raffaelespazzoli / credscontroller Goto Github PK
View Code? Open in Web Editor NEWLicense: Apache License 2.0
License: Apache License 2.0
When I try to run the spring-example project, it fails with the following error:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'secretController': Injection of autowired dependencies failed; nested exception is java.lang.IllegalArgumentException: Could not resolve placeholder 'password' in value "${password}"
I deployed the spring-legacy-example project using the same vault and vault-controller as the one used to deploy the spring-example project. This project works fine and I get the secret back using the GET request.
Can you provide me support on the cause of this issue?
I've built spring-example image correctly:
Then I apply spring-sample-yaml
file. So, deploymentconfig and service are pushed to openshift.
However, decploymentconfig is trying to set up pods but:
The logs onlt gets me that:
Scaling spring-example-1 to 1
error: update acceptor rejected spring-example-1: pods for rc 'spring-example/spring-example-1' took longer than 600 seconds to become available
Any ideas?
Getting this error any suggestion i did provide anyuid -z default
Couldn't start vault with IPC_LOCK. Disabling IPC_LOCK, please use --privileged or --cap-add IPC_LOCK
==> Vault server configuration:
Backend: file
Cgo: disabled
Listener 1: tcp (addr: "0.0.0.0:8200", cluster address: "", tls: "enabled")
Log Level: debug
Mlock: supported: true, enabled: false
Version: Vault v0.6.5
Version Sha: 5d8d702f33b5fd965cbe8d6d0728295de813a196
==> Vault server started! Log data will stream in below:
2017/05/11 15:07:20.314633 [ERROR] core: barrier init check failed: error=failed to check for initialization: open /vault-file-backend/file/core/_keyring: permission denied
2017/05/11 15:07:27.272667 [ERROR] core: barrier init check failed: error=failed to check for initialization: open /vault-file-backend/file/core/_keyring: permission denied
2017/05/11 15:07:27.428863 [ERROR] core: barrier init check failed: error=failed to check for initialization: open /vault-file-backend/file/core/_keyring: permission denied
2017/05/11 15:07:27.429325 [ERROR] core: barrier init check failed: error=failed to check for initialization: open /vault-file-backend/file/core/_keyring: permission denied
2017/05/11 15:07:37.427476 [ERROR] core: barrier init check failed: error=failed to check for initialization: open /vault-file-backend/file/core/_keyring: permission denied
2017/05/11 15:07:37.427674 [ERROR] core: barrier init check failed: error=failed to check for initialization: open /vault-file-backend/file/core/_keyring: permission denied
==> Vault shutdown triggered
Hi,
I have been facing a manifest unknown issues for both the go-dep-1-build pods as well as the spring example ones.
Is there any chance I am missing something in the steps ?
Followed both guides:
https://blog.openshift.com/vault-integration-using-kubernetes-authentication-method/
https://blog.openshift.com/integrating-vault-with-legacy-applications/
Failed to pull image "registry.svc.ci.openshift.org/origin/4.3-2019-10-29-062458@sha256:8184092486c345c2b757f366f146218a115e5d7a92b481cb76257358653ec852": rpc error: code = Unknown desc = Error reading manifest sha256:8184092486c345c2b757f366f146218a115e5d7a92b481cb76257358653ec852 in registry.svc.ci.openshift.org/origin/4.3-2019-10-29-062458: manifest unknown: manifest unknown
Had a look at the following, but its too generic for deployments that doesn't have an external reference I believe ?
https://blog.openshift.com/openshift-and-manifest-unknown/
Thanks in advance.
Jose
The vault container failed to run with following error logs:
chown: /vault/file: Operation not permitted
chown: /vault/file: Operation not permitted
I have found that the log infomation is located ./vendor/github.com/hashicorp/vault/vault/init.go.
I also try to execute the chown command and it return following information to me.
/ # chown vault:vault /vault/file
chown: /vault/file: Operation not permitted
The persist volume is provided by NFS server within the cluster. The ownner for the NFS export path is nobody:nobody.
I also try to change the default scc to allow pod run as any, but it is not work.
I also try to rebuild the vault container and remove the command that will chown the file /vault/file, then the pod will up, but I can not visit the web. It seems like it is not the right way to resolve this issue.
Could you give me some suggestion to fix this issue?
Hi when I am creating spring example application in the Openshift using the template yaml its not able to save the pod.beta.kubernetes.io/init-containers annotations contents in the spring application deployment configuration in Openshift. Can you please help me if I need to do a Openshift cluster administration setting so that it will be able to save pod.beta.kubernetes.io/init-containers in deployment config
Could you take a look at this log?
I've been able to inject the wrapped token into init container. See vault-controller log:
time="2018-06-05T14:29:13Z" level=info msg="token request from 10.128.0.1:53286"
time="2018-06-05T14:29:14Z" level=info msg="Container Port in Init Container: 8443"
time="2018-06-05T14:29:14Z" level=info msg="successfully pushed wrapped token to https://10.128.0.29:8443 "
However, I feed spring-example doesn't quite to work fine so far.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.