Merge branch 'master' into mbruzek-openshift-openstack

author: Matt Bruzek <mbruzek@gmail.com> 2018-01-18 15:27:13 -0600
committer: Matt Bruzek <mbruzek@gmail.com> 2018-01-18 15:27:13 -0600
commit: cb581bfb67a53f887c4705d45fc7b0024a6816f9 (patch)
tree: 9c351ddd9282f5d3d37c1189af0ac2ad444c0125 /roles/openshift_master
parent: c7a1c448cbd64de98e1f097d14b58ee9f6ccf511 (diff)
parent: 1a2a895356df638756d2117e3d324710167737db (diff)
download: openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.gz
openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.bz2
openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.xz
openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.zip
16 files changed, 76 insertions, 42 deletions
diff --git a/roles/openshift_master/defaults/main.yml b/roles/openshift_master/defaults/main.yml
index efd119299..7d96a467e 100644
--- a/roles/openshift_master/defaults/main.yml
+++ b/roles/openshift_master/defaults/main.yml
@@ -7,6 +7,12 @@ openshift_master_debug_level: "{{ debug_level | default(2) }}"
 r_openshift_master_firewall_enabled: "{{ os_firewall_enabled | default(True) }}"
 r_openshift_master_use_firewalld: "{{ os_firewall_use_firewalld | default(False) }}"
 
+osm_image_default_dict:
+  origin: 'openshift/origin'
+  openshift-enterprise: 'openshift3/ose'
+osm_image_default: "{{ osm_image_default_dict[openshift_deployment_type] }}"
+osm_image: "{{ osm_image_default }}"
+
 system_images_registry_dict:
   openshift-enterprise: "registry.access.redhat.com"
   origin: "docker.io"
@@ -47,12 +53,12 @@ oreg_host: "{{ oreg_url.split('/')[0] if (oreg_url is defined and '.' in oreg_ur
 oreg_auth_credentials_path: "{{ r_openshift_master_data_dir }}/.docker"
 oreg_auth_credentials_replace: False
 l_bind_docker_reg_auth: False
-openshift_docker_alternative_creds: "{{ (openshift_docker_use_system_container | default(False)) or (openshift_use_crio_only | default(False)) }}"
+openshift_docker_alternative_creds: "{{ (openshift_docker_use_system_container | default(False) | bool) or (openshift_use_crio_only | default(False)) }}"
 
 containerized_svc_dir: "/usr/lib/systemd/system"
 ha_svc_template_path: "native-cluster"
 
-openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False)) else 'docker' }}"
+openshift_docker_service_name: "{{ 'container-engine' if (openshift_docker_use_system_container | default(False) | bool) else 'docker' }}"
 
 openshift_master_loopback_config: "{{ openshift_master_config_dir }}/openshift-master.kubeconfig"
 loopback_context_string: "current-context: {{ openshift.master.loopback_context_name }}"
@@ -76,6 +82,15 @@ openshift_master_valid_grant_methods:
 
 openshift_master_is_scaleup_host: False
 
+# openshift_master_oauth_template is deprecated.  Should be added to deprecations
+# and removed.
+openshift_master_oauth_template: False
+openshift_master_oauth_templates_default:
+  login: "{{ openshift_master_oauth_template }}"
+openshift_master_oauth_templates: "{{ openshift_master_oauth_template | ternary(openshift_master_oauth_templates_default, False) }}"
+# Here we combine openshift_master_oath_template into 'login' key of openshift_master_oath_templates, if not present.
+l_openshift_master_oauth_templates: "{{ openshift_master_oauth_templates | default(openshift_master_oauth_templates_default) }}"
+
 # These defaults assume forcing journald persistence, fsync to disk once
 # a second, rate-limiting to 10,000 logs a second, no forwarding to
 # syslog or wall, using 8GB of disk space maximum, using 10MB journal
diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml
index bf0cbbf18..3460efec9 100644
--- a/roles/openshift_master/meta/main.yml
+++ b/roles/openshift_master/meta/main.yml
@@ -14,5 +14,4 @@ galaxy_info:
 dependencies:
 - role: lib_openshift
 - role: lib_utils
-- role: lib_os_firewall
 - role: openshift_facts
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 7bfc870d5..b12a6b346 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -16,10 +16,10 @@
 
 - name: Install Master package
   package:
-    name: "{{ openshift_service_type }}-master{{ openshift_pkg_version | default('') | oo_image_tag_to_rpm_version(include_dash=True) }}"
+    name: "{{ openshift_service_type }}-master{{ openshift_pkg_version | default('') | lib_utils_oo_image_tag_to_rpm_version(include_dash=True) }}"
     state: present
   when:
-  - not openshift.common.is_containerized | bool
+  - not openshift_is_containerized | bool
   register: result
   until: result is succeeded
 
@@ -31,12 +31,12 @@
     owner: root
     group: root
   when:
-  - openshift.common.is_containerized | bool
+  - openshift_is_containerized | bool
 
 - name: Reload systemd units
   command: systemctl daemon-reload
   when:
-  - openshift.common.is_containerized | bool
+  - openshift_is_containerized | bool
 
 - name: Re-gather package dependent master facts
   openshift_facts:
@@ -48,7 +48,7 @@
 
 - name: Create the policy file if it does not already exist
   command: >
-    {{ openshift.common.client_binary }} adm create-bootstrap-policy-file
+    {{ openshift_client_binary }} adm create-bootstrap-policy-file
       --filename={{ openshift_master_policy }}
   args:
     creates: "{{ openshift_master_policy }}"
@@ -69,7 +69,7 @@
   package: name=httpd-tools state=present
   when:
   - item.kind == 'HTPasswdPasswordIdentityProvider'
-  - not openshift.common.is_atomic | bool
+  - not openshift_is_atomic | bool
   with_items: "{{ openshift.master.identity_providers }}"
   register: result
   until: result is succeeded
@@ -164,7 +164,7 @@
 - name: Install Master system container
   include_tasks: system_container.yml
   when:
-  - openshift.common.is_containerized | bool
+  - openshift_is_containerized | bool
   - l_is_master_system_container | bool
 
 - name: Create session secrets file
@@ -181,6 +181,7 @@
   - restart master api
 
 - set_fact:
+    # translate_idps is a custom filter in role lib_utils
     translated_identity_providers: "{{ openshift.master.identity_providers | translate_idps('v1') }}"
 
 # TODO: add the validate parameter when there is a validation command to run
diff --git a/roles/openshift_master/tasks/registry_auth.yml b/roles/openshift_master/tasks/registry_auth.yml
index 8b342a5b4..911a9bd3d 100644
--- a/roles/openshift_master/tasks/registry_auth.yml
+++ b/roles/openshift_master/tasks/registry_auth.yml
@@ -43,7 +43,7 @@
   set_fact:
     l_bind_docker_reg_auth: True
   when:
-  - openshift.common.is_containerized | bool
+  - openshift_is_containerized | bool
   - oreg_auth_user is defined
   - >
       (master_oreg_auth_credentials_stat.stat.exists
diff --git a/roles/openshift_master/tasks/set_loopback_context.yml b/roles/openshift_master/tasks/set_loopback_context.yml
index 487fefb63..7e013a699 100644
--- a/roles/openshift_master/tasks/set_loopback_context.yml
+++ b/roles/openshift_master/tasks/set_loopback_context.yml
@@ -1,13 +1,13 @@
 ---
 - name: Test local loopback context
   command: >
-    {{ openshift.common.client_binary }} config view
+    {{ openshift_client_binary }} config view
     --config={{ openshift_master_loopback_config }}
   changed_when: false
   register: l_loopback_config
 
 - command: >
-    {{ openshift.common.client_binary }} config set-cluster
+    {{ openshift_client_binary }} config set-cluster
     --certificate-authority={{ openshift_master_config_dir }}/ca.crt
     --embed-certs=true --server={{ openshift.master.loopback_api_url }}
     {{ openshift.master.loopback_cluster_name }}
@@ -17,7 +17,7 @@
   register: set_loopback_cluster
 
 - command: >
-    {{ openshift.common.client_binary }} config set-context
+    {{ openshift_client_binary }} config set-context
     --cluster={{ openshift.master.loopback_cluster_name }}
     --namespace=default --user={{ openshift.master.loopback_user }}
     {{ openshift.master.loopback_context_name }}
@@ -27,7 +27,7 @@
   register: l_set_loopback_context
 
 - command: >
-    {{ openshift.common.client_binary }} config use-context {{ openshift.master.loopback_context_name }}
+    {{ openshift_client_binary }} config use-context {{ openshift.master.loopback_context_name }}
     --config={{ openshift_master_loopback_config }}
   when:
   - l_set_loopback_context is changed
diff --git a/roles/openshift_master/tasks/system_container.yml b/roles/openshift_master/tasks/system_container.yml
index f6c5ce0dd..dcbf7fd9f 100644
--- a/roles/openshift_master/tasks/system_container.yml
+++ b/roles/openshift_master/tasks/system_container.yml
@@ -2,7 +2,7 @@
 
 - name: Pre-pull master system container image
   command: >
-    atomic pull --storage=ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}
+    atomic pull --storage=ostree {{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osm_image }}:{{ openshift_image_tag }}
   register: l_pull_result
   changed_when: "'Pulling layer' in l_pull_result.stdout"
 
@@ -14,7 +14,7 @@
 - name: Install or Update HA api master system container
   oc_atomic_container:
     name: "{{ openshift_service_type }}-master-api"
-    image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}"
+    image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osm_image }}:{{ openshift_image_tag }}"
     state: latest
     values:
     - COMMAND=api
@@ -22,7 +22,7 @@
 - name: Install or Update HA controller master system container
   oc_atomic_container:
     name: "{{ openshift_service_type }}-master-controllers"
-    image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ openshift.master.master_system_image }}:{{ openshift_image_tag }}"
+    image: "{{ 'docker:' if system_images_registry == 'docker' else system_images_registry + '/' }}{{ osm_image }}:{{ openshift_image_tag }}"
     state: latest
     values:
     - COMMAND=controllers
diff --git a/roles/openshift_master/tasks/systemd_units.yml b/roles/openshift_master/tasks/systemd_units.yml
index 1c9ecafaa..870ab7c57 100644
--- a/roles/openshift_master/tasks/systemd_units.yml
+++ b/roles/openshift_master/tasks/systemd_units.yml
@@ -7,7 +7,7 @@
     containerized_svc_dir: "/etc/systemd/system"
     ha_svc_template_path: "docker-cluster"
   when:
-  - openshift.common.is_containerized | bool
+  - openshift_is_containerized | bool
 
 - include_tasks: registry_auth.yml
 
@@ -30,11 +30,11 @@
 # This is the image used for both HA and non-HA clusters:
 - name: Pre-pull master image
   command: >
-    docker pull {{ openshift.master.master_image }}:{{ openshift_image_tag }}
+    docker pull {{ osm_image }}:{{ openshift_image_tag }}
   register: l_pull_result
   changed_when: "'Downloaded newer image' in l_pull_result.stdout"
   when:
-  - openshift.common.is_containerized | bool
+  - openshift_is_containerized | bool
   - not l_is_master_system_container | bool
 
 - name: Create the ha systemd unit files
diff --git a/roles/openshift_master/tasks/upgrade.yml b/roles/openshift_master/tasks/upgrade.yml
index f84cf2f6e..f143673cf 100644
--- a/roles/openshift_master/tasks/upgrade.yml
+++ b/roles/openshift_master/tasks/upgrade.yml
@@ -1,6 +1,6 @@
 ---
 - include_tasks: upgrade/rpm_upgrade.yml
-  when: not openshift.common.is_containerized | bool
+  when: not openshift_is_containerized | bool
 
 - include_tasks: upgrade/upgrade_scheduler.yml
 
diff --git a/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml b/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml
index f72710832..4564f33dd 100644
--- a/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml
+++ b/roles/openshift_master/tasks/upgrade/rpm_upgrade.yml
@@ -8,8 +8,25 @@
 
 # TODO: If the sdn package isn't already installed this will install it, we
 # should fix that
-- name: Upgrade master packages
-  package: name={{ master_pkgs | join(',') }} state=present
+- name: Upgrade master packages - yum
+  command:
+    yum install -y {{ master_pkgs | join(' ') }} \
+    {{ ' --exclude *' ~ openshift_service_type ~ '*3.9*' if openshift_release | version_compare('3.9','<') else '' }}
+  vars:
+    master_pkgs:
+      - "{{ openshift_service_type }}{{ openshift_pkg_version | default('') }}"
+      - "{{ openshift_service_type }}-master{{ openshift_pkg_version | default('') }}"
+      - "{{ openshift_service_type }}-node{{ openshift_pkg_version | default('') }}"
+      - "{{ openshift_service_type }}-sdn-ovs{{ openshift_pkg_version | default('') }}"
+      - "{{ openshift_service_type }}-clients{{ openshift_pkg_version | default('') }}"
+  register: result
+  until: result is succeeded
+  when: ansible_pkg_mgr == 'yum'
+
+- name: Upgrade master packages - dnf
+  dnf:
+    name: "{{ master_pkgs | join(',') }}"
+    state: present
   vars:
     master_pkgs:
       - "{{ openshift_service_type }}{{ openshift_pkg_version }}"
@@ -17,6 +34,6 @@
       - "{{ openshift_service_type }}-node{{ openshift_pkg_version }}"
       - "{{ openshift_service_type }}-sdn-ovs{{ openshift_pkg_version }}"
       - "{{ openshift_service_type }}-clients{{ openshift_pkg_version }}"
-      - "tuned-profiles-{{ openshift_service_type }}-node{{ openshift_pkg_version }}"
   register: result
   until: result is succeeded
+  when: ansible_pkg_mgr == 'dnf'
diff --git a/roles/openshift_master/tasks/upgrade/upgrade_scheduler.yml b/roles/openshift_master/tasks/upgrade/upgrade_scheduler.yml
index 8558bf3e9..995a5ab70 100644
--- a/roles/openshift_master/tasks/upgrade/upgrade_scheduler.yml
+++ b/roles/openshift_master/tasks/upgrade/upgrade_scheduler.yml
@@ -1,6 +1,8 @@
 ---
 # Upgrade predicates
 - vars:
+    # openshift_master_facts_default_predicates is a custom lookup plugin in
+    # role lib_utils
     prev_predicates: "{{ lookup('openshift_master_facts_default_predicates', short_version=openshift_upgrade_min, deployment_type=openshift_deployment_type) }}"
     prev_predicates_no_region: "{{ lookup('openshift_master_facts_default_predicates', short_version=openshift_upgrade_min, deployment_type=openshift_deployment_type, regions_enabled=False) }}"
     default_predicates_no_region: "{{ lookup('openshift_master_facts_default_predicates', regions_enabled=False) }}"
diff --git a/roles/openshift_master/templates/atomic-openshift-master.j2 b/roles/openshift_master/templates/atomic-openshift-master.j2
index 3f7a528a9..4c68155ea 100644
--- a/roles/openshift_master/templates/atomic-openshift-master.j2
+++ b/roles/openshift_master/templates/atomic-openshift-master.j2
@@ -6,7 +6,7 @@ CONFIG_FILE={{ openshift_master_config_file }}
 {% elif openshift_push_via_dns | default(false) %}
 OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000
 {% endif %}
-{% if openshift.common.is_containerized | bool %}
+{% if openshift_is_containerized | bool %}
 IMAGE_VERSION={{ openshift_image_tag }}
 {% endif %}
 
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
index 5e46d9121..a56c0340c 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2
@@ -21,7 +21,7 @@ ExecStart=/usr/bin/docker run --rm --privileged --net=host \
   {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} \
   -v /etc/pki:/etc/pki:ro \
   {% if l_bind_docker_reg_auth | default(False) %} -v {{ oreg_auth_credentials_path }}:/root/.docker:ro{% endif %}\
-  {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api \
+  {{ osm_image }}:${IMAGE_VERSION} start master api \
   --config=${CONFIG_FILE} $OPTIONS
 ExecStartPost=/usr/bin/sleep 10
 ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-master-api
diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
index 899575f1a..79171d511 100644
--- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
+++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2
@@ -20,7 +20,7 @@ ExecStart=/usr/bin/docker run --rm --privileged --net=host \
   {% if openshift_cloudprovider_kind | default('') != '' -%} -v {{ openshift.common.config_base }}/cloudprovider:{{ openshift.common.config_base}}/cloudprovider {% endif -%} \
   -v /etc/pki:/etc/pki:ro \
   {% if l_bind_docker_reg_auth | default(False) %} -v {{ oreg_auth_credentials_path }}:/root/.docker:ro{% endif %}\
-  {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers \
+  {{ osm_image }}:${IMAGE_VERSION} start master controllers \
   --config=${CONFIG_FILE} $OPTIONS
 ExecStartPost=/usr/bin/sleep 10
 ExecStop=/usr/bin/docker stop {{ openshift_service_type }}-master-controllers
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index f1a76e5f5..14023ea73 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -1,6 +1,6 @@
 admissionConfig:
 {% if 'admission_plugin_config' in openshift.master %}
-  pluginConfig:{{ openshift.master.admission_plugin_config | to_padded_yaml(level=2) }}
+  pluginConfig:{{ openshift.master.admission_plugin_config | lib_utils_to_padded_yaml(level=2) }}
 {% endif %}
 apiLevels:
 - v1
@@ -16,13 +16,13 @@ assetConfig:
   metricsPublicURL: {{ openshift_hosted_metrics_deploy_url }}
 {% endif %}
 {% if 'extension_scripts' in openshift.master %}
-  extensionScripts: {{ openshift.master.extension_scripts | to_padded_yaml(1, 2) }}
+  extensionScripts: {{ openshift.master.extension_scripts | lib_utils_to_padded_yaml(1, 2) }}
 {% endif %}
 {% if 'extension_stylesheets' in openshift.master %}
-  extensionStylesheets: {{ openshift.master.extension_stylesheets | to_padded_yaml(1, 2) }}
+  extensionStylesheets: {{ openshift.master.extension_stylesheets | lib_utils_to_padded_yaml(1, 2) }}
 {% endif %}
 {% if 'extensions' in openshift.master %}
-  extensions: {{ openshift.master.extensions | to_padded_yaml(1, 2) }}
+  extensions: {{ openshift.master.extensions | lib_utils_to_padded_yaml(1, 2) }}
 {% endif %}
   servingInfo:
     bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.console_port }}
@@ -42,7 +42,7 @@ assetConfig:
 {% endfor %}
 {% endif %}
 {% if openshift.master.audit_config | default(none) is not none %}
-auditConfig:{{ openshift.master.audit_config | to_padded_yaml(level=1) }}
+auditConfig:{{ openshift.master.audit_config | lib_utils_to_padded_yaml(level=1) }}
 {% endif %}
 controllerConfig:
   election:
@@ -85,7 +85,7 @@ imageConfig:
   format: {{ openshift.master.registry_url }}
   latest: {{ openshift_master_image_config_latest }}
 {% if 'image_policy_config' in openshift.master %}
-imagePolicyConfig:{{ openshift.master.image_policy_config | to_padded_yaml(level=1) }}
+imagePolicyConfig:{{ openshift.master.image_policy_config | lib_utils_to_padded_yaml(level=1) }}
 {% endif %}
 kind: MasterConfig
 kubeletClientInfo:
@@ -96,21 +96,21 @@ kubeletClientInfo:
   port: 10250
 {% if openshift.master.embedded_kube | bool %}
 kubernetesMasterConfig:
-  apiServerArguments: {{ openshift.master.api_server_args | default(None) | to_padded_yaml( level=2 ) }}
+  apiServerArguments: {{ openshift.master.api_server_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }}
 {% if r_openshift_master_etcd3_storage or ( r_openshift_master_clean_install and openshift.common.version_gte_3_6 ) %}
     storage-backend:
     - etcd3
     storage-media-type:
     - application/vnd.kubernetes.protobuf
 {% endif %}
-  controllerArguments: {{ openshift.master.controller_args | default(None) | to_padded_yaml( level=2 ) }}
+  controllerArguments: {{ openshift.master.controller_args | default(None) | lib_utils_to_padded_yaml( level=2 ) }}
   masterCount: {{ openshift.master.master_count }}
   masterIP: {{ openshift.common.ip }}
   podEvictionTimeout: {{ openshift.master.pod_eviction_timeout | default("") }}
   proxyClientInfo:
     certFile: master.proxy-client.crt
     keyFile: master.proxy-client.key
-  schedulerArguments: {{ openshift_master_scheduler_args | default(None) | to_padded_yaml( level=3 ) }}
+  schedulerArguments: {{ openshift_master_scheduler_args | default(None) | lib_utils_to_padded_yaml( level=3 ) }}
   schedulerConfigFile: {{ openshift_master_scheduler_conf }}
   servicesNodePortRange: "{{ openshift_node_port_range | default("") }}"
   servicesSubnet: {{ openshift.common.portal_net }}
@@ -144,7 +144,7 @@ networkConfig:
 {% endif %}
 # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet
   serviceNetworkCIDR: {{ openshift.common.portal_net }}
-  externalIPNetworkCIDRs: {{ openshift_master_external_ip_network_cidrs | default(["0.0.0.0/0"]) | to_padded_yaml(1,2) }}
+  externalIPNetworkCIDRs: {{ openshift_master_external_ip_network_cidrs | default(["0.0.0.0/0"]) | lib_utils_to_padded_yaml(1,2) }}
 {% if openshift_master_ingress_ip_network_cidr is defined %}
   ingressIPNetworkCIDR: {{ openshift_master_ingress_ip_network_cidr }}
 {% endif %}
@@ -152,8 +152,8 @@ oauthConfig:
 {% if 'oauth_always_show_provider_selection' in openshift.master %}
   alwaysShowProviderSelection: {{ openshift.master.oauth_always_show_provider_selection }}
 {% endif %}
-{% if 'oauth_templates' in openshift.master %}
-  templates:{{ openshift.master.oauth_templates | to_padded_yaml(level=2) }}
+{% if l_openshift_master_oauth_templates %}
+  templates:{{ l_openshift_master_oauth_templates | lib_utils_to_padded_yaml(level=2) }}
 {% endif %}
   assetPublicURL: {{ openshift.master.public_console_url }}/
   grantConfig:
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
index cc21b37af..bff32b2e3 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
@@ -6,7 +6,7 @@ CONFIG_FILE={{ openshift_master_config_file }}
 {% elif openshift_push_via_dns | default(false) %}
 OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000
 {% endif %}
-{% if openshift.common.is_containerized | bool %}
+{% if openshift_is_containerized | bool %}
 IMAGE_VERSION={{ openshift_image_tag }}
 {% endif %}
 
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
index 493fc510e..b8a519baa 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
@@ -6,7 +6,7 @@ CONFIG_FILE={{ openshift_master_config_file }}
 {% elif openshift_push_via_dns | default(false) %}
 OPENSHIFT_DEFAULT_REGISTRY=docker-registry.default.svc:5000
 {% endif %}
-{% if openshift.common.is_containerized | bool %}
+{% if openshift_is_containerized | bool %}
 IMAGE_VERSION={{ openshift_image_tag }}
 {% endif %}
author	Matt Bruzek <mbruzek@gmail.com>	2018-01-18 15:27:13 -0600
committer	Matt Bruzek <mbruzek@gmail.com>	2018-01-18 15:27:13 -0600
commit	cb581bfb67a53f887c4705d45fc7b0024a6816f9 (patch)
tree	9c351ddd9282f5d3d37c1189af0ac2ad444c0125 /roles/openshift_master
parent	c7a1c448cbd64de98e1f097d14b58ee9f6ccf511 (diff)
parent	1a2a895356df638756d2117e3d324710167737db (diff)
download	openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.gz openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.bz2 openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.tar.xz openshift-cb581bfb67a53f887c4705d45fc7b0024a6816f9.zip