roles/juju-setup/tasks/main.yml

---
# roles/juju-setup/main/tasks.yml

- name: Get ubuntu image for uvtool
  become: yes
  command: uvt-simplestreams-libvirt sync --source http://cloud-images.ubuntu.com/daily \
    release={{ ansible_distribution_release }} arch=amd64

- name: create Virtual Machines with uvt-kvm
  shell: uvt-kvm create {{ item.name }} release={{ ansible_distribution_release }} \
    --cpu={{ item.cpu }} --memory={{ item.memMB }} --disk={{ item.diskGB }} --bridge="mgmtbr"
    creates=/var/lib/uvtool/libvirt/images/{{ item.name }}.qcow
  with_items: "{{ head_vm_list }}"

- name: Have VMs autostart on reboot
  become: yes
  virt:
    name={{ item.name }}
    command=autostart
  with_items: "{{ head_vm_list }}"

- name: wait for VM's to come up
  wait_for:
    host={{ item.name }}
    port=22
  with_items: "{{ head_vm_list }}"

- name: Create /etc/ansible/hosts file
  become: yes
  template:
    src=ansible_hosts.j2
    dest=/etc/ansible/hosts

- name: Verify that we can log into every VM
  command: ansible services -m ping -u ubuntu

- name: Have VM's use the apt-cache
  command: ansible services -b -u ubuntu -m lineinfile -a "dest=/etc/apt/apt.conf.d/02apt-cacher-ng create=yes mode=0644 owner=root group=root regexp='^Acquire' line='Acquire::http { Proxy \"http://{{ apt_cacher_name }}:{{ apt_cacher_port | default('3142') }}\"; };'"

- name: Update software in all the VMs
  command: ansible services -m apt -b -u ubuntu -a "upgrade=dist update_cache=yes cache_valid_time=3600"

- name: Create VM's eth0 interface config file for DNS config via resolvconf program
  template:
    src=eth0.cfg.j2
    dest={{ ansible_user_dir }}/eth0.cfg

- name: Copy eth0 interface config file to all VMs
  command: ansible services -b -u ubuntu -m copy -a "src={{ ansible_user_dir }}/eth0.cfg dest=/etc/network/interfaces.d/eth0.cfg owner=root group=root mode=0644"

- name: Restart eth0 interface on all VMs
  command: ansible services -b -u ubuntu -m shell -a "ifdown eth0 ; ifup eth0"

- name: Verify that we can log into every VM after restarting network interfaces
  command: ansible services -m ping -u ubuntu

- name: Register public key in variable
  shell: cat {{ ansible_user_dir }}/.ssh/id_rsa.pub
  register: sshkey

- name: Enable root ssh login on VM's that need it
  command: ansible {{ item.name }} -b -u ubuntu -m authorized_keys -a "user='root' key='{{ sshkey.stdout }}'"
  with_items: "{{ head_vm_list | selectattr('root_ssh_login', 'defined') | list }}"

- name: Initialize Juju
  command: juju generate-config
    creates={{ ansible_user_dir }}/.juju/environments.yaml

- name: Create Juju config file from template
  template:
    src=environments.yaml.j2
    dest={{ ansible_user_dir }}/.juju/environments.yaml

- name: Bootstrap Juju
  command: juju bootstrap
    creates={{ ansible_user_dir }}/.juju/environments/manual.jenv

- name: Copy over juju-config.yml for configuring Juju services
  become: yes
  template:
    src={{ juju_config_name }}_juju_config.yml.j2
    dest={{ juju_config_path }}

# Code for this is in library/juju_facts.py
- name: Obtain Juju Facts for creating machines
  juju_facts:

- name: Pause to let Juju settle before adding machines
  pause:
    prompt="Waiting for Juju..."
    seconds=20

# For setwise operations on desired vs Juju state:
# list of active juju_machines names: juju_machines.keys()
# list of active juju_services names: juju_services.keys()

- name: Add machines to Juju
  command: "juju add-machine ssh:{{ item }}"
  with_items: "{{ head_vm_list | map(attribute='service') | list | reject('undefined') | map('format_string', '%s.'~site_suffix ) | difference( juju_machines.keys() ) }}"

# run this again, so machines will be in the juju_machines list
- name: Obtain Juju Facts after machine creation
  juju_facts:

- name: Deploy services that are hosted in their own VM
  command: "juju deploy {{ charm_versions[item] | default(item) }} --to {{ juju_machines[item~'.'~site_suffix]['machine_id'] }} --config={{ juju_config_path }}"
  with_items: "{{ vm_service_list | difference( juju_services.keys() ) }}"

- name: Deploy mongodb to ceilometer VM
  command: "juju deploy {{ charm_versions['mongodb'] | default('mongodb') }} --to {{ juju_machines['ceilometer.'~site_suffix]['machine_id'] }} --config={{ juju_config_path }}"
  when: juju_services['mongodb'] is undefined

- name: Deploy services that don't have their own VM
  command: "juju deploy {{ charm_versions[item] | default(item) }} --config={{ juju_config_path }}"
  with_items: "{{ standalone_service_list | difference( juju_services.keys() ) }}"

- name: Create relations between services
  command: "juju add-relation '{{ item.0.name }}' '{{ item.1 }}'"
  register: juju_relation
  failed_when: "juju_relation|failed and 'relation already exists' not in juju_relation.stderr"
  with_subelements:
    - "{{ service_relations }}"
    - relations

# run another time, so services will be in juju_services list
- name: Obtain Juju Facts after service creation
  juju_facts:

# 900s = 15m. Usually takes 10-12m on cloudlab for relations to come up
# Only checks for first port in list
- name: Wait for juju services on VM's have open ports
  wait_for:
    host={{ item.name }}
    port={{ item.forwarded_ports[0].int }}
    timeout=900
  with_items: "{{ head_vm_list | selectattr('forwarded_ports', 'defined') | list }}"

# secondary wait, as waiting on ports isn't enough. Probably only need one of these...
# 40*15s = 600s = 10m max wait
- name: Wait for juju services to start
  action: command juju status --format=summary
  register: juju_summary
  until: juju_summary.stdout.find("pending:") == -1
  retries: 40
  delay: 15

- name: Create admin-openrc.sh credentials file
  template:
   src=admin-openrc.sh.j2
   dest={{ ansible_user_dir }}/admin-openrc.sh

- name: Copy nova-cloud-controller CA certificate to head
  command: juju scp {{ juju_services['nova-cloud-controller']['units'].keys()[0] }}:/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt {{ ansible_user_dir }}
    creates={{ ansible_user_dir }}/keystone_juju_ca_cert.crt

- name: Copy cert to system location
  become: yes
  command: cp {{ ansible_user_dir }}/keystone_juju_ca_cert.crt /usr/local/share/ca-certificates
    creates=/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt
  notify: update-ca-certificates

- name: Move cert to all service VM's
  command: ansible services -b -u ubuntu -m copy -a "src={{ ansible_user_dir }}/keystone_juju_ca_cert.crt dest=/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt owner=root group=root mode=0644"

- name: update-ca-certificates in service VM's
  command: ansible services -b -u ubuntu -m command -a "update-ca-certificates"