Bug 1415767 - Openshift ansible playbook fails for htpasswd auth
Summary: Openshift ansible playbook fails for htpasswd auth
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.5.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: ---
Assignee: Andrew Butcher
QA Contact: Wenkai Shi
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-01-23 17:00 UTC by Vikas Laad
Modified: 2017-07-24 14:11 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
undefined
Clone Of:
Environment:
Last Closed: 2017-04-11 21:28:01 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:0903 0 normal SHIPPED_LIVE OpenShift Container Platform atomic-openshift-utils bug fix and enhancement 2017-04-12 22:45:42 UTC

Description Vikas Laad 2017-01-23 17:00:05 UTC
Description of problem:
When trying to run Openshift Ansible playbook with htpasswd auth type ansible run is failing with following error

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: RepresenterError: cannot represent an object: htpasswd_auth
fatal: [ec2-54-186-113-214.us-west-2.compute.amazonaws.com]: FAILED! => {
    "failed": true
}

MSG:

Unexpected failure during module execution.

Version-Release number of selected component (if applicable):
Latest Openshift Ansible

How reproducible:
openshift_auth_type=htpasswd
openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 'filename': '/etc/origin/master/htpasswd'}]

Steps to Reproduce:
1. Run the second openshift ansible playbook with attached inv file
2. ansible-playbook -i host.deploy openshift-ansible/playbooks/byo/config.yml
3. See the error

Actual results:
Ansible run errors out

Expected results:
Run should complete without error.

Additional info:

Comment 2 Scott Dodson 2017-01-23 21:54:29 UTC
This only happens with Ansible 2.2.1.0 or 2.1.4.0 which aren't included in the OSE repos. The workaround for now is to downgrade to 2.2.0.0.

Comment 4 Scott Dodson 2017-02-02 15:15:24 UTC
Need to backport https://github.com/openshift/openshift-ansible/pull/3156 to 3.4, 3.3, 3.2

Comment 5 Scott Dodson 2017-02-02 21:04:01 UTC
Fix requires ansible-2.2.1.0-2.el7 available in OCP repos.

Comment 6 Wenkai Shi 2017-02-03 03:31:26 UTC
(In reply to Scott Dodson from comment #5)
> Fix requires ansible-2.2.1.0-2.el7 available in OCP repos.

Has been testing with ansible-2.2.1.0-1 and ansible-2.2.1.0-2, both of them get listed meaaage:

[root@ansible ~]# ansible-playbook -i hosts -v /usr/share/ansible/openshift-ansible/playbooks/byo/config.yml 
Using /etc/ansible/ansible.cfg as config file
FATAL: Current Ansible version (2.2.1.0) is not supported. There are known issues with Ansible version 2.2.1.0 which are impacting OpenShift-Ansible. Please use Ansible version 2.2.0.0 or a version greater than 2.2.1.0. See this issue for more details: https://github.com/openshift/openshift-ansible/issues/3111

Seems OCP 3.5 repo just have ansible-2.2.0.0-1 so far.

Comment 7 Johnny Liu 2017-02-04 06:10:03 UTC
@Scott, 
Could you confirm comment 6 is expected behavior? If yes, QE would move this bug to verified status.

Comment 8 Scott Dodson 2017-02-06 20:16:01 UTC
https://github.com/openshift/openshift-ansible/pull/3255 fixes that so that 2.2.1.0-2 is marked as OK.

That version should be in today's puddles.

Comment 9 Wenkai Shi 2017-02-07 06:01:35 UTC
Verified with version atomic-openshift-utils-3.5.4-1.git.0.034b615,the ansible-2.2.1.0-2.el7.noarch can be found in OCP 3.5 repo. Installation with htpasswd auth succeed.

[root@ansible ~]# ansible-playbook -i hosts -v /usr/share/ansible/openshift-ansible/playbooks/byo/config
...
TASK [openshift_master : Install httpd-tools if needed] ************************
...
TASK [openshift_master : Ensure htpasswd directory exists] *********************
...
TASK [openshift_master : Create the htpasswd file if needed] *******************
...
TASK [openshift_master : Ensure htpasswd file exists] **************************
...


Note You need to log in before you can comment on or make changes to this bug.