Addressing servicecatalog doesnt have enough permissions and multimaster config for service-catalog

playbooks/common/openshift-cluster/service_catalog.yml

@@ -6,3 +6,11 @@
   roles:
   - openshift_service_catalog
   - ansible_service_broker
+
+- name: Update Master configs
+  hosts: oo_masters:!oo_first_master
+  tasks:
+  - block:
+    - include_role:
+        name: openshift_service_catalog
+        tasks_from: wire_aggregator

roles/ansible_service_broker/tasks/install.yml

@@ -48,13 +48,13 @@
     namespace: openshift-ansible-service-broker
     state: present
     labels:
-      app: ansible-service-broker
+      app: openshift-ansible-service-broker
       service: asb
     ports:
       - name: port-1338
         port: 1338
     selector:
-      app: ansible-service-broker
+      app: openshift-ansible-service-broker
       service: asb
 
 - name: create etcd service
@@ -66,7 +66,7 @@
       - name: etcd-advertise
         port: 2379
     selector:
-      app: ansible-service-broker
+      app: openshift-ansible-service-broker
       service: etcd
 
 - name: create route for ansible-service-broker service
@@ -118,12 +118,12 @@
           name: etcd
           namespace: openshift-ansible-service-broker
           labels:
-            app: ansible-service-broker
+            app: openshift-ansible-service-broker
             service: etcd
         spec:
           selector:
             matchLabels:
-              app: ansible-service-broker
+              app: openshift-ansible-service-broker
               service: etcd
           strategy:
             type: RollingUpdate
@@ -134,7 +134,7 @@
           template:
             metadata:
               labels:
-                app: ansible-service-broker
+                app: openshift-ansible-service-broker
                 service: etcd
             spec:
               restartPolicy: Always
@@ -266,4 +266,4 @@
         metadata:
           name: ansible-service-broker
         spec:
-          url: http://{{ ansible_service_broker_route }}
+          url: http://asb.openshift-ansible-service-broker.svc:1338

roles/openshift_service_catalog/files/kubeservicecatalog_roles_bindings.yml

@@ -115,6 +115,22 @@ objects:
     - bindings/status
     verbs:
     - update
+  - apiGroups:
+    - servicecatalog.k8s.io
+    resources:
+    - brokers
+    - instances
+    - bindings
+    verbs:
+    - list
+    - watch
+  - apiGroups:
+    - ""
+    resources:
+    - events
+    verbs:
+    - patch
+    - create
 
 - kind: ClusterRoleBinding
   apiVersion: v1

roles/openshift_service_catalog/templates/controller_manager.j2

@@ -17,6 +17,7 @@ spec:
       labels:
         app: controller-manager
     spec:
+      serviceAccountName: service-catalog-controller
       nodeSelector:
 {% for key, value in node_selector.iteritems() %}
         {{key}}: "{{value}}"