Move tfstate to ignition config

metal/main.yml

@@ -6,5 +6,6 @@
 
 - name: Create Terraform state storage
   hosts: metal[0]
+  gather_facts: no
   roles:
     - tfstate

metal/roles/pxe-boot/templates/http/ignition/ignition.yaml.j2

@@ -38,3 +38,27 @@ systemd:
   units:
     - name: iscsid.service
       enabled: true
+{% if item == "metal0" %}
+    - name: tfstate.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Run etcd for Terraform state backend
+        After=network-online.target
+        Wants=network-online.target
+
+        [Service]
+        ExecStartPre=-/usr/bin/docker kill tfstate
+        ExecStartPre=-/usr/bin/docker rm tfstate
+        ExecStart=/usr/bin/docker run --name tfstate \
+                    --volume tfstate:/bitnami/etcd/data \
+                    --env ALLOW_NONE_AUTHENTICATION=yes \
+                    --publish 23799:2379 \
+                    --restart always \
+                    bitnami/etcd
+        ExecStop=/usr/bin/docker stop tfstate
+        Restart=always
+
+        [Install]
+        WantedBy=multi-user.target
+{% endif %}

metal/roles/tfstate/tasks/main.yml

@@ -1,18 +1,9 @@
-- name: Install Python library for the Docker
-  dnf:
-    name: python-docker
-
-- name: Create etcd container
-  docker_container:
-    name: etcd-tfstate
-    image: bitnami/etcd
-    restart_policy: always
-    env:
-      ALLOW_NONE_AUTHENTICATION: "yes"
-    published_ports:
-      - "{{ etcd_port }}:2379"
-    volumes:
-      - tfstate:/bitnami/etcd/data
+- name: Wait for etcd
+  wait_for:
+    port: 23799
+    host: '{{ ansible_ssh_host }}'
+    # search_regex: OpenSSH
+  connection: local
 
 - name: Generate Terraform backend config
   delegate_to: localhost

metal/roles/tfstate/templates/backend.tfvars.j2

@@ -1,5 +1,5 @@
 endpoints = [
 {% for host in ansible_play_hosts %}
-  "{{ hostvars[host].ansible_default_ipv4.address }}:{{ etcd_port }}",
+  "{{ hostvars[host].ansible_host }}:{{ etcd_port }}",
 {% endfor %}
 ]