-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
MCE 2.8.0
Description of problem:
After toggle the capa feature in MCE then update the
capa-manager-bootstrap-credentials secret with aws credentials the capa pod logs raising error NoCredentialProviders and cannot reconcile the RosaControlPlane
capa-controller-manager pod logs;
I0312 20:32:09.409519 1 rosacluster_controller.go:117] "Successfully reconciled ROSACluster" controller="rosacluster" controllerGroup="infrastructure.cluster.x-k8s.io" controllerKind="ROSACluster" ROSACluster="ns-rosa-hcp/rosa-hcp-1" namespace="ns-rosa-hcp" name="rosa-hcp-1" reconcileID="e85b4f99-a087-4191-ab24-bf21051964d1" cluster="rosa-hcp-1" controlPlane="rosa-cp-1" E0312 20:32:10.104307 1 controller.go:324] "Reconciler error" err=< failed to create scope: failed to identify the AWS caller: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors > controller="rosacontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="ROSAControlPlane" ROSAControlPlane="ns-rosa-hcp/rosa-cp-1" namespace="ns-rosa-hcp" name="rosa-cp-1" reconcileID="177ba142-cbdd-4b88-9ed3-53e6ebf9916b" E0312 20:32:10.685638 1 controller.go:324] "Reconciler error" err=< failed to create scope: failed to identify the AWS caller: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors > controller="rosacontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="ROSAControlPlane" ROSAControlPlane="ns-rosa-hcp/rosa-cp-1" namespace="ns-rosa-hcp" name="rosa-cp-1" reconcileID="26590d72-6dc4-486a-bd83-93d14d6bd303" E0312 20:32:11.213035 1 controller.go:324] "Reconciler error" err=< failed to create scope: failed to identify the AWS caller: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors > controller="rosacontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="ROSAControlPlane" ROSAControlPlane="ns-rosa-hcp/rosa-cp-1" namespace="ns-rosa-hcp" name="rosa-cp-1" reconcileID="a8f286c0-c90f-4576-998b-26b30bead2b9" E0312 20:32:11.803468 1 controller.go:324] "Reconciler error" err=< failed to create scope: failed to identify the AWS caller: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors > controller="rosacontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="ROSAControlPlane" ROSAControlPlane="ns-rosa-hcp/rosa-cp-1" namespace="ns-rosa-hcp" name="rosa-cp-1" reconcileID="77addddb-acbd-4dad-84f0-8e50887acedb"
Version-Release number of selected component (if applicable):
MCE v2.8.0 , CAPA v4.18
How reproducible:
not every time
Steps to Reproduce:
- Install MCE v2.8
- Enable the CAPI & CAPA feature in the MultiClusterEngine engine CR
- Edit the capa-manager-bootstrap-credentials secret under namespace multicluster-engine. Add data->credentials field with value of AWS_B64ENCODED_CREDENTIALS
- Create RosaControlPlane with its related CRs (Cluster , ROSACluster CRs)
- Check the logs for the CAPA deployment pod under namespace multicluster-engine
- You should see logs as above and the cannot create ROSAControlPlane
Actual results:
Expected results:
Additional info:
Deleting the capa-controller-manager-xxxx pod solve the issue , the capa-controller-manager deployment will re-create the pod and things work fine.