---
- name: register a repo for Golang
  yum_repository:
    name: 'centos-paas-sig-openshift-origin37-rpms'
    state: present
    description: 'CentOS PaaS SIG Origin 3.7 Repository'
    baseurl: 'https://cbs.centos.org/repos/paas7-openshift-origin37-candidate/x86_64/os/'
    includepkgs: 'golang'
    gpgcheck: no
    sslverify: no
  when: ansible_distribution in ['RedHat', 'CentOS']

- name: Make sure we have all required packages
  package:
    name: "{{ item }}"
    state: present
  with_items:
    - btrfs-progs-devel
    - container-selinux
    - curl
    - device-mapper-devel
    - expect
    - findutils
    - gcc
    - git
    - glib2-devel
    - glibc-devel
    - glibc-static
    - golang
    - gpgme-devel
    - hostname
    - iproute
    - iptables
    - krb5-workstation
    - libassuan-devel
    - libffi-devel
    - libgpg-error-devel
    - libguestfs-tools
    - libseccomp-devel
    - libvirt-client
    - libvirt-python
    - libxml2-devel
    - libxslt-devel
    - make
    - mlocate
    - nfs-utils
    - nmap-ncat
    - npm
    - oci-register-machine
    - oci-systemd-hook
    - oci-umount
    - openssl
    - openssl-devel
    - ostree-devel
    - pkgconfig
    - python
    - python2-boto
    - python2-crypto
    - python2-mock
    - python-click
    - python-devel
    - python-virtualenv
    - PyYAML
    - redhat-rpm-config
    - rpcbind
    - rsync
    - sed
    - skopeo-containers
    - socat
    - tar
    - wget
  async: 600
  poll: 10

- name: Update all packages
  package:
    name: '*'
    state: latest
  async: 600
  poll: 10

- name: Setup swap to prevent kernel firing off the OOM killer
  shell: |
    truncate -s 8G /root/swap && \
    export SWAPDEV=$(losetup --show -f /root/swap | head -1) && \
    mkswap $SWAPDEV && \
    swapon $SWAPDEV && \
    swapon --show

- name: ensure directories exist as needed
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - /opt/cni/bin
    - /etc/cni/net.d

- name: set sysctl vm.overcommit_memory=1 for CentOS
  sysctl:
    name: vm.overcommit_memory
    state: present
    value: 1
  when: ansible_distribution == 'CentOS'

- name: disable selinux see https://github.com/kubernetes-incubator/cri-o/issues/528
  selinux:
    policy: targeted
    state: permissive

- name: inject hostname into /etc/hosts
  lineinfile:
    dest: /etc/hosts
    line: '{{ ansible_default_ipv4.address }} {{ ansible_nodename }}'
    insertafter: 'EOF'
    regexp: '{{ ansible_default_ipv4.address }}\s+{{ ansible_nodename }}'
    state: present

- name: Flush the iptables
  command: iptables -F