-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
No
-
Low
-
1
-
rhel-system-roles
-
2
-
False
-
False
-
-
Yes
-
Red Hat Enterprise Linux
-
SECENGSP Cycle 17
-
Requested
-
None
-
Unspecified Release Note Type - Unknown
-
Unspecified
-
Unspecified
-
Unspecified
-
None
The customer is using RHEL system role to bind nbde client to tang server. Below is the playbook used by them.
- hosts: "{{ _target | d('all') }}"
gather_facts: "{{ _gather_facts | d('yes') }}"
become: "{{ _become | d('yes') }}"
serial: "{{ _serial | d(omit) }}"
roles:
- role: redhat.rhel_system_roles.nbde_client
nbde_client_bindings: - device: /dev/sda2 encryption_password: "luks-password" servers: - http://tang1.nbde-001.prod.iad2.dc.redhat.com - http://tang2.nbde-001.prod.iad2.dc.redhat.com - http://tang1-rhel9.nbde-001.prod.us-east-1.aws.redhat.com - http://tang2-rhel9.nbde-001.prod.us-east-1.aws.redhat.com
When there are multiple tang servers configured in playbook, the playbook shows following error:
msg: |- Error importing token: Failed to import token from file.
If we keep only one tang server in above playbook then it succeeds first time. But running it again results in following error:
Unknown macro: { "msg"}
,
"_ansible_no_log": true,
"changed": false
},
"_ansible_no_log": false,
"changed": false
}
So, there are two issues with above playbook
1) Having more than one tang server in playbook results in following error:
msg: |- Error importing token: Failed to import token from file.
2) If we keep only one tang server entry in playbook, then it succeeds.
However, running the same playbook again results in below error:
msg": "slot already used, but not bound by clevis. cannot use it
- Environment:
– RHEL 9.5
– nbde_client module version 1.88.9
- links to
