# Discrete DNS records for each controller's private IPv4 for etcd usage
resource "azurerm_dns_a_record" "etcds" {
  count               = var.controller_count
  resource_group_name = var.dns_zone_group

  # DNS Zone name where record should be created
  zone_name = var.dns_zone

  # DNS record
  name = format("%s-etcd%d", var.cluster_name, count.index)
  ttl  = 300

  # private IPv4 address for etcd
  records = [element(
    azurerm_network_interface.controllers.*.private_ip_address,
    count.index,
  )]
}

locals {
  # Channel for a Container Linux derivative
  # coreos-stable -> Container Linux Stable
  channel = element(split("-", var.os_image), 1)
}

# Controller availability set to spread controllers
resource "azurerm_availability_set" "controllers" {
  resource_group_name = azurerm_resource_group.cluster.name

  name                         = "${var.cluster_name}-controllers"
  location                     = var.region
  platform_fault_domain_count  = 2
  platform_update_domain_count = 4
  managed                      = true
}

# Controller instances
resource "azurerm_virtual_machine" "controllers" {
  count               = var.controller_count
  resource_group_name = azurerm_resource_group.cluster.name

  name                = "${var.cluster_name}-controller-${count.index}"
  location            = var.region
  availability_set_id = azurerm_availability_set.controllers.id
  vm_size             = var.controller_type

  # boot
  storage_image_reference {
    publisher = "CoreOS"
    offer     = "CoreOS"
    sku       = local.channel
    version   = "latest"
  }

  # storage
  storage_os_disk {
    name              = "${var.cluster_name}-controller-${count.index}"
    create_option     = "FromImage"
    caching           = "ReadWrite"
    disk_size_gb      = var.disk_size
    os_type           = "Linux"
    managed_disk_type = "Premium_LRS"
  }

  # network
  network_interface_ids = [element(azurerm_network_interface.controllers.*.id, count.index)]

  os_profile {
    computer_name  = "${var.cluster_name}-controller-${count.index}"
    admin_username = "core"
    custom_data    = element(data.ct_config.controller-ignitions.*.rendered, count.index)
  }

  # Azure mandates setting an ssh_key, even though Ignition custom_data handles it too
  os_profile_linux_config {
    disable_password_authentication = true

    ssh_keys {
      path     = "/home/core/.ssh/authorized_keys"
      key_data = var.ssh_authorized_key
    }
  }

  # lifecycle
  delete_os_disk_on_termination    = true
  delete_data_disks_on_termination = true

  lifecycle {
    ignore_changes = [
      storage_os_disk,
      os_profile,
    ]
  }
}

# Controller NICs with public and private IPv4
resource "azurerm_network_interface" "controllers" {
  count               = var.controller_count
  resource_group_name = azurerm_resource_group.cluster.name

  name                      = "${var.cluster_name}-controller-${count.index}"
  location                  = azurerm_resource_group.cluster.location
  network_security_group_id = azurerm_network_security_group.controller.id

  ip_configuration {
    name                          = "ip0"
    subnet_id                     = azurerm_subnet.controller.id
    private_ip_address_allocation = "dynamic"

    # public IPv4
    public_ip_address_id = element(azurerm_public_ip.controllers.*.id, count.index)
  }
}

# Add controller NICs to the controller backend address pool
resource "azurerm_network_interface_backend_address_pool_association" "controllers" {
  count = var.controller_count

  network_interface_id    = azurerm_network_interface.controllers[count.index].id
  ip_configuration_name   = "ip0"
  backend_address_pool_id = azurerm_lb_backend_address_pool.controller.id
}

# Controller public IPv4 addresses
resource "azurerm_public_ip" "controllers" {
  count               = var.controller_count
  resource_group_name = azurerm_resource_group.cluster.name

  name              = "${var.cluster_name}-controller-${count.index}"
  location          = azurerm_resource_group.cluster.location
  sku               = "Standard"
  allocation_method = "Static"
}

# Controller Ignition configs
data "ct_config" "controller-ignitions" {
  count = var.controller_count
  content = element(
    data.template_file.controller-configs.*.rendered,
    count.index,
  )
  pretty_print = false
  snippets     = var.controller_clc_snippets
}

# Controller Container Linux configs
data "template_file" "controller-configs" {
  count = var.controller_count

  template = file("${path.module}/cl/controller.yaml.tmpl")

  vars = {
    # Cannot use cyclic dependencies on controllers or their DNS records
    etcd_name   = "etcd${count.index}"
    etcd_domain = "${var.cluster_name}-etcd${count.index}.${var.dns_zone}"
    # etcd0=https://cluster-etcd0.example.com,etcd1=https://cluster-etcd1.example.com,...
    etcd_initial_cluster   = join(",", data.template_file.etcds.*.rendered)
    kubeconfig             = indent(10, module.bootstrap.kubeconfig-kubelet)
    ssh_authorized_key     = var.ssh_authorized_key
    cluster_dns_service_ip = cidrhost(var.service_cidr, 10)
    cluster_domain_suffix  = var.cluster_domain_suffix
  }
}

data "template_file" "etcds" {
  count    = var.controller_count
  template = "etcd$${index}=https://$${cluster_name}-etcd$${index}.$${dns_zone}:2380"

  vars = {
    index        = count.index
    cluster_name = var.cluster_name
    dns_zone     = var.dns_zone
  }
}