proper format for openshift_master_identity_providers in Ansible inventory?

Wed, 27 Apr 2016 13:23:18 -0700 

I am using the advanced installation method for Origin using the 3.0.84-1
release of the openshift-ansible repo. I am trying to set up my identity
providers so the cluster will accept LDAP- and htpasswd-based access using
an openshift_master_identity_providers setting in my ansible inventory like
this:

openshift_master_identity_providers=[{ "name": "ldap_provider", "login" :
true, "challenge" : true, "kind" : "LDAPPasswordIdentityProvider",
"ldap_server" : "ldap.example.com", "ldap_bind_dn" : "",
"ldap_bind_password" : "", "ldap_insecure" : true, "ldap_base_ou" :
"ou=People,dc=example,dc=com", "ldap_preferred_username" : "uid" },
{'name': 'htpasswd_auth', 'login': 'true', 'challenge': 'true', 'kind':
'HTPasswdPasswordIdentityProvider', 'filename':
'/etc/origin/master/htpasswd'}]

I've posted this expanded out and easier to read at
http://paste.fedoraproject.org/360411/61788028/

This setting always fails with this error:

TASK: [openshift_master | Install httpd-tools if needed]
**********************
fatal: [master01.kubtst1.tst.lan.returnpath.net] => with_items expects a
list or a set
FATAL: all hosts have already failed -- aborting

I've added a debug statement right before this to print the
"openshift.master.identity_providers" variable that ansible is trying to
iterate over in this task and it basically looks like a string, not a list:

TASK: [openshift_master | debug var=openshift.master.identity_providers]
******
ok: [master01.kubtst1.tst.lan.returnpath.net] => {
    "var": {
        "openshift.master.identity_providers": "[{ \"name\":
\"ldap_provider\", \"login\" : true, \"challenge\" : true, \"kind\" :
\"LDAPPasswordIdentityProvider\", \"ldap_server\" : \"ldap.example.com\",
\"ldap_bind_dn\" : \"\", \"ldap_bind_password\" : \"\", \"ldap_insecure\" :
true, \"ldap_base_ou\" : \"ou=People,dc=example,dc=com\",
\"ldap_preferred_username\" : \"uid\" }, {'name': 'htpasswd_auth', 'login':
'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider',
'filename': '/etc/origin/master/htpasswd'}]"
    }
}

Is this an ansible bug or am I formatting this argument incorrectly? I
based the format on the example here:
https://docs.openshift.org/latest/install_config/install/advanced_install.html#configuring-cluster-variables


Thanks for any insight,



--
Robert Wehner

_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Reply via email to