Add Openshift provider: Credential validation was not successful: 503 "Service Unavailable"

Sispheor · November 13, 2020, 8:34am

Hi,

I tried the demo version of ManageIQ with the Docker image and everything was ok.

I deployed the VMware appliance and perform same operations. Adding a git repo and credentials for Ansible was ok. But adding OCP provider return Credential validation was not successful: 503 “Service Unavailable”.

In the logs

[root@localhost ~]# grep -e "ocp" /var/www/miq/vmdb/log/evm.log
[----] I, [2020-11-13T03:21:02.448713 #2502:2abf98e192f4]  INFO -- : MIQ(ManageIQ::Providers::Openshift::ContainerManager#with_provider_connection) Connecting through ManageIQ::Providers::Openshift::ContainerManager: [ocp4exp.testing.local]
[----] W, [2020-11-13T03:21:02.777157 #2502:2abf98e192f4]  WARN -- : MIQ(ManageIQ::Providers::Openshift::ContainerManager#authentication_check_no_validation) type: [:bearer] for [] [ocp4exp.testing.local] Validation failed: error, 503 "Service Unavailable"

No more info about what could be the error.

Please help me Obi Wan, you’re my only hope.

cben · November 22, 2020, 9:00pm

Is the hostname & port correct? Is the hostname reachable from the VMWare that runs ManageIQ?

Can you oc login into the cluster using this hostname & port?

Guessing here, but 503 might be a response from the openshift router, it’s what it says when there is no Route matching the given domain name/path. If so, it means you reached the cluster with correct IP address, but not correct HTTP request for the apiserver.

Which openshift version is this?

Sispheor · November 22, 2020, 9:34pm

Yes hostname and port ok.
And yes it’s reachable. I tested to login directly via oc command from the appliance.
It’s ocp 4.6.

No prob with the same config in the docker miq image and in the openshift based installation.

Sispheor · November 22, 2020, 10:44pm

I fixed it by doing a reset of the database with the appliance_console.
It works now with the same configuration.