github-actions[bot]
commented
1 year ago This issue is stale because it has been open 14 days with no activity. Please comment or this will be closed in 7 days.
Closed paveltyan closed 1 year ago
github-actions[bot]
commented
1 year ago This issue is stale because it has been open 14 days with no activity. Please comment or this will be closed in 7 days.
github-actions[bot]
commented
1 year ago This issue was closed because it has been stalled for 21 days with no activity. Feel free to re-open if you are experiencing the issue again.
Have you
E1118 15:07:49.942059 1 mic.go:1114] failed to get a list of user-assigned identites from node aks-hydrapool1-16862694-vmss, error: failed to get identity resource, error: failed to get vmss aks-hydrapool1-16862694-vmss in resource group MC_rg-us-nprd-np-sp-aks01_hydra_eastus2, error: failed to get vmss aks-hydrapool1-16862694-vmss in resource group MC_rg-us-nprd-np-sp-aks01_hydra_eastus2, error: azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://management.azure.com/subscriptions/3821f7dc-f972-4f0c-87d0-4fa28aee0b35/resourceGroups/MC_rg-us-nprd-np-sp-aks01_hydra_eastus2/providers/Microsoft.Compute/virtualMachineScaleSets/aks-hydrapool1-16862694-vmss?api-version=2019-12-01: StatusCode=0 -- Original Error: adal: Failed to execute the refresh request. Error = 'Post "https://login.microsoftonline.com/0debab66-8676-46dc-96a0-5c6b3e9993bb/oauth2/token?api-version=1.0": EOF'
Steps To Reproduce
Expected behavior the MI successfully authenticating against the KV AAD Pod Identity version 1.8.7 Kubernetes version 1.22.11 Additional context
1) confirmed that SPN and MI have the correct role assignment(the same MI and SPN are used in other clusters to connect to the same kv) 2) restarted the nodepools with no effect 3) redeployed AAD Pod identity and app deployments 4) contacted MS support, however they were not able to find anything on their side