Bug 2008532 - CreateContainerConfigError:: failed to prepare subPath for volumeMount [NEEDINFO]
Summary: CreateContainerConfigError:: failed to prepare subPath for volumeMount
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Storage
Version: 4.7
Hardware: Unspecified
OS: Linux
urgent
urgent
Target Milestone: ---
: 4.10.0
Assignee: Hemant Kumar
QA Contact: Penghao Wang
URL:
Whiteboard:
Depends On:
Blocks: 2024967
TreeView+ depends on / blocked
 
Reported: 2021-09-28 13:24 UTC by Himanshu Madhavani
Modified: 2022-03-10 16:14 UTC (History)
26 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-10 16:13:54 UTC
Target Upstream Version:
owasserm: needinfo?
owasserm: needinfo?
owasserm: needinfo?
hekumar: needinfo?

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift kubernetes pull 1065 0 None open Bug 2008532: Fix subpath sources check 2021-11-19 16:40:57 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:14:14 UTC

Description Himanshu Madhavani 2021-09-28 13:24:18 UTC 
Description of problem:

Container creation fails with 

CreateContainerConfigError:: failed to prepare subPath for volumeMount

~~~~
 hyperkube[52689]: I0928 10:31:48.706092   52689 subpath_linux.go:551] Opening path /var/lib/kubelet/pods/bb21d5df-3856-4352-87f2-74a26583c488/volumes/kubernetes.io~csi/pvc-e9261940-a8ae-46a2-b8f4-4f7d70b7f001/mount/pimcore-var-alias-new
Sep 28 10:31:48 esb hyperkube[52689]: I0928 10:31:48.706826   52689 desired_state_of_world_populator.go:528] Found PVC, ClaimName: "prod-homelte"/"new-prod-homelte-pvc"
Sep 28 10:31:48 esbw hyperkube[52689]: I0928 10:31:48.706873   52689 round_trippers.go:422] GET https://api-int.xyz:6443/api/v1/namespaces/prod-homelte/persistentvolumeclaims/new-prod-homelte-pvc
Sep 28 10:31:48 esbwn hyperkube[52689]: I0928 10:31:48.706879   52689 round_trippers.go:429] Request Headers:
Sep 28 10:31:48 esbwnphyperkube[52689]: I0928 10:31:48.706884   52689 round_trippers.go:433]     Accept: application/vnd.kubernetes.protobuf,application/json
Sep 28 10:31:48 esbw hyperkube[52689]: I0928 10:31:48.706889   52689 round_trippers.go:433]     User-Agent: kubelet/v1.20.0+558d959 (linux/amd64) kubernetes/558d959
Sep 28 10:31:48 esbhyperkube[52689]: I0928 10:31:48.707919   52689 mount_linux.go:262] Unmounting /var/lib/kubelet/pods/bb21d5df-3856-4352-87f2-74a26583c488/volume-subpaths/pvc-e9261940-a8ae-46a2-b8f4-4f7d70b7f001/subscription/0
Sep 28 10:31:48 esbd hyperkube[52689]: E0928 10:31:48.709783   52689 kubelet_pods.go:228] failed to prepare subPath for volumeMount "pimcore-var-alias-new" of container "subscription": error ummounting /var/lib/kubelet/pods/bb21d5df-3856-4352-87f2-74a26583c488/volume-subpaths/pvc-e9261940-a8ae-46a2-b8f4-4f7d70b7f001/subscription/0: unmount failed: exit status 32
Sep 28 10:31:48 esb hyperkube[52689]: Unmounting arguments: /var/lib/kubelet/pods/bb21d5df-3856-4352-87f2-74a26583c488/volume-subpaths/pvc-e9261940-a8ae-46a2-b8f4-4f7d70b7f001/subscription/0
Sep 28 10:31:48 esb hyperkube[52689]: Output: umount: /var/lib/kubelet/pods/bb21d5df-3856-4352-87f2-74a26583c488/volume-subpaths/pvc-e9261940-a8ae-46a2-b8f4-4f7d70b7f001/subscription/0: target is busy.
Sep 28 10:31:48 esbw hyperkube[52689]: I0928 10:31:48.709949   52689 event.go:291] "Event occurred" object="prod-homelte/subscription-80-gcl45" kind="Pod" 
~~~~


Version-Release number of selected component (if applicable):
Openshift 4.7

Actual results:

Container creation should succeed.

Expected results:


Additional info:

Additional details in the comments.
Comment 31 Sébastien Han 2021-10-01 15:56:21 UTC 
Agreed with Hemant, the permission denied is a different/new issue. Can we get an "oc describe" of one of the ceph-csi plugin resources?
I just want to verify that the ceph-csi resources are using the correct SCC.

Thanks.
Comment 50 Dwayne 2021-11-01 16:50:59 UTC 
Also, there is another customer escalation on this BZ 2008532 due to the ACE (Active Customer Escalation, EN-4547). The end-user customer is the Huntington National Bank, and the SFDC case is 03043463.
Comment 62 Peter Hunter 2021-12-22 12:43:17 UTC 
I've been added erroneously to this bug by hekumar. I haven't been active in the Redhat community for more than 15 years, and don't even run a Redhat system these days.
Comment 67 errata-xmlrpc 2022-03-10 16:13:54 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056
Note You need to log in before you can comment on or make changes to this bug.