kubernetes-control-plane errors with hook failed: "vault-kv-relation-changed"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Kubernetes Control Plane Charm |
Fix Released
|
High
|
Adam Dyess | ||
Vault KV Charm Layer |
Fix Released
|
High
|
Adam Dyess |
Bug Description
In testrun https:/
```
kubernetes-
calico/4 waiting idle 54.81.238.200 Waiting to retry Calico node configuration
containerd/4 active idle 54.81.238.200 Container runtime available
filebeat/17 active idle 54.81.238.200 Filebeat ready.
ntp/17 active idle 54.81.238.200 123/udp chrony: Ready
telegraf/17 active idle 54.81.238.200 9103/tcp Monitoring kubernetes-
kubernetes-
calico/1 waiting idle 35.168.18.90 Waiting to retry Calico node configuration
containerd/1 active idle 35.168.18.90 Container runtime available
filebeat/2 active idle 35.168.18.90 Filebeat ready.
ntp/2 active idle 35.168.18.90 123/udp chrony: Ready
telegraf/2 active idle 35.168.18.90 9103/tcp Monitoring kubernetes-
```
In the logs we see an internal error:
```
/vaultlocker.
unit-kubernetes
unit-kubernetes
Traceback (most recent call last):
File "/var/lib/
hookenv.
File "/var/lib/
callback(*args, **kwargs)
File "/var/lib/
app_kv = vault_kv.
File "/var/lib/
cls.
File "/var/lib/
self._path = "{}/kv/
File "/var/lib/
_VaultBaseK
File "/var/lib/
"secret_id": _get_secret_
File "/var/lib/
secret_id = retrieve_
File "/var/lib/
response = client.
File "/var/lib/
return method(*args, **kwargs)
File "/var/lib/
return self._adapter.
File "/var/lib/
return self.request(
File "/var/lib/
utils.
File "/var/lib/
raise exceptions.
hvac.exceptions
* internal error
, on post http://
```
Crashdumps for this run can be found here:
https:/
summary: |
- [1.25/beta] kubernetes-control-plane errors with hook failed: "vault-kv- - relation-changed" + kubernetes-control-plane errors with hook failed: "vault-kv-relation- + changed" |
Changed in charm-kubernetes-master: | |
milestone: | 1.25+ck2 → 1.26 |
Changed in charm-kubernetes-master: | |
assignee: | nobody → George Kraft (cynerva) |
status: | Triaged → Won't Fix |
status: | Won't Fix → In Progress |
Changed in charm-kubernetes-master: | |
status: | In Progress → Fix Committed |
Changed in charm-kubernetes-master: | |
milestone: | 1.26+ck1 → 1.26+ck2 |
Changed in charm-kubernetes-master: | |
milestone: | 1.26+ck2 → 1.26+ck3 |
Changed in charm-layer-vault-kv: | |
status: | New → Triaged |
importance: | Undecided → High |
milestone: | none → 1.26+ck3 |
Changed in charm-layer-vault-kv: | |
status: | In Progress → Fix Committed |
Changed in charm-kubernetes-master: | |
status: | In Progress → Fix Committed |
tags: | added: backport-needed |
Changed in charm-kubernetes-master: | |
status: | Fix Committed → Fix Released |
Changed in charm-layer-vault-kv: | |
status: | Fix Committed → Fix Released |
Thanks for the report. This is closely related to https:/ /bugs.launchpad .net/bugs/ 1988448. See the comments there for an explanation about why the InternalServerError was raised from Vault.
However, this time it was raised in a different code path in layer-vault-kv, in _get_secret_id[1]. We need to catch the exception there.
[1]: https:/ /github. com/juju- solutions/ layer-vault- kv/blob/ b0265ff2efed76d a594abc07a279d2 454f224bfd/ lib/charms/ layer/vault_ kv.py#L259- L264