[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

proper format for openshift_master_identity_providers in Ansible inventory?

I am using the advanced installation method for Origin using the 3.0.84-1 release of the openshift-ansible repo. I am trying to set up my identity providers so the cluster will accept LDAP- and htpasswd-based access using an openshift_master_identity_providers setting in my ansible inventory like this:

openshift_master_identity_providers=[{ "name": "ldap_provider", "login" : true, "challenge" : true, "kind" : "LDAPPasswordIdentityProvider", "ldap_server" : "ldap.example.com", "ldap_bind_dn" : "", "ldap_bind_password" : "", "ldap_insecure" : true, "ldap_base_ou" : "ou=People,dc=example,dc=com", "ldap_preferred_username" : "uid" }, {'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]

I've posted this expanded out and easier to read at http://paste.fedoraproject.org/360411/61788028/

This setting always fails with this error:

TASK: [openshift_master | Install httpd-tools if needed] **********************
fatal: [master01.kubtst1.tst.lan.returnpath.net] => with_items expects a list or a set
FATAL: all hosts have already failed -- aborting

I've added a debug statement right before this to print the "openshift.master.identity_providers" variable that ansible is trying to iterate over in this task and it basically looks like a string, not a list:

TASK: [openshift_master | debug var=openshift.master.identity_providers] ******
ok: [master01.kubtst1.tst.lan.returnpath.net] => {
    "var": {
        "openshift.master.identity_providers": "[{ \"name\": \"ldap_provider\", \"login\" : true, \"challenge\" : true, \"kind\" : \"LDAPPasswordIdentityProvider\", \"ldap_server\" : \"ldap.example.com\", \"ldap_bind_dn\" : \"\", \"ldap_bind_password\" : \"\", \"ldap_insecure\" : true, \"ldap_base_ou\" : \"ou=People,dc=example,dc=com\", \"ldap_preferred_username\" : \"uid\" }, {'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]"

Is this an ansible bug or am I formatting this argument incorrectly? I based the format on the example here: https://docs.openshift.org/latest/install_config/install/advanced_install.html#configuring-cluster-variables

Thanks for any insight,

Robert Wehner

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]