## Since `base` has a dependency for docker it would install and start the daemon
  ## without the docker daemon config file generated by `net`.
  ## This means that the docker daemon will create a bridge and install iptables rules
  ## upon first startup (the first time this playbook runs on a specific host).
  ## Since it is a tedious task to remove the interface and the firewall rules it is much
  ## easier to just run `net` before `base` as `net` does not need anything from `base`.
  - role: kubernetes-net
  - role: kubernetes-base

- name: configure kubernetes master
  hosts: k8s-emc-master
  roles:
  - role: kubernetes-master

- name: configure kubernetes nodes
  hosts: k8s-emc:!k8s-emc-master
  roles:
  - role: kubernetes-node

## TODO: cleanup (remove superflous nodes and delete bootstrap token)