Uploaded image for project: 'OpenShift API for Data Protection'
  1. OpenShift API for Data Protection
  2. OADP-6019

OADP fails to create bucket on AWS

XMLWordPrintable

    • Quality / Stability / Reliability
    • 3
    • False
    • Hide

      None

      Show
      None
    • False
    • oadp-operator-bundle-container-1.5.0-94
    • ToDo
    • Very Likely
    • 0
    • None
    • Unset
    • Unknown
    • Yes

      Description of problem:

      OADP operator is failing to create bucket on top of aws. OADP operator is installed with standerdized sts configuration. Attached logs below 

       

      2025-04-24T11:35:41Z ERROR unable to determine if bucket exists. {"controller": "cloudstorage", "controllerGroup": "oadp.openshift.io", "controllerKind": "CloudStorage", "CloudStorage": {"name":"test-oadp","namespace":"openshift-adp"}, "namespace": "openshift-adp", "name": "test-oadp", "reconcileID": "9628ea56-bdad-45e1-93d1-f3bdbca583c3", "bucket": {"name":"test-oadp","namespace":"openshift-adp"}, "error": "open /tmp/aws-shared-credentials1211864681: read-only file system"} github.com/openshift/oadp-operator/internal/controller.CloudStorageReconciler.Reconcile /remote-source/internal/controller/cloudstorage_controller.go:154 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Reconcile /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime@v0.19.3/pkg/internal/controller/controller.go:116 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime@v0.19.3/pkg/internal/controller/controller.go:303 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime@v0.19.3/pkg/internal/controller/controller.go:263 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2 /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime@v0.19.3/pkg/internal/controller/controller.go:224 2025-04-24T11:35:41Z DEBUG events unable to find bucket: open /tmp/aws-shared-credentials1211864681: read-only file system {"type": "Warning", "object": {"kind":"CloudStorage","namespace":"openshift-adp","name":"test-oadp","uid":"173c28e3-6f5c-4b78-9eac-dd92508de954","apiVersion":"oadp.openshift.io/v1alpha1","resourceVersion":"277007"}, "reason": "BucketNotFound"}

       

       

      Version-Release number of selected component (if applicable):
      ROSA 4.19 
      OADP 1.5.0

       

      How reproducible:

      Always

       

       

      Steps to Reproduce:

      1.  Install OADP with standardized configuration

      2.  Create cloudstorage CR

      oc get cloudstorage -o yaml test-oadp
apiVersion: oadp.openshift.io/v1alpha1
kind: CloudStorage
metadata:
  creationTimestamp: "2025-04-24T11:15:41Z"
  finalizers:
  - oadp.openshift.io/bucket-protection
  generation: 1
  name: test-oadp
  namespace: openshift-adp
  resourceVersion: "277007"
  uid: 173c28e3-6f5c-4b78-9eac-dd92508de954
spec:
  creationSecret:
    key: credentials
    name: cloud-credentials
  enableSharedConfig: true
  name: oadprosa2461h4rgs
  provider: aws
  region: us-east-1

       

       

       

      Actual results: 

      openshift-adp-controller pod has an error related to bucket not found. 

      Secret content

      [default]
sts_regional_endpoints = regional
role_arn = arn:aws:iam::160792166956:role/oadprosa2461h4rgs
web_identity_token_file = /var/run/secrets/openshift/serviceaccount/token

       

      Expected results: 

      There should be no error in CR 

       

      Additional info:

      Tested the same thing with OADP 1.4.4 (GA) using standardized sts configuration, It works fine.

       

      Created cloudstorage CR

      $ oc get cloudstorage -o yaml
apiVersion: v1
items:
- apiVersion: oadp.openshift.io/v1alpha1
  kind: CloudStorage
  metadata:
    creationTimestamp: "2025-04-24T08:08:00Z"
    finalizers:
    - oadp.openshift.io/bucket-protection
    generation: 1
    name: test-oadp
    namespace: openshift-adp
    resourceVersion: "184411"
    uid: f60f3499-4812-4149-8093-bac925271846
  spec:
    creationSecret:
      key: credentials
      name: cloud-credentials
    enableSharedConfig: true
    name: oadprosa2461h4rgs
    provider: aws
    region: us-east-1
  status:
    lastSyncTimestamp: "2025-04-24T08:08:00Z"
    name: oadprosa2461h4rgs
kind: List
metadata:
  resourceVersion: ""

       

      $ oc get secret cloud-credentials -o yaml
[default]
sts_regional_endpoints = regional
role_arn = arn:aws:iam::160792166956:role/oadprosa2461h4rgs
web_identity_token_file = /var/run/secrets/openshift/serviceaccount/token

       

          1.
          		 (QE) Verify for ( OADP fails to create bucket on AWS ) Sub-task Closed Undefined Prasad Joshi

              tkaovila@redhat.com Tiger Kaovilai
              rhn-support-prajoshi Prasad Joshi
              Prasad Joshi Prasad Joshi
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: