roles/openvswitch/tasks/main.yml

# Copyright (c) 2022 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

# NOTE(mnaser): Open vSwitch will refuse to start if `DefaultLimitMEMLOCK` is
#               not set to `infinity` in `/etc/systemd/system.conf`, so we run
#               this task to ensure that it is set.
- name: Verify that LimitMEMLOCK is configured for containerd
  block:
    - name: Get the current status of all systemd values for containerd
      changed_when: false
      ansible.builtin.command: systemctl show containerd --property DefaultLimitMEMLOCK # noqa: command-instead-of-module
      register: _openvswitch_memlock_value

    - name: Assert that LimitMEMLOCK is set to infinity
      ansible.builtin.assert:
        that:
          - "'LimitMEMLOCK=infinity' in _openvswitch_memlock_value.stdout"

- name: Uninstall the legacy HelmRelease
  run_once: true
  delegate_to: "{{ groups['controllers'][0] }}"
  block:
    - name: Suspend the existing HelmRelease
      kubernetes.core.k8s:
        state: patched
        api_version: helm.toolkit.fluxcd.io/v2beta1
        kind: HelmRelease
        name: "{{ openvswitch_helm_release_name }}"
        namespace: "{{ openvswitch_helm_release_namespace }}"
        definition:
          spec:
            suspend: true

    - name: Remove the existing HelmRelease
      kubernetes.core.k8s:
        state: absent
        api_version: helm.toolkit.fluxcd.io/v2beta1
        kind: HelmRelease
        name: "{{ openvswitch_helm_release_name }}"
        namespace: "{{ openvswitch_helm_release_namespace }}"

- name: Deploy Helm chart
  run_once: true
  delegate_to: "{{ groups['controllers'][0] }}"
  kubernetes.core.helm:
    name: "{{ openvswitch_helm_release_name }}"
    chart_ref: "{{ openvswitch_helm_chart_ref }}"
    release_namespace: "{{ openvswitch_helm_release_namespace }}"
    create_namespace: true
    kubeconfig: /etc/kubernetes/admin.conf
    values: "{{ _openvswitch_helm_values | combine(openvswitch_helm_values, recursive=True) }}"