1 files changed, 100 insertions, 40 deletions
diff --git a/roles/openshift_aws/defaults/main.yml b/roles/openshift_aws/defaults/main.yml
index 5371588cf..71de24339 100644
--- a/roles/openshift_aws/defaults/main.yml
+++ b/roles/openshift_aws/defaults/main.yml
@@ -1,23 +1,26 @@
 ---
 openshift_aws_create_s3: True
 openshift_aws_create_iam_cert: True
+openshift_aws_create_iam_role: False
 openshift_aws_create_security_groups: True
 openshift_aws_create_launch_config: True
 openshift_aws_create_scale_group: True
-openshift_aws_node_group_type: master
 
+openshift_aws_node_group_upgrade: False
 openshift_aws_wait_for_ssh: True
 
 openshift_aws_clusterid: default
 openshift_aws_region: us-east-1
 openshift_aws_vpc_name: "{{ openshift_aws_clusterid }}"
 openshift_aws_build_ami_group: "{{ openshift_aws_clusterid }}"
-openshift_aws_kubernetes_cluster_status: "{{ openshift_aws_clusterid }}"
 
 openshift_aws_iam_cert_name: "{{ openshift_aws_clusterid }}-master-external"
 openshift_aws_iam_cert_path: ''
 openshift_aws_iam_cert_key_path: ''
-openshift_aws_scale_group_name: "{{ openshift_aws_clusterid }} openshift {{ openshift_aws_node_group_type }}"
+
+openshift_aws_iam_role_name: openshift_node_describe_instances
+openshift_aws_iam_role_policy_json: "{{ lookup('file', 'describeinstances.json') }}"
+openshift_aws_iam_role_policy_name: "describe_instances"
 
 openshift_aws_iam_kms_alias: "alias/{{ openshift_aws_clusterid }}_kms"
 openshift_aws_ami: ''
@@ -28,14 +31,13 @@ openshift_aws_ami_name: openshift-gi
 openshift_aws_base_ami_name: ami_base
 
 openshift_aws_launch_config_bootstrap_token: ''
-openshift_aws_launch_config_name: "{{ openshift_aws_clusterid }}-{{ openshift_aws_node_group_type }}-{{ ansible_date_time.epoch }}"
 
 openshift_aws_users: []
 
 openshift_aws_ami_tags:
   bootstrap: "true"
   openshift-created: "true"
-  clusterid: "{{ openshift_aws_clusterid }}"
+  parent: "{{ openshift_aws_base_ami | default('unknown') }}"
 
 openshift_aws_s3_mode: create
 openshift_aws_s3_bucket_name: "{{ openshift_aws_clusterid }}-docker-registry"
@@ -48,12 +50,19 @@ openshift_aws_elb_health_check:
   unhealthy_threshold: 2
   healthy_threshold: 2
 
-openshift_aws_elb_name: "{{ openshift_aws_clusterid }}-{{ openshift_aws_node_group_type }}"
+openshift_aws_elb_basename: "{{ openshift_aws_clusterid }}"
+openshift_aws_elb_name_dict:
+  master:
+    external: "{{ openshift_aws_elb_basename }}-master-external"
+    internal: "{{ openshift_aws_elb_basename }}-master-internal"
+  infra:
+    external: "{{ openshift_aws_elb_basename }}-infra"
+
 openshift_aws_elb_idle_timout: 400
 openshift_aws_elb_scheme: internet-facing
 openshift_aws_elb_cert_arn: ''
 
-openshift_aws_elb_listeners:
+openshift_aws_elb_dict:
   master:
     external:
     - protocol: tcp
@@ -75,6 +84,18 @@ openshift_aws_elb_listeners:
       load_balancer_port: 443
       instance_protocol: tcp
       instance_port: 443
+  infra:
+    external:
+    - protocol: tcp
+      load_balancer_port: 80
+      instance_protocol: tcp
+      instance_port: 443
+      proxy_protocol: True
+    - protocol: tcp
+      load_balancer_port: 443
+      instance_protocol: tcp
+      instance_port: 443
+      proxy_protocol: True
 
 openshift_aws_node_group_config_master_volumes:
 - device_name: /dev/sdb
@@ -88,17 +109,47 @@ openshift_aws_node_group_config_node_volumes:
   device_type: gp2
   delete_on_termination: True
 
-openshift_aws_node_group_config_tags: "{{ openshift_aws_clusterid | build_instance_tags(openshift_aws_kubernetes_cluster_status) }}"
+openshift_aws_node_group_config_tags: "{{ openshift_aws_clusterid | build_instance_tags }}"
 openshift_aws_node_group_termination_policy: Default
 openshift_aws_node_group_replace_instances: []
 openshift_aws_node_group_replace_all_instances: False
-openshift_aws_node_group_config_extra_labels: {}
 
-openshift_aws_node_group_config:
-  tags: "{{ openshift_aws_node_group_config_tags }}"
+openshift_aws_ami_map:
+  master: "{{ openshift_aws_ami }}"
+  infra: "{{ openshift_aws_ami }}"
+  compute: "{{ openshift_aws_ami }}"
+
+openshift_aws_master_group:
+- name: "{{ openshift_aws_clusterid }} master group"
+  group: master
+  tags:
+    host-type: master
+    sub-host-type: default
+    runtime: docker
+
+openshift_aws_node_groups:
+- name: "{{ openshift_aws_clusterid }} compute group"
+  group: compute
+  tags:
+    host-type: node
+    sub-host-type: compute
+    runtime: docker
+
+- name: "{{ openshift_aws_clusterid }} infra group"
+  group: infra
+  tags:
+    host-type: node
+    sub-host-type: infra
+    runtime: docker
+
+openshift_aws_created_asgs: []
+openshift_aws_current_asgs: []
+
+# these will be used during upgrade
+openshift_aws_master_group_config:
+  # The 'master' key is always required here.
   master:
     instance_type: m4.xlarge
-    ami: "{{ openshift_aws_ami }}"
     volumes: "{{ openshift_aws_node_group_config_master_volumes }}"
     health_check:
       period: 60
@@ -106,17 +157,18 @@ openshift_aws_node_group_config:
     min_size: 3
     max_size: 3
     desired_size: 3
-    tags:
-      host-type: master
-      sub-host-type: default
-    labels:
-      type: master
     wait_for_instances: True
     termination_policy: "{{ openshift_aws_node_group_termination_policy }}"
     replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}"
+    iam_role: "{{ openshift_aws_iam_role_name }}"
+    policy_name: "{{ openshift_aws_iam_role_policy_name }}"
+    policy_json: "{{ openshift_aws_iam_role_policy_json }}"
+    elbs: "{{ openshift_aws_elb_name_dict['master'].keys()| map('extract', openshift_aws_elb_name_dict['master']) | list }}"
+
+openshift_aws_node_group_config:
+  # The 'compute' key is always required here.
   compute:
     instance_type: m4.xlarge
-    ami: "{{ openshift_aws_ami }}"
     volumes: "{{ openshift_aws_node_group_config_node_volumes }}"
     health_check:
       period: 60
@@ -124,16 +176,14 @@ openshift_aws_node_group_config:
     min_size: 3
     max_size: 100
     desired_size: 3
-    tags:
-      host-type: node
-      sub-host-type: compute
-    labels:
-      type: compute
     termination_policy: "{{ openshift_aws_node_group_termination_policy }}"
     replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}"
+    iam_role: "{{ openshift_aws_iam_role_name }}"
+    policy_name: "{{ openshift_aws_iam_role_policy_name }}"
+    policy_json: "{{ openshift_aws_iam_role_policy_json }}"
+  # The 'infra' key is always required here.
   infra:
     instance_type: m4.xlarge
-    ami: "{{ openshift_aws_ami }}"
     volumes: "{{ openshift_aws_node_group_config_node_volumes }}"
     health_check:
       period: 60
@@ -141,27 +191,35 @@ openshift_aws_node_group_config:
     min_size: 2
     max_size: 20
     desired_size: 2
-    tags:
-      host-type: node
-      sub-host-type: infra
-    labels:
-      type: infra
     termination_policy: "{{ openshift_aws_node_group_termination_policy }}"
     replace_all_instances: "{{ openshift_aws_node_group_replace_all_instances }}"
+    iam_role: "{{ openshift_aws_iam_role_name }}"
+    policy_name: "{{ openshift_aws_iam_role_policy_name }}"
+    policy_json: "{{ openshift_aws_iam_role_policy_json }}"
+    elbs: "{{ openshift_aws_elb_name_dict['infra'].keys()| map('extract', openshift_aws_elb_name_dict['infra']) | list }}"
+
+openshift_aws_elb_tags: "{{ openshift_aws_kube_tags }}"
+openshift_aws_elb_az_load_balancing: False
 
-openshift_aws_elb_security_groups:
-- "{{ openshift_aws_clusterid }}"
-- "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}"
+openshift_aws_kube_tags: "{{ openshift_aws_clusterid | build_instance_tags }}"
 
-openshift_aws_elb_instance_filter:
-  "tag:clusterid": "{{ openshift_aws_clusterid }}"
-  "tag:host-type": "{{ openshift_aws_node_group_type }}"
-  instance-state-name: running
+openshift_aws_elb_security_groups: "{{ openshift_aws_launch_config_security_groups }}"
 
 openshift_aws_launch_config_security_groups:
-- "{{ openshift_aws_clusterid }}"  # default sg
-- "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}"  # node type sg
-- "{{ openshift_aws_clusterid }}_{{ openshift_aws_node_group_type }}_k8s"  # node type sg k8s
+  compute:
+  - "{{ openshift_aws_clusterid }}"  # default sg
+  - "{{ openshift_aws_clusterid }}_compute"  # node type sg
+  - "{{ openshift_aws_clusterid }}_compute_k8s"  # node type sg k8s
+  infra:
+  - "{{ openshift_aws_clusterid }}"  # default sg
+  - "{{ openshift_aws_clusterid }}_infra"  # node type sg
+  - "{{ openshift_aws_clusterid }}_infra_k8s"  # node type sg k8s
+  master:
+  - "{{ openshift_aws_clusterid }}"  # default sg
+  - "{{ openshift_aws_clusterid }}_master"  # node type sg
+  - "{{ openshift_aws_clusterid }}_master_k8s"  # node type sg k8s
+
+openshift_aws_security_groups_tags: "{{ openshift_aws_kube_tags }}"
 
 openshift_aws_node_security_groups:
   default:
@@ -214,7 +272,7 @@ openshift_aws_node_security_groups:
 openshift_aws_vpc_tags:
   Name: "{{ openshift_aws_vpc_name }}"
 
-openshift_aws_subnet_name: us-east-1c
+openshift_aws_subnet_az: us-east-1c
 
 openshift_aws_vpc:
   name: "{{ openshift_aws_vpc_name }}"
@@ -231,3 +289,5 @@ openshift_aws_vpc:
 openshift_aws_node_run_bootstrap_startup: True
 openshift_aws_node_user_data: ''
 openshift_aws_node_config_namespace: openshift-node
+
+openshift_aws_masters_groups: masters,etcd,nodes