Add Openshift provider: Credential validation was not successful: 503 "Service Unavailable"


I tried the demo version of ManageIQ with the Docker image and everything was ok.

I deployed the VMware appliance and perform same operations. Adding a git repo and credentials for Ansible was ok. But adding OCP provider return Credential validation was not successful: 503 “Service Unavailable”.

In the logs

[root@localhost ~]# grep -e "ocp" /var/www/miq/vmdb/log/evm.log
[----] I, [2020-11-13T03:21:02.448713 #2502:2abf98e192f4]  INFO -- : MIQ(ManageIQ::Providers::Openshift::ContainerManager#with_provider_connection) Connecting through ManageIQ::Providers::Openshift::ContainerManager: [ocp4exp.testing.local]
[----] W, [2020-11-13T03:21:02.777157 #2502:2abf98e192f4]  WARN -- : MIQ(ManageIQ::Providers::Openshift::ContainerManager#authentication_check_no_validation) type: [:bearer] for [] [ocp4exp.testing.local] Validation failed: error, 503 "Service Unavailable"

No more info about what could be the error.

Please help me Obi Wan, you’re my only hope.

Is the hostname & port correct? Is the hostname reachable from the VMWare that runs ManageIQ?

Can you oc login into the cluster using this hostname & port?

Guessing here, but 503 might be a response from the openshift router, it’s what it says when there is no Route matching the given domain name/path. If so, it means you reached the cluster with correct IP address, but not correct HTTP request for the apiserver.

Which openshift version is this?

Yes hostname and port ok.
And yes it’s reachable. I tested to login directly via oc command from the appliance.
It’s ocp 4.6.

No prob with the same config in the docker miq image and in the openshift based installation.

I fixed it by doing a reset of the database with the appliance_console.
It works now with the same configuration.