From jmatthew at redhat.com Wed Aug 2 14:31:05 2017 From: jmatthew at redhat.com (John Matthews) Date: Wed, 2 Aug 2017 10:31:05 -0400 Subject: [Ansible-service-broker] Blog Posts: Deep Dive into Kubernetes API Server Message-ID: Sharing some blog posts we have found helpful in learning more about the API Server. https://blog.openshift.com/kubernetes-deep-dive-api-server-part-1/ https://blog.openshift.com/kubernetes-deep-dive-api-server-part-2/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From rhallise at redhat.com Thu Aug 3 14:04:23 2017 From: rhallise at redhat.com (Ryan Hallisey) Date: Thu, 3 Aug 2017 10:04:23 -0400 Subject: [Ansible-service-broker] Make CI Message-ID: Team, The make ci patch just merged into the repo https://github.com/openshift/ansible-service-broker/pull/317 . Make CI is a great tool for testing locally. Use this tool as much as possible when testing because it will provide useful feedback as to whether a patch works to provision and bind mediawiki and postgresql. Also, keep in mind make ci uses a bunch of hardcoded values and is heavily tied to catasb. So if you do have issues using make ci that may be the problem. Checkout the README (https://github.com/openshift/ansible-service-broker/blob/master/README.md#ci-target) and feel free to ask questions if there are issues. Thanks, -Ryan From ernelson at redhat.com Fri Aug 4 12:58:48 2017 From: ernelson at redhat.com (Erik Nelson) Date: Fri, 4 Aug 2017 08:58:48 -0400 Subject: [Ansible-service-broker] Basic auth support merged for broker Message-ID: Morning folks, Basic auth has been merged to the broker, if you're tracking master, please pull from the broker and catasb repos to get the latest changes. Note: it can be disabled in the auth section of the broker config. https://github.com/openshift/ansible-service-broker/pull/308 https://github.com/fusor/catasb/pull/107 Canary is rebuilding: https://hub.docker.com/r/ansibleplaybookbundle/ansible-service-broker/builds/brufkkbtxnkhyxxxykw7enf/ Latest build broke, looking into it: https://hub.docker.com/r/ansibleplaybookbundle/ansible-service-broker/builds/bn84dfetdb64hjarkr5mkle/ From ernelson at redhat.com Fri Aug 4 13:28:16 2017 From: ernelson at redhat.com (Erik Nelson) Date: Fri, 4 Aug 2017 09:28:16 -0400 Subject: [Ansible-service-broker] Basic auth support merged for broker In-Reply-To: References: Message-ID: > Latest build broke, looking into it: > https://hub.docker.com/r/ansibleplaybookbundle/ansible-service-broker/builds/bn84dfetdb64hjarkr5mkle/ Failures resolved, RPM based latest image should show up in under an hour after jenkins kicks in. From ernelson at redhat.com Fri Aug 4 14:34:02 2017 From: ernelson at redhat.com (Erik Nelson) Date: Fri, 4 Aug 2017 10:34:02 -0400 Subject: [Ansible-service-broker] Documentation Improvements Message-ID: I started a google doc and dumped some thoughts on documentation improvements, please review and add your thoughts on what we can improve that exists today, gaps, etc. https://docs.google.com/a/redhat.com/document/d/1Z_uJrnKeJgQ9sat6OI4evebnkenRlVnueSPFvvEOokE/edit?usp=sharing From jmatthew at redhat.com Fri Aug 4 15:24:24 2017 From: jmatthew at redhat.com (John Matthews) Date: Fri, 4 Aug 2017 11:24:24 -0400 Subject: [Ansible-service-broker] Manifesto: Manifesto lets users store and query metadata for Docker images. Message-ID: FYI, This may be interesting for storing artifacts related to an image in the registry. https://github.com/aquasecurity/manifesto -------------- next part -------------- An HTML attachment was scrubbed... URL: From ernelson at redhat.com Fri Aug 4 18:20:07 2017 From: ernelson at redhat.com (Erik Nelson) Date: Fri, 4 Aug 2017 14:20:07 -0400 Subject: [Ansible-service-broker] Bind workflow updates Message-ID: We've merged some updates to the bind workflow, changes should be transparent for everyone, but the features are probably of interest to APB authors. Details and motivations are in the RFC: https://github.com/openshift/ansible-service-broker/blob/master/docs/specs/bind-unbind-workflow.md PR: https://github.com/openshift/ansible-service-broker/pull/302 If configured to run APBs on binds, broker will now pass any extracted credentials via special keys to APBs to do with as they please. Any object returned from the APB will be considered the bind credentials, and that is what is passed back to the catalog via the broker on a bind request. Example: admin account created during a DB provision is created and passed back as credentials. Broker will stash this and provide them via "_apb_provision_creds" to the APB on a subsequent bind request. APB can then use this admin account to do whatever it needs to (say create a locked down, new user account), and pass *that* user account back to the catalog as the binding. This never exposes the underlying admin account created during provision. From shurley at redhat.com Fri Aug 4 18:25:00 2017 From: shurley at redhat.com (Shawn Hurley) Date: Fri, 4 Aug 2017 14:25:00 -0400 Subject: [Ansible-service-broker] Bind workflow updates In-Reply-To: References: Message-ID: <6f729320-aaa0-12b8-91c8-bcd6f5201922@redhat.com> On 08/04/2017 02:20 PM, Erik Nelson wrote: > Example: admin account created during a DB provision is created and > passed back as credentials. Broker will stash this and provide them > via "_apb_provision_creds" to the APB on a subsequent bind request. > APB can then use this admin account to do whatever it needs to (say > create a locked down, new user account), and pass *that* user account > back to the catalog as the binding. This never exposes the underlying > admin account created during provision. A example of this that I wrote is here: https://github.com/shawn-hurley/rhscl-postgresql-apb I tried to show two different workflows with this. Another important note, is because of the lack of async bind, if the APB does not launch and return fast enough then an error will occur and the catalog can not resolve it at the moment. Thanks, Shawn Hurley From rhallise at redhat.com Fri Aug 4 19:58:57 2017 From: rhallise at redhat.com (Ryan Hallisey) Date: Fri, 4 Aug 2017 15:58:57 -0400 Subject: [Ansible-service-broker] Bind workflow updates In-Reply-To: <6f729320-aaa0-12b8-91c8-bcd6f5201922@redhat.com> References: <6f729320-aaa0-12b8-91c8-bcd6f5201922@redhat.com> Message-ID: Shawn, Can you post your example as a PR to apb-examples? I think it would be great to have it there. We should also document how to use this and mention the issue about not having async bind. -Ryan On Fri, Aug 4, 2017 at 2:25 PM, Shawn Hurley wrote: > On 08/04/2017 02:20 PM, Erik Nelson wrote: >> >> Example: admin account created during a DB provision is created and >> passed back as credentials. Broker will stash this and provide them >> via "_apb_provision_creds" to the APB on a subsequent bind request. >> APB can then use this admin account to do whatever it needs to (say >> create a locked down, new user account), and pass *that* user account >> back to the catalog as the binding. This never exposes the underlying >> admin account created during provision. > > > A example of this that I wrote is here: > https://github.com/shawn-hurley/rhscl-postgresql-apb > > I tried to show two different workflows with this. > > Another important note, is because of the lack of async bind, if the APB > does not launch and return fast enough then an error will occur and the > catalog can not resolve it at the moment. > > Thanks, > > Shawn Hurley > > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker From shurley at redhat.com Fri Aug 4 20:30:24 2017 From: shurley at redhat.com (Shawn Hurley) Date: Fri, 4 Aug 2017 16:30:24 -0400 Subject: [Ansible-service-broker] Bind workflow updates In-Reply-To: References: <6f729320-aaa0-12b8-91c8-bcd6f5201922@redhat.com> Message-ID: <6d5c7e0d-1f00-956e-f1f6-1ab11d3bcdd6@redhat.com> Hey, I was worried about posting it to the apb examples, because it will mostly wont worked. do we have like an experimental folder that it could be moved into? Please tell me if this is an invalid concern, but my concern is that if we add it to the examples, then we are saying that anyone should be able to use this, and I don't think that is the case at the moment. Once async bind is in place then we would expect it to work for everyone. Thanks, Shawn From rhallise at redhat.com Fri Aug 4 20:46:30 2017 From: rhallise at redhat.com (Ryan Hallisey) Date: Fri, 4 Aug 2017 16:46:30 -0400 Subject: [Ansible-service-broker] Bind workflow updates In-Reply-To: <6d5c7e0d-1f00-956e-f1f6-1ab11d3bcdd6@redhat.com> References: <6f729320-aaa0-12b8-91c8-bcd6f5201922@redhat.com> <6d5c7e0d-1f00-956e-f1f6-1ab11d3bcdd6@redhat.com> Message-ID: Maybe we can create a beta or experimental directory for something like this? I like the idea of having it around to show that this is a feature. Even if it means we only document it. -Ryan On Fri, Aug 4, 2017 at 4:30 PM, Shawn Hurley wrote: > Hey, > > I was worried about posting it to the apb examples, because it will mostly > wont worked. do we have like an experimental folder that it could be moved > into? > > Please tell me if this is an invalid concern, but my concern is that if we > add it to the examples, then we are saying that anyone should be able to use > this, and I don't think that is the case at the moment. Once async bind is > in place then we would expect it to work for everyone. > > Thanks, > > Shawn From jmatthew at redhat.com Fri Aug 4 20:47:20 2017 From: jmatthew at redhat.com (John Matthews) Date: Fri, 4 Aug 2017 16:47:20 -0400 Subject: [Ansible-service-broker] Bind workflow updates In-Reply-To: References: <6f729320-aaa0-12b8-91c8-bcd6f5201922@redhat.com> <6d5c7e0d-1f00-956e-f1f6-1ab11d3bcdd6@redhat.com> Message-ID: On Fri, Aug 4, 2017 at 4:46 PM, Ryan Hallisey wrote: > Maybe we can create a beta or experimental directory for something like > this? > +1 to experimental and placing under there for now. > I like the idea of having it around to show that this is a feature. > Even if it means we only > document it. > > -Ryan > > On Fri, Aug 4, 2017 at 4:30 PM, Shawn Hurley wrote: > > Hey, > > > > I was worried about posting it to the apb examples, because it will > mostly > > wont worked. do we have like an experimental folder that it could be > moved > > into? > > > > Please tell me if this is an invalid concern, but my concern is that if > we > > add it to the examples, then we are saying that anyone should be able to > use > > this, and I don't think that is the case at the moment. Once async bind > is > > in place then we would expect it to work for everyone. > > > > Thanks, > > > > Shawn > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > -------------- next part -------------- An HTML attachment was scrubbed... URL: From aweiteka at redhat.com Mon Aug 7 18:01:24 2017 From: aweiteka at redhat.com (Aaron Weitekamp) Date: Mon, 07 Aug 2017 18:01:24 +0000 Subject: [Ansible-service-broker] Ansible vars patterns with apb.yml Message-ID: When I started creating apb applications I wanted to develop my application locally just using ansible. Building, pushing, running my application was something to be done at the end. More than likely, building and testing the actual APB image is a post-commit operation performed in a gating source control test job. The problem with this is that while ansible has many patterns[1] for passing in variables (aka parameters), we've invented a new pattern in apb.yml. The risk is that application developers put defaults into their playbooks[2], not realizing they're also defined (and overridden via --extra-vars) in apb.yml[3]. In this example we've gone out of our way to be DRY in the apb.yml yet none of these are used when running ansible-playbook locally. Some vars may not be exposed to the end-user but these should be limited. Some options I've explored: - support an "include vars files" pattern in apb.yml. However, I don't see a way to associate metadata (display, description, type). - create a module to gather apb facts. See aws example[4] - extend apb CLI to inject vars during test - use a Makefile to inject vars during test - do nothing. Local ansible application development needs to manually pass in --extra-vars for every item in apb.yml. [1] include file, inventory host/group vars, inline playbook, role defaults, CLI [2] example: https://github.com/fusor/apb-examples/blob/master/jenkins-apb/roles/provision-jenkins-apb/defaults/main.yml [3] example: https://github.com/fusor/apb-examples/blob/master/jenkins-apb/apb.yml [4] http://docs.ansible.com/ansible/latest/ec2_facts_module.html -------------- next part -------------- An HTML attachment was scrubbed... URL: From rhallise at redhat.com Tue Aug 8 14:34:57 2017 From: rhallise at redhat.com (Ryan Hallisey) Date: Tue, 8 Aug 2017 10:34:57 -0400 Subject: [Ansible-service-broker] [Spec-Review] Kubernetes support Message-ID: Hey folks, I'd like to discuss the Kubernetes spec on Thursday's meeting. If you haven't had a chance yet, review the spec and leave your feedback. We'll discuss any lingering topics and dive into some of the details on Thursday. https://github.com/openshift/ansible-service-broker/pull/329 Thanks, -Ryan From jesusr at redhat.com Tue Aug 8 19:29:18 2017 From: jesusr at redhat.com (jesus m. rodriguez) Date: Tue, 08 Aug 2017 15:29:18 -0400 Subject: [Ansible-service-broker] Meeting to discuss kubernetes & COE spec Message-ID: <1502220558.3860.6.camel@redhat.com> I created a meeting to discuss the Kubernetes & COE spec. If you are interested feel free to join but please read over the spec prior to the meeting: https://github.com/openshift/ansible-service-broker/pull/329 Tomorrow, August 9 from 11:00am until noon located in 14w406- battleship. dialin: https://bluejeans.com/9196230080 jesus -- jesus m. rodriguez | jesusr at redhat.com principal software engineer | irc: zeus red hat systems management | 919.754.4413 (w) rhce # 805008586930012 | 919.623.0080 (c) +---------------------------------------------+ | "you will be assimilated; | | resistance is futile" | | -- Borg | +---------------------------------------------+ From rhallise at redhat.com Wed Aug 9 20:15:53 2017 From: rhallise at redhat.com (Ryan Hallisey) Date: Wed, 9 Aug 2017 16:15:53 -0400 Subject: [Ansible-service-broker] Kubernetes Spec Message-ID: Team, The spec meeting today was very helpful. I added all the details we discussed into the spec and I think it's good to go. If there are any more comments, drop them in the spec and I'll address them promptly. https://github.com/openshift/ansible-service-broker/pull/329 Thanks, -Ryan From ernelson at redhat.com Tue Aug 15 14:56:58 2017 From: ernelson at redhat.com (Erik Nelson) Date: Tue, 15 Aug 2017 10:56:58 -0400 Subject: [Ansible-service-broker] Update first thoughts Message-ID: I've posted a proposal for first thoughts around APB update support. Feedback much appreciated! https://github.com/openshift/ansible-service-broker/pull/368 From shurley at redhat.com Tue Aug 15 15:31:11 2017 From: shurley at redhat.com (Shawn Hurley) Date: Tue, 15 Aug 2017 11:31:11 -0400 Subject: [Ansible-service-broker] APB Self Testing Proposal Message-ID: Hello All, I am working on a proposal, to show how we could add the ability for a APB to determine how it should be integration tested. The WIP proposal is here. https://github.com/fusor/ansible-playbook-bundle/pull/92 Please note that this only includes the changes that the APB will make to allow testing right now, I am still gathering all the places we will need to make tooling changes to make this testing easier. These will be added to this spec later today or tomorrow. Thanks, Shawn From jesusr at redhat.com Tue Aug 15 21:13:11 2017 From: jesusr at redhat.com (jesus m. rodriguez) Date: Tue, 15 Aug 2017 17:13:11 -0400 Subject: [Ansible-service-broker] PROPOSAL: bearer token Message-ID: <1502831591.3388.4.camel@redhat.com> Initial cut at adding bearer token authentication to the service broker: https://github.com/openshift/ansible-service-broker/pull/373 Please comment. jesus -- jesus m. rodriguez | jesusr at redhat.com principal software engineer | irc: zeus red hat systems management | 919.754.4413 (w) rhce # 805008586930012 | 919.623.0080 (c) +---------------------------------------------+ | "you will be assimilated; | | resistance is futile" | | -- Borg | +---------------------------------------------+ From dzager at redhat.com Wed Aug 16 16:41:29 2017 From: dzager at redhat.com (David Zager) Date: Wed, 16 Aug 2017 16:41:29 +0000 Subject: [Ansible-service-broker] Adding origin- prefix to ansible-service-broker image Message-ID: Greetings, With the work completed for Upstream changes for 'origin-' prefix to broker image. origin-ansible-service-broker there are a few things to point out: - https://github.com/fusor/catasb/pull/119 Updated the group_vars' broker_image_name to point to origin-ansible-service-broker. - https://github.com/openshift/ansible-service-broker/pull/371 Updated the Makefile to build origin-ansible-service broker. Also the deploy-ansible-service-broker template was updated to use origin-ansible-service-broker. - This leaves one item of work remaining, tracked in remove ansible-service-broker docker images . When the work in that card is complete, users *will no longer be able to access the ansible-service-broker docker images* ( https://hub.docker.com/r/ansibleplaybookbundle/ansible-service-broker/ will cease to exist). *TL;DR* you should update your working copies of catasb and ansible-service-broker so that you are grabbing origin-ansible-service-broker from dockerhub because soon ansible-service-broker images will not be available. Regards, David Zager -------------- next part -------------- An HTML attachment was scrubbed... URL: From jmatthew at redhat.com Wed Aug 16 18:52:51 2017 From: jmatthew at redhat.com (John Matthews) Date: Wed, 16 Aug 2017 14:52:51 -0400 Subject: [Ansible-service-broker] Ansible vars patterns with apb.yml In-Reply-To: References: Message-ID: Aaron, Thanks for sharing the feedback, I opened an issue so we can track this: https://github.com/fusor/ansible-playbook-bundle/issues/94 On Mon, Aug 7, 2017 at 2:01 PM, Aaron Weitekamp wrote: > When I started creating apb applications I wanted to develop my > application locally just using ansible. Building, pushing, running my > application was something to be done at the end. More than likely, building > and testing the actual APB image is a post-commit operation performed in a > gating source control test job. > > The problem with this is that while ansible has many patterns[1] for > passing in variables (aka parameters), we've invented a new pattern in > apb.yml. The risk is that application developers put defaults into their > playbooks[2], not realizing they're also defined (and overridden via > --extra-vars) in apb.yml[3]. In this example we've gone out of our way to > be DRY in the apb.yml yet none of these are used when running > ansible-playbook locally. Some vars may not be exposed to the end-user but > these should be limited. > > Some options I've explored: > - support an "include vars files" pattern in apb.yml. However, I don't see > a way to associate metadata (display, description, type). > - create a module to gather apb facts. See aws example[4] > - extend apb CLI to inject vars during test > - use a Makefile to inject vars during test > - do nothing. Local ansible application development needs to manually pass > in --extra-vars for every item in apb.yml. > > [1] include file, inventory host/group vars, inline playbook, role > defaults, CLI > [2] example: https://github.com/fusor/apb-examples/blob/master/jenkins- > apb/roles/provision-jenkins-apb/defaults/main.yml > [3] example: https://github.com/fusor/apb-examples/blob/master/jenkins- > apb/apb.yml > [4] http://docs.ansible.com/ansible/latest/ec2_facts_module.html > > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From shurley at redhat.com Fri Aug 18 17:44:25 2017 From: shurley at redhat.com (Shawn Hurley) Date: Fri, 18 Aug 2017 13:44:25 -0400 Subject: [Ansible-service-broker] Logging Update Proposal Message-ID: <06a81f76-969b-45f2-354d-4c587e95a763@redhat.com> Hey Everyone, I have put down some ideas on how we could go about updating logging so that we are no logging keeping loggers on structs. The PR is here https://github.com/openshift/ansible-service-broker/pull/381 I think that this might need to be discussed in a scrum meeting eventually, but currently, there is no card or work scheduled to implement this PR I want to get some discussion started on this proposal so that work can be started immediately once it is scheduled. Thanks, Shawn From shurley at redhat.com Wed Aug 23 17:03:19 2017 From: shurley at redhat.com (Shawn Hurley) Date: Wed, 23 Aug 2017 13:03:19 -0400 Subject: [Ansible-service-broker] Experimental APB For Creating Credentials on Bind and Unbind Message-ID: <39a93554-352c-719e-bfd2-f341663fbac3@redhat.com> Hello, I have published a demo showing how launching an APB on bind and unbind could work. This will create new credentials on bind and revoke those credentials on unbind. https://www.youtube.com/watch?v=dMeFUcGV_JA Thanks, Shawn Hurley From jmontleo at redhat.com Tue Aug 29 18:16:36 2017 From: jmontleo at redhat.com (Jason Montleon) Date: Tue, 29 Aug 2017 14:16:36 -0400 Subject: [Ansible-service-broker] Containerized APB tool Message-ID: <0b77bd95-bd63-7f1d-34f9-fc1b574b5c66@redhat.com> If installing apb tool as an RPM from the Copr repos or building from source is not possible or undesirable for any reason, running the tool as a docker container is now also possible. The process for creating an alias and using atomic run is detailed here: https://github.com/fusor/ansible-playbook-bundle#running-from-a-container The TL;DR on how this works: - apb is installed within the container. - The container is run with your UID. ($UID) - The container mounts the present working directory ($PWD) at /mnt in the container, which is also specified as the working directory in the dockerfile. This allows you to work with files on your host. - Your ~/.kube is mounted within the container in order to allow your credentials to be used for running oc tasks. - The docker socket is mounted within the container to allow apb build to work. This also requires --privileged to be set to work. -- Jason Montleon | email: jmontleo at redhat.com Software Engineer | gpg key: 0x069E3022 Red Hat, Inc. | irc: jmontleo desk: 978-392-3930 | cell: 508-496-0663 From dzager at redhat.com Wed Aug 30 20:10:40 2017 From: dzager at redhat.com (David Zager) Date: Wed, 30 Aug 2017 20:10:40 +0000 Subject: [Ansible-service-broker] Including Broker Object in Template Message-ID: The creation of the servicecatalog broker resource has been moved inside of the deployment template. *What do I need to do?* Checkout the latest changes from the broker project and catasb. *Why is this important?* There are two ways that this change could negatively impact you and they both revolve around automation that process + create from the template and then create the broker; the creation of the broker will fail because it already exists (see example output below). The two PRs of note are: - ansible-service-broker#410 . - catasb#129 ? linux git:(1b5bdb3) ./reset_environment.sh PLAY [localhost] ******************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************** ok: [localhost] ... TASK [ansible_service_broker_setup : Get route for ansible-service-broker] ********************************************** changed: [localhost] TASK [ansible_service_broker_setup : set_fact] ************************************************************************** ok: [localhost] TASK [ansible_service_broker_setup : set_fact] ************************************************************************** ok: [localhost] TASK [ansible_service_broker_setup : Overriding ansible_service_broker_resource_file if running with RCM] *************** skipping: [localhost] TASK [ansible_service_broker_setup : Creating /tmp/ansible_service_broker.yaml] ***************************************** ok: [localhost] TASK [ansible_service_broker_setup : Create Broker resource in Service Catalog] ***************************************** fatal: [localhost]: FAILED! => {"changed": true, "cmd": "/home/dzager/bin/oc create -f /tmp/ansible_service_broker.yaml","delta": "0:00:00.194099", "end": "2017-08-30 08:39:02.163068", "failed": true, "rc": 1, "start": "2017-08-3008:39:01.968969", "stderr": "Error from server (AlreadyExists): error when creating \"/tmp/ansible_service_broker.yaml\": brokers \"ansible-service-broker\" already exists", "stderr_lines": ["Error from server (AlreadyExists): error when creating\"/tmp/ansible_service_broker.yaml\": brokers \"ansible-service-broker\" already exists"], "stdout": "", "stdout_lines": []} -------------- next part -------------- An HTML attachment was scrubbed... URL: From dwhatley at redhat.com Wed Aug 30 20:23:33 2017 From: dwhatley at redhat.com (Derek Whatley) Date: Wed, 30 Aug 2017 16:23:33 -0400 Subject: [Ansible-service-broker] Including Broker Object in Template In-Reply-To: References: Message-ID: +1 for this clear notification of change. On Wed, Aug 30, 2017 at 4:10 PM, David Zager wrote: > The creation of the servicecatalog broker resource has been moved inside > of the deployment template. > > *What do I need to do?* > > Checkout the latest changes from the broker project and catasb. > > *Why is this important?* > > There are two ways that this change could negatively impact you and they > both revolve around automation that process + create from the template and > then create the broker; the creation of the broker will fail because it > already exists (see example output below). > > The two PRs of note are: > > - ansible-service-broker#410 > . > - catasb#129 > > ? linux git:(1b5bdb3) ./reset_environment.sh > > PLAY [localhost] ******************************************************************************************************** > > TASK [Gathering Facts] ************************************************************************************************** > ok: [localhost] > > ... > > TASK [ansible_service_broker_setup : Get route for ansible-service-broker] ********************************************** > changed: [localhost] > > TASK [ansible_service_broker_setup : set_fact] ************************************************************************** > ok: [localhost] > > TASK [ansible_service_broker_setup : set_fact] ************************************************************************** > ok: [localhost] > > TASK [ansible_service_broker_setup : Overriding ansible_service_broker_resource_file if running with RCM] *************** > skipping: [localhost] > > TASK [ansible_service_broker_setup : Creating /tmp/ansible_service_broker.yaml] ***************************************** > ok: [localhost] > > TASK [ansible_service_broker_setup : Create Broker resource in Service Catalog] ***************************************** > fatal: [localhost]: FAILED! => {"changed": true, "cmd": "/home/dzager/bin/oc create -f /tmp/ansible_service_broker.yaml","delta": "0:00:00.194099", "end": "2017-08-30 08:39:02.163068", "failed": true, "rc": 1, "start": "2017-08-3008:39:01.968969", "stderr": "Error from server (AlreadyExists): error when creating \"/tmp/ansible_service_broker.yaml\": brokers \"ansible-service-broker\" already exists", "stderr_lines": ["Error from server (AlreadyExists): error when creating\"/tmp/ansible_service_broker.yaml\": brokers \"ansible-service-broker\" already exists"], "stdout": "", "stdout_lines": []} > > > _______________________________________________ > Ansible-service-broker mailing list > Ansible-service-broker at redhat.com > https://www.redhat.com/mailman/listinfo/ansible-service-broker > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From dzager at redhat.com Thu Aug 31 14:27:44 2017 From: dzager at redhat.com (David Zager) Date: Thu, 31 Aug 2017 14:27:44 +0000 Subject: [Ansible-service-broker] catasb and OpenShift 3.7 Message-ID: You can now deploy Ansible Service Broker on OpenShift 3.7 using catasb . Important notes - If you want to deploy the broker on OpenShift 3.7 you must add the following to config/my_vars.yml: origin_image_tag: latest openshift_client_version: '3.7' - The '3.7' client is not compatible with OpenShift 3.6 (at least with respect to the service-catalog). This means that if you change only the image tag or only the client version you will get a failure that looks something like (in this case I omitted the openshift_client_version): TASK [openshift_setup : Run oc cluster up to start the cluster] ********************************************* fatal: [localhost]: FAILED! => {"changed": true, "cmd": "/home/dzager/bin/oc cluster down && /home/dzager/bin/oc cluster up --routing-suffix=172.17.0.1.nip.io --public-hostname=172.17.0.1 --host-pv-dir=/persistedvolumes --image=docker.io/openshift/origin --version=latest --service-catalog=true","delta": "0:10:20.654250", "end": "2017-08-31 10:18:23.772059", "failed": true, "rc": 1, "start": "2017-08-31 10:08:03.117809", "stderr": "", "stderr_lines": [], "stdout": "Starting OpenShift using docker.io/openshift/origin:latest ...-- Checking OpenShift client ... OK-- Checking Docker client ... OK-- Checking Docker version ... OK-- Checking for existing OpenShift container ... OK-- Checking for docker.io/openshift/origin:latest image ... OK-- Checking Docker daemon configuration ... OK...-- Installing service catalog ... FAILError: failed to start the service catalog apiserver: timed out waiting for the condition", ... - The bind operation doesn't work in OpenShift 3.7, but you probably already knew that. Let me know if I missed anything. Hope this helps, Zager -------------- next part -------------- An HTML attachment was scrubbed... URL: