K
Q

Cannot install openshift cluster with htpasswd

5/13/2020

I successfully installed an opneshift cluster locally on my macOS, but AllowAll identityProvider is put by default, so I ran oc cluster down then oc cluster up --http-proxy=gateway.docker.internal:3128 --https-proxy=gateway.docker.internal:3129 --base-dir="$HOME/.occluster" --write-config and in the master-config.yamlfor the kube-apiserver, openshift-apiserver and openshift-controller-manager I changed these values:

identityProviders:
- name: my_htpasswd_provider 
  challenge: true 
  login: true 
  mappingMethod: claim 
  provider:
    apiVersion: v1
    kind: HTPasswdPasswordIdentityProvider
    file: /etc/origin/master/htpasswd

When I run oc cluster up like before but without the --write-config flag I get the following:

I0513 12:45:46.901048   26313 run_self_hosted.go:181] Waiting for the kube-apiserver to be ready ...
E0513 12:50:47.962414   26313 run_self_hosted.go:571] API server error: Get https://127.0.0.1:8443/healthz?timeout=32s: EOF ()
Error: timed out waiting for the condition

I cannot understand where is the mistake and what should be done in order to get rid of the errors

-- Barrett
kubernetes
macos
openshift

Similar Questions

unable to automate the step of creating replicaset in mongodb through kubernetes deployment file
Kubernetes not updates Docker image on redeployment
Is there any posible to create external load balancer for pod in cluster created by kubeadm tool
container fails after executing command: [wget url]

1 Answer

5/14/2020

The problem was that I did not have the htpasswd file into the kube-apiserver folder. Putting it there managed to install the cluster with the specified identityProvider. Also, for logging in as system:admin, I had to run export KUBECONFIG=/path/to/admin.kubeconfig". What am I looking forward is how to add more users to the cluster, because updating the htpasswd file is not the solution as I recall.

-- Barrett
Source: StackOverflow