summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/openshift_aws/tasks/iam_cert.yml5
-rwxr-xr-xroles/openshift_facts/library/openshift_facts.py4
-rw-r--r--roles/openshift_hosted/tasks/router.yml6
-rw-r--r--roles/openshift_logging/README.md44
-rw-r--r--roles/openshift_master_facts/defaults/main.yml2
l---------roles/openshift_master_facts/lookup_plugins/oo_option.py1
-rw-r--r--roles/openshift_master_facts/tasks/main.yml1
-rw-r--r--roles/openshift_node/defaults/main.yml3
-rw-r--r--roles/openshift_node/tasks/node_system_container.yml2
-rw-r--r--roles/openshift_node/tasks/registry_auth.yml2
-rw-r--r--roles/openshift_node_facts/tasks/main.yml8
-rw-r--r--roles/openshift_node_upgrade/tasks/registry_auth.yml2
-rw-r--r--roles/openshift_repos/templates/CentOS-OpenShift-Origin.repo.j22
-rw-r--r--roles/openshift_repos/templates/CentOS-OpenShift-Origin14.repo.j22
-rw-r--r--roles/openshift_repos/templates/CentOS-OpenShift-Origin15.repo.j22
-rw-r--r--roles/openshift_repos/templates/CentOS-OpenShift-Origin36.repo.j22
-rw-r--r--roles/rhel_subscribe/tasks/enterprise.yml2
-rw-r--r--roles/rhel_subscribe/tasks/main.yml8
-rw-r--r--roles/template_service_broker/tasks/install.yml28
-rw-r--r--roles/template_service_broker/tasks/remove.yml11
-rw-r--r--roles/template_service_broker/vars/main.yml1
21 files changed, 86 insertions, 52 deletions
diff --git a/roles/openshift_aws/tasks/iam_cert.yml b/roles/openshift_aws/tasks/iam_cert.yml
index 6aab87d0c..f74a62b8b 100644
--- a/roles/openshift_aws/tasks/iam_cert.yml
+++ b/roles/openshift_aws/tasks/iam_cert.yml
@@ -23,6 +23,11 @@
- name: set_fact openshift_aws_elb_cert_arn
set_fact:
openshift_aws_elb_cert_arn: "{{ elb_cert_chain.arn }}"
+ when:
+ - openshift_aws_create_iam_cert | bool
+ - openshift_aws_iam_cert_path != ''
+ - openshift_aws_iam_cert_key_path != ''
+ - openshift_aws_elb_cert_arn == ''
- name: wait for cert to propagate
pause:
diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 11ef9fa97..215ff4b72 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -1669,7 +1669,9 @@ def set_container_facts_if_unset(facts):
facts['common']['is_atomic'] = os.path.isfile('/run/ostree-booted')
# If openshift_docker_use_system_container is set and is True ....
if 'use_system_container' in list(facts['docker'].keys()):
- if facts['docker']['use_system_container']:
+ # use safe_get_bool as the inventory variable may not be a
+ # valid boolean on it's own.
+ if safe_get_bool(facts['docker']['use_system_container']):
# ... set the service name to container-engine
facts['docker']['service_name'] = 'container-engine'
diff --git a/roles/openshift_hosted/tasks/router.yml b/roles/openshift_hosted/tasks/router.yml
index 2aeecc943..2aceef9e4 100644
--- a/roles/openshift_hosted/tasks/router.yml
+++ b/roles/openshift_hosted/tasks/router.yml
@@ -52,9 +52,9 @@
certfile: "{{ openshift_master_config_dir ~ '/openshift-router.crt' }}"
keyfile: "{{ openshift_master_config_dir ~ '/openshift-router.key' }}"
cafile: "{{ openshift_master_config_dir ~ '/ca.crt' }}"
-
- # End Block
- when: ( openshift_hosted_router_create_certificate | bool ) and openshift_hosted_router_certificate == {}
+ when:
+ - openshift_hosted_router_create_certificate | bool
+ - openshift_hosted_router_certificate == {}
- name: Create the router service account(s)
oc_serviceaccount:
diff --git a/roles/openshift_logging/README.md b/roles/openshift_logging/README.md
index 45477f60d..829c78728 100644
--- a/roles/openshift_logging/README.md
+++ b/roles/openshift_logging/README.md
@@ -169,7 +169,7 @@ Elasticsearch OPS too, if using an OPS cluster:
send the raw logs to mux for processing. We do not currently recommend using
this mode, and ansible will warn you about this.
- `openshift_logging_mux_hostname`: Default is "mux." +
- `openshift_master_default_subdomain`. This is the hostname *external*_
+ `openshift_master_default_subdomain`. This is the hostname *external*
clients will use to connect to mux, and will be used in the TLS server cert
subject.
- `openshift_logging_mux_port`: 24284
@@ -201,24 +201,24 @@ Elasticsearch OPS too, if using an OPS cluster:
Defaults to '65534'.
### remote syslog forwarding
-`openshift_logging_fluentd_remote_syslog`: Set `true` to enable remote syslog forwarding, defaults to `false`
-`openshift_logging_fluentd_remote_syslog_host`: Required, hostname or IP of remote syslog server
-`openshift_logging_fluentd_remote_syslog_port`: Port of remote syslog server, defaults to `514`
-`openshift_logging_fluentd_remote_syslog_severity`: Syslog severity level, defaults to `debug`
-`openshift_logging_fluentd_remote_syslog_facility`: Syslog facility, defaults to `local0`
-`openshift_logging_fluentd_remote_syslog_remove_tag_prefix`: Remove the prefix from the tag, defaults to `''` (empty)
-`openshift_logging_fluentd_remote_syslog_tag_key`: If string specified, use this field from the record to set the key field on the syslog message
-`openshift_logging_fluentd_remote_syslog_use_record`: Set `true` to use the severity and facility from the record, defaults to `false`
-`openshift_logging_fluentd_remote_syslog_payload_key`: If string is specified, use this field from the record as the payload on the syslog message
-
-The corresponding openshift_logging_mux_ parameters are below.
-
-`openshift_logging_mux_remote_syslog`: Set `true` to enable remote syslog forwarding, defaults to `false`
-`openshift_logging_mux_remote_syslog_host`: Required, hostname or IP of remote syslog server
-`openshift_logging_mux_remote_syslog_port`: Port of remote syslog server, defaults to `514`
-`openshift_logging_mux_remote_syslog_severity`: Syslog severity level, defaults to `debug`
-`openshift_logging_mux_remote_syslog_facility`: Syslog facility, defaults to `local0`
-`openshift_logging_mux_remote_syslog_remove_tag_prefix`: Remove the prefix from the tag, defaults to `''` (empty)
-`openshift_logging_mux_remote_syslog_tag_key`: If string specified, use this field from the record to set the key field on the syslog message
-`openshift_logging_mux_remote_syslog_use_record`: Set `true` to use the severity and facility from the record, defaults to `false`
-`openshift_logging_mux_remote_syslog_payload_key`: If string is specified, use this field from the record as the payload on the syslog message
+- `openshift_logging_fluentd_remote_syslog`: Set `true` to enable remote syslog forwarding, defaults to `false`
+- `openshift_logging_fluentd_remote_syslog_host`: Required, hostname or IP of remote syslog server
+- `openshift_logging_fluentd_remote_syslog_port`: Port of remote syslog server, defaults to `514`
+- `openshift_logging_fluentd_remote_syslog_severity`: Syslog severity level, defaults to `debug`
+- `openshift_logging_fluentd_remote_syslog_facility`: Syslog facility, defaults to `local0`
+- `openshift_logging_fluentd_remote_syslog_remove_tag_prefix`: Remove the prefix from the tag, defaults to `''` (empty)
+- `openshift_logging_fluentd_remote_syslog_tag_key`: If string specified, use this field from the record to set the key field on the syslog message
+- `openshift_logging_fluentd_remote_syslog_use_record`: Set `true` to use the severity and facility from the record, defaults to `false`
+- `openshift_logging_fluentd_remote_syslog_payload_key`: If string is specified, use this field from the record as the payload on the syslog message
+
+The corresponding openshift\_logging\_mux\_* parameters are below.
+
+- `openshift_logging_mux_remote_syslog`: Set `true` to enable remote syslog forwarding, defaults to `false`
+- `openshift_logging_mux_remote_syslog_host`: Required, hostname or IP of remote syslog server
+- `openshift_logging_mux_remote_syslog_port`: Port of remote syslog server, defaults to `514`
+- `openshift_logging_mux_remote_syslog_severity`: Syslog severity level, defaults to `debug`
+- `openshift_logging_mux_remote_syslog_facility`: Syslog facility, defaults to `local0`
+- `openshift_logging_mux_remote_syslog_remove_tag_prefix`: Remove the prefix from the tag, defaults to `''` (empty)
+- `openshift_logging_mux_remote_syslog_tag_key`: If string specified, use this field from the record to set the key field on the syslog message
+- `openshift_logging_mux_remote_syslog_use_record`: Set `true` to use the severity and facility from the record, defaults to `false`
+- `openshift_logging_mux_remote_syslog_payload_key`: If string is specified, use this field from the record as the payload on the syslog message
diff --git a/roles/openshift_master_facts/defaults/main.yml b/roles/openshift_master_facts/defaults/main.yml
index a80313505..d0dcdae4b 100644
--- a/roles/openshift_master_facts/defaults/main.yml
+++ b/roles/openshift_master_facts/defaults/main.yml
@@ -1,5 +1,5 @@
---
-openshift_master_default_subdomain: "{{ lookup('oo_option', 'openshift_master_default_subdomain') | default(None, true) }}"
+openshift_master_default_subdomain: "router.default.svc.cluster.local"
openshift_master_admission_plugin_config:
openshift.io/ImagePolicy:
configuration:
diff --git a/roles/openshift_master_facts/lookup_plugins/oo_option.py b/roles/openshift_master_facts/lookup_plugins/oo_option.py
deleted file mode 120000
index 5ae43f8dd..000000000
--- a/roles/openshift_master_facts/lookup_plugins/oo_option.py
+++ /dev/null
@@ -1 +0,0 @@
-../../../lookup_plugins/oo_option.py \ No newline at end of file
diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml
index fa228af2a..a95570d38 100644
--- a/roles/openshift_master_facts/tasks/main.yml
+++ b/roles/openshift_master_facts/tasks/main.yml
@@ -1,5 +1,4 @@
---
-
# Ensure the default sub-domain is set:
- name: Migrate legacy osm_default_subdomain fact
set_fact:
diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml
index ed3516d04..1214c08e5 100644
--- a/roles/openshift_node/defaults/main.yml
+++ b/roles/openshift_node/defaults/main.yml
@@ -31,12 +31,9 @@ openshift_node_ami_prep_packages:
- python-dbus
- PyYAML
- yum-utils
-- python2-boto
-- python2-boto3
- cloud-utils-growpart
# gluster
- glusterfs-fuse
-- heketi-client
# nfs
- nfs-utils
- flannel
diff --git a/roles/openshift_node/tasks/node_system_container.yml b/roles/openshift_node/tasks/node_system_container.yml
index 0ca44c292..20d7a9539 100644
--- a/roles/openshift_node/tasks/node_system_container.yml
+++ b/roles/openshift_node/tasks/node_system_container.yml
@@ -11,4 +11,6 @@
image: "{{ 'docker:' if openshift.common.system_images_registry == 'docker' else openshift.common.system_images_registry + '/' }}{{ openshift.node.node_system_image }}:{{ openshift_image_tag }}"
values:
- "DNS_DOMAIN={{ openshift.common.dns_domain }}"
+ - "DOCKER_SERVICE={{ openshift.docker.service_name }}.service"
+ - "MASTER_SERVICE={{ openshift.common.service_type }}.service"
state: latest
diff --git a/roles/openshift_node/tasks/registry_auth.yml b/roles/openshift_node/tasks/registry_auth.yml
index 3d2831742..de396fb4b 100644
--- a/roles/openshift_node/tasks/registry_auth.yml
+++ b/roles/openshift_node/tasks/registry_auth.yml
@@ -21,4 +21,4 @@
when:
- openshift.common.is_containerized | bool
- oreg_auth_user is defined
- - (node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace or oreg_auth_credentials_replace.changed) | bool
+ - (node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace or node_oreg_auth_credentials_create.changed) | bool
diff --git a/roles/openshift_node_facts/tasks/main.yml b/roles/openshift_node_facts/tasks/main.yml
index fd4c49504..0d5fa664c 100644
--- a/roles/openshift_node_facts/tasks/main.yml
+++ b/roles/openshift_node_facts/tasks/main.yml
@@ -1,10 +1,4 @@
---
-- set_fact:
- openshift_node_debug_level: "{{ lookup('oo_option', 'openshift_node_debug_level') }}"
- when:
- - openshift_node_debug_level is not defined
- - lookup('oo_option', 'openshift_node_debug_level') != ""
-
- name: Set node facts
openshift_facts:
role: "{{ item.role }}"
@@ -20,7 +14,7 @@
debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}"
iptables_sync_period: "{{ openshift_node_iptables_sync_period | default(None) }}"
kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}"
- labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}"
+ labels: "{{ openshift_node_labels | default(None) }}"
registry_url: "{{ oreg_url_node | default(oreg_url) | default(None) }}"
schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}"
sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}"
diff --git a/roles/openshift_node_upgrade/tasks/registry_auth.yml b/roles/openshift_node_upgrade/tasks/registry_auth.yml
index 3d2831742..de396fb4b 100644
--- a/roles/openshift_node_upgrade/tasks/registry_auth.yml
+++ b/roles/openshift_node_upgrade/tasks/registry_auth.yml
@@ -21,4 +21,4 @@
when:
- openshift.common.is_containerized | bool
- oreg_auth_user is defined
- - (node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace or oreg_auth_credentials_replace.changed) | bool
+ - (node_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace or node_oreg_auth_credentials_create.changed) | bool
diff --git a/roles/openshift_repos/templates/CentOS-OpenShift-Origin.repo.j2 b/roles/openshift_repos/templates/CentOS-OpenShift-Origin.repo.j2
index 0e2d57cb6..b0c036e7c 100644
--- a/roles/openshift_repos/templates/CentOS-OpenShift-Origin.repo.j2
+++ b/roles/openshift_repos/templates/CentOS-OpenShift-Origin.repo.j2
@@ -8,7 +8,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
[centos-openshift-origin-testing]
name=CentOS OpenShift Origin Testing
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin/
-enabled={% if openshift_repos_enable_testing %}1{% else %}0{% endif %}
+enabled={{ 1 if openshift_repos_enable_testing else 0 }}
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/openshift-ansible-CentOS-SIG-PaaS
diff --git a/roles/openshift_repos/templates/CentOS-OpenShift-Origin14.repo.j2 b/roles/openshift_repos/templates/CentOS-OpenShift-Origin14.repo.j2
index 2470931e1..97e855d58 100644
--- a/roles/openshift_repos/templates/CentOS-OpenShift-Origin14.repo.j2
+++ b/roles/openshift_repos/templates/CentOS-OpenShift-Origin14.repo.j2
@@ -8,7 +8,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
[centos-openshift-origin14-testing]
name=CentOS OpenShift Origin Testing
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin14/
-enabled={% if openshift_repos_enable_testing %}1{% else %}0{% endif %}
+enabled={{ 1 if openshift_repos_enable_testing else 0 }}
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
diff --git a/roles/openshift_repos/templates/CentOS-OpenShift-Origin15.repo.j2 b/roles/openshift_repos/templates/CentOS-OpenShift-Origin15.repo.j2
index 901f02cf4..5e756e680 100644
--- a/roles/openshift_repos/templates/CentOS-OpenShift-Origin15.repo.j2
+++ b/roles/openshift_repos/templates/CentOS-OpenShift-Origin15.repo.j2
@@ -8,7 +8,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
[centos-openshift-origin15-testing]
name=CentOS OpenShift Origin Testing
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin15/
-enabled={% if openshift_repos_enable_testing %}1{% else %}0{% endif %}
+enabled={{ 1 if openshift_repos_enable_testing else 0 }}
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
diff --git a/roles/openshift_repos/templates/CentOS-OpenShift-Origin36.repo.j2 b/roles/openshift_repos/templates/CentOS-OpenShift-Origin36.repo.j2
index abc4ad1b5..7050c95f5 100644
--- a/roles/openshift_repos/templates/CentOS-OpenShift-Origin36.repo.j2
+++ b/roles/openshift_repos/templates/CentOS-OpenShift-Origin36.repo.j2
@@ -8,7 +8,7 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
[centos-openshift-origin36-testing]
name=CentOS OpenShift Origin Testing
baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin36/
-enabled={% if openshift_repos_enable_testing %}1{% else %}0{% endif %}
+enabled={{ 1 if openshift_repos_enable_testing else 0 }}
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
diff --git a/roles/rhel_subscribe/tasks/enterprise.yml b/roles/rhel_subscribe/tasks/enterprise.yml
index 9738929d2..fa74c9953 100644
--- a/roles/rhel_subscribe/tasks/enterprise.yml
+++ b/roles/rhel_subscribe/tasks/enterprise.yml
@@ -7,7 +7,7 @@
when: deployment_type == 'openshift-enterprise'
- set_fact:
- ose_version: "{{ lookup('oo_option', 'ose_version') | default(default_ose_version, True) }}"
+ ose_version: "{{ lookup('env', 'ose_version') | default(default_ose_version, True) }}"
- fail:
msg: "{{ ose_version }} is not a valid version for {{ deployment_type }} deployment type"
diff --git a/roles/rhel_subscribe/tasks/main.yml b/roles/rhel_subscribe/tasks/main.yml
index c43e5513d..b06f51908 100644
--- a/roles/rhel_subscribe/tasks/main.yml
+++ b/roles/rhel_subscribe/tasks/main.yml
@@ -4,10 +4,10 @@
# to make it able to enable repositories
- set_fact:
- rhel_subscription_pool: "{{ lookup('oo_option', 'rhel_subscription_pool') | default(rhsub_pool, True) | default('Red Hat OpenShift Container Platform, Premium*', True) }}"
- rhel_subscription_user: "{{ lookup('oo_option', 'rhel_subscription_user') | default(rhsub_user, True) | default(omit, True) }}"
- rhel_subscription_pass: "{{ lookup('oo_option', 'rhel_subscription_pass') | default(rhsub_pass, True) | default(omit, True) }}"
- rhel_subscription_server: "{{ lookup('oo_option', 'rhel_subscription_server') | default(rhsub_server) }}"
+ rhel_subscription_pool: "{{ lookup('env', 'rhel_subscription_pool') | default(rhsub_pool | default('Red Hat OpenShift Container Platform, Premium*')) }}"
+ rhel_subscription_user: "{{ lookup('env', 'rhel_subscription_user') | default(rhsub_user | default(omit, True)) }}"
+ rhel_subscription_pass: "{{ lookup('env', 'rhel_subscription_pass') | default(rhsub_pass | default(omit, True)) }}"
+ rhel_subscription_server: "{{ lookup('env', 'rhel_subscription_server') | default(rhsub_server | default(omit, True)) }}"
- fail:
msg: "This role is only supported for Red Hat hosts"
diff --git a/roles/template_service_broker/tasks/install.yml b/roles/template_service_broker/tasks/install.yml
index a9d22aa06..f5fd6487c 100644
--- a/roles/template_service_broker/tasks/install.yml
+++ b/roles/template_service_broker/tasks/install.yml
@@ -27,6 +27,7 @@
with_items:
- "{{ __tsb_template_file }}"
- "{{ __tsb_rbac_file }}"
+ - "{{ __tsb_broker_file }}"
- name: Apply template file
shell: >
@@ -42,6 +43,33 @@
src: openshift-ansible-catalog-console.js
dest: /etc/origin/master/openshift-ansible-catalog-console.js
+# Check that the TSB is running
+- name: Verify that TSB is running
+ command: >
+ curl -k https://apiserver.openshift-template-service-broker.svc/healthz
+ args:
+ # Disables the following warning:
+ # Consider using get_url or uri module rather than running curl
+ warn: no
+ register: api_health
+ until: api_health.stdout == 'ok'
+ retries: 120
+ delay: 1
+ changed_when: false
+
+- set_fact:
+ openshift_master_config_dir: "{{ openshift.common.config_base }}/master"
+ when: openshift_master_config_dir is undefined
+
+- slurp:
+ src: "{{ openshift_master_config_dir }}/ca.crt"
+ register: __ca_bundle
+
+# Register with broker
+- name: Register TSB with broker
+ shell: >
+ oc process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" --param CA_BUNDLE="{{ __ca_bundle.content }}" | oc apply -f -
+
- file:
state: absent
name: "{{ mktemp.stdout }}"
diff --git a/roles/template_service_broker/tasks/remove.yml b/roles/template_service_broker/tasks/remove.yml
index 207dd9bdb..f3afe65ed 100644
--- a/roles/template_service_broker/tasks/remove.yml
+++ b/roles/template_service_broker/tasks/remove.yml
@@ -6,11 +6,18 @@
- copy:
src: "{{ __tsb_files_location }}/{{ item }}"
- dest: "{{ mktemp.stdout }}/{{ __tsb_template_file }}"
+ dest: "{{ mktemp.stdout }}/{{ item }}"
+ with_items:
+ - "{{ __tsb_template_file }}"
+ - "{{ __tsb_broker_file }}"
+
+- name: Delete TSB broker
+ shell: >
+ oc process -f "{{ mktemp.stdout }}/{{ __tsb_broker_file }}" | oc delete -f -
- name: Delete TSB objects
shell: >
- oc process -f "{{ __tsb_files_location }}/{{ __tsb_template_file }}" | kubectl delete -f -
+ oc process -f "{{ mktemp.stdout }}/{{ __tsb_template_file }}" | kubectl delete -f -
- name: empty out tech preview extension file for service console UI
copy:
diff --git a/roles/template_service_broker/vars/main.yml b/roles/template_service_broker/vars/main.yml
index 372ab8f6f..a65340f16 100644
--- a/roles/template_service_broker/vars/main.yml
+++ b/roles/template_service_broker/vars/main.yml
@@ -4,3 +4,4 @@ __tsb_files_location: "../../../files/origin-components/"
__tsb_template_file: "apiserver-template.yaml"
__tsb_config_file: "apiserver-config.yaml"
__tsb_rbac_file: "rbac-template.yaml"
+__tsb_broker_file: "template-service-broker-registration.yaml"