Bug 1692293 - Not have Identity Header to the broker
Summary: Not have Identity Header to the broker
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Service Broker
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.1.0
Assignee: Shawn Hurley
QA Contact: Zhang Cheng
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-03-25 09:42 UTC by Zhang Cheng
Modified: 2019-06-04 10:46 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-04 10:46:25 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:0758 None None None 2019-06-04 10:46:33 UTC

Comment 1 Shawn Hurley 2019-03-25 14:45:17 UTC
I will take a look at this bug.

Comment 2 Shawn Hurley 2019-03-25 17:16:44 UTC

I was unable to reproduce this bug. Can you verify that your test had the spec of the CR has `outputRequest: true`. If you just change the config map the operator would change the config map back to the original value.
`

this is the output of that I got:

time="2019-03-25T17:13:22Z" level=info msg="Request: \"PUT /osb/v2/service_instances/4abbfa0a-4f21-11e9-91e0-0a580a80005b?accepts_incomplete=true HTTP/1.1\\r\\nHost: asb.automation-broker.svc:1338\\r\\nAccept-Encoding: gzip\\r\\nContent-Length: 531\\r\\nContent-Type: application/json\\r\\nUser-Agent: Go-http-client/1.1\\r\\nX-Broker-Api-Originating-Identity: kubernetes eyJ1c2VybmFtZSI6Imt1YmU6YWRtaW4iLCJ1aWQiOiIiLCJncm91cHMiOlsic3lzdGVtOmNsdXN0ZXItYWRtaW5zIiwic3lzdGVtOmF1dGhlbnRpY2F0ZWQiXSwiZXh0cmEiOnsic2NvcGVzLmF1dGhvcml6YXRpb24ub3BlbnNoaWZ0LmlvIjpbInVzZXI6ZnVsbCJdfX0=\\r\\nX-Broker-Api-Version: 2.13\\r\\n\\r\\n{\\\"service_id\\\":\\\"f6c4486b7fb0cdac4b58e193607f7011\\\",\\\"plan_id\\\":\\\"76b2bdf5381b809657c90350726595e5\\\",\\\"organization_guid\\\":\\\"3fba9345-4f08-11e9-bc14-0a580a820020\\\",\\\"space_guid\\\":\\\"19d902d0-4efe-11e9-a579-02a973d92cc2\\\",\\\"parameters\\\":{\\\"mediawiki_admin_pass\\\":\\\"bixqyd-3bopDa-qixkub\\\",\\\"mediawiki_admin_user\\\":\\\"admin\\\",\\\"mediawiki_db_schema\\\":\\\"mediawiki\\\",\\\"mediawiki_site_lang\\\":\\\"en\\\",\\\"mediawiki_site_name\\\":\\\"MediaWiki\\\",\\\"mediawiki_volume_size\\\":\\\"1Gi\\\"},\\\"context\\\":{\\\"clusterid\\\":\\\"3fba9345-4f08-11e9-bc14-0a580a820020\\\",\\\"namespace\\\":\\\"default\\\",\\\"platform\\\":\\\"kubernetes\\\"}}\""
time="2019-03-25T17:13:22Z" level=info msg="ASYNC provisioning in progress"
10.128.0.92 - - [25/Mar/2019:17:13:22 +0000] "PUT /osb/v2/service_instances/4abbfa0a-4f21-11e9-91e0-0a580a80005b?accepts_incomplete=true HTTP/1.1" 202 58
time="2019-03-25T17:13:22Z" level=info msg="============================================================"
time="2019-03-25T17:13:22Z" level=info msg="                       PROVISIONING                         "
time="2019-03-25T17:13:22Z" level=info msg="============================================================"
time="2019-03-25T17:13:22Z" level=info msg="Spec.ID: f6c4486b7fb0cdac4b58e193607f7011"
time="2019-03-25T17:13:22Z" level=info msg="Spec.Name: dh-mediawiki-apb"
time="2019-03-25T17:13:22Z" level=info msg="Spec.Image: docker.io/ansibleplaybookbundle/mediawiki-apb:latest"
time="2019-03-25T17:13:22Z" level=info msg="Spec.Description: Mediawiki apb implementation"
time="2019-03-25T17:13:22Z" level=info msg="============================================================"
time="2019-03-25T17:13:22Z" level=info msg="No network policies found. Assuming things are open, skip network policy creation"

Comment 3 Zhang Cheng 2019-03-26 03:39:04 UTC
You are correct. That root cause is the config changes didn't go into effect.

My changes by `oc edit automationbroker`, configmap had been updated automatic and config file had been synced in container path /etc/ansible-service-broker/config.yaml, but the changes really not take effect in ASB, and there are some issues in asb-operator.

$ oc get po -n ansible-service-broker
NAME                                          READY     STATUS      RESTARTS   AGE
asb-1-deploy                                  0/1       Completed   0          17h
asb-1-ksffj                                   2/2       Running     0          17h
automation-broker-operator-567d7887d8-ck5td   1/1       Running     0          18h

$ oc get automationbroker -o yaml | grep output
    output_request: true

$ oc exec asb-1-ksffj -c asb -it bash
bash-4.2$ cat /etc/ansible-service-broker/config.yaml | grep -i output
  output_request: True

$ oc get cm -n ansible-service-broker
oc get cm NAME                              DATA      AGE
automation-broker-operator-lock   0         13m
broker-config                     1         18h
broker-service-ca-bundle          1         18h

$ oc get cm broker-config -o yaml -n ansible-service-broker | grep output
      output_request: True


Error from asb-operator:
[0;32mok=8   \u001b[0m changed=0    unreachable=0    \u001b[0;31mfailed=1   \u001b[0m\r\n\n","job":"1038322055135491751","name":"ansible-service-broker","namespace":"ansible-service-broker","error":"exit status 2","stacktrace":"github.com/operator-framework/operator-sdk/vendor/github.com/go-logr/zapr.(*zapLogger).Error\n\tsrc/github.com/operator-framework/operator-sdk/vendor/github.com/go-logr/zapr/zapr.go:128\ngithub.com/operator-framework/operator-sdk/pkg/ansible/runner.(*runner).Run.func1\n\tsrc/github.com/operator-framework/operator-sdk/pkg/ansible/runner/runner.go:289"}

Comment 4 Zhang Cheng 2019-03-26 03:40:56 UTC
I will submit a separated bug to the operator issue.

Comment 5 Zhang Cheng 2019-03-26 05:51:23 UTC
New bug refer to https://bugzilla.redhat.com/show_bug.cgi?id=1692637

Comment 7 errata-xmlrpc 2019-06-04 10:46:25 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758


Note You need to log in before you can comment on or make changes to this bug.