From ec293f371046a99b0f737a59b4a9f3f001af3279 Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Wed, 12 Aug 2015 20:02:05 -0300
Subject: Custom Project Config

---
 roles/openshift_master/tasks/main.yml                         |  2 ++
 roles/openshift_master/templates/master.yaml.v1.j2            | 10 +---------
 roles/openshift_master/templates/v1_partials/projectConfig.j2 |  1 +
 3 files changed, 4 insertions(+), 9 deletions(-)
 create mode 100644 roles/openshift_master/templates/v1_partials/projectConfig.j2

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 151d0662f..5975ae224 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -55,6 +55,8 @@
       sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
       default_subdomain: "{{ osm_default_subdomain | default(None) }}"
       custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
+      project_config: "{{ openshift_master_project_config | default(None) }}"
+
 
 # TODO: These values need to be configurable
 - name: Set dns OpenShift facts
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index c4d319c87..0a8f6c286 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -93,15 +93,7 @@ policyConfig:
   bootstrapPolicyFile: {{ openshift_master_policy }}
   openshiftInfrastructureNamespace: openshift-infra
   openshiftSharedResourcesNamespace: openshift
-{# TODO: Allow users to override projectConfig items #}
-projectConfig:
-  defaultNodeSelector: ""
-  projectRequestMessage: ""
-  projectRequestTemplate: ""
-  securityAllocator:
-    mcsAllocatorRange: s0:/2
-    mcsLabelsPerProject: 5
-    uidAllocatorRange: 1000000000-1999999999/10000
+{% include 'v1_partials/projectConfig.j2' %}
 routingConfig:
   subdomain:  "{{ openshift.master.default_subdomain | default("") }}"
 serviceAccountConfig:
diff --git a/roles/openshift_master/templates/v1_partials/projectConfig.j2 b/roles/openshift_master/templates/v1_partials/projectConfig.j2
new file mode 100644
index 000000000..55170e406
--- /dev/null
+++ b/roles/openshift_master/templates/v1_partials/projectConfig.j2
@@ -0,0 +1 @@
+{{ openshift.master.project_config[0] | to_nice_yaml }}
-- 
cgit v1.2.3


From 0bc39b7f4ad53344d19d0d783fd6eec4d3b424ef Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Wed, 12 Aug 2015 22:53:10 -0300
Subject: Update PR #458 from comments

---
 roles/openshift_facts/library/openshift_facts.py   | 28 ----------------------
 roles/openshift_master/tasks/main.yml              |  7 +++++-
 roles/openshift_master/templates/master.yaml.v1.j2 |  9 ++++++-
 3 files changed, 14 insertions(+), 30 deletions(-)

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 0fde372ed..4e0989c5f 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -349,33 +349,6 @@ def set_identity_providers_if_unset(facts):
 
     return facts
 
-def set_project_config_if_unset(facts):
-    """ Set project_config fact if not already present in facts dict
-
-        Args:
-            facts (dict): existing facts
-        Returns:
-            dict: the facts dict updated with the generated identity providers
-            facts if they were not already present
-    """
-    if 'master' in facts:
-        if 'project_config' not in facts['master']:
-            config = dict(
-                projectConfig=dict(
-                    defaultNodeSelector='',
-                    projectRequestMessage='',
-                    projectRequestTemplate='',
-                        securityAllocator=dict(
-                            mcsAllocatorRange='s0:/2',
-                            mcsLabelsPerProject=5,
-                            uidAllocatorRange='1000000000-1999999999/10000'
-                        )
-                    )
-                )            
-            facts['master']['project_config'] = [config]
-
-    return facts
-
 def set_url_facts_if_unset(facts):
     """ Set url facts if not already present in facts dict
 
@@ -727,7 +700,6 @@ class OpenShiftFacts(object):
         facts['current_config'] = get_current_config(facts)
         facts = set_url_facts_if_unset(facts)
         facts = set_fluentd_facts_if_unset(facts)
-        facts = set_project_config_if_unset(facts)
         facts = set_identity_providers_if_unset(facts)
         facts = set_registry_url_if_unset(facts)
         facts = set_sdn_facts_if_unset(facts)
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 5975ae224..019856f19 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -55,7 +55,12 @@
       sdn_host_subnet_length: "{{ osm_host_subnet_length | default(None) }}"
       default_subdomain: "{{ osm_default_subdomain | default(None) }}"
       custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}"
-      project_config: "{{ openshift_master_project_config | default(None) }}"
+      default_node_selector: "{{ osm_default_node_selector | default(None) }}"
+      project_request_message: "{{ osm_project_request_message | default(None) }}"
+      project_request_template: "{{ osm_project_request_template | default(None) }}"
+      mcs_allocator_range: "{{ osm_mcs_allocator_range | default(None) }}"
+      mcs_labels_per_project: "{{ osm_mcs_labels_per_project | default(None) }}"
+      uid_allocator_range: "{{ osm_uid_allocator_range | default(None) }}"
 
 
 # TODO: These values need to be configurable
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 0a8f6c286..20dfe155a 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -93,7 +93,14 @@ policyConfig:
   bootstrapPolicyFile: {{ openshift_master_policy }}
   openshiftInfrastructureNamespace: openshift-infra
   openshiftSharedResourcesNamespace: openshift
-{% include 'v1_partials/projectConfig.j2' %}
+projectConfig:
+  defaultNodeSelector: "{{ openshift.master.default_node_selector | default("") }}"
+  projectRequestMessage: "{{ openshift.master.project_request_message | default("") }}"
+  projectRequestTemplate: "{{ openshift.master.project_request_template | default("") }}"
+  securityAllocator:
+    mcsAllocatorRange: "{{ openshift.master.project_request_template | default("s0:/2") }}"
+    mcsLabelsPerProject: "{{ openshift.master.mcs_labels_per_project | default("5") }}"
+    uidAllocatorRange: "{{ openshift.master.uid_allocator_range | default("1000000000-1999999999/10000") }}"
 routingConfig:
   subdomain:  "{{ openshift.master.default_subdomain | default("") }}"
 serviceAccountConfig:
-- 
cgit v1.2.3


From 7f740ff24b807f9f88209785a027056bfa146e2e Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Mon, 17 Aug 2015 11:59:07 -0300
Subject: Cleanup

---
 inventory/byo/hosts.example                                   | 1 -
 roles/openshift_master/templates/v1_partials/projectConfig.j2 | 1 -
 2 files changed, 2 deletions(-)
 delete mode 100644 roles/openshift_master/templates/v1_partials/projectConfig.j2

(limited to 'roles/openshift_master')

diff --git a/inventory/byo/hosts.example b/inventory/byo/hosts.example
index b7ad231d7..bc1b10768 100644
--- a/inventory/byo/hosts.example
+++ b/inventory/byo/hosts.example
@@ -39,7 +39,6 @@ openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true',
 #openshift_master_identity_providers=[{'name': 'allow_all', 'login': 'true', 'challenge': 'true', 'kind': 'AllowAllPasswordIdentityProvider'}]
 
 # Project Configuration
-#osm_default_node_selector=''
 #osm_project_request_message=''
 #osm_project_request_template=''
 #osm_mcs_allocator_range='s0:/2'
diff --git a/roles/openshift_master/templates/v1_partials/projectConfig.j2 b/roles/openshift_master/templates/v1_partials/projectConfig.j2
deleted file mode 100644
index 55170e406..000000000
--- a/roles/openshift_master/templates/v1_partials/projectConfig.j2
+++ /dev/null
@@ -1 +0,0 @@
-{{ openshift.master.project_config[0] | to_nice_yaml }}
-- 
cgit v1.2.3


From 8468d25fae71c80277c10ad975641cb1ba230fd8 Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Mon, 17 Aug 2015 17:38:23 -0300
Subject: Get default values from openshift_facts

---
 roles/openshift_facts/library/openshift_facts.py   | 28 ++++++++++++++++++++++
 roles/openshift_master/templates/master.yaml.v1.j2 | 12 +++++-----
 2 files changed, 34 insertions(+), 6 deletions(-)

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 4e0989c5f..97a839e8e 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -323,6 +323,33 @@ def set_fluentd_facts_if_unset(facts):
             facts['common']['use_fluentd'] = use_fluentd
     return facts
 
+def set_project_config_facts_if_unset(facts):
+    """ Set Project Configuration facts if not already present in facts dict
+            dict:
+        Args:
+            facts (dict): existing facts
+        Returns:
+            dict: the facts dict updated with the generated Project Configuration
+            facts if they were not already present
+
+    """
+
+    config={
+        'default_node_selector': '',
+        'project_request_message': '',
+        'project_request_template': '',
+        'mcs_allocator_range': 's0:/2',
+        'mcs_labels_per_project': 5,
+        'uid_allocator_range': '1000000000-1999999999/10000'
+    }
+
+    if 'master' in facts:
+        for key,value in config.items():
+            if key not in facts['master']:
+                facts['master'][key] = value
+
+    return facts
+
 def set_identity_providers_if_unset(facts):
     """ Set identity_providers fact if not already present in facts dict
 
@@ -699,6 +726,7 @@ class OpenShiftFacts(object):
         facts = merge_facts(facts, local_facts)
         facts['current_config'] = get_current_config(facts)
         facts = set_url_facts_if_unset(facts)
+        facts = set_project_config_facts_if_unset(facts)
         facts = set_fluentd_facts_if_unset(facts)
         facts = set_identity_providers_if_unset(facts)
         facts = set_registry_url_if_unset(facts)
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index b738084c0..7a8ab5c00 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -100,13 +100,13 @@ policyConfig:
   openshiftInfrastructureNamespace: openshift-infra
   openshiftSharedResourcesNamespace: openshift
 projectConfig:
-  defaultNodeSelector: "{{ openshift.master.default_node_selector | default("") }}"
-  projectRequestMessage: "{{ openshift.master.project_request_message | default("") }}"
-  projectRequestTemplate: "{{ openshift.master.project_request_template | default("") }}"
+  defaultNodeSelector: {{ openshift.master.default_node_selector }}
+  projectRequestMessage: {{ openshift.master.project_request_message }}
+  projectRequestTemplate: {{ openshift.master.project_request_template }}
   securityAllocator:
-    mcsAllocatorRange: "{{ openshift.master.project_request_template | default("s0:/2") }}"
-    mcsLabelsPerProject: "{{ openshift.master.mcs_labels_per_project | default("5") }}"
-    uidAllocatorRange: "{{ openshift.master.uid_allocator_range | default("1000000000-1999999999/10000") }}"
+    mcsAllocatorRange: {{ openshift.master.mcs_allocator_range }}
+    mcsLabelsPerProject: {{ openshift.master.mcs_labels_per_project }}
+    uidAllocatorRange: {{ openshift.master.uid_allocator_range  }}
 routingConfig:
   subdomain:  "{{ openshift.master.default_subdomain | default("") }}"
 serviceAccountConfig:
-- 
cgit v1.2.3


From 7f5c403e144e6ef4d39bf7b11adb4c4a8976521c Mon Sep 17 00:00:00 2001
From: Andrew Butcher <abutcher@redhat.com>
Date: Wed, 21 Oct 2015 16:17:39 -0400
Subject: Add proxy client certs to master config.

---
 playbooks/adhoc/upgrades/upgrade.yml               | 10 ++++++++++
 playbooks/common/openshift-master/config.yml       |  2 ++
 roles/openshift_master/templates/master.yaml.v1.j2 |  3 +++
 roles/openshift_master_ca/tasks/main.yml           |  3 +--
 4 files changed, 16 insertions(+), 2 deletions(-)

(limited to 'roles/openshift_master')

diff --git a/playbooks/adhoc/upgrades/upgrade.yml b/playbooks/adhoc/upgrades/upgrade.yml
index 56a1df860..ae1d0127c 100644
--- a/playbooks/adhoc/upgrades/upgrade.yml
+++ b/playbooks/adhoc/upgrades/upgrade.yml
@@ -1,4 +1,14 @@
 ---
+- name: Upgrade base package on masters
+  hosts: masters
+  roles:
+  - openshift_facts
+  vars:
+    openshift_version: "{{ openshift_pkg_version | default('') }}"
+  tasks:
+    - name: Upgrade base package
+      yum: pkg={{ openshift.common.service_type }}{{ openshift_version  }} state=latest
+
 - name: Re-Run cluster configuration to apply latest configuration changes
   include: ../../common/openshift-cluster/config.yml
   vars:
diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml
index 0a3fe90e1..ecea608b2 100644
--- a/playbooks/common/openshift-master/config.yml
+++ b/playbooks/common/openshift-master/config.yml
@@ -137,6 +137,7 @@
       openshift_master_certs_no_etcd:
       - admin.crt
       - master.kubelet-client.crt
+      - master.proxy-client.crt
       - master.server.crt
       - openshift-master.crt
       - openshift-registry.crt
@@ -144,6 +145,7 @@
       - etcd.server.crt
       openshift_master_certs_etcd:
       - master.etcd-client.crt
+
   - set_fact:
       openshift_master_certs: "{{ (openshift_master_certs_no_etcd | union(openshift_master_certs_etcd)) if (groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config) else openshift_master_certs_no_etcd }}"
 
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 6e45eaad7..72fdcf88d 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -74,6 +74,9 @@ kubernetesMasterConfig:
   masterCount: 1
   masterIP: ""
   podEvictionTimeout: ""
+  proxyClientInfo:
+    certFile: master.proxy-client.crt
+    keyFile: master.proxy-client.key
   schedulerConfigFile: {{ openshift_master_scheduler_conf }}
   servicesNodePortRange: ""
   servicesSubnet: {{ openshift.master.portal_net }}
diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml
index 5c9639ea5..cfd1ceabf 100644
--- a/roles/openshift_master_ca/tasks/main.yml
+++ b/roles/openshift_master_ca/tasks/main.yml
@@ -18,5 +18,4 @@
       --master={{ openshift.master.api_url }}
       --public-master={{ openshift.master.public_api_url }}
       --cert-dir={{ openshift_master_config_dir }} --overwrite=false
-  args:
-    creates: "{{ openshift_master_config_dir }}/master.server.key"
+  when: master_certs_missing
-- 
cgit v1.2.3


From 2f55e2d69f8c9e28ccf73065ddc9db62a2aa4ad9 Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Fri, 23 Oct 2015 21:23:55 -0300
Subject: Add missing quotes

---
 roles/openshift_master/templates/master.yaml.v1.j2 | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index d66f9e15d..011b43df6 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -98,13 +98,13 @@ policyConfig:
   openshiftInfrastructureNamespace: openshift-infra
   openshiftSharedResourcesNamespace: openshift
 projectConfig:
-  defaultNodeSelector: {{ openshift.master.default_node_selector }}
-  projectRequestMessage: {{ openshift.master.project_request_message }}
-  projectRequestTemplate: {{ openshift.master.project_request_template }}
+  defaultNodeSelector: "{{ openshift.master.default_node_selector }}"
+  projectRequestMessage: "{{ openshift.master.project_request_message }}"
+  projectRequestTemplate: "{{ openshift.master.project_request_template }}"
   securityAllocator:
-    mcsAllocatorRange: {{ openshift.master.mcs_allocator_range }}
-    mcsLabelsPerProject: {{ openshift.master.mcs_labels_per_project }}
-    uidAllocatorRange: {{ openshift.master.uid_allocator_range  }}
+    mcsAllocatorRange: "{{ openshift.master.mcs_allocator_range }}"
+    mcsLabelsPerProject: "{{ openshift.master.mcs_labels_per_project }}"
+    uidAllocatorRange: "{{ openshift.master.uid_allocator_range  }}"
 routingConfig:
   subdomain:  "{{ openshift.master.default_subdomain | default("") }}"
 serviceAccountConfig:
-- 
cgit v1.2.3


From e87883d2be647edbcd564cefbf09a40120f1832d Mon Sep 17 00:00:00 2001
From: Diego Castro <spinolacastro@gmail.com>
Date: Mon, 26 Oct 2015 16:19:53 -0300
Subject: Fix quotes

---
 roles/openshift_master/templates/master.yaml.v1.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 011b43df6..90234bacc 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -103,7 +103,7 @@ projectConfig:
   projectRequestTemplate: "{{ openshift.master.project_request_template }}"
   securityAllocator:
     mcsAllocatorRange: "{{ openshift.master.mcs_allocator_range }}"
-    mcsLabelsPerProject: "{{ openshift.master.mcs_labels_per_project }}"
+    mcsLabelsPerProject: {{ openshift.master.mcs_labels_per_project }}
     uidAllocatorRange: "{{ openshift.master.uid_allocator_range  }}"
 routingConfig:
   subdomain:  "{{ openshift.master.default_subdomain | default("") }}"
-- 
cgit v1.2.3


From ed2cd2e10223e7d44fa8fa8dd59b37e8c13f0fab Mon Sep 17 00:00:00 2001
From: Brenton Leanhardt <bleanhar@redhat.com>
Date: Thu, 29 Oct 2015 13:29:19 -0400
Subject: Conditionalizing the support for the v1beta3 api

v1beta3 is only supported on OSE 3.0.  For 3.0 the deployment_type was
"enterprise"
---
 roles/openshift_master/templates/master.yaml.v1.j2 | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 3e4f78b17..527c5231a 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -1,5 +1,7 @@
 apiLevels:
+{% if openshift.common.deployment_type == "enterprise" %}
 - v1beta3
+{% endif %}
 - v1
 apiVersion: v1
 assetConfig:
@@ -66,7 +68,9 @@ kubeletClientInfo:
 {% if openshift.master.embedded_kube | bool %}
 kubernetesMasterConfig:
   apiLevels:
+{% if openshift.common.deployment_type == "enterprise" %}
   - v1beta3
+{% endif %}
   - v1
   apiServerArguments: {{ api_server_args if api_server_args is defined else 'null' }}
   controllerArguments: {{ controller_args if controller_args is defined else 'null' }}
-- 
cgit v1.2.3


From a9143d5d0e7245e12e0597fa5105fdcbb85e0846 Mon Sep 17 00:00:00 2001
From: Jason DeTiberus <jdetiber@redhat.com>
Date: Thu, 29 Oct 2015 23:42:31 -0400
Subject: Disable OpenShift features if installing Atomic Enterprise

---
 roles/openshift_facts/library/openshift_facts.py   | 16 ++++++++++++++--
 roles/openshift_master/tasks/main.yml              |  1 +
 roles/openshift_master/templates/master.yaml.v1.j2 |  3 +++
 3 files changed, 18 insertions(+), 2 deletions(-)

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py
index 795f38341..748cc59cf 100755
--- a/roles/openshift_facts/library/openshift_facts.py
+++ b/roles/openshift_facts/library/openshift_facts.py
@@ -508,8 +508,9 @@ def set_deployment_facts_if_unset(facts):
             dict: the facts dict updated with the generated deployment_type
             facts
     """
-    # Perhaps re-factor this as a map?
-    # pylint: disable=too-many-branches
+    # disabled to avoid breaking up facts related to deployment type into
+    # multiple methods for now.
+    # pylint: disable=too-many-statements, too-many-branches
     if 'common' in facts:
         deployment_type = facts['common']['deployment_type']
         if 'service_type' not in facts['common']:
@@ -550,6 +551,17 @@ def set_deployment_facts_if_unset(facts):
                     registry_url = 'aep3/aep-${component}:${version}'
                 facts[role]['registry_url'] = registry_url
 
+    if 'master' in facts:
+        deployment_type = facts['common']['deployment_type']
+        openshift_features = ['Builder', 'S2IBuilder', 'WebConsole']
+        if 'disabled_features' in facts['master']:
+            if deployment_type == 'atomic-enterprise':
+                curr_disabled_features = set(facts['master']['disabled_features'])
+                facts['master']['disabled_features'] = list(curr_disabled_features.union(openshift_features))
+        else:
+            if deployment_type == 'atomic-enterprise':
+                facts['master']['disabled_features'] = openshift_features
+
     if 'node' in facts:
         deployment_type = facts['common']['deployment_type']
         if 'storage_plugin_deps' not in facts['node']:
diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml
index 94eb73346..3a886935f 100644
--- a/roles/openshift_master/tasks/main.yml
+++ b/roles/openshift_master/tasks/main.yml
@@ -62,6 +62,7 @@
       api_server_args: "{{ osm_api_server_args | default(None) }}"
       controller_args: "{{ osm_controller_args | default(None) }}"
       infra_nodes: "{{ num_infra | default(None) }}"
+      disabled_features: "{{ osm_disabled_features | default(None) }}"
 
 - name: Install Master package
   yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version  }} state=present
diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2
index 527c5231a..73a0bc6cc 100644
--- a/roles/openshift_master/templates/master.yaml.v1.j2
+++ b/roles/openshift_master/templates/master.yaml.v1.j2
@@ -22,6 +22,9 @@ corsAllowedOrigins:
 {% for custom_origin in openshift.master.custom_cors_origins | default("") %}
   - {{ custom_origin }}
 {% endfor %}
+{% if 'disabled_features' in openshift.master %}
+disabledFeatures: {{ openshift.master.disabled_features | to_json }}
+{% endif %}
 {% if openshift.master.embedded_dns | bool %}
 dnsConfig:
   bindAddress: {{ openshift.master.bind_addr }}:{{ openshift.master.dns_port }}
-- 
cgit v1.2.3