-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Readiness probe fails after LDAP activation #41
Comments
Could I please have the logs from the pod? A 500 error suggests your LDAP configuration isn't quite right, to be honest. |
Sorry for the delay! What log files do you need? These are the logs what we see on our openshift. 🧬 loaded config '/etc/netbox/config/configuration.py' |
In the ldap.py located under run there is no entry for my required group but valid entries for What is see on ldap.py
In my ldap.yml there is my entry for REQUIRE_GROUP but no entries for "is_staff" or "is_superuser" |
Found the issue. If a required value is not set in the value.yml the pod crashes during startup. |
Which required value was this, in particular? Just in case someone turns up this issue when searching for a similar problem in future. |
These values were not set and my netbox fails to start and of course the health check.
I uncommented all values in the values.yaml and set it to valid parameters. I used your chart in version 2.3 and the ldap values were imported as env, missing entries came from the netbox default config or django framework - a failsafe system that not longer exists ;) |
@florianschendel I'm not clear if any changes should be made to the chart to improve this situation. Is there anything to be done, or should we close the issue? |
@florianschendel Is it possible for you to share your configuration, changing out the sensitive data for dummy data? |
@bananflugan
|
@florianschendel Thank you for that! It seems that most of the different settings must have some value set for this to work. I did not use DnTemplate so had that commented out, setting this to an active null value, and also enable AdminDn solved it for me. I enabled debug log and saw log posts complaining about 'is staff' not set, which is the AdminDN. Now the AD integration is working great! |
Everyone must specify all ldap values because they're commented out in values.yaml. Since remoteAuth is disabled, uncommenting won't break anything. |
To anyone else whose pod doesn't start after enabling ldap: you have to use an image with tag suffix "-ldap". This info is hidden away at the bottom of the readme, should really be in the values table's image.tag row. Still can't login to webui using ldap credentials though "Please enter a correct username and password"... |
@holmesb thank you this solved the issue for me! Appreciate you going the extra mile to comment on the correct solution here! |
I just pushed f197260, does that documentation update fix this issue? |
I've just released version 4.0.1 of this chart which resolves this issue. |
If we enable LDAP as backend auth the netbox pod reports a readiness failure with the return value http code 500.
I checked already the ladp.yaml and the config was written in the ldap.yaml including correct user + password.
The text was updated successfully, but these errors were encountered: