4 files changed, 161 insertions, 40 deletions

diff --git a/inventory/byo/hosts.aep.example b/inventory/byo/hosts.aep.example
index 637f13be6..43b646c93 100644
--- a/inventory/byo/hosts.aep.example
+++ b/inventory/byo/hosts.aep.example
@@ -62,18 +62,20 @@ deployment_type=atomic-enterprise
 # Add additional, insecure, and blocked registries to global docker configuration
 # For enterprise deployment types we ensure that registry.access.redhat.com is
 # included if you do not include it
-#cli_docker_additional_registries=registry.example.com
-#cli_docker_insecure_registries=registry.example.com
-#cli_docker_blocked_registries=registry.hacker.com
+#openshift_docker_additional_registries=registry.example.com
+#openshift_docker_insecure_registries=registry.example.com
+#openshift_docker_blocked_registries=registry.hacker.com
+# Disable pushing to dockerhub
+#openshift_docker_disable_push_dockerhub=True
 # Items added, as is, to end of /etc/sysconfig/docker OPTIONS
 #openshift_docker_options="-l warn --ipv6=false"
 # Deprecated methods to set --log-driver and --log-opts flags, use openshift_docker_options instead
-#cli_docker_log_driver=json
-#cli_docker_log_options="tag=mailer"
+#openshift_docker_log_driver=json
+#openshift_docker_log_options="tag=mailer"
 
 # Alternate image format string. If you're not modifying the format string and
 # only need to inject your own registry you may want to consider
-# cli_docker_additional_registries instead
+# openshift_docker_additional_registries instead
 #oreg_url=example.com/aep3/aep-${component}:${version}
 
 # Additional yum repos to install
@@ -88,6 +90,30 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
 # LDAP auth
 #openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': '', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}]
 
+# Cloud Provider Configuration
+#
+# Note: You may make use of environment variables rather than store
+# sensitive configuration within the ansible inventory.
+# For example:
+#openshift_cloudprovider_aws_access_key="{{ lookup('env','AWS_ACCESS_KEY_ID') }}"
+#openshift_cloudprovider_aws_secret_key="{{ lookup('env','AWS_SECRET_ACCESS_KEY') }}"
+#
+# AWS
+#openshift_cloudprovider_kind=aws
+# Note: IAM profiles may be used instead of storing API credentials on disk.
+#openshift_cloudprovider_aws_access_key=aws_access_key_id
+#openshift_cloudprovider_aws_secret_key=aws_secret_access_key
+#
+# Openstack
+#openshift_cloudprovider_kind=openstack
+#openshift_cloudprovider_openstack_auth_url=http://openstack.example.com:35357/v2.0/
+#openshift_cloudprovider_openstack_username=username
+#openshift_cloudprovider_openstack_password=password
+#openshift_cloudprovider_openstack_tenand_id=tenant_id
+#openshift_cloudprovider_openstack_tenant_name=tenant_name
+#openshift_cloudprovider_openstack_region=region
+#openshift_cloudprovider_openstack_lb_subnet_id=subnet_id
+
 # Project Configuration
 #osm_project_request_message=''
 #osm_project_request_template=''
diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example
index c30f65f9f..8b8dbade0 100644
--- a/inventory/byo/hosts.origin.example
+++ b/inventory/byo/hosts.origin.example
@@ -63,18 +63,20 @@ deployment_type=origin
 # Add additional, insecure, and blocked registries to global docker configuration
 # For enterprise deployment types we ensure that registry.access.redhat.com is
 # included if you do not include it
-#cli_docker_additional_registries=registry.example.com
-#cli_docker_insecure_registries=registry.example.com
-#cli_docker_blocked_registries=registry.hacker.com
+#openshift_docker_additional_registries=registry.example.com
+#openshift_docker_insecure_registries=registry.example.com
+#openshift_docker_blocked_registries=registry.hacker.com
+# Disable pushing to dockerhub
+#openshift_docker_disable_push_dockerhub=True
 # Items added, as is, to end of /etc/sysconfig/docker OPTIONS
 #openshift_docker_options="-l warn --ipv6=false"
 # Deprecated methods to set --log-driver and --log-opts flags, use openshift_docker_options instead
-#cli_docker_log_driver=json
-#cli_docker_log_options="tag=mailer"
+#openshift_docker_log_driver=json
+#openshift_docker_log_options="tag=mailer"
 
 # Alternate image format string. If you're not modifying the format string and
 # only need to inject your own registry you may want to consider
-# cli_docker_additional_registries instead
+# openshift_docker_additional_registries instead
 #oreg_url=example.com/openshift3/ose-${component}:${version}
 
 # Origin copr repo
@@ -93,6 +95,30 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
 # LDAP auth
 #openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': '', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}]
 
+# Cloud Provider Configuration
+#
+# Note: You may make use of environment variables rather than store
+# sensitive configuration within the ansible inventory.
+# For example:
+#openshift_cloudprovider_aws_access_key="{{ lookup('env','AWS_ACCESS_KEY_ID') }}"
+#openshift_cloudprovider_aws_secret_key="{{ lookup('env','AWS_SECRET_ACCESS_KEY') }}"
+#
+# AWS
+#openshift_cloudprovider_kind=aws
+# Note: IAM profiles may be used instead of storing API credentials on disk.
+#openshift_cloudprovider_aws_access_key=aws_access_key_id
+#openshift_cloudprovider_aws_secret_key=aws_secret_access_key
+#
+# Openstack
+#openshift_cloudprovider_kind=openstack
+#openshift_cloudprovider_openstack_auth_url=http://openstack.example.com:35357/v2.0/
+#openshift_cloudprovider_openstack_username=username
+#openshift_cloudprovider_openstack_password=password
+#openshift_cloudprovider_openstack_tenand_id=tenant_id
+#openshift_cloudprovider_openstack_tenant_name=tenant_name
+#openshift_cloudprovider_openstack_region=region
+#openshift_cloudprovider_openstack_lb_subnet_id=subnet_id
+
 # Project Configuration
 #osm_project_request_message=''
 #osm_project_request_template=''
diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example
index b51569e68..4c6aae0bd 100644
--- a/inventory/byo/hosts.ose.example
+++ b/inventory/byo/hosts.ose.example
@@ -62,19 +62,21 @@ deployment_type=openshift-enterprise
 # Add additional, insecure, and blocked registries to global docker configuration
 # For enterprise deployment types we ensure that registry.access.redhat.com is
 # included if you do not include it
-#cli_docker_additional_registries=registry.example.com
-#cli_docker_insecure_registries=registry.example.com
-#cli_docker_blocked_registries=registry.hacker.com
+#openshift_docker_additional_registries=registry.example.com
+#openshift_docker_insecure_registries=registry.example.com
+#openshift_docker_blocked_registries=registry.hacker.com
+# Disable pushing to dockerhub
+#openshift_docker_disable_push_dockerhub=True
 # Items added, as is, to end of /etc/sysconfig/docker OPTIONS
 #openshift_docker_options="-l warn --ipv6=false"
 # Deprecated methods to set --log-driver and --log-opts flags, use openshift_docker_options instead
-#cli_docker_log_driver=json
-#cli_docker_log_options="tag=mailer"
+#openshift_docker_log_driver=json
+#openshift_docker_log_options="tag=mailer"
 
 
 # Alternate image format string. If you're not modifying the format string and
 # only need to inject your own registry you may want to consider
-# cli_docker_additional_registries instead
+# openshift_docker_additional_registries instead
 #oreg_url=example.com/openshift3/ose-${component}:${version}
 
 # Additional yum repos to install
@@ -89,6 +91,30 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
 # LDAP auth
 #openshift_master_identity_providers=[{'name': 'my_ldap_provider', 'challenge': 'true', 'login': 'true', 'kind': 'LDAPPasswordIdentityProvider', 'attributes': {'id': ['dn'], 'email': ['mail'], 'name': ['cn'], 'preferredUsername': ['uid']}, 'bindDN': '', 'bindPassword': '', 'ca': '', 'insecure': 'false', 'url': 'ldap://ldap.example.com:389/ou=users,dc=example,dc=com?uid'}]
 
+# Cloud Provider Configuration
+#
+# Note: You may make use of environment variables rather than store
+# sensitive configuration within the ansible inventory.
+# For example:
+#openshift_cloudprovider_aws_access_key="{{ lookup('env','AWS_ACCESS_KEY_ID') }}"
+#openshift_cloudprovider_aws_secret_key="{{ lookup('env','AWS_SECRET_ACCESS_KEY') }}"
+#
+# AWS
+#openshift_cloudprovider_kind=aws
+# Note: IAM profiles may be used instead of storing API credentials on disk.
+#openshift_cloudprovider_aws_access_key=aws_access_key_id
+#openshift_cloudprovider_aws_secret_key=aws_secret_access_key
+#
+# Openstack
+#openshift_cloudprovider_kind=openstack
+#openshift_cloudprovider_openstack_auth_url=http://openstack.example.com:35357/v2.0/
+#openshift_cloudprovider_openstack_username=username
+#openshift_cloudprovider_openstack_password=password
+#openshift_cloudprovider_openstack_tenand_id=tenant_id
+#openshift_cloudprovider_openstack_tenant_name=tenant_name
+#openshift_cloudprovider_openstack_region=region
+#openshift_cloudprovider_openstack_lb_subnet_id=subnet_id
+
 # Project Configuration
 #osm_project_request_message=''
 #osm_project_request_template=''
diff --git a/inventory/multi_inventory.py b/inventory/multi_inventory.py
index 20fc48aa9..be597267e 100755
--- a/inventory/multi_inventory.py
+++ b/inventory/multi_inventory.py
@@ -25,6 +25,9 @@ class MultiInventoryException(Exception):
     '''Exceptions for MultiInventory class'''
     pass
 
+# pylint: disable=too-many-public-methods
+# After a refactor of too-many-branches and placing those branches into
+# their own corresponding function, we have passed the allowed amount of functions(20).
 class MultiInventory(object):
     '''
        MultiInventory class:
@@ -282,35 +285,75 @@ class MultiInventory(object):
         else:
             return data.get(keys, None)
 
-    def apply_account_config(self, acc_config):
-        ''' Apply account config settings
-        '''
-        results = self.all_inventory_results[acc_config['name']]
-        results['all_hosts'] = results['_meta']['hostvars'].keys()
-
+    def apply_extra_vars(self, inventory, extra_vars):
+        ''' Apply the account config extra vars '''
         # Extra vars go here
-        for new_var, value in acc_config.get('extra_vars', {}).items():
-            for data in results['_meta']['hostvars'].values():
+        for new_var, value in extra_vars.items():
+            for data in inventory.values():
                 self.add_entry(data, new_var, value)
 
+    def apply_clone_vars(self, inventory, clone_vars):
+        ''' Apply the account config clone vars '''
         # Clone vars go here
-        for to_name, from_name in acc_config.get('clone_vars', {}).items():
-            for data in results['_meta']['hostvars'].values():
+        for to_name, from_name in clone_vars.items():
+            for data in inventory.values():
                 self.add_entry(data, to_name, self.get_entry(data, from_name))
 
-        # Extra groups go here
-        for new_var, value in acc_config.get('extra_groups', {}).items():
-            for data in results['_meta']['hostvars'].values():
-                results["%s_%s" % (new_var, value)] = copy.copy(results['all_hosts'])
-
-        # Clone groups go here
-        # Build a group based on the desired key name
-        for to_name, from_name in acc_config.get('clone_groups', {}).items():
-            for name, data in results['_meta']['hostvars'].items():
+    def apply_extra_groups(self, inventory, extra_groups):
+        ''' Apply the account config for extra groups '''
+        _ = self # Here for pylint.  wanted an instance method instead of static
+        for new_var, value in extra_groups.items():
+            for _ in inventory['_meta']['hostvars'].values():
+                inventory["%s_%s" % (new_var, value)] = copy.copy(inventory['all_hosts'])
+
+    def apply_clone_groups(self, inventory, clone_groups):
+        ''' Apply the account config for clone groups '''
+        for to_name, from_name in clone_groups.items():
+            for name, data in inventory['_meta']['hostvars'].items():
                 key = '%s_%s' % (to_name, self.get_entry(data, from_name))
-                if not results.has_key(key):
-                    results[key] = []
-                results[key].append(name)
+                if not inventory.has_key(key):
+                    inventory[key] = []
+                inventory[key].append(name)
+
+    def apply_group_selectors(self, inventory, group_selectors):
+        ''' Apply the account config for group selectors '''
+        _ = self # Here for pylint.  wanted an instance method instead of static
+        # There could be multiple clusters per account.  We need to process these selectors
+        # based upon the oo_clusterid_ variable.
+        clusterids = [group for group in inventory if "oo_clusterid_" in group]
+
+        for clusterid in clusterids:
+            for selector in group_selectors:
+                if inventory.has_key(selector['from_group']):
+                    hosts = list(set(inventory[clusterid]) & set(inventory[selector['from_group']]))
+                    hosts.sort()
+
+                    # Multiple clusters in an account
+                    if inventory.has_key(selector['name']):
+                        inventory[selector['name']].extend(hosts[0:selector['count']])
+                    else:
+                        inventory[selector['name']] = hosts[0:selector['count']]
+
+                    for host in hosts:
+                        if host in inventory[selector['name']]:
+                            inventory['_meta']['hostvars'][host][selector['name']] = True
+                        else:
+                            inventory['_meta']['hostvars'][host][selector['name']] = False
+
+    def apply_account_config(self, acc_config):
+        ''' Apply account config settings '''
+        results = self.all_inventory_results[acc_config['name']]
+        results['all_hosts'] = results['_meta']['hostvars'].keys()
+
+        self.apply_extra_vars(results['_meta']['hostvars'], acc_config.get('extra_vars', {}))
+
+        self.apply_clone_vars(results['_meta']['hostvars'], acc_config.get('clone_vars', {}))
+
+        self.apply_extra_groups(results, acc_config.get('extra_groups', {}))
+
+        self.apply_clone_groups(results, acc_config.get('clone_groups', {}))
+
+        self.apply_group_selectors(results, acc_config.get('group_selectors', {}))
 
         # store the results back into all_inventory_results
         self.all_inventory_results[acc_config['name']] = results