The same issue happened with 3.6.

Version:
openshift-ansible-playbooks-3.6.65.5-stage.git.0.b41534cNone.noarch


+++ This bug was initially created as a clone of Bug #1452012 +++

Description of problem:
According to openshift-ansible commit 9397727e433cbd9bfd865fb5ad773c7b6b4590e8, "certificates" parameter is renamed to "certificate" for openshift_hosted_routers option, while no update for ose.example accordingly. 
# grep -A 10 -B 17 "certificates:" /usr/share/doc/openshift-ansible-docs-3.5.71/docs/example-inventories/hosts.ose.example
# Router sharding support has been added and can be achieved by supplying the correct
# data to the inventory.  The variable to house the data is openshift_hosted_routers
# and is in the form of a list.  If no data is passed then a default router will be
# created.  There are multiple combinations of router sharding.  The one described
# below supports routers on separate nodes.
#openshift_hosted_routers:
#- name: router1
#  stats_port: 1936
#  ports:
#  - 80:80
#  - 443:443
#  replicas: 1
#  namespace: default
#  serviceaccount: router
#  selector: type=router1
#  images: "openshift3/ose-${component}:${version}"
#  edits: []
#  certificates:
#    certfile: /path/to/certificate/abc.crt
#    keyfile: /path/to/certificate/abc.key
#    cafile: /path/to/certificate/ca.crt
#- name: router2
#  stats_port: 1936
#  ports:
#  - 80:80
#  - 443:443
#  replicas: 1
#  namespace: default
#  serviceaccount: router
#  selector: type=router2
#  images: "openshift3/ose-${component}:${version}"
#  certificates:
#    certfile: /path/to/certificate/xyz.crt
#    keyfile: /path/to/certificate/xyz.key
#    cafile: /path/to/certificate/ca.crt
#  edits:
#  # ROUTE_LABELS sets the router to listen for routes
#  # tagged with the provided values
#  - key: spec.template.spec.containers[0].env
#    value:
#      name: ROUTE_LABELS
#      value: "route=external"


If user follow the doc to deploy router sharding with "certificates" parameter, will encounter the following error:
TASK [openshift_hosted : Create OpenShift router] ******************************
Thursday 18 May 2017  02:54:30 +0000 (0:00:03.967)       0:17:02.739 ********** 
fatal: [ec2-52-87-65-11.compute-1.amazonaws.com]: FAILED! => {
    "failed": true
}

MSG:

the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: Unable to look up a name or access an attribute in template string ({{ ('/etc/origin/master/' ~ (item.certificate.cafile | basename)) if 'cafile' in item.certificate else omit }}).
Make sure your variable name does not contain invalid characters like '-': argument of type 'StrictUndefined' is not iterable

The error appears to have been in '/home/slave1/workspace/Launch Environment Flexy/private-openshift-ansible/roles/openshift_hosted/tasks/router/router.yml': line 75, column 3, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:


- name: Create OpenShift router
  ^ here




Version-Release number of selected component (if applicable):
openshift-ansible-3.5.71-1.git.0.128c2db.el7

How reproducible:
Always

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info: