1578583 – azure-file storage class: "The specified share already exists." if provision is unable to create secret in pvc's namespace

Bug 1578583 - azure-file storage class: "The specified share already exists." if provision is unable to create secret in pvc's namespace

Summary: azure-file storage class: "The specified share already exists." if provision ...

Keywords:
Status:	CLOSED DUPLICATE of bug 1575933
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Storage
Sub Component:
Version:	3.10.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	3.10.0
Assignee:	hchen
QA Contact:	Jianwei Hou
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-05-15 22:32 UTC by Hongkai Liu
Modified:	2018-05-18 18:36 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-05-18 18:36:29 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Hongkai Liu 2018-05-15 22:32:21 UTC

Description of problem:
Cannot use sc `azure-file`

Version-Release number of selected component (if applicable):
# yum list installed | grep openshift
atomic-openshift.x86_64       3.10.0-0.41.0.git.0.50cceb0.el7

How reproducible:
Always

Steps to Reproduce:
# oc get sc azure-file -o yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  creationTimestamp: 2018-05-15T22:09:40Z
  name: azure-file
  resourceVersion: "25498"
  selfLink: /apis/storage.k8s.io/v1/storageclasses/azure-file
  uid: aa3af538-588c-11e8-8cc1-000d3a93937b
parameters:
  location: centralus
  skuName: Standard_LRS
  storageAccount: ds6eb4d9f5588211e884a30
provisioner: kubernetes.io/azure-file
reclaimPolicy: Delete
volumeBindingMode: Immediate

# oc process -f https://raw.githubusercontent.com/hongkailiu/svt-case-doc/master/files/pvc_template.yaml -p PVC_NAME=bbb1 -p STORAGE_CLASS_NAME=azure-file

# oc get pvc
NAME      STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS     AGE
aaa1      Bound     pvc-6eb005cf-5882-11e8-8cc1-000d3a93937b   3Gi        RWO            azure-standard   1h
aaa2      Pending                                                                        azure-file       8s

# oc describe pvc bbb1
Name:          bbb1
Namespace:     aaa
StorageClass:  azure-file
Status:        Pending
Volume:        
Labels:        <none>
Annotations:   volume.beta.kubernetes.io/storage-provisioner=kubernetes.io/azure-file
Finalizers:    [kubernetes.io/pvc-protection]
Capacity:      
Access Modes:  
Events:
  Type     Reason              Age   From                         Message
  ----     ------              ----  ----                         -------
  Warning  ProvisioningFailed  3m    persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": Couldn't create secret secrets is forbidden: User "system:serviceaccount:kube-system:persistent-volume-binder" cannot create secrets in the namespace "aaa": User "system:serviceaccount:kube-system:persistent-volume-binder" cannot create secrets in project "aaa"
  Warning  ProvisioningFailed  2m    persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b4288876-901a-00be-049a-ec5441000000
Time:2018-05-15T22:14:07.9873082Z, RequestInitiated=Tue, 15 May 2018 22:14:07 GMT, RequestId=b4288876-901a-00be-049a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=
  Warning  ProvisioningFailed  2m  persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b4288886-901a-00be-099a-ec5441000000
Time:2018-05-15T22:14:23.0560104Z, RequestInitiated=Tue, 15 May 2018 22:14:22 GMT, RequestId=b4288886-901a-00be-099a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=
  Warning  ProvisioningFailed  2m  persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b4288897-901a-00be-0e9a-ec5441000000
Time:2018-05-15T22:14:37.9916118Z, RequestInitiated=Tue, 15 May 2018 22:14:37 GMT, RequestId=b4288897-901a-00be-0e9a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=
  Warning  ProvisioningFailed  2m  persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b42888b0-901a-00be-119a-ec5441000000
Time:2018-05-15T22:14:52.9932436Z, RequestInitiated=Tue, 15 May 2018 22:14:52 GMT, RequestId=b42888b0-901a-00be-119a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=
  Warning  ProvisioningFailed  1m  persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b42888c6-901a-00be-169a-ec5441000000
Time:2018-05-15T22:15:07.9938979Z, RequestInitiated=Tue, 15 May 2018 22:15:07 GMT, RequestId=b42888c6-901a-00be-169a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=
  Warning  ProvisioningFailed  1m  persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b42888d6-901a-00be-1b9a-ec5441000000
Time:2018-05-15T22:15:23.0155671Z, RequestInitiated=Tue, 15 May 2018 22:15:22 GMT, RequestId=b42888d6-901a-00be-1b9a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=
  Warning  ProvisioningFailed  1m  persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b42888e5-901a-00be-1e9a-ec5441000000
Time:2018-05-15T22:15:38.0802669Z, RequestInitiated=Tue, 15 May 2018 22:15:37 GMT, RequestId=b42888e5-901a-00be-1e9a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=
  Warning  ProvisioningFailed  1m  persistentvolume-controller  Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b4288900-901a-00be-239a-ec5441000000
Time:2018-05-15T22:15:53.0398857Z, RequestInitiated=Tue, 15 May 2018 22:15:52 GMT, RequestId=b4288900-901a-00be-239a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=
  Warning  ProvisioningFailed  14s (x4 over 58s)  persistentvolume-controller  (combined from similar events): Failed to provision volume with StorageClass "azure-file": failed to create share kubernetes-dynamic-pvc-41966217-588d-11e8-8cc1-000d3a93937b in account ds6eb4d9f5588211e884a30: failed to create file share, err: storage: service returned error: StatusCode=409, ErrorCode=ShareAlreadyExists, ErrorMessage=The specified share already exists.
RequestId:b428894f-901a-00be-379a-ec5441000000
Time:2018-05-15T22:16:52.9934621Z, RequestInitiated=Tue, 15 May 2018 22:16:52 GMT, RequestId=b428894f-901a-00be-379a-ec5441000000, API Version=2016-05-31, QueryParameterName=, QueryParameterValue=


Actual results:


Expected results:

Master Log:

Node Log (of failed PODs):

PV Dump:

PVC Dump:

StorageClass Dump (if StorageClass used by PV/PVC):

Additional info:

Comment 1 hchen 2018-05-18 14:58:35 UTC

This is function as design. You have to create a rbac rule to allow azure file provisioner to create secret in namespace aaa

Comment 2 hchen 2018-05-18 14:59:17 UTC

similar to https://bugzilla.redhat.com/show_bug.cgi?id=1575933

Comment 3 Hongkai Liu 2018-05-18 18:36:29 UTC


*** This bug has been marked as a duplicate of bug 1575933 ***

Note You need to log in before you can comment on or make changes to this bug.