I am running openshift origin 3.6 ( kube v1.6.1+5115d708d7) in AWS. Ansible
inventory contains cloud provider configuration and I can see the config
files on the master nodes.
*# From inventory*
* # AWS*
* openshift_cloudprovider_kind=aws*
* openshift_cloudprovider_aws_access_key="{{
lookup('env','AWS_ACCESS_KEY_ID') }}"*
* openshift_cloudprovider_aws_secret_key="{{
lookup('env','AWS_SECRET_ACCESS_KEY') }}"*
*I have also provisioned a storageclass *
* # oc get storageclass*
* NAME TYPE*
* fast (default) kubernetes.io/aws-ebs
<http://kubernetes.io/aws-ebs>*
*However, when i try to create a pvc:*
* kind: "PersistentVolumeClaim"*
* apiVersion: "v1"*
* metadata:*
* name: "testclaim"*
* namespace: testns*
* spec:*
* accessModes:*
* - "ReadWriteOnce"*
* resources:*
* requests:*
* storage: "3Gi"*
* storageClassName: fast*
It just goes in infinite loop trying to get the pvc created. Events show me
this error:
*(combined from similar events): Failed to provision volume with
StorageClass "fast": UnauthorizedOperation: You are not authorized to
perform this operation. Encoded authorization failure message:
$(encoded-message) status code: 403, request id:
d0742e84-a2e1-4bfd-b642-c6f1a61ddc1b*
Unfortunately I cannot decode the encoded message using aws cli as it gives
error.
*aws sts decode-authorization-message -–encoded-message
$(encoded-message) *
* Error: UnicodeWarning: Unicode equal comparison failed to convert
both arguments to Unicode - interpreting them as being unequal*
I have now also tried pv+pvc and using that in a pod. Everything gets
created and I can see the claim. However when I try to mount it, I see
similar errors with permission denied. Any pointers please.
So far I have been able to deploy pods, services etc and they seem to be
working fine.
_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
