Reported upstream: https://github.com/openshift/ansible-service-broker/issues/649 Description of problem: A PUT request to create a binding should return 200 if the binding already exists, per the OSB API spec. But as seen below, this broker currently returns 201, even though it logs the intent to return 200. [2018-01-17T19:16:43.326Z] [WARNING] - launch_apb_on_bind is enabled, but accepts_incomplete is false, binding may fail [2018-01-17T19:16:43.341Z] [DEBUG] - Injecting PlanID as parameter: { _apb_plan_id: dev } [2018-01-17T19:16:43.341Z] [DEBUG] - Injecting ServiceClassID as parameter: { _apb_service_class_id: 1dda1477cace09730bd8ed7a6505607e } [2018-01-17T19:16:43.341Z] [DEBUG] - Injecting ServiceInstanceID as parameter: { _apb_service_instance_id: 0e124c6d-408e-4b55-8b4a-9c6e6640c444 } [2018-01-17T19:16:43.342Z] [DEBUG] - already have this binding instance, returning 200 [2018-01-17T19:16:43.342Z] [DEBUG] - bind creds: map[DB_HOST:postgresql DB_NAME:ddcrneradqaeker DB_PASSWORD:qCYtkr2oD1KTZtg5Vig6 DB_PORT:5432 DB_TYPE:postgres DB_USER:ddcrneradqaeker] 172.17.0.7 - - [17/Jan/2018:19:16:43 +0000] "PUT /ansible-service-broker/v2/service_instances/0e124c6d-408e-4b55-8b4a-9c6e6640c444/service_bindings/51b92cd9-3180-480d-af34-16974294c29f HTTP/1.1" 201 216 Version-Release number of selected component (if applicable): current master How reproducible: always Steps to Reproduce: 1. Configure the broker to run APBs on bind and unbind 2. From the console, initiate a bind Actual results: Watch the broker log, and after the initial request completes, you will likely see one or more additional PUT requests like the above that show a 201 response. Expected results: 200 response to additional PUT requests
https://github.com/openshift/ansible-service-broker/pull/650
It works for me using the 1.1.7 release. I noted that your script did not work, and I had to add a "-f" after "new-app". Could you ensure that you are running 1.1.7? You can verify the currently-running broker version by execing into the running pod: $ oc exec -it asb-2-t2rtq -- asbd --version 1.1.7 I'll attach the log output I saw when I ran your test script. I used this modified APB, which supports async bind: https://hub.docker.com/r/mhrivnak/postgresql-apb/
Created attachment 1392247 [details] Log ouput from running your test script
I'm bumping this back to ON_QA just to make sure it gets noticed, and since it appears to work for me. Feel free to kick it back if you have additional problems.
Michael, I used the latest version(1.1.9) for this test. [root@host-172-16-120-54 ~]# docker run --rm --entrypoint=asbd brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888/openshift3/ose-ansible-service-broker:v3.9 --version 1.1.9 Used the APB that you're provided, config as below: ... - type: dockerhub name: dh url: https://registry.hub.docker.com org: mhrivnak tag: latest white_list: - ".*-apb$" Steps: 1, Enable the ASYNC of the ASB, like: broker: ... launch_apb_on_bind: true 2, Login the cluster. 3, Provision the PostgreSQL in webconsole and create a binding by using the below script. [root@localhost jzhang]# cat bind.sh INSTANCE_ID="d10a0ca6-c609-4d29-ab9d-b25c3b8c332c" BINDING_ID=$(uuidgen) PLAN_UUID="7f4a5e35e4af2beb70076e72fab0b7ff" SERVICE_UUID="dh-postgresql-apb-b7gbr" IDENTITY=$(echo -n '{"groups":["system:authenticated:oauth","system:authenticated"],"scopes.authorization.openshift.io":["user:full"],"uid":"","username":"jiazha"}'|base64 -w 0) echo "binding ID: $BINDING_ID" req="{ \"plan_id\": \"$PLAN_UUID\", \"service_id\": \"$SERVICE_UUID\", \"context\": \"blog-project\", \"app_guid\":\"\", \"bind_resource\":{}, \"parameters\": {} }" curl \ -k -i \ -X PUT \ -H "Authorization: bearer $(oc whoami -t)" \ -H "Content-type: application/json" \ -H "Accept: application/json" \ -H "X-Broker-API-Originating-Identity: kubernetes $IDENTITY" \ -d "$req" \ "https://asb-1338-openshift-ansible-service-broker.apps.0207-nvc.qe.rhcloud.com/ansible-service-broker/v2/service_instances/$INSTANCE_ID/service_bindings/$BINDING_ID?accepts_incomplete=true" [root@localhost jzhang]# ./bind.sh binding ID: 40a35cdd-5f51-4559-ab79-6a685709cd96 HTTP/1.1 202 Accepted Content-Type: application/json Date: Fri, 09 Feb 2018 02:58:37 GMT Content-Length: 58 Set-Cookie: 89a6d633054ded194d4e1360cdc1fbef=b37e683520b874bc37db0badfda2d6dd; path=/; HttpOnly; Secure { "operation": "b4f065ed-2010-47b0-8d61-3bc438f63ac3" } 4, checking the binding status by using below script. [root@localhost jzhang]# cat last_operation.sh OPERATION_ID=$1 INSTANCE_ID="d10a0ca6-c609-4d29-ab9d-b25c3b8c332c" PLAN_UUID="7f4a5e35e4af2beb70076e72fab0b7ff" SERVICE_UUID="dh-postgresql-apb-b7gbr" IDENTITY=$(echo -n '{"groups":["system:authenticated:oauth","system:authenticated"],"scopes.authorization.openshift.io":["user:full"],"uid":"","username":"jiazha"}'|base64 -w 0) curl \ -k \ -X GET \ -H "Authorization: bearer $(oc whoami -t)" \ -H "Content-type: application/json" \ -H "Accept: application/json" \ -H "X-Broker-API-Originating-Identity: kubernetes $IDENTITY" \ "https://asb-1338-openshift-ansible-service-broker.apps.0207-nvc.qe.rhcloud.com/ansible-service-broker/v2/service_instances/$INSTANCE_ID/last_operation?operation=$OPERATION_ID&service_id=$SERVICE_UUID&plan_id=$PLAN_UUID" [root@localhost jzhang]# ./last_operation.sh b4f065ed-2010-47b0-8d61-3bc438f63ac3 { "state": "succeeded" } 5, Create a binding that already exists, for example, the above "40a35cdd-5f51-4559-ab79-6a685709cd96". Got response 200, details as below: [root@localhost jzhang]# ./bind.sh binding ID: 40a35cdd-5f51-4559-ab79-6a685709cd96 HTTP/1.1 200 OK Content-Type: application/json Date: Fri, 09 Feb 2018 03:46:07 GMT Content-Length: 216 Set-Cookie: 89a6d633054ded194d4e1360cdc1fbef=b37e683520b874bc37db0badfda2d6dd; path=/; HttpOnly; Secure Cache-control: private { "credentials": { "DB_HOST": "postgresql", "DB_NAME": "qndwgxllafeqmll", "DB_PASSWORD": "z5pIaFTIAwbfyxOLEm6s", "DB_PORT": "5432", "DB_TYPE": "postgres", "DB_USER": "qndwgxllafeqmll" } } The logs of the ASB: ... [2018-02-09T03:46:07.649Z] [DEBUG] - already have this binding instance, returning 200 [2018-02-09T03:46:07.649Z] [DEBUG] - bind creds: map[DB_USER:qndwgxllafeqmll DB_HOST:postgresql DB_NAME:qndwgxllafeqmll DB_PASSWORD:z5pIaFTIAwbfyxOLEm6s DB_PORT:5432 DB_TYPE:postgres] 10.128.0.1 - - [09/Feb/2018:03:46:07 +0000] "PUT /ansible-service-broker/v2/service_instances/d10a0ca6-c609-4d29-ab9d-b25c3b8c332c/service_bindings/40a35cdd-5f51-4559-ab79-6a685709cd96?accepts_incomplete=true HTTP/1.1" 200 216 So, LGTM.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3748