Update openssl.conf to count better and work with Jinja 2.9

roles/etcd/templates/openssl.conf.j2

@@ -1,4 +1,4 @@
-[req]
+{% set counter = {'dns': 2,'ip': 1,} %}{% macro increment(dct, key, inc=1)%}{% if dct.update({key: dct[key] + inc}) %} {% endif %}{% endmacro %}[req]
 req_extensions = v3_req
 distinguished_name = req_distinguished_name
 
@@ -25,19 +25,18 @@ authorityKeyIdentifier=keyid:always,issuer
 [alt_names]
 DNS.1 = localhost
 {% for host in groups['etcd'] %}
-DNS.{{ 1 + loop.index }} = {{ host }}
+DNS.{{ counter["dns"] }} = {{ host }}{{ increment(counter, 'dns') }}
 {% endfor %}
-{% if loadbalancer_apiserver is defined %}
-{% set idx =  groups['etcd'] | length | int + 2 %}
-DNS.{{ idx | string }} = {{ apiserver_loadbalancer_domain_name }}
+{% if apiserver_loadbalancer_domain_name is defined %}
+DNS.{{ counter["dns"] }} = {{ apiserver_loadbalancer_domain_name }}{{ increment(counter, 'dns') }}
 {% endif %}
-{% set idx =  groups['etcd'] | length | int + 3 %}
 {% for etcd_alt_name in etcd_cert_alt_names %}
-DNS.{{ idx + 1 + loop.index }} = {{ etcd_alt_name }}
+DNS.{{ counter["dns"] }} = {{ etcd_alt_name }}{{ increment(counter, 'dns') }}
 {% endfor %}
 {% for host in groups['etcd'] %}
-IP.{{ 2 * loop.index - 1 }} = {{ hostvars[host]['access_ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}
-IP.{{ 2 * loop.index }} = {{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}
+{% if hostvars[host]['access_ip'] is defined  %}
+IP.{{ counter["ip"] }} = {{ hostvars[host]['access_ip'] }}{{ increment(counter, 'ip') }}
+{% endif %}
+IP.{{ counter["ip"] }} = {{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}{{ increment(counter, 'ip') }}
 {% endfor %}
-{% set idx =  groups['etcd'] | length | int * 2 + 1 %}
-IP.{{ idx }} = 127.0.0.1
+IP.{{ counter["ip"] }} = 127.0.0.1