24 files changed, 351 insertions, 338 deletions

diff --git a/playbooks/aws/ansible-tower/config.yml b/playbooks/aws/ansible-tower/config.yml
deleted file mode 100644
index efd1b9911..000000000
--- a/playbooks/aws/ansible-tower/config.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-- name: "populate oo_hosts_to_config host group if needed"
-  hosts: localhost
-  gather_facts: no
-  tasks:
-  - name: Evaluate oo_host_group_exp if it's set
-    add_host: "name={{ item }} groups=oo_hosts_to_config"
-    with_items: "{{ oo_host_group_exp | default(['']) }}"
-    when: oo_host_group_exp is defined
-
-- name: "Configure instances"
-  hosts: oo_hosts_to_config
-  connection: ssh
-  user: root
-  vars_files:
-    - vars.yml
-    - "vars.{{ oo_env }}.yml"
-  roles:
-    - os_ipv6_disable
-    - ansible
-    - ansible_tower
-    - os_env_extras
diff --git a/playbooks/aws/ansible-tower/filter_plugins b/playbooks/aws/ansible-tower/filter_plugins
deleted file mode 120000
index 99a95e4ca..000000000
--- a/playbooks/aws/ansible-tower/filter_plugins
+++ /dev/null
@@ -1 +0,0 @@
-../../../filter_plugins
\ No newline at end of file
diff --git a/playbooks/aws/ansible-tower/launch.yml b/playbooks/aws/ansible-tower/launch.yml
deleted file mode 100644
index 850238ffb..000000000
--- a/playbooks/aws/ansible-tower/launch.yml
+++ /dev/null
@@ -1,78 +0,0 @@
----
-- name: Launch instance(s)
-  hosts: localhost
-  connection: local
-  gather_facts: no
-
-  vars:
-    inst_region: us-east-1
-    rhel7_ami: ami-9101c8fa
-    user_data_file: user_data.txt
-
-  vars_files:
-    - vars.yml
-    - "vars.{{ oo_env }}.yml"
-
-  tasks:
-    - name: Launch instances in VPC
-      ec2:
-        state: present
-        region: "{{ inst_region }}"
-        keypair: mmcgrath_libra
-        group_id: "{{ oo_security_group_ids }}"
-        instance_type: c4.xlarge
-        image: "{{ rhel7_ami }}"
-        count: "{{ oo_new_inst_names | length }}"
-        user_data: "{{ lookup('file', user_data_file) }}"
-        wait: yes
-        assign_public_ip: "{{ oo_assign_public_ip }}"
-        vpc_subnet_id: "{{ oo_vpc_subnet_id }}"
-      register: ec2
-
-    - name: Add Name and environment tags to instances
-      ec2_tag: "resource={{ item.1.id }} region={{ inst_region }} state=present"
-      with_together:
-        - oo_new_inst_names
-        - ec2.instances
-      args:
-        tags:
-          Name: "{{ item.0 }}"
-
-    - name: Add other tags to instances
-      ec2_tag: "resource={{ item.id }} region={{ inst_region }} state=present"
-      with_items: ec2.instances
-      args:
-        tags: "{{ oo_new_inst_tags }}"
-
-    - name: Add new instances public IPs to oo_hosts_to_config
-      add_host: "hostname={{ item.0 }} ansible_ssh_host={{ item.1.public_ip }} groupname=oo_hosts_to_config"
-      with_together:
-        - oo_new_inst_names
-        - ec2.instances
-
-    - debug: var=ec2
-
-    - name: Wait for ssh
-      wait_for: "port=22 host={{ item.public_ip }}"
-      with_items: ec2.instances
-
-    - name: Wait for root user setup
-      command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null root@{{ item.public_ip }} echo root user is setup"
-      register: result
-      until: result.rc == 0
-      retries: 20
-      delay: 10
-      with_items: ec2.instances
-
-- name: Initial setup
-  hosts: oo_hosts_to_config
-  user: root
-  gather_facts: true
-
-  tasks:
-
-    - name: Yum update
-      yum: name=* state=latest
-
-# Apply the configs, seprate so that just the configs can be run by themselves
-- include: config.yml
diff --git a/playbooks/aws/ansible-tower/roles b/playbooks/aws/ansible-tower/roles
deleted file mode 120000
index 20c4c58cf..000000000
--- a/playbooks/aws/ansible-tower/roles
+++ /dev/null
@@ -1 +0,0 @@
-../../../roles
\ No newline at end of file
diff --git a/playbooks/aws/ansible-tower/user_data.txt b/playbooks/aws/ansible-tower/user_data.txt
deleted file mode 100644
index 643d17c32..000000000
--- a/playbooks/aws/ansible-tower/user_data.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-#cloud-config
-disable_root: 0
-
-system_info:
-  default_user:
-    name: root
diff --git a/playbooks/aws/ansible-tower/vars.ops.yml b/playbooks/aws/ansible-tower/vars.ops.yml
deleted file mode 100644
index feb5d786a..000000000
--- a/playbooks/aws/ansible-tower/vars.ops.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-oo_env_long: operations
-oo_zabbix_hostgroups: ['OPS Environment']
-oo_vpc_subnet_id: subnet-4f0bdd38  # USE OPS
-oo_assign_public_ip: yes
-oo_security_group_ids:
-  - sg-02c2f267 # Libra (vpc)
-  - sg-7fc4f41a # ops (vpc)
-  - sg-4dc26829 # ops_tower (vpc)
diff --git a/playbooks/aws/ansible-tower/vars.yml b/playbooks/aws/ansible-tower/vars.yml
deleted file mode 100644
index ed97d539c..000000000
--- a/playbooks/aws/ansible-tower/vars.yml
+++ /dev/null
@@ -1 +0,0 @@
----
diff --git a/playbooks/aws/openshift-cluster/add_nodes.yml b/playbooks/aws/openshift-cluster/add_nodes.yml
new file mode 100644
index 000000000..0e8eb90c1
--- /dev/null
+++ b/playbooks/aws/openshift-cluster/add_nodes.yml
@@ -0,0 +1,35 @@
+---
+- name: Launch instance(s)
+  hosts: localhost
+  connection: local
+  become: no
+  gather_facts: no
+  vars_files:
+  - vars.yml
+  vars:
+    oo_extend_env: True
+  tasks:
+  - include: ../../common/openshift-cluster/tasks/set_node_launch_facts.yml
+    vars:
+      type: "compute"
+      count: "{{ num_nodes }}"
+  - include: tasks/launch_instances.yml
+    vars:
+      instances: "{{ node_names }}"
+      cluster: "{{ cluster_id }}"
+      type: "{{ k8s_type }}"
+      g_sub_host_type: "{{ sub_host_type }}"
+
+  - include: ../../common/openshift-cluster/tasks/set_node_launch_facts.yml
+    vars:
+      type: "infra"
+      count: "{{ num_infra }}"
+  - include: tasks/launch_instances.yml
+    vars:
+      instances: "{{ node_names }}"
+      cluster: "{{ cluster_id }}"
+      type: "{{ k8s_type }}"
+      g_sub_host_type: "{{ sub_host_type }}"
+
+- include: scaleup.yml
+- include: list.yml
diff --git a/playbooks/aws/openshift-cluster/cluster_hosts.yml b/playbooks/aws/openshift-cluster/cluster_hosts.yml
new file mode 100644
index 000000000..119b376aa
--- /dev/null
+++ b/playbooks/aws/openshift-cluster/cluster_hosts.yml
@@ -0,0 +1,21 @@
+---
+g_all_hosts:     "{{ groups['tag_clusterid_' ~ cluster_id] | default([])
+                    | intersect(groups['tag_environment_' ~ cluster_env] | default([])) }}"
+
+g_etcd_hosts:    "{{ g_all_hosts | intersect(groups['tag_host-type_etcd'] | default([])) }}"
+
+g_lb_hosts:      "{{ g_all_hosts | intersect(groups['tag_host-type_lb'] | default([])) }}"
+
+g_nfs_hosts:     "{{ g_all_hosts | intersect(groups['tag_host-type_nfs'] | default([])) }}"
+
+g_master_hosts:  "{{ g_all_hosts | intersect(groups['tag_host-type_master'] | default([])) }}"
+
+g_new_master_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_new_master'] | default([])) }}"
+
+g_node_hosts:    "{{ g_all_hosts | intersect(groups['tag_host-type_node'] | default([])) }}"
+
+g_new_node_hosts: "{{ g_all_hosts | intersect(groups['tag_host-type_new_node'] | default([])) }}"
+
+g_infra_hosts:   "{{ g_node_hosts | intersect(groups['tag_sub-host-type_infra'] | default([])) }}"
+
+g_compute_hosts: "{{ g_node_hosts | intersect(groups['tag_sub-host-type_compute'] | default([])) }}"
diff --git a/playbooks/aws/openshift-cluster/config.yml b/playbooks/aws/openshift-cluster/config.yml
index 6ee539c7e..05cfe7d6e 100644
--- a/playbooks/aws/openshift-cluster/config.yml
+++ b/playbooks/aws/openshift-cluster/config.yml
@@ -1,22 +1,39 @@
 ---
+- include: ../../common/openshift-cluster/verify_ansible_version.yml
+
 - hosts: localhost
   gather_facts: no
-  vars_files:
-  - vars.yml
   tasks:
-  - set_fact:
-      g_ssh_user_tmp: "{{ deployment_vars[deployment_type].ssh_user }}"
-      g_sudo_tmp: "{{ deployment_vars[deployment_type].sudo }}"
+  - include_vars: vars.yml
+  - include_vars: cluster_hosts.yml
+  - add_host:
+      name: "{{ item }}"
+      groups: l_oo_all_hosts
+    with_items: "{{ g_all_hosts | default([]) }}"
+
+- hosts: l_oo_all_hosts
+  gather_facts: no
+  tasks:
+  - include_vars: vars.yml
+  - include_vars: cluster_hosts.yml
 
 - include: ../../common/openshift-cluster/config.yml
   vars:
-    g_etcd_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-etcd' }}"
-    g_masters_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-master' }}"
-    g_nodes_group: "{{ 'tag_env-host-type_' ~ cluster_id ~ '-openshift-node' }}"
-    g_ssh_user: "{{ hostvars.localhost.g_ssh_user_tmp }}"
-    g_sudo: "{{ hostvars.localhost.g_sudo_tmp }}"
+    g_ssh_user:     "{{ deployment_vars[deployment_type].ssh_user }}"
+    g_sudo:         "{{ deployment_vars[deployment_type].become }}"
+    g_nodeonmaster: true
     openshift_cluster_id: "{{ cluster_id }}"
-    openshift_debug_level: 4
+    openshift_debug_level: "{{ debug_level }}"
     openshift_deployment_type: "{{ deployment_type }}"
-    openshift_hostname: "{{ ec2_private_ip_address }}"
     openshift_public_hostname: "{{ ec2_ip_address }}"
+    openshift_hosted_registry_selector: 'type=infra'
+    openshift_hosted_router_selector: 'type=infra'
+    openshift_node_labels:
+      region: "{{ deployment_vars[deployment_type].region }}"
+      type: "{{ hostvars[inventory_hostname]['ec2_tag_sub-host-type'] }}"
+    openshift_master_cluster_method: 'native'
+    openshift_use_openshift_sdn: "{{ lookup('oo_option', 'use_openshift_sdn') }}"
+    os_sdn_network_plugin_name: "{{ lookup('oo_option', 'sdn_network_plugin_name') }}"
+    openshift_use_flannel: "{{ lookup('oo_option', 'use_flannel') }}"
+    openshift_use_fluentd: "{{ lookup('oo_option', 'use_fluentd') }}"
+    openshift_use_dnsmasq: false
diff --git a/playbooks/aws/openshift-cluster/launch.yml b/playbooks/aws/openshift-cluster/launch.yml
index 5db87fa90..3edace493 100644
--- a/playbooks/aws/openshift-cluster/launch.yml
+++ b/playbooks/aws/openshift-cluster/launch.yml
@@ -2,35 +2,48 @@
 - name: Launch instance(s)
   hosts: localhost
   connection: local
+  become: no
   gather_facts: no
   vars_files:
   - vars.yml
-  - ["vars.{{ deployment_type }}.{{ cluster_id }}.yml", vars.defaults.yml]
   tasks:
-  - fail:
-      msg: Deployment type not supported for aws provider yet
-    when: deployment_type == 'enterprise'
-
-  - include: ../../common/openshift-cluster/set_etcd_launch_facts_tasks.yml
+  - include: ../../common/openshift-cluster/tasks/set_etcd_launch_facts.yml
   - include: tasks/launch_instances.yml
     vars:
       instances: "{{ etcd_names }}"
       cluster: "{{ cluster_id }}"
       type: "{{ k8s_type }}"
+      g_sub_host_type: "default"
 
-  - include: ../../common/openshift-cluster/set_master_launch_facts_tasks.yml
+  - include: ../../common/openshift-cluster/tasks/set_master_launch_facts.yml
   - include: tasks/launch_instances.yml
     vars:
       instances: "{{ master_names }}"
       cluster: "{{ cluster_id }}"
       type: "{{ k8s_type }}"
+      g_sub_host_type: "default"
 
-  - include: ../../common/openshift-cluster/set_node_launch_facts_tasks.yml
+  - include: ../../common/openshift-cluster/tasks/set_node_launch_facts.yml
+    vars:
+      type: "compute"
+      count: "{{ num_nodes }}"
   - include: tasks/launch_instances.yml
     vars:
       instances: "{{ node_names }}"
       cluster: "{{ cluster_id }}"
       type: "{{ k8s_type }}"
+      g_sub_host_type: "{{ sub_host_type }}"
+
+  - include: ../../common/openshift-cluster/tasks/set_node_launch_facts.yml
+    vars:
+      type: "infra"
+      count: "{{ num_infra }}"
+  - include: tasks/launch_instances.yml
+    vars:
+      instances: "{{ node_names }}"
+      cluster: "{{ cluster_id }}"
+      type: "{{ k8s_type }}"
+      g_sub_host_type: "{{ sub_host_type }}"
 
   - add_host:
       name: "{{ master_names.0 }}"
@@ -38,9 +51,4 @@
     when: master_names is defined and master_names.0 is defined
 
 - include: update.yml
-
-- include: ../../common/openshift-cluster/create_services.yml
-  vars:
-     g_svc_master: "{{ service_master }}"
-
 - include: list.yml
diff --git a/playbooks/aws/openshift-cluster/library/ec2_ami_find.py b/playbooks/aws/openshift-cluster/library/ec2_ami_find.py
index 29e594a65..2b1db62d8 100644
--- a/playbooks/aws/openshift-cluster/library/ec2_ami_find.py
+++ b/playbooks/aws/openshift-cluster/library/ec2_ami_find.py
@@ -158,7 +158,7 @@ EXAMPLES = '''
 # Launch an EC2 instance
 - ec2:
     image: "{{ ami_search.results[0].ami_id }}"
-    instance_type: m3.medium
+    instance_type: m4.medium
     key_name: mykey
     wait: yes
 '''
diff --git a/playbooks/aws/openshift-cluster/list.yml b/playbooks/aws/openshift-cluster/list.yml
index 04fcdc0a1..ed8aac398 100644
--- a/playbooks/aws/openshift-cluster/list.yml
+++ b/playbooks/aws/openshift-cluster/list.yml
@@ -2,10 +2,12 @@
 - name: Generate oo_list_hosts group
   hosts: localhost
   gather_facts: no
+  connection: local
+  become: no
   vars_files:
   - vars.yml
   tasks:
-  - set_fact: scratch_group=tag_env_{{ cluster_id }}
+  - set_fact: scratch_group=tag_clusterid_{{ cluster_id }}
     when: cluster_id != ''
   - set_fact: scratch_group=all
     when: cluster_id == ''
@@ -13,12 +15,9 @@
       name: "{{ item }}"
       groups: oo_list_hosts
       ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
-      ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
-    with_items: groups[scratch_group] | default([]) | difference(['localhost'])
-
-- name: List Hosts
-  hosts: oo_list_hosts
-  gather_facts: no
-  tasks:
+      ansible_become: "{{ deployment_vars[deployment_type].become }}"
+      oo_public_ipv4: "{{ hostvars[item].ec2_ip_address }}"
+      oo_private_ipv4: "{{ hostvars[item].ec2_private_ip_address }}"
+    with_items: "{{ groups[scratch_group] | default([]) | difference(['localhost']) }}"
   - debug:
-      msg: "public ip:{{ hostvars[inventory_hostname].ec2_ip_address }} private ip:{{ hostvars[inventory_hostname].ec2_private_ip_address }}"
+      msg: "{{ hostvars | oo_select_keys(groups[scratch_group] | default([])) | oo_pretty_print_cluster }}"
diff --git a/playbooks/aws/openshift-cluster/scaleup.yml b/playbooks/aws/openshift-cluster/scaleup.yml
new file mode 100644
index 000000000..6fa9142a0
--- /dev/null
+++ b/playbooks/aws/openshift-cluster/scaleup.yml
@@ -0,0 +1,32 @@
+---
+
+- hosts: localhost
+  gather_facts: no
+  connection: local
+  become: no
+  vars_files:
+  - vars.yml
+  tasks:
+  - name: Evaluate oo_hosts_to_update
+    add_host:
+      name: "{{ item }}"
+      groups: oo_hosts_to_update
+      ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+      ansible_become: "{{ deployment_vars[deployment_type].become }}"
+    with_items: "{{ groups.nodes_to_add }}"
+
+- include: ../../common/openshift-cluster/update_repos_and_packages.yml
+
+- include: ../../common/openshift-cluster/scaleup.yml
+  vars_files:
+  - ../../aws/openshift-cluster/vars.yml
+  - ../../aws/openshift-cluster/cluster_hosts.yml
+  vars:
+    g_new_node_hosts: "{{ groups.nodes_to_add }}"
+    g_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+    g_sudo: "{{ deployment_vars[deployment_type].become }}"
+    g_nodeonmaster: true
+    openshift_cluster_id: "{{ cluster_id }}"
+    openshift_debug_level: "{{ debug_level }}"
+    openshift_deployment_type: "{{ deployment_type }}"
+    openshift_public_hostname: "{{ ec2_ip_address }}"
diff --git a/playbooks/aws/openshift-cluster/service.yml b/playbooks/aws/openshift-cluster/service.yml
index 25cf48505..f7f4812bb 100644
--- a/playbooks/aws/openshift-cluster/service.yml
+++ b/playbooks/aws/openshift-cluster/service.yml
@@ -1,9 +1,12 @@
 ---
 - name: Call same systemctl command for openshift on all instance(s)
   hosts: localhost
+  connection: local
+  become: no
   gather_facts: no
   vars_files:
   - vars.yml
+  - cluster_hosts.yml
   tasks:
   - fail: msg="cluster_id is required to be injected in this playbook"
     when: cluster_id is not defined
@@ -13,16 +16,16 @@
       name: "{{ item }}"
       groups: g_service_masters
       ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
-      ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
-    with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | default([])
+      ansible_become: "{{ deployment_vars[deployment_type].become }}"
+    with_items: "{{ master_hosts | default([]) }}"
 
   - name: Evaluate g_service_nodes
     add_host:
       name: "{{ item }}"
       groups: g_service_nodes
       ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
-      ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
-    with_items: groups["tag_env-host-type_{{ cluster_id }}-openshift-node"] | default([])
+      ansible_become: "{{ deployment_vars[deployment_type].become }}"
+    with_items: "{{ node_hosts | default([]) }}"
 
 - include: ../../common/openshift-node/service.yml
 - include: ../../common/openshift-master/service.yml
diff --git a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
index 25a87aaf6..4d76d3bfe 100644
--- a/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
+++ b/playbooks/aws/openshift-cluster/tasks/launch_instances.yml
@@ -2,74 +2,68 @@
 - set_fact:
     created_by: "{{ lookup('env', 'LOGNAME')|default(cluster, true) }}"
     docker_vol_ephemeral: "{{ lookup('env', 'os_docker_vol_ephemeral') | default(false, true) }}"
-    env: "{{ cluster }}"
-    env_host_type: "{{ cluster }}-openshift-{{ type }}"
+    cluster: "{{ cluster_id }}"
+    env: "{{ cluster_env }}"
     host_type: "{{ type }}"
+    sub_host_type: "{{ g_sub_host_type }}"
 
 - set_fact:
-    ec2_region: "{{ lookup('env', 'ec2_region')
-                    | default(deployment_vars[deployment_type].region, true) }}"
-  when: ec2_region is not defined
-- set_fact:
-    ec2_image_name: "{{ lookup('env', 'ec2_image_name')
-                        | default(deployment_vars[deployment_type].image_name, true) }}"
-  when: ec2_image_name is not defined and ec2_image is not defined
-- set_fact:
-    ec2_image: "{{ lookup('env', 'ec2_image')
-                   | default(deployment_vars[deployment_type].image, true) }}"
-  when: ec2_image is not defined and not ec2_image_name
+    ec2_instance_type: "{{ lookup('env', 'ec2_master_instance_type') | default(deployment_vars[deployment_type].type, true) }}"
+    ec2_security_groups: "{{ lookup('env', 'ec2_master_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
+  when: host_type == "master" and sub_host_type == "default"
+
 - set_fact:
-    ec2_instance_type: "{{ lookup('env', 'ec2_instance_type')
-                    | default(deployment_vars[deployment_type].type, true) }}"
-  when: ec2_instance_type is not defined
+    ec2_instance_type: "{{ lookup('env', 'ec2_etcd_instance_type') | default(deployment_vars[deployment_type].type, true) }}"
+    ec2_security_groups: "{{ lookup('env', 'ec2_etcd_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
+  when: host_type == "etcd" and sub_host_type == "default"
+
 - set_fact:
-    ec2_keypair: "{{ lookup('env', 'ec2_keypair')
-                    | default(deployment_vars[deployment_type].keypair, true) }}"
-  when: ec2_keypair is not defined
+    ec2_instance_type: "{{ lookup('env', 'ec2_infra_instance_type') | default(deployment_vars[deployment_type].type, true) }}"
+    ec2_security_groups: "{{ lookup('env', 'ec2_infra_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
+  when: host_type == "node" and sub_host_type == "infra"
+
 - set_fact:
-    ec2_vpc_subnet: "{{ lookup('env', 'ec2_vpc_subnet')
-                    | default(deployment_vars[deployment_type].vpc_subnet, true) }}"
-  when: ec2_vpc_subnet is not defined
+    ec2_instance_type: "{{ lookup('env', 'ec2_node_instance_type') | default(deployment_vars[deployment_type].type, true) }}"
+    ec2_security_groups: "{{ lookup('env', 'ec2_node_security_groups') | default(deployment_vars[deployment_type].security_groups, true) }}"
+  when: host_type == "node" and sub_host_type == "compute"
+
 - set_fact:
-    ec2_assign_public_ip: "{{ lookup('env', 'ec2_assign_public_ip')
-                    | default(deployment_vars[deployment_type].assign_public_ip, true) }}"
-  when: ec2_assign_public_ip is not defined
+    ec2_instance_type: "{{ deployment_vars[deployment_type].type }}"
+  when: ec2_instance_type is not defined
 - set_fact:
-    ec2_security_groups: "{{ lookup('env', 'ec2_security_groups')
-                    | default(deployment_vars[deployment_type].security_groups, true) }}"
+    ec2_security_groups: "{{ deployment_vars[deployment_type].security_groups }}"
   when: ec2_security_groups is not defined
 
 - name: Find amis for deployment_type
   ec2_ami_find:
-    region: "{{ ec2_region }}"
-    ami_id: "{{ ec2_image | default(omit, true) }}"
-    name: "{{ ec2_image_name | default(omit, true) }}"
+    region: "{{ deployment_vars[deployment_type].region }}"
+    ami_id: "{{ deployment_vars[deployment_type].image }}"
+    name: "{{ deployment_vars[deployment_type].image_name }}"
   register: ami_result
 
 - fail: msg="Could not find requested ami"
   when: not ami_result.results
 
 - set_fact:
-    latest_ami: "{{ ami_result.results | oo_ami_selector(ec2_image_name) }}"
-    user_data: "{{ lookup('template', '../templates/user_data.j2') }}"
+    latest_ami: "{{ ami_result.results | oo_ami_selector(deployment_vars[deployment_type].image_name) }}"
     volume_defs:
       etcd:
         root:
           volume_size: "{{ lookup('env', 'os_etcd_root_vol_size') | default(25, true) }}"
           device_type: "{{ lookup('env', 'os_etcd_root_vol_type') | default('gp2', true) }}"
           iops: "{{ lookup('env', 'os_etcd_root_vol_iops') | default(500, true) }}"
-        etcd:
-          volume_size: "{{ lookup('env', 'os_etcd_vol_size') | default(32, true) }}"
-          device_type: "{{ lookup('env', 'os_etcd_vol_type') | default('gp2', true) }}"
-          iops: "{{ lookup('env', 'os_etcd_vol_iops') | default(500, true) }}"
       master:
         root:
           volume_size: "{{ lookup('env', 'os_master_root_vol_size') | default(25, true) }}"
           device_type: "{{ lookup('env', 'os_master_root_vol_type') | default('gp2', true) }}"
           iops: "{{ lookup('env', 'os_master_root_vol_iops') | default(500, true) }}"
+        docker:
+          volume_size: "{{ lookup('env', 'os_docker_vol_size') | default(10, true) }}"
+          device_type: "{{ lookup('env', 'os_docker_vol_type') | default('gp2', true) }}"
+          iops: "{{ lookup('env', 'os_docker_vol_iops') | default(500, true) }}"
       node:
         root:
-          volume_size: "{{ lookup('env', 'os_node_root_vol_size') | default(25, true) }}"
+          volume_size: "{{ lookup('env', 'os_node_root_vol_size') | default(85, true) }}"
           device_type: "{{ lookup('env', 'os_node_root_vol_type') | default('gp2', true) }}"
           iops: "{{ lookup('env', 'os_node_root_vol_iops') | default(500, true) }}"
         docker:
@@ -83,53 +77,105 @@
 - name: Launch instance(s)
   ec2:
     state: present
-    region: "{{ ec2_region }}"
-    keypair: "{{ ec2_keypair }}"
-    group: "{{ ec2_security_groups }}"
+    region: "{{ deployment_vars[deployment_type].region }}"
+    keypair: "{{ deployment_vars[deployment_type].keypair }}"
+    group: "{{ deployment_vars[deployment_type].security_groups }}"
     instance_type: "{{ ec2_instance_type }}"
-    image: "{{ latest_ami }}"
+    image: "{{ deployment_vars[deployment_type].image }}"
     count: "{{ instances | length }}"
-    vpc_subnet_id: "{{ ec2_vpc_subnet | default(omit, true) }}"
-    assign_public_ip: "{{ ec2_assign_public_ip | default(omit, true) }}"
-    user_data: "{{ user_data }}"
+    vpc_subnet_id: "{{ deployment_vars[deployment_type].vpc_subnet }}"
+    assign_public_ip: "{{ deployment_vars[deployment_type].assign_public_ip }}"
+    user_data: "{{ lookup('template', '../templates/user_data.j2') }}"
     wait: yes
     instance_tags:
       created-by: "{{ created_by }}"
-      environment: "{{ env }}"
-      env: "{{ env }}"
+      clusterid: "{{ cluster }}"
+      environment: "{{ cluster_env }}"
       host-type: "{{ host_type }}"
-      env-host-type: "{{ env_host_type }}"
+      sub-host-type: "{{ sub_host_type }}"
     volumes: "{{ volumes }}"
   register: ec2
 
 - name: Add Name tag to instances
-  ec2_tag: resource={{ item.1.id }} region={{ ec2_region }} state=present
+  ec2_tag: resource={{ item.1.id }} region={{ deployment_vars[deployment_type].region }} state=present
   with_together:
-  - instances
-  - ec2.instances
+  - "{{ instances }}"
+  - "{{ ec2.instances }}"
   args:
     tags:
       Name: "{{ item.0 }}"
 
 - set_fact:
-    instance_groups: tag_created-by_{{ created_by }}, tag_env_{{ env }}, tag_host-type_{{ host_type }}, tag_env-host-type_{{ env_host_type }}
+    instance_groups: >
+      tag_created-by_{{ created_by }}, tag_clusterid_{{ cluster }},
+      tag_environment_{{ cluster_env }}, tag_host-type_{{ host_type }},
+      tag_sub-host-type_{{ sub_host_type }}
+
+- set_fact:
+    node_label:
+      region: "{{ deployment_vars[deployment_type].region }}"
+      type: "{{sub_host_type}}"
+  when: host_type == "node"
+
+- set_fact:
+    node_label:
+      region: "{{ deployment_vars[deployment_type].region }}"
+      type: "{{host_type}}"
+  when: host_type != "node"
+
+- set_fact:
+    logrotate:
+        - name: syslog
+          path: |
+            /var/log/cron
+            /var/log/maillog
+            /var/log/messages
+            /var/log/secure
+            /var/log/spooler"
+          options:
+            - daily
+            - rotate 7
+            - compress
+            - sharedscripts
+            - missingok
+          scripts:
+            postrotate: "/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true"
 
 - name: Add new instances groups and variables
   add_host:
     hostname: "{{ item.0 }}"
     ansible_ssh_host: "{{ item.1.dns_name }}"
     ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
-    ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
+    ansible_become: "{{ deployment_vars[deployment_type].become }}"
     groups: "{{ instance_groups }}"
     ec2_private_ip_address: "{{ item.1.private_ip }}"
     ec2_ip_address: "{{ item.1.public_ip }}"
+    ec2_tag_sub-host-type: "{{ sub_host_type }}"
+    openshift_node_labels: "{{ node_label }}"
+    logrotate_scripts: "{{ logrotate }}"
+  with_together:
+  - "{{ instances }}"
+  - "{{ ec2.instances }}"
+
+- name: Add new instances to nodes_to_add group if needed
+  add_host:
+    hostname: "{{ item.0 }}"
+    ansible_ssh_host: "{{ item.1.dns_name }}"
+    ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
+    ansible_become: "{{ deployment_vars[deployment_type].become }}"
+    groups: nodes_to_add
+    ec2_private_ip_address: "{{ item.1.private_ip }}"
+    ec2_ip_address: "{{ item.1.public_ip }}"
+    openshift_node_labels: "{{ node_label }}"
+    logrotate_scripts: "{{ logrotate }}"
   with_together:
-  - instances
-  - ec2.instances
+  - "{{ instances }}"
+  - "{{ ec2.instances }}"
+  when: oo_extend_env is defined and oo_extend_env | bool
 
 - name: Wait for ssh
   wait_for: "port=22 host={{ item.dns_name }}"
-  with_items: ec2.instances
+  with_items: "{{ ec2.instances }}"
 
 - name: Wait for user setup
   command: "ssh -o StrictHostKeyChecking=no -o PasswordAuthentication=no -o ConnectTimeout=10 -o UserKnownHostsFile=/dev/null {{ hostvars[item.0].ansible_ssh_user }}@{{ item.1.dns_name }} echo {{ hostvars[item.0].ansible_ssh_user }} user is setup"
@@ -138,5 +184,5 @@
   retries: 20
   delay: 10
   with_together:
-  - instances
-  - ec2.instances
+  - "{{ instances }}"
+  - "{{ ec2.instances }}"
diff --git a/playbooks/aws/openshift-cluster/templates/user_data.j2 b/playbooks/aws/openshift-cluster/templates/user_data.j2
index 82c2f4d57..b1087f9c4 100644
--- a/playbooks/aws/openshift-cluster/templates/user_data.j2
+++ b/playbooks/aws/openshift-cluster/templates/user_data.j2
@@ -1,30 +1,12 @@
 #cloud-config
-{% if type =='etcd' %}
-cloud_config_modules:
-- disk_setup
-- mounts
-
-mounts:
-- [ xvdb, /var/lib/etcd, xfs, "defaults" ]
-
-disk_setup:
-  xvdb:
-    table_type: mbr
-    layout: True
-
-fs_setup:
-- label: etcd_storage
-  filesystem: xfs
-  device: /dev/xvdb
-  partition: auto
-{% endif %}
-
-{% if type == 'node' %}
+{% if type in ['node', 'master'] and 'docker' in volume_defs[type] %}
 mounts:
 - [ xvdb ]
 - [ ephemeral0 ]
+{% endif %}
 
 write_files:
+{% if type in ['node', 'master'] and 'docker' in volume_defs[type] %}
 - content: |
     DEVS=/dev/xvdb
     VG=docker_vg
@@ -32,14 +14,9 @@ write_files:
   owner: root:root
   permissions: '0644'
 {% endif %}
-
-{% if deployment_type == 'online' %}
-devices: ['/var'] # Workaround for https://bugs.launchpad.net/bugs/1455436
-
-disable_root: 0
-growpart:
-  mode: auto
-  devices: ['/var']
-runcmd:
-- xfs_growfs /var
+{% if deployment_vars[deployment_type].become | bool %}
+- path: /etc/sudoers.d/99-{{ deployment_vars[deployment_type].ssh_user }}-cloud-init-requiretty
+  permissions: 440
+  content: |
+    Defaults:{{ deployment_vars[deployment_type].ssh_user }} !requiretty
 {% endif %}
diff --git a/playbooks/aws/openshift-cluster/terminate.yml b/playbooks/aws/openshift-cluster/terminate.yml
index 9c3703aba..7a8375d0e 100644
--- a/playbooks/aws/openshift-cluster/terminate.yml
+++ b/playbooks/aws/openshift-cluster/terminate.yml
@@ -1,51 +1,63 @@
 ---
 - name: Terminate instance(s)
   hosts: localhost
+  connection: local
+  become: no
   gather_facts: no
   vars_files:
   - vars.yml
   tasks:
-  - set_fact: scratch_group=tag_env_{{ cluster_id }}
   - add_host:
       name: "{{ item }}"
       groups: oo_hosts_to_terminate
       ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
-      ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
-    with_items: groups[scratch_group] | default([]) | difference(['localhost'])
+      ansible_become: "{{ deployment_vars[deployment_type].become }}"
+    with_items: "{{ (groups['tag_clusterid_' ~ cluster_id] | default([])) | difference(['localhost']) }}"
+
+- name: Unsubscribe VMs
+  hosts: oo_hosts_to_terminate
+  roles:
+  - role: rhel_unsubscribe
+    when: deployment_type in ['atomic-enterprise', 'enterprise', 'openshift-enterprise'] and
+          ansible_distribution == "RedHat" and
+          lookup('oo_option', 'rhel_skip_subscription') | default(rhsub_skip, True) |
+            default('no', True) | lower in ['no', 'false']
 
 - name: Terminate instances
   hosts: localhost
   connection: local
+  become: no
   gather_facts: no
-  vars:
-    host_vars: "{{ hostvars
-                   | oo_select_keys(groups['oo_hosts_to_terminate']) }}"
   tasks:
     - name: Remove tags from instances
-      ec2_tag: resource={{ item.ec2_id }} region={{ item.ec2_region }} state=absent
-      args:
+      ec2_tag:
+        resource: "{{ hostvars[item]['ec2_id'] }}"
+        region: "{{ hostvars[item]['ec2_region'] }}"
+        state: absent
         tags:
-          env: "{{ item['ec2_tag_env'] }}"
-          host-type: "{{ item['ec2_tag_host-type'] }}"
-          env-host-type: "{{ item['ec2_tag_env-host-type'] }}"
-      with_items: host_vars
+          environment:   "{{ hostvars[item]['ec2_tag_environment'] }}"
+          clusterid:     "{{ hostvars[item]['ec2_tag_clusterid'] }}"
+          host-type:     "{{ hostvars[item]['ec2_tag_host-type'] }}"
+          sub_host_type: "{{ hostvars[item]['ec2_tag_sub-host-type'] }}"
+      with_items: "{{ groups.oo_hosts_to_terminate }}"
       when: "'oo_hosts_to_terminate' in groups"
 
     - name: Terminate instances
       ec2:
         state: absent
-        instance_ids: ["{{ item.ec2_id }}"]
-        region: "{{ item.ec2_region }}"
+        instance_ids: ["{{ hostvars[item].ec2_id }}"]
+        region: "{{ hostvars[item].ec2_region }}"
       ignore_errors: yes
       register: ec2_term
-      with_items: host_vars
+      with_items: "{{ groups.oo_hosts_to_terminate }}"
       when: "'oo_hosts_to_terminate' in groups"
 
     # Fail if any of the instances failed to terminate with an error other
     # than 403 Forbidden
-    - fail: msg=Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }}
-      when: "'oo_hosts_to_terminate' in groups and item.failed and not item.msg | search(\"error: EC2ResponseError: 403 Forbidden\")"
-      with_items: ec2_term.results
+    - fail:
+        msg: "Terminating instance {{ item.ec2_id }} failed with message {{ item.msg }}"
+      when: "'oo_hosts_to_terminate' in groups and item.has_key('failed') and item.failed"
+      with_items: "{{ ec2_term.results }}"
 
     - name: Stop instance if termination failed
       ec2:
@@ -53,13 +65,13 @@
         instance_ids: ["{{ item.item.ec2_id }}"]
         region: "{{ item.item.ec2_region }}"
       register: ec2_stop
-      when: "'oo_hosts_to_terminate' in groups and item.failed"
-      with_items: ec2_term.results
+      when: "'oo_hosts_to_terminate' in groups and item.has_key('failed') and item.failed"
+      with_items: "{{ ec2_term.results }}"
 
     - name: Rename stopped instances
       ec2_tag: resource={{ item.item.item.ec2_id }} region={{ item.item.item.ec2_region }} state=present
       args:
         tags:
           Name: "{{ item.item.item.ec2_tag_Name }}-terminate"
-      with_items: ec2_stop.results
-      when: "'oo_hosts_to_terminate' in groups"
+      with_items: "{{ ec2_stop.results }}"
+      when: ec2_stop | changed
diff --git a/playbooks/aws/openshift-cluster/update.yml b/playbooks/aws/openshift-cluster/update.yml
index e006aa74a..ed05d61ed 100644
--- a/playbooks/aws/openshift-cluster/update.yml
+++ b/playbooks/aws/openshift-cluster/update.yml
@@ -1,19 +1,33 @@
 ---
-- name: Populate oo_hosts_to_update group
+- hosts: localhost
+  gather_facts: no
+  tasks:
+  - include_vars: vars.yml
+  - include_vars: cluster_hosts.yml
+  - add_host:
+      name: "{{ item }}"
+      groups: l_oo_all_hosts
+    with_items: "{{ g_all_hosts }}"
+
+- hosts: l_oo_all_hosts
+  gather_facts: no
+  tasks:
+  - include_vars: vars.yml
+  - include_vars: cluster_hosts.yml
+
+- name: Update - Populate oo_hosts_to_update group
   hosts: localhost
+  connection: local
+  become: no
   gather_facts: no
-  vars_files:
-  - vars.yml
   tasks:
-  - name: Evaluate oo_hosts_to_update
+  - name: Update - Evaluate oo_hosts_to_update
     add_host:
       name: "{{ item }}"
       groups: oo_hosts_to_update
       ansible_ssh_user: "{{ deployment_vars[deployment_type].ssh_user }}"
-      ansible_sudo: "{{ deployment_vars[deployment_type].sudo }}"
-    with_items: (groups["tag_env-host-type_{{ cluster_id }}-openshift-master"] | default([]))
-                | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-node"] | default([]))
-                | union(groups["tag_env-host-type_{{ cluster_id }}-openshift-etcd"] | default([]))
+      ansible_become: "{{ deployment_vars[deployment_type].become }}"
+    with_items: "{{ g_all_hosts | default([]) }}"
 
 - include: ../../common/openshift-cluster/update_repos_and_packages.yml
 
diff --git a/playbooks/aws/openshift-cluster/vars.defaults.yml b/playbooks/aws/openshift-cluster/vars.defaults.yml
deleted file mode 100644
index ed97d539c..000000000
--- a/playbooks/aws/openshift-cluster/vars.defaults.yml
+++ /dev/null
@@ -1 +0,0 @@
----
diff --git a/playbooks/aws/openshift-cluster/vars.online.int.yml b/playbooks/aws/openshift-cluster/vars.online.int.yml
deleted file mode 100644
index e406a7635..000000000
--- a/playbooks/aws/openshift-cluster/vars.online.int.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-ec2_image: ami-9101c8fa
-ec2_image_name: libra-ops-rhel7*
-ec2_region: us-east-1
-ec2_keypair: mmcgrath_libra
-ec2_instance_type: m3.large
-ec2_security_groups: [ 'int-v3' ]
-ec2_vpc_subnet: subnet-987c0def
-ec2_assign_public_ip: yes
diff --git a/playbooks/aws/openshift-cluster/vars.online.prod.yml b/playbooks/aws/openshift-cluster/vars.online.prod.yml
deleted file mode 100644
index e406a7635..000000000
--- a/playbooks/aws/openshift-cluster/vars.online.prod.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-ec2_image: ami-9101c8fa
-ec2_image_name: libra-ops-rhel7*
-ec2_region: us-east-1
-ec2_keypair: mmcgrath_libra
-ec2_instance_type: m3.large
-ec2_security_groups: [ 'int-v3' ]
-ec2_vpc_subnet: subnet-987c0def
-ec2_assign_public_ip: yes
diff --git a/playbooks/aws/openshift-cluster/vars.online.stage.yml b/playbooks/aws/openshift-cluster/vars.online.stage.yml
deleted file mode 100644
index e406a7635..000000000
--- a/playbooks/aws/openshift-cluster/vars.online.stage.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-ec2_image: ami-9101c8fa
-ec2_image_name: libra-ops-rhel7*
-ec2_region: us-east-1
-ec2_keypair: mmcgrath_libra
-ec2_instance_type: m3.large
-ec2_security_groups: [ 'int-v3' ]
-ec2_vpc_subnet: subnet-987c0def
-ec2_assign_public_ip: yes
diff --git a/playbooks/aws/openshift-cluster/vars.yml b/playbooks/aws/openshift-cluster/vars.yml
index 07e453f89..d774187f0 100644
--- a/playbooks/aws/openshift-cluster/vars.yml
+++ b/playbooks/aws/openshift-cluster/vars.yml
@@ -1,38 +1,33 @@
 ---
+debug_level: 2
+
+deployment_rhel7_ent_base:
+  # rhel-7.1, requires cloud access subscription
+  image: "{{ lookup('oo_option', 'ec2_image') | default('ami-10251c7a', True) }}"
+  image_name: "{{ lookup('oo_option', 'ec2_image_name') | default(None, True) }}"
+  region: "{{ lookup('oo_option', 'ec2_region') | default('us-east-1', True) }}"
+  ssh_user: ec2-user
+  become: yes
+  keypair: "{{ lookup('oo_option', 'ec2_keypair') | default('libra', True) }}"
+  type: "{{ lookup('oo_option', 'ec2_instance_type') | default('m4.large', True) }}"
+  security_groups: "{{ lookup('oo_option', 'ec2_security_groups') | default([ 'public' ], True) }}"
+  vpc_subnet: "{{ lookup('oo_option', 'ec2_vpc_subnet') | default(omit, True) }}"
+  assign_public_ip: "{{ lookup('oo_option', 'ec2_assign_public_ip') | default(omit, True) }}"
+
 deployment_vars:
   origin:
-    # fedora, since centos requires marketplace
-    image: ami-acd999c4
-    image_name:
-    region: us-east-1
-    ssh_user: fedora
-    sudo: yes
-    keypair: libra
-    type: m3.large
-    security_groups: [ 'public' ]
-    vpc_subnet:
-    assign_public_ip:
-  online:
-    # private ami
-    image: ami-7a9e9812
-    image_name: openshift-rhel7_*
-    region: us-east-1
-    ssh_user: root
-    sudo: no
-    keypair: libra
-    type: m3.large
-    security_groups: [ 'public' ]
-    vpc_subnet:
-    assign_public_ip:
-  enterprise:
-    # rhel-7.1, requires cloud access subscription
-    image: ami-10663b78
-    image_name:
-    region: us-east-1
-    ssh_user: ec2-user
-    sudo: yes
-    keypair: libra
-    type: m3.large
-    security_groups: [ 'public' ]
-    vpc_subnet:
-    assign_public_ip:
+    # centos-7, requires marketplace
+    image: "{{ lookup('oo_option', 'ec2_image') | default('ami-6d1c2007', True) }}"
+    image_name: "{{ lookup('oo_option', 'ec2_image_name') | default(None, True) }}"
+    region: "{{ lookup('oo_option', 'ec2_region') | default('us-east-1', True) }}"
+    ssh_user: centos
+    become: yes
+    keypair: "{{ lookup('oo_option', 'ec2_keypair') | default('libra', True) }}"
+    type: "{{ lookup('oo_option', 'ec2_instance_type') | default('m4.large', True) }}"
+    security_groups: "{{ lookup('oo_option', 'ec2_security_groups') | default([ 'public' ], True) }}"
+    vpc_subnet: "{{ lookup('oo_option', 'ec2_vpc_subnet') | default(omit, True) }}"
+    assign_public_ip: "{{ lookup('oo_option', 'ec2_assign_public_ip') | default(omit, True) }}"
+
+  enterprise: "{{ deployment_rhel7_ent_base }}"
+  openshift-enterprise: "{{ deployment_rhel7_ent_base }}"
+  atomic-enterprise: "{{ deployment_rhel7_ent_base }}"