7 files changed, 127 insertions, 80 deletions

diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible
index 9e57340b4..1c588ea84 100644
--- a/.tito/packages/openshift-ansible
+++ b/.tito/packages/openshift-ansible
@@ -1 +1 @@
-3.0.94-1 ./
+3.0.97-1 ./
diff --git a/openshift-ansible.spec b/openshift-ansible.spec
index 6f9083154..5089ddaaf 100644
--- a/openshift-ansible.spec
+++ b/openshift-ansible.spec
@@ -5,7 +5,7 @@
 }
 
 Name:           openshift-ansible
-Version:        3.0.94
+Version:        3.0.97
 Release:        1%{?dist}
 Summary:        Openshift and Atomic Enterprise Ansible
 License:        ASL 2.0
@@ -205,6 +205,50 @@ Atomic OpenShift Utilities includes
 
 
 %changelog
+* Mon Jun 06 2016 Scott Dodson <sdodson@redhat.com> 3.0.97-1
+- Only run node specific bits on nodes (sdodson@redhat.com)
+- Update main.yaml (detiber@gmail.com)
+- Hardcoded values in "launch_instances" - isue # 1970 (daniel@dumdan.com)
+- XPAAS v1.3.1 content for Origin 1.1 / OSE 3.1 (sdodson@redhat.com)
+- XPAAS v1.3.1 release for Origin 1.2 / OSE 3.2 (sdodson@redhat.com)
+- Configure default docker logging options. (abutcher@redhat.com)
+- Run rhel_subscribe on l_oo_all_hosts rather than all (sdodson@redhat.com)
+- Fix error with stopping services that may not exist. (dgoodwin@redhat.com)
+- Add haproxy_frontend_port to vars for openshift-loadbalancer.
+  (abutcher@redhat.com)
+- Move os_firewall_allow from defaults to role dependencies.
+  (abutcher@redhat.com)
+- Ensure registry url evaluated when creating router. (abutcher@redhat.com)
+- Document protocol in readme aws. (abutcher@redhat.com)
+- Revert openshift-certificates changes. (abutcher@redhat.com)
+- wait metrics-deployer complete (need to configure nodes before hosted
+  services) (you@example.com)
+- switch to using sig release packages (jdetiber@redhat.com)
+- temporarily disable gpg checking until we have a way to cleanly enable it
+  (jdetiber@redhat.com)
+- Switch to using CentOS SIG repos for Origin installs (jdetiber@redhat.com)
+- Separate master and haproxy config playbooks. (abutcher@redhat.com)
+- Cleanup bin, test and roles/openshift_ansible_inventory following move to
+  openshift-tools (abutcher@redhat.com)
+- Catch more uninstall targets (sdodson@redhat.com)
+- Adding openshift_clock parameters to example inventory files
+  (jstuever@redhat.com)
+- Enable openshift_clock role for openshift_master, openshift_node, and
+  openshift_etcd (jstuever@redhat.com)
+- Add openshift_clock role to manage system clocks (jstuever@redhat.com)
+- Allow clock role in openshift_facts (jstuever@redhat.com)
+- Consolidate ca/master/node certificates roles into openshift_certificates.
+  (abutcher@redhat.com)
+- allow for overriding dns_flavor for openstack provider (jdetiber@redhat.com)
+- add user-data file back to openstack provisioner (jdetiber@redhat.com)
+- g_all_hosts with templated with_items causes errors with ansible 1.9.4 under
+  some conditions (jdetiber@redhat.com)
+- openstack_fixes (jdetiber@redhat.com)
+- libvirt_fixes (jdetiber@redhat.com)
+- gce fixes (jdetiber@redhat.com)
+- aws provider fixes (jdetiber@redhat.com)
+- Call evaluate_groups from update_repos_and_packages (jdetiber@redhat.com)
+
 * Thu May 26 2016 Scott Dodson <sdodson@redhat.com> 3.0.94-1
 - Use grep to decide when to add our comment (sdodson@redhat.com)
 
diff --git a/playbooks/adhoc/uninstall.yml b/playbooks/adhoc/uninstall.yml
index e42fa214a..dbf924683 100644
--- a/playbooks/adhoc/uninstall.yml
+++ b/playbooks/adhoc/uninstall.yml
@@ -25,11 +25,6 @@
     - set_fact:
         is_containerized: "{{ is_atomic or containerized | default(false) | bool }}"
 
-    - name: Remove br0 interface
-      shell: ovs-vsctl del-br br0
-      changed_when: False
-      failed_when: False
-
     - name: Stop services
       service: name={{ item }} state=stopped
       with_items:
@@ -108,82 +103,12 @@
         - tuned-profiles-openshift-node
         - tuned-profiles-origin-node
 
-    - name: Remove linux interfaces
-      shell: ip link del "{{ item }}"
-      changed_when: False
-      failed_when: False
-      with_items:
-        - lbr0
-        - vlinuxbr
-        - vovsbr
-
     - shell: systemctl reset-failed
       changed_when: False
 
     - shell: systemctl daemon-reload
       changed_when: False
 
-    - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
-      changed_when: False
-
-    - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
-      changed_when: False
-
-    - shell: find /var/lib/openshift/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
-      changed_when: False
-
-    - shell: docker rm -f "{{ item }}"-master "{{ item }}"-node
-      changed_when: False
-      failed_when: False
-      with_items:
-        - openshift-enterprise
-        - atomic-enterprise
-        - origin
-
-    - shell: docker ps -a | grep Exited | egrep "{{ item }}" | awk '{print $1}'
-      changed_when: False
-      failed_when: False
-      register: exited_containers_to_delete
-      with_items:
-        - aep3.*/aep
-        - aep3.*/node
-        - aep3.*/openvswitch
-        - openshift3/ose
-        - openshift3/node
-        - openshift3/openvswitch
-        - openshift/origin
-
-    - shell: "docker rm {{ item.stdout_lines | join(' ') }}"
-      changed_when: False
-      failed_when: False
-      with_items: "{{ exited_containers_to_delete.results }}"
-
-    - shell: docker images | egrep {{ item }} | awk '{ print $3 }'
-      changed_when: False
-      failed_when: False
-      register: images_to_delete
-      with_items:
-        - registry\.access\..*redhat\.com/openshift3
-        - registry\.access\..*redhat\.com/aep3
-        - registry\.qe\.openshift\.com/.*
-        - registry\.access\..*redhat\.com/rhel7/etcd
-        - docker.io/openshift
-
-    - shell:  "docker rmi -f {{ item.stdout_lines | join(' ') }}"
-      changed_when: False
-      failed_when: False
-      with_items: "{{ images_to_delete.results }}"
-
-    - name: Remove sdn drop files
-      file:
-        path: /run/openshift-sdn
-        state: absent
-
-    - name: restart docker
-      service:
-        name: docker
-        state: restarted
-
     - name: Remove remaining files
       file: path={{ item }} state=absent
       with_items:
@@ -259,7 +184,76 @@
 - hosts: nodes
   become: yes
   tasks:
+    - name: Remove br0 interface
+      shell: ovs-vsctl del-br br0
+      changed_when: False
+      failed_when: False
+    - name: Remove linux interfaces
+      shell: ip link del "{{ item }}"
+      changed_when: False
+      failed_when: False
+      with_items:
+        - lbr0
+        - vlinuxbr
+        - vovsbr
     - name: restart docker
       service: name=docker state=restarted
+      
     - name: restart NetworkManager
       service: name=NetworkManager state=restarted
+      
+    - shell: find /var/lib/origin/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
+      changed_when: False
+
+    - shell: find /var/lib/atomic-enterprise/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
+      changed_when: False
+
+    - shell: find /var/lib/openshift/openshift.local.volumes -type d -exec umount {} \; 2>/dev/null || true
+      changed_when: False
+
+    - shell: docker rm -f "{{ item }}"-master "{{ item }}"-node
+      changed_when: False
+      failed_when: False
+      with_items:
+        - openshift-enterprise
+        - atomic-enterprise
+        - origin
+
+    - shell: docker ps -a | grep Exited | egrep "{{ item }}" | awk '{print $1}'
+      changed_when: False
+      failed_when: False
+      register: exited_containers_to_delete
+      with_items:
+        - aep3.*/aep
+        - aep3.*/node
+        - aep3.*/openvswitch
+        - openshift3/ose
+        - openshift3/node
+        - openshift3/openvswitch
+        - openshift/origin
+
+    - shell: "docker rm {{ item.stdout_lines | join(' ') }}"
+      changed_when: False
+      failed_when: False
+      with_items: "{{ exited_containers_to_delete.results }}"
+
+    - shell: docker images | egrep {{ item }} | awk '{ print $3 }'
+      changed_when: False
+      failed_when: False
+      register: images_to_delete
+      with_items:
+        - registry\.access\..*redhat\.com/openshift3
+        - registry\.access\..*redhat\.com/aep3
+        - registry\.qe\.openshift\.com/.*
+        - registry\.access\..*redhat\.com/rhel7/etcd
+        - docker.io/openshift
+
+    - shell:  "docker rmi -f {{ item.stdout_lines | join(' ') }}"
+      changed_when: False
+      failed_when: False
+      with_items: "{{ images_to_delete.results }}"
+
+    - name: Remove sdn drop files
+      file:
+        path: /run/openshift-sdn
+        state: absent
diff --git a/playbooks/openstack/openshift-cluster/launch.yml b/playbooks/openstack/openshift-cluster/launch.yml
index 6429a6755..b9aae2f4c 100644
--- a/playbooks/openstack/openshift-cluster/launch.yml
+++ b/playbooks/openstack/openshift-cluster/launch.yml
@@ -46,7 +46,7 @@
              -P master_flavor={{ openstack_flavor["master"] }}
              -P node_flavor={{ openstack_flavor["node"] }}
              -P infra_flavor={{ openstack_flavor["infra"] }}
-             -P dns_flavor={{ openshift_flavor["dns"] }}
+             -P dns_flavor={{ openstack_flavor["dns"] }}
              openshift-ansible-{{ cluster_id }}-stack'
 
   - name: Wait for OpenStack Stack readiness
diff --git a/roles/openshift_hosted_logging/vars/main.yaml b/roles/openshift_hosted_logging/vars/main.yaml
index 586c2ab91..88d112209 100644
--- a/roles/openshift_hosted_logging/vars/main.yaml
+++ b/roles/openshift_hosted_logging/vars/main.yaml
@@ -1,5 +1,5 @@
 kh_kv: "KIBANA_HOSTNAME={{ openshift_hosted_logging_hostname | quote }}"
-es_cs_kv: "ES_CLUSTER_SIZE={{ openshift_hosted_logging_elasticsearch_cluster_size | quote }}"
+es_cs_kv: "ES_CLUSTER_SIZE={{ openshift_hosted_logging_elasticsearch_cluster_size | string | quote }}"
 pmu_kv: "PUBLIC_MASTER_URL={{ openshift_hosted_logging_master_public_url | quote }}"
 ip_kv: "{{ 'IMAGE_PREFIX=' ~ target_registry | quote if target_registry is defined else '' }}"
 oc_process_values: "{{ kh_kv }},{{ es_cs_kv }},{{ pmu_kv }},{{ ip_kv }}"
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index e9a9c4251..f12371c23 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -91,8 +91,16 @@
   template:
     dest: "{{ item.filename }}"
     src: htpasswd.j2
-    mode: 0600
     backup: yes
+  when: item.kind == 'HTPasswdPasswordIdentityProvider' and openshift.master.manage_htpasswd | bool
+  with_items: "{{ openshift.master.identity_providers }}"
+
+- name: Ensure htpasswd file exists
+  copy:
+    dest: "{{ item.filename }}"
+    force: no
+    content: ""
+    mode: 0600
   when: item.kind == 'HTPasswdPasswordIdentityProvider'
   with_items: "{{ openshift.master.identity_providers }}"
 
diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml
index 896dd5e35..d51c5a0a3 100644
--- a/roles/openshift_master_facts/tasks/main.yml
+++ b/roles/openshift_master_facts/tasks/main.yml
@@ -42,6 +42,7 @@
       auth_token_max_seconds: "{{ openshift_master_auth_token_max_seconds | default(None) }}"
       identity_providers: "{{ openshift_master_identity_providers | default(None) }}"
       htpasswd_users: "{{ openshift_master_htpasswd_users | default(lookup('file', openshift_master_htpasswd_file) | oo_htpasswd_users_from_file if openshift_master_htpasswd_file is defined else None) }}"
+      manage_htpasswd: "{{ openshift_master_manage_htpasswd | default(true) }}"
       ldap_ca: "{{ openshift_master_ldap_ca | default(lookup('file', openshift_master_ldap_ca_file) if openshift_master_ldap_ca_file is defined else None) }}"
       openid_ca: "{{ openshift_master_openid_ca | default(lookup('file', openshift_master_openid_ca_file) if openshift_master_openid_ca_file is defined else None) }}"
       request_header_ca: "{{ openshift_master_request_header_ca | default(lookup('file', openshift_master_request_header_ca_file) if openshift_master_request_header_ca_file is defined else None) }}"