[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: OpenShift Origin Active Directory Authentication



Tried again. Made changes from cn=users to ou=users

 

oauthConfig:

  assetPublicURL: https://master.domain.local:8443/console/

  grantConfig:

    method: auto

  identityProviders:

  - name: Active_Directory

    challenge: true

    login: true

      mappingMethod: claim

    provider:

      apiVersion: v1

      kind: LDAPPasswordIdentityProvider

      attributes:

        id:

        - dn

        email:

        - mail

        name:

        - cn

        preferredUsername:

        - uid

      bindDN: "cn=openshift,ou=users,dc=cswp,dc=local"

      bindPassword: "password"

      insecure: true

      url: ldap://dc.domain.local:389/ou=users,dc=cswp,dc=local?uid

  assetPublicURL: https://master.domain.local:8443/console/

  masterPublicURL: https://master.domain.local:8443

  masterURL: https://master.domain.local:8443

 

Same result.

 

systemctl restart origin-master

Job for origin-master.service failed because the control process exited with err                                                                             or code. See "systemctl status origin-master.service" and "journalctl -xe" for d                                                                             etails.

 

Results from “systemctl status origin-master.service:

 

   Loaded: loaded (/etc/systemd/system/origin-master.service; enabled; vendor preset: disabled)

   Active: activating (auto-restart) (Result: exit-code) since Wed 2017-07-12 10:16:02 EDT; 2s ago

     Docs: https://github.com/openshift/origin

  Process: 41762 ExecStart=/usr/bin/openshift start master --config=${CONFIG_FILE} $OPTIONS (code=exited, status=255)

Main PID: 41762 (code=exited, status=255)

Jul 12 10:16:02 master.domain.local systemd[1]: origin-master.service: main process exited, code=exited, status=255/n/a

Jul 12 10:16:02 master.domain.local systemd[1]: Failed to start Origin Master Service.

Jul 12 10:16:02 master.domain.local systemd[1]: Unit origin-master.service entered failed state.

Jul 12 10:16:02 master.domain.local systemd[1]: origin-master.service failed.

Results from journalctl –xe:

 

Jul 12 10:17:02 master.domain.local systemd[1]: Failed to start Origin Master Service.

-- Subject: Unit origin-master.service has failed

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

--

-- Unit origin-master.service has failed.

--

-- The result is failed.

Jul 12 10:17:02 master.domain.local systemd[1]: Unit origin-master.service entered failed state.

Jul 12 10:17:02 master.domain.local systemd[1]: origin-master.service failed.

Jul 12 10:17:03 master.domain.local origin-node[14773]: E0712 10:17:03.459671   14773 reflector.go:188] pkg/kubelet/config/apiserver.go:44: Failed to

Jul 12 10:17:03 master.domain.local origin-node[14773]: E0712 10:17:03.459675   14773 reflector.go:188] github.com/openshift/origin/pkg/cmd/server/kub

Jul 12 10:17:03 master.domain.local origin-node[14773]: E0712 10:17:03.462990   14773 reflector.go:188] github.com/openshift/origin/pkg/sdn/plugin/com

Jul 12 10:17:03 master.domain.local origin-node[14773]: E0712 10:17:03.465266   14773 reflector.go:188] github.com/openshift/origin/pkg/cmd/server/kub

Jul 12 10:17:03 master.domain.local origin-node[14773]: E0712 10:17:03.465367   14773 reflector.go:188] pkg/kubelet/kubelet.go:386: Failed to list *ap

Jul 12 10:17:03 master.domain.local origin-node[14773]: E0712 10:17:03.467387   14773 reflector.go:188] github.com/openshift/origin/pkg/sdn/plugin/com

Jul 12 10:17:03 master.domain.local origin-node[14773]: E0712 10:17:03.467413   14773 reflector.go:188] pkg/kubelet/kubelet.go:378: Failed to list *ap

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.043488   14773 kubelet_node_status.go:323] Error updating node status, will ret

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.045247   14773 kubelet_node_status.go:323] Error updating node status, will ret

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.046899   14773 kubelet_node_status.go:323] Error updating node status, will ret

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.048586   14773 kubelet_node_status.go:323] Error updating node status, will ret

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.050320   14773 kubelet_node_status.go:323] Error updating node status, will ret

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.050347   14773 kubelet_node_status.go:315] Unable to update node status: update

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.461624   14773 reflector.go:188] github.com/openshift/origin/pkg/cmd/server/kub

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.461642   14773 reflector.go:188] pkg/kubelet/config/apiserver.go:44: Failed to

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.464708   14773 reflector.go:188] github.com/openshift/origin/pkg/sdn/plugin/com

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.467208   14773 reflector.go:188] pkg/kubelet/kubelet.go:386: Failed to list *ap

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.467307   14773 reflector.go:188] github.com/openshift/origin/pkg/cmd/server/kub

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.469897   14773 reflector.go:188] pkg/kubelet/kubelet.go:378: Failed to list *ap

Jul 12 10:17:04 master.domain.local origin-node[14773]: E0712 10:17:04.470005   14773 reflector.go:188] github.com/openshift/origin/pkg/sdn/plugin/com

Jul 12 10:17:05 master.domain.local origin-node[14773]: I0712 10:17:05.285778   14773 conversion.go:134] failed to handle multiple devices for contain

Jul 12 10:17:05 master.domain.local origin-node[14773]: I0712 10:17:05.285815   14773 conversion.go:134] failed to handle multiple devices for contain

Jul 12 10:17:05 master.domain.local origin-node[14773]: E0712 10:17:05.464870   14773 reflector.go:188] github.com/openshift/origin/pkg/cmd/server/kub

Jul 12 10:17:05 master.domain.local origin-node[14773]: E0712 10:17:05.465001   14773 reflector.go:188] pkg/kubelet/config/apiserver.go:44: Failed to

Jul 12 10:17:05 master.domain.local origin-node[14773]: E0712 10:17:05.467033   14773 reflector.go:188] github.com/openshift/origin/pkg/sdn/plugin/com

Jul 12 10:17:05 master.domain.local origin-node[14773]: E0712 10:17:05.469282   14773 reflector.go:188] github.com/openshift/origin/pkg/cmd/server/kub

Jul 12 10:17:05 master.domain.local origin-node[14773]: E0712 10:17:05.469888   14773 reflector.go:188] pkg/kubelet/kubelet.go:386: Failed to list *ap

Jul 12 10:17:05 master.domain.local origin-node[14773]: E0712 10:17:05.471984   14773 reflector.go:188] pkg/kubelet/kubelet.go:378: Failed to list *ap

Jul 12 10:17:05 master.domain.local origin-node[14773]: E0712 10:17:05.472081   14773 reflector.go:188] github.com/openshift/origin/pkg/sdn/plugin/com

Jul 12 10:17:06 master.domain.local origin-node[14773]: E0712 10:17:06.467151   14773 reflector.go:188] pkg/kubelet/config/apiserver.go:44: Failed to

Jul 12 10:17:06 master.domain.local origin-node[14773]: E0712 10:17:06.467177   14773 reflector.go:188] github.com/openshift/origin/pkg/cmd/server/kub

Jul 12 10:17:06 master.domain.local origin-node[14773]: E0712 10:17:06.468688   14773 reflector.go:188] github.com/openshift/origin/pkg/sdn/plugin/com

Jul 12 10:17:06 master.domain.local origin-node[14773]: E0712 10:17:06.470937   14773 reflector.go:188] github.com/openshift/origin/pkg/cmd/server/kub

Jul 12 10:17:06 master.domain.local origin-node[14773]: E0712 10:17:06.472454   14773 reflector.go:188] pkg/kubelet/kubelet.go:386: Failed to list *ap

Jul 12 10:17:06 master.domain.local origin-node[14773]: E0712 10:17:06.473711   14773 reflector.go:188] pkg/kubelet/kubelet.go:378: Failed to list *ap

Jul 12 10:17:06 master.domain.local origin-node[14773]: E0712 10:17:06.473723   14773 reflector.go:188] github.com/openshift/origin/pkg/sdn/plugin/com

 

 

Mark Werner | Senior Systems Engineer | Cloud & Infrastructure Services

Unisys | Mobile Phone 586.214.9017 | mark werner unisys com

11720 Plaza America Drive, Reston, VA 20190

 

unisys_logo

 

THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all devices.

Grey_LI  Grey_TW Grey_GPGrey_YTGrey_FBGrey_VimeoGrey_UB

 

From: Jon Stanley [mailto:jonstanley gmail com]
Sent: Wednesday, July 12, 2017 10:08 AM
To: Werner, Mark <Mark Werner unisys com>
Cc: users lists openshift redhat com
Subject: Re: OpenShift Origin Active Directory Authentication

 

 

      bindDN: "cn=openshift,cn=users,dc=domain,dc=local"

      bindPassword: "password"

      insecure: true

      url: ldap://dc.domain.local:389/cn=users,dc=domain,dc=local?uid

 

 

 

In addition to Clayton's question of the exact messages, this configuration looks bad - I'm not sure if it's a problem in your redaction of the configuration, or if it's real - 'cn=openshift,cn=users,dc=domain,dc=local' has 2 CN's in it -  should be 'cn=openshift,ou=users,dc=domain,dc=local' 

Attachment: smime.p7s
Description: S/MIME cryptographic signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]