8 files changed, 115 insertions, 46 deletions

diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible
index a8e890624..d78ef4a60 100644
--- a/.tito/packages/openshift-ansible
+++ b/.tito/packages/openshift-ansible
@@ -1 +1 @@
-3.0.42-1 ./
+3.0.44-1 ./
diff --git a/openshift-ansible.spec b/openshift-ansible.spec
index 017515045..22108ffde 100644
--- a/openshift-ansible.spec
+++ b/openshift-ansible.spec
@@ -5,7 +5,7 @@
 }
 
 Name:           openshift-ansible
-Version:        3.0.42
+Version:        3.0.44
 Release:        1%{?dist}
 Summary:        Openshift and Atomic Enterprise Ansible
 License:        ASL 2.0
@@ -261,6 +261,23 @@ Atomic OpenShift Utilities includes
 
 
 %changelog
+* Wed Feb 17 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.44-1
+- create registry items/triggers under Openshift Node (jdiaz@redhat.com)
+- a-o-i: Change method for counting master_lb as installed
+  (smunilla@redhat.com)
+
+* Tue Feb 16 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.43-1
+- Add default to state param (rharriso@redhat.com)
+- Add type to record_type param (rharriso@redhat.com)
+- Add types to module params (rharriso@redhat.com)
+- Adding examples to the dyn_record module (rharriso@redhat.com)
+- add item to track docker-registry pings (jdiaz@redhat.com)
+- Handle case where the user already had access to the scc
+  (bleanhar@redhat.com)
+- Refactoring the add-scc-to-user logic (bleanhar@redhat.com)
+- Apply openshift_docker to nodes during scaleup. (abutcher@redhat.com)
+- Change etcd deamon name for atomic-host (florian.lambert@enovance.com)
+
 * Tue Feb 16 2016 Joel Diaz <jdiaz@redhat.com> 3.0.42-1
 - Add gce softlink for openshift-ansible-bin
 
diff --git a/playbooks/common/openshift-cluster/scaleup.yml b/playbooks/common/openshift-cluster/scaleup.yml
index d2ba3fc7a..c4340902b 100644
--- a/playbooks/common/openshift-cluster/scaleup.yml
+++ b/playbooks/common/openshift-cluster/scaleup.yml
@@ -1,6 +1,16 @@
 ---
 - include: evaluate_groups.yml
 
+- name: Configure docker hosts
+  hosts: oo_nodes_to_config
+  vars:
+    docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') | oo_split }}"
+    docker_insecure_registries: "{{ lookup('oo_option',  'docker_insecure_registries') | oo_split }}"
+    docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') | oo_split }}"
+  roles:
+  - openshift_facts
+  - openshift_docker
+
 - include: ../openshift-node/config.yml
   vars:
     openshift_deployment_type: "{{ deployment_type }}"
diff --git a/roles/lib_dyn/library/dyn_record.py b/roles/lib_dyn/library/dyn_record.py
index f2796ccf2..609fa8679 100644
--- a/roles/lib_dyn/library/dyn_record.py
+++ b/roles/lib_dyn/library/dyn_record.py
@@ -95,6 +95,26 @@ requirements: [ dyn ]
 author: "Russell Harrison"
 '''
 
+EXAMPLES = '''
+- name: Update CNAME record
+  local_action:
+    module: dyn_record
+    state: present
+    record_fqdn: www.example.com
+    zone: example.com
+    record_type: CNAME
+    record_value: web1.example.com
+
+- name: Update A record
+  local_action:
+    module: dyn_record
+    state: present
+    record_fqdn: web1.example.com
+    zone: example.com
+    record_value: 10.0.0.10
+    record_type: A
+'''
+
 try:
     IMPORT_ERROR = False
     from dyn.tm.session import DynectSession
@@ -158,15 +178,15 @@ def main():
     '''Ansible module for managing Dyn DNS records.'''
     module = AnsibleModule(
         argument_spec=dict(
-            state=dict(required=True, choices=['present', 'absent', 'list']),
+            state=dict(required=True, default='present', choices=['present', 'absent', 'list']),
             customer_name=dict(default=os.environ.get('DYNECT_CUSTOMER_NAME', None), type='str'),
             user_name=dict(default=os.environ.get('DYNECT_USER_NAME', None), type='str', no_log=True),
             user_password=dict(default=os.environ.get('DYNECT_PASSWORD', None), type='str', no_log=True),
-            zone=dict(required=True),
-            record_fqdn=dict(required=False),
-            record_type=dict(required=False, choices=[
+            zone=dict(required=True, type='str'),
+            record_fqdn=dict(required=False, type='str'),
+            record_type=dict(required=False, type='str', choices=[
                 'A', 'AAAA', 'CNAME', 'PTR', 'TXT']),
-            record_value=dict(required=False),
+            record_value=dict(required=False, type='str'),
             record_ttl=dict(required=False, default=0, type='int'),
         ),
         required_together=(
diff --git a/roles/openshift_serviceaccounts/tasks/legacy_add_scc_to_user.yml b/roles/openshift_serviceaccounts/tasks/legacy_add_scc_to_user.yml
new file mode 100644
index 000000000..1efab9466
--- /dev/null
+++ b/roles/openshift_serviceaccounts/tasks/legacy_add_scc_to_user.yml
@@ -0,0 +1,37 @@
+####
+#
+# OSE 3.0.z did not have 'oadm policy add-scc-to-user'.
+#
+####
+
+- name: tmp dir for openshift
+  file:
+    path: /tmp/openshift
+    state: directory
+    owner: root
+    mode: 700
+
+- name: Create service account configs
+  template:
+    src: serviceaccount.j2
+    dest: "/tmp/openshift/{{ item }}-serviceaccount.yaml"
+  with_items: openshift_serviceaccounts_names
+
+- name: Get current security context constraints
+  shell: >
+    {{ openshift.common.client_binary }} get scc privileged -o yaml
+    --output-version=v1 > /tmp/openshift/scc.yaml
+  changed_when: false
+
+- name: Add security context constraint for {{ item }}
+  lineinfile:
+    dest: /tmp/openshift/scc.yaml
+    line: "- system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item.0 }}"
+    insertafter: "^users:$"
+  when: "item.1.rc == 0 and 'system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item.0 }}' not in {{ (item.1.stdout | from_yaml).users }}"
+  with_nested:
+  - openshift_serviceaccounts_names
+  - scc_test.results
+
+- name: Apply new scc rules for service accounts
+  command: "{{ openshift.common.client_binary }} update -f /tmp/openshift/scc.yaml --api-version=v1"
diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml
index 89d9e3aa7..f34fa7b74 100644
--- a/roles/openshift_serviceaccounts/tasks/main.yml
+++ b/roles/openshift_serviceaccounts/tasks/main.yml
@@ -32,42 +32,5 @@
   - openshift_serviceaccounts_names
   - scc_test.results
 
-####
-#
-# Support for 3.0.z
-#
-####
-
-- name: tmp dir for openshift
-  file:
-    path: /tmp/openshift
-    state: directory
-    owner: root
-    mode: 700
-  when: not openshift.common.version_gte_3_1_or_1_1
-
-- name: Create service account configs
-  template:
-    src: serviceaccount.j2
-    dest: "/tmp/openshift/{{ item }}-serviceaccount.yaml"
-  with_items: openshift_serviceaccounts_names
-  when: not openshift.common.version_gte_3_1_or_1_1
-
-- name: Get current security context constraints
-  shell: >
-    {{ openshift.common.client_binary }} get scc privileged -o yaml
-    --output-version=v1 > /tmp/openshift/scc.yaml
-  changed_when: false
-  when: not openshift.common.version_gte_3_1_or_1_1
-
-- name: Add security context constraint for {{ item }}
-  lineinfile:
-    dest: /tmp/openshift/scc.yaml
-    line: "- system:serviceaccount:{{ openshift_serviceaccounts_namespace }}:{{ item }}"
-    insertafter: "^users:$"
-  with_items: openshift_serviceaccounts_names
-  when: not openshift.common.version_gte_3_1_or_1_1
-
-- name: Apply new scc rules for service accounts
-  command: "{{ openshift.common.client_binary }} update -f /tmp/openshift/scc.yaml --api-version=v1"
+- include: legacy_add_scc_to_user.yml
   when: not openshift.common.version_gte_3_1_or_1_1
diff --git a/roles/os_zabbix/vars/template_openshift_node.yml b/roles/os_zabbix/vars/template_openshift_node.yml
index b0488656d..c36c593df 100644
--- a/roles/os_zabbix/vars/template_openshift_node.yml
+++ b/roles/os_zabbix/vars/template_openshift_node.yml
@@ -26,7 +26,29 @@ g_template_openshift_node:
     applications:
     - Openshift Node
 
+  - key: openshift.node.registry-pods.healthy_pct
+    description: Shows the percentage of healthy registries in the cluster
+    type: int
+    applications:
+    - Openshift Node
+
+  - key: openshift.node.registry.service.ping
+    description: Ping docker-registry service from node
+    type: int
+    applications:
+    - Openshift Node
+
   ztriggers:
+  - name: 'One or more Docker Registries is unhealthy according to {HOST.NAME}'
+    expression: '{Template Openshift Node:openshift.node.registry-pods.healthy_pct.last(#2)}<100 and {Template Openshift Node:openshift.node.registry-pods.healthy_pct.last(#1)}<100'
+    url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_registry.asciidoc'
+    priority: avg
+
+  - name: 'Docker Registry service is unhealthy according to {HOST.NAME}'
+    expression: '{Template Openshift Node:openshift.node.registry.service.ping.last(#2)}<1 and {Template Openshift Node:openshift.node.registry.service.ping.last(#1)}<1'
+    url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_registry.asciidoc'
+    priority: avg
+
   - name: 'Openshift Node process not running on {HOST.NAME}'
     expression: '{Template Openshift Node:openshift.node.process.count.max(#3)}<1'
     url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc'
diff --git a/utils/src/ooinstall/cli_installer.py b/utils/src/ooinstall/cli_installer.py
index 9839bf447..6428b295a 100644
--- a/utils/src/ooinstall/cli_installer.py
+++ b/utils/src/ooinstall/cli_installer.py
@@ -532,7 +532,7 @@ def get_installed_hosts(hosts, callback_facts):
                   callback_facts[host.connect_to]['common'].get('version', '') != 'None') \
             or
             ('master' in callback_facts[host.connect_to].keys() and
-                 callback_facts[host.connect_to]['master'].get('cluster_method', '') == 'native')
+                 callback_facts[host.connect_to]['master'].get('cluster_hostname', '') == host.connect_to)
             ):
             installed_hosts.append(host)
     return installed_hosts