Description of problem: Ansible Service Broker seems not working. On Web Console, I no longer see mediawiki nor postgres example apb applications. I looked at 4 OCPv3 clusters (all standard installation) but they are all not seeing apb apps. Version-Release number of selected component (if applicable): openshift v3.11.157 How reproducible: Always Steps to Reproduce: 1. Go to web console and see if there's mediawiki app 2. 3. Actual results: There's no asb example apps in the Web Console Expected results: asb example apps listed in the Web Console Additional info:
The asb pod log, broker-config (default config + just changed log level to debug), /metrics output attached in private. OSB catalog endpoint returns empty services. > $ curl -H "Authorization: Bearer $(oc whoami -t)" -k https://asb.openshift-ansible-service-broker.svc:1338/osb/v2/catalog # curl with cluster-admin user > { > "services": [] > }
The registry config does have the white_list, and it's all default configuration. registry: - type: rhcc name: rh url: https://registry.redhat.io org: tag: v3.11.157 white_list: [u'.*-apb$'] black_list: [u'.*automation-broker-apb$'] auth_type: secret auth_name: asb-registry-auth - type: local_openshift name: localregistry white_list: [] namespaces: [u'openshift'] dao: type: crd log: stdout: true level: info color: true openshift: host: '' ca_file: '' bearer_token_file: '' namespace: openshift-ansible-service-broker sandbox_role: edit image_pull_policy: Always keep_namespace: false keep_namespace_on_error: false broker: dev_broker: false bootstrap_on_startup: true refresh_interval: 600s launch_apb_on_bind: false output_request: false recovery: true ssl_cert_key: /etc/tls/private/tls.key ssl_cert: /etc/tls/private/tls.crt auto_escalate: False auth: - type: basic enabled: false secrets: []
The logs showed the broker using a local_openshift registry. The config you posted has exactly the problem: - type: local_openshift name: localregistry white_list: [] namespaces: [u'openshift'] That is an EMPTY white_list which will cause the broker to ignore all apbs. I still believe this is a configuration issue with the broker.
Removed the local_openshift block and got same empty result. The apbs on rhcc is not populated.
Created attachment 1666533 [details] Using an empty whitelist
Created attachment 1666534 [details] using the default whitelist of [u'.*-apb$']
Using a whitelist I see the clusterserviceclasses: - type: rhcc name: rh url: https://registry.redhat.io org: tag: v3.11.157 white_list: [u'.*-apb$'] black_list: [u'.*automation-broker-apb$'] auth_type: secret auth_name: asb-registry-auth ----- $ oc get clusterserviceclasses | grep apb 08ccf37be271fba38b1a70f87302297f dh-rhpam-apb openshift-automation-service-broker 4m 09628db4757fd1a2db85d465106b9f82 dh-gluster-s3-apb openshift-automation-service-broker 4m 0e991006d21029e47abe71acc255e807 dh-pyzip-demo-apb openshift-automation-service-broker 4m 135bd0df0401e2fdd52fd136935014fb dh-nginx-apb openshift-automation-service-broker 4m 1830d9181b425e281b36efbf22f378a4 dh-proxy-config-apb openshift-automation-service-broker 4m 1882ffca5d72b1084e9107e3485f5066 dh-eclipse-che-apb openshift-automation-service-broker 4m 192097962f2955b0582b5d53ddb942e4 dh-galera-apb openshift-automation-service-broker 4m 1dd62d51c52cc2ac404d58abc0c8fa94 dh-vnc-desktop-apb openshift-automation-service-broker 4m 1dda1477cace09730bd8ed7a6505607e dh-postgresql-apb openshift-automation-service-broker 4m 2c79572fbf83125231198451c26e7cf9 dh-mssql-remote-apb openshift-automation-service-broker 4m 5d0062cce443e5ecb8438ca5f664dcd7 dh-kibana-apb openshift-automation-service-broker 4m 60836f0ce3bd7d325587211dd7791f5b dh-import-vm-apb openshift-automation-service-broker 4m 67042296c7c95e84142f21f58da2ebfe dh-mariadb-apb openshift-automation-service-broker 4m 693cb128e68365830c913631300deac0 dh-pyzip-demo-db-apb openshift-automation-service-broker 4m 6df7afbd132c094704b4a8bfd44378c0 dh-manageiq-apb openshift-automation-service-broker 4m 880ef3b4ba5fa8d80908e9974228e603 dh-awx-apb openshift-automation-service-broker 4m 927ea718efcc5b039fa2a6cf368f0300 dh-unifi-controller-apb openshift-automation-service-broker 4m 97a28db2f29cb90245d9cc58ba226273 dh-homeassistant-apb openshift-automation-service-broker 4m 9f7da06f179b895a8ee5f9a3ce4af7ef dh-hello-world-apb openshift-automation-service-broker 4m a946a139a9308a59bf642ac52b4ba317 dh-wordpress-ha-apb openshift-automation-service-broker 4m ab24ffd54da0aefdea5277e0edce8425 dh-hastebin-apb openshift-automation-service-broker 4m aff6d7bb9c7f57c9ce8b742228e4caa3 dh-es-apb openshift-automation-service-broker 4m b43a4272a6efcaaa3e0b9616324f1099 dh-hello-world-db-apb openshift-automation-service-broker 4m b95513950bb3f132de25d58fb75f8dca dh-keycloak-apb openshift-automation-service-broker 4m c4ef25f81a0c275c8f1bee1b736f3068 dh-mssql-apb openshift-automation-service-broker 4m c65fbd4e701cb71d74fd2cc35e14432b dh-rds-postgres-apb openshift-automation-service-broker 4m ca91b61da8476984f18fc13883ae2fdb dh-etherpad-apb openshift-automation-service-broker 4m ddd528762894b277001df310a126d5ad dh-mysql-apb openshift-automation-service-broker 4m e9c042c4925dd0c7c25ceca4f5179e1c dh-mongodb-apb openshift-automation-service-broker 4m eebf92c7670f30007a4b8db3a8166d5c dh-thelounge-apb openshift-automation-service-broker 4m f4509733ca0636df3d69b6af53260160 dh-jenkins-apb openshift-automation-service-broker 4m f6c4486b7fb0cdac4b58e193607f7011 dh-mediawiki-apb openshift-automation-service-broker 4m f755257efed3e3d43c8b82afd0db1181 dh-prometheus-apb openshift-automation-service-broker 4m f830fb63f6df99c7bfae34b295b43108 dh-tiller-apb openshift-automation-service-broker 4m
using an empty whitelist []: - type: rhcc name: rh url: https://registry.redhat.io org: tag: v3.11.157 white_list: [] black_list: [u'.*automation-broker-apb$'] auth_type: secret auth_name: asb-registry-auth ---- $ oc get clusterserviceclasses | grep apb $ ---- $ oc get clusterserviceclasses NAME EXTERNAL-NAME BROKER AGE c1155d07-5aaf-11ea-a9d2-64006a559cc9 dancer-mysql-persistent template-service-broker 11m c14102d1-5aaf-11ea-a9d2-64006a559cc9 mongodb-persistent template-service-broker 11m c1452223-5aaf-11ea-a9d2-64006a559cc9 mysql-persistent template-service-broker 11m c14a1e3f-5aaf-11ea-a9d2-64006a559cc9 jenkins-pipeline-example template-service-broker 11m c14f107f-5aaf-11ea-a9d2-64006a559cc9 postgresql-persistent template-service-broker 11m c1565999-5aaf-11ea-a9d2-64006a559cc9 rails-pgsql-persistent template-service-broker 11m c16a2a11-5aaf-11ea-a9d2-64006a559cc9 mariadb-persistent template-service-broker 11m c1937eee-5aaf-11ea-a9d2-64006a559cc9 django-psql-persistent template-service-broker 11m c1e79ccd-5aaf-11ea-a9d2-64006a559cc9 cakephp-mysql-persistent template-service-broker 11m c25c1de9-5aaf-11ea-a9d2-64006a559cc9 nodejs-mongo-persistent template-service-broker 11m c3026606-5aaf-11ea-a9d2-64006a559cc9 jenkins-ephemeral template-service-broker 11m
Verified. cluster version:3.11.188 Removed the *u* from white_list and black_list in config map and able to get apb for ansible-service-broker. - type: rhcc name: rh url: https://registry.redhat.io org: tag: v3.11.157 white_list: ['.*-apb$'] black_list: ['.*automation-broker-apb$'] auth_type: secret auth_name: asb-registry-auth # oc get clusterserviceclass | grep ansible 03b69500305d9859bb9440d9f9023784 rh-mediawiki-apb ansible-service-broker 3m 2c259ddd8059b9bc65081e07bf20058f rh-mariadb-apb ansible-service-broker 3m 73ead67495322cc462794387fa9884f5 rh-mysql-apb ansible-service-broker 3m d5915e05b253df421efe6e41fb6a66ba rh-postgresql-apb ansible-service-broker 3m
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0793