@@ -181,7 +181,7 @@ readonly -f os::start::internal::configure_master

 function os::start::internal::patch_master_config() {

 	local sudo=${USE_SUDO:+sudo}

 	cp "${SERVER_CONFIG_DIR}/master/master-config.yaml" "${SERVER_CONFIG_DIR}/master/master-config.orig.yaml"

-	openshift ex config patch ${SERVER_CONFIG_DIR}/master/master-config.orig.yaml --patch="{\"etcdConfig\": {\"address\": \"${API_HOST}:${ETCD_PORT}\"}}" | \

+	openshift ex config patch "${SERVER_CONFIG_DIR}/master/master-config.orig.yaml" --patch="{\"etcdConfig\": {\"address\": \"${API_HOST}:${ETCD_PORT}\"}}" | \

 	openshift ex config patch - --patch="{\"etcdConfig\": {\"servingInfo\": {\"bindAddress\": \"${API_HOST}:${ETCD_PORT}\"}}}" | \

 	openshift ex config patch - --type json --patch="[{\"op\": \"replace\", \"path\": \"/etcdClientInfo/urls\", \"value\": [\"${API_SCHEME}://${API_HOST}:${ETCD_PORT}\"]}]" | \

 	openshift ex config patch - --patch="{\"etcdConfig\": {\"peerAddress\": \"${API_HOST}:${ETCD_PEER_PORT}\"}}" | \

@@ -595,3 +595,66 @@ function os::start::internal::print_server_info() {

 	os::log::info "Using images:             ${USE_IMAGES}"

 	os::log::info "MasterIP is:              ${MASTER_ADDR}"

 }

+

+# os::start::router installs the OpenShift router and optionally creates

+# the server cert as well.

+#

+# Globals:

+#  - CREATE_ROUTER_CERT

+#  - MASTER_CONFIG_DIR

+#  - API_HOST

+#  - ADMIN_KUBECONFIG

+#  - USE_IMAGES

+#  - DROP_SYN_DURING_RESTART

+# Arguments:

+#  None

+# Returns:

+#  None

+function os::start::router() {

+	os::log::info "Installing the router"

+	oadm policy add-scc-to-user privileged --serviceaccount='router' --config="${ADMIN_KUBECONFIG}"

+	# Create a TLS certificate for the router

+	if [[ -n "${CREATE_ROUTER_CERT:-}" ]]; then

+		os::log::info "Generating router TLS certificate"

+		oadm ca create-server-cert --hostnames="*.${API_HOST}.xip.io"          \

+		                           --key="${MASTER_CONFIG_DIR}/router.key"     \

+		                           --cert="${MASTER_CONFIG_DIR}/router.crt"    \

+		                           --signer-key="${MASTER_CONFIG_DIR}/ca.key"  \

+		                           --signer-cert="${MASTER_CONFIG_DIR}/ca.crt" \

+		                           --signer-serial="${MASTER_CONFIG_DIR}/ca.serial.txt"

+		cat "${MASTER_CONFIG_DIR}/router.crt" \

+		    "${MASTER_CONFIG_DIR}/router.key" \

+			"${MASTER_CONFIG_DIR}/ca.crt" > "${MASTER_CONFIG_DIR}/router.pem"

+		openshift admin router --config="${ADMIN_KUBECONFIG}" --images="${USE_IMAGES}" --service-account=router --default-cert="${MASTER_CONFIG_DIR}/router.pem"

+	else

+		openshift admin router --config="${ADMIN_KUBECONFIG}" --images="${USE_IMAGES}" --service-account=router

+	fi

+

+	# Set the SYN eater to make router reloads more robust

+	if [[ -n "${DROP_SYN_DURING_RESTART:-}" ]]; then

+		# Rewrite the DC for the router to add the environment variable into the pod definition

+		os::log::info "Changing the router DC to drop SYN packets during a reload"

+		oc set env dc/router -c router DROP_SYN_DURING_RESTART=true

+	fi

+}

+readonly -f os::start::router

+

+# os::start::registry installs the OpenShift integrated registry

+#

+# Globals:

+#  - ADMIN_KUBECONFIG

+#  - USE_IMAGES

+# Arguments:

+#  None

+# Returns:

+#  None

+function os::start::registry() {

+	# The --mount-host option is provided to reuse local storage.

+	os::log::info "Installing the registry"

+	# For testing purposes, ensure the quota objects are always up to date in the registry by

+	# disabling project cache.

+	openshift admin registry --config="${ADMIN_KUBECONFIG}" --images="${USE_IMAGES}" --enforce-quota -o json | \

+		oc env -f - --output json "REGISTRY_MIDDLEWARE_REPOSITORY_OPENSHIFT_PROJECTCACHETTL=0" | \

+		oc create -f -

+}

+readonly -f os::start::registry

\ No newline at end of file

@@ -219,7 +219,7 @@ os::test::junit::declare_suite_end

 export OPENSHIFT_PROFILE="${CLI_PROFILE-}"

 # start up a registry for images tests

-ADMIN_KUBECONFIG="${MASTER_CONFIG_DIR}/admin.kubeconfig" KUBECONFIG="${MASTER_CONFIG_DIR}/admin.kubeconfig" install_registry

+ADMIN_KUBECONFIG="${MASTER_CONFIG_DIR}/admin.kubeconfig" KUBECONFIG="${MASTER_CONFIG_DIR}/admin.kubeconfig" os::start::registry

 #

 # Begin tests

@@ -144,45 +144,6 @@ function cleanup_openshift() {

 }

 readonly -f cleanup_openshift

-# install the router for the extended tests

-function install_router() {

-	os::log::info "Installing the router"

-	oadm policy add-scc-to-user privileged -z router --config="${ADMIN_KUBECONFIG}"

-	# Create a TLS certificate for the router

-	if [[ -n "${CREATE_ROUTER_CERT:-}" ]]; then

-		os::log::info "Generating router TLS certificate"

-		oadm ca create-server-cert --signer-cert=${MASTER_CONFIG_DIR}/ca.crt \

-			--signer-key=${MASTER_CONFIG_DIR}/ca.key \

-			--signer-serial=${MASTER_CONFIG_DIR}/ca.serial.txt \

-			--hostnames="*.${API_HOST}.xip.io" \

-			--cert=${MASTER_CONFIG_DIR}/router.crt --key=${MASTER_CONFIG_DIR}/router.key

-		cat ${MASTER_CONFIG_DIR}/router.crt ${MASTER_CONFIG_DIR}/router.key \

-			${MASTER_CONFIG_DIR}/ca.crt > ${MASTER_CONFIG_DIR}/router.pem

-		ROUTER_DEFAULT_CERT="--default-cert=${MASTER_CONFIG_DIR}/router.pem"

-	fi

-	openshift admin router --config="${ADMIN_KUBECONFIG}" --images="${USE_IMAGES}" --service-account=router ${ROUTER_DEFAULT_CERT-}

-

-	# Set the SYN eater to make router reloads more robust

-	if [[ -n "${DROP_SYN_DURING_RESTART:-}" ]]; then

-		# Rewrite the DC for the router to add the environment variable into the pod definition

-		os::log::info "Changing the router DC to drop SYN packets during a reload"

-		oc set env dc/router -c router DROP_SYN_DURING_RESTART=true

-	fi

-}

-readonly -f install_router

-

-# install registry for the extended tests

-function install_registry() {

-	# The --mount-host option is provided to reuse local storage.

-	os::log::info "Installing the registry"

-	# For testing purposes, ensure the quota objects are always up to date in the registry by

-	# disabling project cache.

-	openshift admin registry --config="${ADMIN_KUBECONFIG}" --images="${USE_IMAGES}" --enforce-quota -o json | \

-		oc env -f - --output json "REGISTRY_MIDDLEWARE_REPOSITORY_OPENSHIFT_PROJECTCACHETTL=0" | \

-		oc create -f -

-}

-readonly -f install_registry

-

 ######

 # end of common functions for extended test group's run.sh scripts

 ######

@@ -98,8 +98,8 @@ Common functions for extended tests are located in `./hack/util.sh`. Environment

 * `os::util::environment::setup_all_server_vars()` setup all required environment variables related to OpenShift server.

 * `os::start::configure_server()` generates all configuration files for OpenShift server.

 * `os::start::server()` starts the OpenShift master and node.

-* `install_router_extended()` installs the OpenShift router service.

-* `install_registry_extended()` installs the OpenShift Docker registry service.

+* `os::start::router()` installs the OpenShift router service.

+* `os::start::registry()` installs the OpenShift Docker registry service.

 * `create_image_streams_extended()` creates ImageStream(s) for all OpenShift images.

 CLI interface

@@ -37,7 +37,7 @@ oc login -u system:admin -n default

 # let everyone be able to see stuff in the default namespace

 oadm policy add-role-to-group view system:authenticated -n default

-install_registry

+os::start::registry

 oc rollout status dc/docker-registry

 docker_registry="$( oc get service/docker-registry -n default -o jsonpath='{.spec.clusterIP}:{.spec.ports[0].port}' )"

@@ -88,7 +88,7 @@ os::start::server

 export KUBECONFIG="${ADMIN_KUBECONFIG}"

-install_registry

+os::start::registry

 os::cmd::expect_success 'oc rollout status dc/docker-registry'

 os::cmd::expect_success 'oc login -u system:admin'

@@ -32,7 +32,7 @@ os::start::server

 export KUBECONFIG="${ADMIN_KUBECONFIG}"

-install_registry

+os::start::registry

 oc rollout status dc/docker-registry

 oc login ${MASTER_ADDR} -u ldap -p password --certificate-authority=${MASTER_CONFIG_DIR}/ca.crt

@@ -118,11 +118,11 @@ function os::test::extended::setup () {

 		export KUBECONFIG="${ADMIN_KUBECONFIG}"

-		install_registry

+		os::start::registry

 		if [[ -z "${SKIP_NODE:-}" ]]; then

 			oc rollout status dc/docker-registry

 		fi

-		DROP_SYN_DURING_RESTART=1 CREATE_ROUTER_CERT=1 install_router

+		DROP_SYN_DURING_RESTART=1 CREATE_ROUTER_CERT=1 os::start::router

 		os::log::info "Creating image streams"

 		oc create -n openshift -f "${OS_ROOT}/examples/image-streams/image-streams-centos7.json" --config="${ADMIN_KUBECONFIG}"