---
- name: Kubernetes Apps | Check cluster settings for MetalLB
  fail:
    msg: "MetalLB require kube_proxy_strict_arp = true, see https://github.com/danderson/metallb/issues/153#issuecomment-518651132"
  when:
    - "kube_proxy_mode == 'ipvs' and not kube_proxy_strict_arp"

- name: Kubernetes Apps | Check cluster settings for MetalLB
  fail:
    msg: "metallb_ip_range is mandatory to be specified for MetalLB"
  when:
    - metallb_ip_range is not defined or not metallb_ip_range

- name: Kubernetes Apps | Check BGP peers for MetalLB
  fail:
    msg: "metallb_peers is mandatory when metallb_protocol is bgp and metallb_speaker_enabled"
  when:
    - metallb_config.layer3 is defined and metallb_speaker_enabled
    - metallb_config.metallb_peers is not defined or not metallb_config.metallb_peers

- name: Kubernetes Apps | Check that the deprecated 'matallb_auto_assign' variable is not used anymore
  fail:
    msg: "'matallb_auto_assign' configuration variable is deprecated, please use 'metallb_auto_assign' instead"
  when:
    - matallb_auto_assign is defined

- name: Kubernetes Apps | Check AppArmor status
  command: which apparmor_parser
  register: apparmor_status
  when:
    - podsecuritypolicy_enabled
    - inventory_hostname == groups['kube_control_plane'][0]
  failed_when: false

- name: Kubernetes Apps | Set apparmor_enabled
  set_fact:
    apparmor_enabled: "{{ apparmor_status.rc == 0 }}"
  when:
    - podsecuritypolicy_enabled
    - inventory_hostname == groups['kube_control_plane'][0]

- name: Kubernetes Apps | Lay Down MetalLB
  become: true
  template:
    src: "{{ item }}.j2"
    dest: "{{ kube_config_dir }}/{{ item }}"
    mode: 0644
  with_items: ["metallb.yml", "metallb-config.yml", "pools.yaml", "layer2.yaml", "layer3.yaml"]
  register: "rendering"
  when:
    - "inventory_hostname == groups['kube_control_plane'][0]"

- name: Kubernetes Apps | Create MetalLB resources and replace existing
  k8s:
    definition: "{{ lookup('template', 'metallb.yaml') }}"

- name: Kubernetes Apps | Wait for MetalLB controller to be running
  k8s_info:
    kind: Deployment
    namespace: metallb-system
    name: controller
    wait: True
    wait_sleep: 10
    wait_timeout: 360
    wait_condition:
      status: "True"
      type: Available
  register: result
  until: result is not failed

- name: Kubernetes Apps | Install and configure MetalLB
  kube:
    name: "MetalLB"
    kubectl: "{{ bin_dir }}/kubectl"
    filename: "{{ kube_config_dir }}/{{ item.item }}"
    state: "{{ item.changed | ternary('latest','present') }}"
  become: true
  with_items: "{{ rendering.results }}"
  when:
    - "inventory_hostname == groups['kube_control_plane'][0]"

- name: Kubernetes Apps | Delete MetalLB ConfigMap
  k8s:
    name: config
    kind: ConfigMap
    namespace: metallb-system
    state: absent