5 files changed, 89 insertions, 50 deletions
diff --git a/roles/etcd/defaults/main.yaml b/roles/etcd/defaults/main.yaml
index e0746d70d..29153f4df 100644
--- a/roles/etcd/defaults/main.yaml
+++ b/roles/etcd/defaults/main.yaml
@@ -14,3 +14,4 @@ etcd_advertise_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_clien
 etcd_listen_client_urls: "{{ etcd_url_scheme }}://{{ etcd_ip }}:{{ etcd_client_port }}"
 
 etcd_data_dir: /var/lib/etcd/
+etcd_systemd_dir: "/etc/systemd/system/{{ etcd_service }}.service.d"
diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml
index 5f3ca461e..b4ffc99e3 100644
--- a/roles/etcd/tasks/main.yml
+++ b/roles/etcd/tasks/main.yml
@@ -26,13 +26,60 @@
   - etcd_is_containerized | bool
   - not openshift.common.is_etcd_system_container | bool
 
-- name: Ensure etcd datadir exists when containerized
+
+# Start secondary etcd instance for third party integrations
+# TODO: Determine an alternative to using thirdparty variable
+
+- name: Create configuration directory
+  file:
+    path: "{{ etcd_conf_dir }}"
+    state: directory
+    mode: 0700
+  when: etcd_is_thirdparty | bool
+
+  # TODO: retest with symlink to confirm it does or does not function
+- name: Copy service file for etcd instance
+  copy:
+    src: /usr/lib/systemd/system/etcd.service
+    dest: "/etc/systemd/system/{{ etcd_service }}.service"
+    remote_src: True
+  when: etcd_is_thirdparty | bool
+
+- name: Create third party etcd service.d directory exists
+  file:
+    path: "{{ etcd_systemd_dir }}"
+    state: directory
+  when: etcd_is_thirdparty | bool
+
+- name: Configure third part etcd service unit file
+  template:
+    dest: "{{ etcd_systemd_dir }}/custom.conf"
+    src: custom.conf.j2
+  when: etcd_is_thirdparty
+
+  # TODO: this task may not be needed with Validate permissions
+- name: Ensure etcd datadir exists
   file:
     path: "{{ etcd_data_dir }}"
     state: directory
     mode: 0700
   when: etcd_is_containerized | bool
 
+- name: Ensure etcd datadir ownership for thirdparty datadir
+  file:
+    path: "{{ etcd_data_dir }}"
+    state: directory
+    mode: 0700
+    owner: etcd
+    group: etcd
+    recurse: True
+  when: etcd_is_thirdparty | bool
+
+  # TODO: Determine if the below reload would work here, for now just reload
+- name:
+  command: systemctl daemon-reload
+  when: etcd_is_thirdparty | bool
+
 - name: Disable system etcd when containerized
   systemd:
     name: etcd
@@ -67,7 +114,7 @@
 - name: Write etcd global config file
   template:
     src: etcd.conf.j2
-    dest: /etc/etcd/etcd.conf
+    dest: "{{ etcd_conf_file }}"
     backup: true
   notify:
   - restart etcd
diff --git a/roles/etcd/tasks/system_container.yml b/roles/etcd/tasks/system_container.yml
index 241180e2c..3b80164cc 100644
--- a/roles/etcd/tasks/system_container.yml
+++ b/roles/etcd/tasks/system_container.yml
@@ -1,17 +1,16 @@
 ---
+- name: Load lib_openshift modules
+  include_role:
+    name: lib_openshift
+
 - name: Pull etcd system container
   command: atomic pull --storage=ostree {{ openshift.etcd.etcd_image }}
   register: pull_result
   changed_when: "'Pulling layer' in pull_result.stdout"
 
-- name: Check etcd system container package
-  command: >
-    atomic containers list --no-trunc -a -f container=etcd
-  register: result
-
 - name: Set initial Etcd cluster
   set_fact:
-    etcd_initial_cluster: >
+    etcd_initial_cluster: >-
       {% for host in etcd_peers | default([]) -%}
       {% if loop.last -%}
       {{ hostvars[host].etcd_hostname }}={{ etcd_peer_url_scheme }}://{{ hostvars[host].etcd_ip }}:{{ etcd_peer_port }}
@@ -20,44 +19,23 @@
       {%- endif -%}
       {% endfor -%}
 
-- name: Update Etcd system container package
-  command: >
-    atomic containers update
-    --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
-    --set ETCD_NAME={{ etcd_hostname }}
-    --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }}
-    --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
-    --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
-    --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
-    --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
-    --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
-    --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
-    --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
-    --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
-    --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
-    --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
-    --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
-    etcd
-  when:
-  - ("etcd" in result.stdout)
-
-- name: Install Etcd system container package
-  command: >
-    atomic install --system --name=etcd
-    --set ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
-    --set ETCD_NAME={{ etcd_hostname }}
-    --set ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster | replace('\n', '') }}
-    --set ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
-    --set ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
-    --set ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
-    --set ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
-    --set ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
-    --set ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
-    --set ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
-    --set ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
-    --set ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
-    --set ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
-    --set ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
-    {{ openshift.etcd.etcd_image }}
-  when:
-  - ("etcd" not in result.stdout)
+- name: Install or Update Etcd system container package
+  oc_atomic_container:
+    name: etcd
+    image: "{{ openshift.etcd.etcd_image }}"
+    state: latest
+    values:
+      - ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
+      - ETCD_NAME={{ etcd_hostname }}
+      - ETCD_INITIAL_CLUSTER={{ etcd_initial_cluster }}
+      - ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
+      - ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
+      - ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
+      - ETCD_INITIAL_CLUSTER_TOKEN={{ etcd_initial_cluster_token }}
+      - ETCD_ADVERTISE_CLIENT_URLS={{ etcd_advertise_client_urls }}
+      - ETCD_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
+      - ETCD_CERT_FILE={{ etcd_system_container_conf_dir }}/server.crt
+      - ETCD_KEY_FILE={{ etcd_system_container_conf_dir }}/server.key
+      - ETCD_PEER_CA_FILE={{ etcd_system_container_conf_dir }}/ca.crt
+      - ETCD_PEER_CERT_FILE={{ etcd_system_container_conf_dir }}/peer.crt
+      - ETCD_PEER_KEY_FILE={{ etcd_system_container_conf_dir }}/peer.key
diff --git a/roles/etcd/templates/custom.conf.j2 b/roles/etcd/templates/custom.conf.j2
new file mode 100644
index 000000000..d3433c658
--- /dev/null
+++ b/roles/etcd/templates/custom.conf.j2
@@ -0,0 +1,3 @@
+[Service]
+WorkingDirectory={{ etcd_data_dir }}
+EnvironmentFile=-{{ etcd_conf_file }}
diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2
index 7ccf78212..990a86c21 100644
--- a/roles/etcd/templates/etcd.conf.j2
+++ b/roles/etcd/templates/etcd.conf.j2
@@ -8,7 +8,7 @@
 {% endfor -%}
 {% endmacro -%}
 
-{% if etcd_peers | default([]) | length > 1 %}
+{% if (etcd_peers | default([]) | length > 1) or (etcd_is_thirdparty) %}
 ETCD_NAME={{ etcd_hostname }}
 ETCD_LISTEN_PEER_URLS={{ etcd_listen_peer_urls }}
 {% else %}
@@ -23,6 +23,16 @@ ETCD_LISTEN_CLIENT_URLS={{ etcd_listen_client_urls }}
 #ETCD_MAX_WALS=5
 #ETCD_CORS=
 
+{% if etcd_is_thirdparty %}
+#[cluster]
+ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}
+
+# TODO: This needs to be altered to support the correct etcd instances
+ETCD_INITIAL_CLUSTER={{ etcd_hostname}}={{ etcd_initial_advertise_peer_urls }}
+ETCD_INITIAL_CLUSTER_STATE={{ etcd_initial_cluster_state }}
+ETCD_INITIAL_CLUSTER_TOKEN=thirdparty-etcd-cluster-1
+{% endif %}
+
 {% if etcd_peers | default([]) | length > 1 %}
 #[cluster]
 ETCD_INITIAL_ADVERTISE_PEER_URLS={{ etcd_initial_advertise_peer_urls }}