Description of problem: Sometimes vSphere PVC dynamic provision could fail with error 'NotAuthenitcated', restarting controller brings things back to normal. No clear reproduce step yet. Googled this problem and found upstream issue and fix: https://github.com/kubernetes/kubernetes-anywhere/issues/502 https://github.com/kubernetes/kubernetes/pull/58124 Version-Release number of selected component (if applicable): openshift v3.9.7 kubernetes v1.9.1+a0ce1bc657 How reproducible: Sometimes Steps to Reproduce: 1. Create PVC for dynamic vSphere PV Actual results: Provision failed with error 'NotAuthenticated'. Expected results: PV provisioned.
oc describe pvc vspherec1 Name: vspherec1 Namespace: jhou StorageClass: vspheredefault Status: Pending Volume: Labels: <none> Annotations: volume.beta.kubernetes.io/storage-provisioner=kubernetes.io/vsphere-volume Finalizers: [] Capacity: Access Modes: VolumeMode: Filesystem Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning ProvisioningFailed 3s persistentvolume-controller Failed to provision volume with StorageClass "vspheredefault": NotAuthenticated
Thank you for identifying the root cause and the fix. We will backport it. :-)
Verified on 3.9.20, this is not reproducible now after many tries.
Verified on 3.9.24
(In reply to Hemant Kumar from comment #2) > Thank you for identifying the root cause and the fix. We will backport it. > :-) Hi Hermant, I have a customer that has the same problem. Here are the results from "oc version": oc v3.9.14 kubernetes v1.9.1+a0ce1bc657 features: Basic-Auth GSSAPI Kerberos SPNEGO Server https://haproxy.rhocp.buy4.io:8443 openshift v3.9.14 kubernetes v1.9.1+a0ce1bc657 Do you have any advice on how we can fix it on client's installation? Thanks
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:1566