Skip to content
This repository was archived by the owner on Nov 24, 2025. It is now read-only.
This repository was archived by the owner on Nov 24, 2025. It is now read-only.

Ansible Traffic_Ops role creates invalid ldap.conf config file with default variables. #6674

Open
Open
Ansible Traffic_Ops role creates invalid ldap.conf config file with default variables.#6674
Labels
ansibleRelated to the Ansible rolesautomationrelated to automated testing/deployment/packaging etc.bugsomething isn't working as intendedconfigurationrelated to configuration - not limited to any one component
@davidc0le

Description

@davidc0le
davidc0le
opened on Mar 18, 2022

This Bug Report affects these Traffic Control components:

  • Automation (Ansible)

Current behavior:

The ldap.conf file is rendered based on the template and ldap variables when the traffic_ops role is run. The _to_ldap_setup_ boolean variable is not used to determine if the config file should be rendered or not. It seems that Traffic Ops Golang 6.1.0 ( and maybe older versions ) will read the ldap.conf file regardless of if the ldap.conf path is defined in cdn.conf, for perl backwards compatibility.

When running the playbook without defining any of the ldap variables ( eg to_ldap_hostname ) I end up with a /opt/traffic_ops/app/conf/ldap.conf file like this:

{
   "admin_pass" : "",
   "search_base" : "",
   "admin_dn" : "",
   "host" : "",
   "search_query" : "",
   "insecure" : 0
}

because that file is in the default conf directory, Traffic Ops Golang will read it on service start. This gives the following error:

Mar 18 12:18:43 vm024572 traffic_ops[39187]: Loading Config: parsing LDAP conf '[123 10 32 32 32 34 97 100 109 105 110 95 112 97 115 115 34 32 58 32 34 34 44 10 32 32 32 34 115 101 97 114 99 104 95 98 97 115 101 34 32 58 32 34 34 44 10 32 32 32 34 97 100 109 105 110 95 100 110 34 32 58 32 34 34 44 10 32 32 32 34 104 111 115 116 34 32 58 32 34 34 44 10 32 32 32 34 115 101 97 114 99 104 95 113 117 101 114 121 34 32 58 32 34 34 44 10 32 32 32 34 105 110 115 101 99 117 114 101 34 32 58 32 48 10 125 10]': json: cannot unmarshal number into Go struct field ConfigLDAP.insecure of type bool

I'm unsure what the array of numbers means in the error message....

When I alter the _to_ldap_insecure_ in infrastructure/ansible/roles/traffic_ops/defaults/main.yml to be a boolean instead of a number, the error changes to:

Mar 18 12:46:23 vm024572 traffic_ops[52203]: Loading Config: LDAP conf missing admin_pass field

In both situtations, the daemon does not start.

I think the ldap.conf file should not be rendered in all situation by infrastructure/ansible/roles/traffic_ops/tasks/traffic_ops.yml, and a conditional should be used instead.

Expected behavior:

The traffic_ops role, when using default ldap config should allow the daemon to start

Steps to reproduce:

Don't set any LDAP variables, so the defaults are used and then run the traffic_ops playbook.

Metadata

Metadata

Assignees

No one assigned

    Labels

    ansibleRelated to the Ansible rolesautomationrelated to automated testing/deployment/packaging etc.bugsomething isn't working as intendedconfigurationrelated to configuration - not limited to any one component

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions