---
# Copyright kubeinit contributors
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.


##
## Hypervisor installing dependencies and rebooting.
##

- name: Show ansible_distribution
  ansible.builtin.debug:
    var: hostvars[kubeinit_deployment_node_name].ansible_distribution

- name: Show distribution_family
  ansible.builtin.debug:
    var: hostvars[kubeinit_deployment_node_name].distribution_family

- name: Fails if CentOS 7 hypervisor
  ansible.builtin.fail:
    msg:
      - "CentOS 7 is not supported as CentOS 8 guests are used."
      - "Refer to: https://access.redhat.com/solutions/4073061"
      - "This issue is caused by the forward compatibility of xfs"
      - "file system between CentOS 7 and CentOS 8."
      - "Xfs file system in CentOS 8 uses reflink and sparse files,"
      - "but CentOS 7 kernel does not understand them and refuses to mount it."
      - "This means that CentOS 8 guests won't work with CentOS 8 hosts."
  when: (hostvars[kubeinit_deployment_node_name].ansible_distribution == 'CentOS' and hostvars[kubeinit_deployment_node_name].ansible_distribution_major_version == "7")

- name: Fix libvirt qemu bug
  ansible.builtin.shell: |
    set -eo pipefail
    mkdir -p /etc/qemu/firmware
    touch /etc/qemu/firmware/50-edk2-ovmf-cc.json
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"

- name: Install CentOS based requirements
  ansible.builtin.package:
    name: "{{ kubeinit_libvirt_hypervisor_dependencies.centos }}"
    state: present
  when: hostvars[kubeinit_deployment_node_name].distribution_family == 'CentOS' or hostvars[kubeinit_deployment_node_name].distribution_family == 'Fedora'
  register: _result_installed_packages_centos

#
# BEGIN:TODO:FIXME: Remove this testing repo after OVN is in the stable branch.
# This should be applicable only to Debian and not to Ubuntu
#
- name: Enable the testing repo in Debian
  ansible.builtin.lineinfile:
    state: present
    path: "/etc/apt/sources.list"
    line: "deb http://http.us.debian.org/debian/ testing non-free contrib main"
  when: hostvars[kubeinit_deployment_node_name].os == 'debian'

- name: Update packages list
  ansible.builtin.command: apt-get update
  when: hostvars[kubeinit_deployment_node_name].os == 'debian'
  changed_when: false

#
# END:TODO:FIXME
#

- name: Install Debian based requirements
  ansible.builtin.package:
    name: "{{ kubeinit_libvirt_hypervisor_dependencies.debian }}"
    state: present
  when: hostvars[kubeinit_deployment_node_name].distribution_family == 'Debian'
  register: _result_installed_packages_debian

- name: Add users to libvirt
  ansible.builtin.user:
    name: "{{ item }}"
    groups: "kvm,libvirt"
    append: yes
  loop:
    - root
    - "{{ ansible_user | default('root') }}"

- name: Reboot host and wait for it to restart
  ansible.builtin.reboot:
    msg: "Reboot initiated by a package upgrade"
    connect_timeout: 5
    reboot_timeout: 600
    pre_reboot_delay: 0
    post_reboot_delay: 30
    test_command: whoami
  when: (_result_installed_packages_centos.changed or _result_installed_packages_debian.changed) and kubeinit_libvirt_reboot_hypervisors_after_package_update

- name: Clear installed/upgraded packages facts
  ansible.builtin.set_fact:
    _result_installed_packages_centos: null
    _result_installed_packages_debian: null

- name: Check if Intel virtualization is supported
  ansible.builtin.shell: |
    set -e
    grep vmx /proc/cpuinfo
  args:
    executable: /bin/bash
  register: _result_intel_processor
  changed_when: "_result_intel_processor.rc == 0"
  failed_when: _result_intel_processor is not defined

- name: Check if AMD virtualization is supported
  ansible.builtin.shell: |
    set -e
    grep svm /proc/cpuinfo
  args:
    executable: /bin/bash
  register: _result_amd_processor
  changed_when: "_result_amd_processor.rc == 0"
  failed_when: _result_amd_processor is not defined

- name: Fail in case no Intel or AMD virtualization support is not detected and is not a hosted deployment.
  ansible.builtin.fail:
    msg: "The system doesn't seem to have Intel nor AMD virtualization support or is not a hosted deployment."
  when: _result_intel_processor.rc != 0 and _result_amd_processor.rc != 0 and not (kubeinit_hosted_deployment | default(false))

- name: Set fact for Intel virtualization
  ansible.builtin.set_fact:
    nested_virtualization_module_name: "kvm_intel"
  when: _result_intel_processor.rc == 0

- name: Set fact for AMD virtualization
  ansible.builtin.set_fact:
    nested_virtualization_module_name: "kvm_amd"
  when: _result_amd_processor.rc == 0

- name: Set fact for nested virtualization test path
  ansible.builtin.set_fact:
    nested_virtualization_test_path: "/sys/module/{{ nested_virtualization_module_name }}/parameters/nested"
  when: _result_intel_processor.rc == 0 or _result_amd_processor.rc == 0

- name: "Ensure the module is available and loaded: {{ nested_virtualization_module_name }}"
  community.general.modprobe:
    name: "{{ nested_virtualization_module_name }}"
    state: present
  when: _result_intel_processor.rc == 0 or _result_amd_processor.rc == 0

- name: Test status of nested virtualization
  ansible.builtin.shell: |
    set -e
    cat {{ nested_virtualization_test_path }}
  args:
    executable: /bin/bash
  register: _result
  changed_when: "_result.rc == 0"
  when: _result_intel_processor.rc == 0 or _result_amd_processor.rc == 0

- name: "Persist configuration in /etc/modprobe.d/kvm.conf"
  ansible.builtin.lineinfile:
    path: "/etc/modprobe.d/kvm.conf"
    regexp: "^options {{ nested_virtualization_module_name }}.*$"
    line: "options {{ nested_virtualization_module_name }} nested=1"
    create: yes
    mode: '0644'
  when: _result_intel_processor.rc == 0 or _result_amd_processor.rc == 0

- name: "Load the module: {{ nested_virtualization_module_name }}"
  community.general.modprobe:
    name: "{{ nested_virtualization_module_name }}"
    state: present
  when: _result_intel_processor.rc == 0 or _result_amd_processor.rc == 0

- name: Clear intel and amd processor facts
  ansible.builtin.set_fact:
    _result_intel_processor: null
    _result_amd_processor: null

- name: Enable and start libvirtd
  ansible.builtin.service:
    name: libvirtd
    enabled: yes
    state: started

- name: Create cloud user if requested
  ansible.builtin.include_tasks: 60_create_cloud_user.yml
  when: kubeinit_libvirt_cloud_user_create