As observed here https://openshift-gce-devel.appspot.com/build/origin-ci-test/pr-logs/pull/openshift_openshift-ansible/6020/test_pull_request_openshift_ansible_logging/2989/ TASK [ansible_service_broker : Create ansible-service-broker cert directory] *** task path: /usr/share/ansible/openshift-ansible/roles/ansible_service_broker/tasks/generate_certs.yml:5 changed: [localhost] => { "changed": true, "generated_timestamp": "2017-11-07 01:25:35.652120", "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/origin/ansible-service-broker", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [ansible_service_broker : set_fact] *************************************** task path: /usr/share/ansible/openshift-ansible/roles/ansible_service_broker/tasks/generate_certs.yml:12 ok: [localhost] => { "ansible_facts": { "ansible_service_broker_certs_dir": "/etc/origin/ansible-service-broker" }, "changed": false, "generated_timestamp": "2017-11-07 01:25:35.715983" } TASK [ansible_service_broker : Create self signing ca cert] ******************** task path: /usr/share/ansible/openshift-ansible/roles/ansible_service_broker/tasks/generate_certs.yml:15 skipping: [localhost] => { "changed": false, "generated_timestamp": "2017-11-07 01:25:35.757315", "skip_reason": "Conditional result was False", "skipped": true } TASK [ansible_service_broker : Create self signed client cert] ***************** task path: /usr/share/ansible/openshift-ansible/roles/ansible_service_broker/tasks/generate_certs.yml:20 skipping: [localhost] => (item={u'creates': u'/etc/origin/ansible-service-broker/client.key', u'cmd': u'openssl genrsa -out /etc/origin/ansible-service-broker/client.key 2048'}) => { "changed": false, "generated_timestamp": "2017-11-07 01:25:35.820102", "item": { "cmd": "openssl genrsa -out /etc/origin/ansible-service-broker/client.key 2048", "creates": "/etc/origin/ansible-service-broker/client.key" }, "skip_reason": "Conditional result was False", "skipped": true } skipping: [localhost] => (item={u'creates': u'/etc/origin/ansible-service-broker/client.csr', u'cmd': u'openssl req -new -key /etc/origin/ansible-service-broker/client.key -out /etc/origin/ansible-service-broker/client.csr -subj "/CN=client"'}) => { "changed": false, "generated_timestamp": "2017-11-07 01:25:35.849113", "item": { "cmd": "openssl req -new -key /etc/origin/ansible-service-broker/client.key -out /etc/origin/ansible-service-broker/client.csr -subj \"/CN=client\"", "creates": "/etc/origin/ansible-service-broker/client.csr" }, "skip_reason": "Conditional result was False", "skipped": true } skipping: [localhost] => (item={u'creates': u'/etc/origin/ansible-service-broker/client.pem', u'cmd': u'openssl x509 -req -in /etc/origin/ansible-service-broker/client.csr -CA /etc/origin/ansible-service-broker/cert.pem -CAkey /etc/origin/ansible-service-broker/key.pem -CAcreateserial -out /etc/origin/ansible-service-broker/client.pem -days 1024'}) => { "changed": false, "generated_timestamp": "2017-11-07 01:25:35.862847", "item": { "cmd": "openssl x509 -req -in /etc/origin/ansible-service-broker/client.csr -CA /etc/origin/ansible-service-broker/cert.pem -CAkey /etc/origin/ansible-service-broker/key.pem -CAcreateserial -out /etc/origin/ansible-service-broker/client.pem -days 1024", "creates": "/etc/origin/ansible-service-broker/client.pem" }, "skip_reason": "Conditional result was False", "skipped": true } TASK [ansible_service_broker : set_fact] *************************************** task path: /usr/share/ansible/openshift-ansible/roles/ansible_service_broker/tasks/generate_certs.yml:32 [WARNING]: Unable to find '/etc/origin/ansible-service-broker/client.pem' in expected paths. fatal: [localhost]: FAILED! => { "failed": true, "generated_timestamp": "2017-11-07 01:25:35.904435", "msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: /etc/origin/ansible-service-broker/client.pem" } [WARNING]: Could not create retry file '/usr/share/ansible/openshift- ansible/playbooks/byo/config.retry'. [Errno 13] Permission denied: u'/usr/share/ansible/openshift-ansible/playbooks/byo/config.retry' PLAY RECAP ********************************************************************* localhost : ok=579 changed=214 unreachable=0 failed=1 INSTALLER STATUS *************************************************************** Initialization : Complete Health Check : Complete etcd Install : Complete Master Install : Complete Master Additional Install : Complete Node Install : Complete Hosted Install : Complete Service Catalog Install : In Progress This phase can be restarted by running: playbooks/byo/openshift-cluster/service-catalog.yml
https://github.com/openshift/openshift-ansible/pull/6044
Commits pushed to master at https://github.com/openshift/openshift-ansible https://github.com/openshift/openshift-ansible/commit/9b68df39eb020eb771abe645f48a324de6c8708b Bug 1510546- Fix previous fix, task was indented one level too deep https://github.com/openshift/openshift-ansible/commit/80fdf0d5a4215ad57388dfec9634685502d581af Merge pull request #6048 from fabianvf/1510546-asb-fix-cert-indent Bug 1510546- Fix previous fix, task was indented one level too deep
ansible-service-broker deploy failed while using openshift-ansible with latest build openshift-ansible-3.7.0-0.197.0 Refer to bug: https://bugzilla.redhat.com/show_bug.cgi?id=1507617
Retested and verified with openshift-ansible-3.7.4-1 svc-catalog and asb can be deployed succeed.