Description of problem:
if there are openshift_docker_additional_registries=XXX and openshift_docker_insecure_registries=XXX in inventory file, and 172.30.0.0/16 was not appended to openshift_docker_insecure_registries. After upgrade,  due to --insecure-registry=172.30.0.0/16 was missing from /etc/sysconfig/docker.  docker will think the inner docker-registry as secuity registry, and docker failed to push images.

The instsallation bug related this issue is https://bugzilla.redhat.com/show_bug.cgi?id=1317755, seem like we also need such similar fix in upgrade ansible playbook.

Version-Release number of selected component (if applicable):
atomic-openshift-utils-3.0.67

How reproducible:
always

Steps to Reproduce:
1. Specify the openshift_docker_additional_registries=XXX and openshift_docker_insecure_registries=XXX before upgrade. but don't set the "172.30.0.0/16" in openshift_docker_insecure_registries
2. ansible-playbook -i config/osecontain /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_1_to_v3_2/upgrade.yml | tee upgrade.log
3. After upgrade,  oc start-build an applications

Actual results:
I0330 05:31:19.080731       1 sti.go:267] Registry server User Name: serviceaccount
I0330 05:31:19.080742       1 sti.go:268] Registry server Email: serviceaccount@example.org
I0330 05:31:19.080754       1 sti.go:273] Registry server Password: <<non-empty>>
F0330 05:31:19.080781       1 builder.go:204] Error: build error: Failed to push image. Response from registry is: unable to ping registry endpoint https://172.30.33.215:5000/v0/
v2 ping attempt failed with error: Get https://172.30.33.215:5000/v2/: tls: oversized record received with length 20527
 v1 ping attempt failed with error: Get https://172.30.33.215:5000/v1/_ping: tls: oversized record received with length 20527


Expected results:


Additional info:
The workround is to add 172.30.0.0/16 in openshift_docker_insecure_registries as following
openshift_docker_insecure_registries=[ XXX , '172.30.0.0/16 ' ]