search

Azure / secrets-store-csi-driver-provider-azure

Azure Key Vault provider for Secret Store CSI driver allows you to get secret contents stored in Azure Key Vault instance and use the Secret Store CSI driver interface to mount them into Kubernetes pods.
https://azure.github.io/secrets-store-csi-driver-provider-azure/
MIT License
441 stars 193 forks source link

Azure Arc K8S - Azure Key Vault Secrets Provider extension - Version 1.4.0 - Installation failed #1054

Closed YRollHid closed 1 year ago

YRollHid commented 1 year ago

What steps did you take and what happened: The installation of the extension failed with the following error: (ExtensionOperationFailed) The extension operation failed with the following error: Error: [Failed to setup Helm client during helm chart upgrade : err [mcr.microsoft.com/oss/azure/secrets-store/stable/provider-azure-arc:1.4.0: not found]] occurred while doing the operation : [Installing the extension] on the config. Code: ExtensionOperationFailed Message: The extension operation failed with the following error: Error: [Failed to setup Helm client during helm chart upgrade : err [mcr.microsoft.com/oss/azure/secrets-store/stable/provider-azure-arc:1.4.0: not found]] occurred while doing the operation : [Installing the extension] on the config.

Using Azure Portal, Azure CLI & ARM.

Instead, specifying the version example: 1.3.0 the installation works just fine. It seems that the docker image is not present in the repo.

Environment:

nilekhc commented 1 year ago

Hi @YRollHid Thanks for opening the issue. We are aware of this issue and I am looking into it. Meanwhile, you can pin an extension to the previous version 1.3.0 which is working as expected.

nilekhc commented 1 year ago

@YRollHid This is now resolved. Please try the installation again.

jaypaddy commented 1 year ago

Has this issue resolved. We just tried installing the KeyVault Extension on AKS Hybrid 

    "statusCode": "Conflict",
    "statusMessage": "{\"status\":\"Failed\",\"error\":{\"code\":\"ResourceDeploymentFailure\",\"target\":\"/subscriptions/GUID/resourceGroups/RG/providers/Microsoft.Kubernetes/connectedClusters/xxxxxx/providers/Microsoft.KubernetesConfiguration/extensions/akvsecretsprovider\",\"message\":\"The resource write operation failed to complete successfully, because it reached terminal provisioning state 'Failed'.\",\"details\":[{\"code\":\"ExtensionOperationFailed\",\"message\":\"The extension operation failed with the following error:  Error: [ InnerError: [Helm installation failed : Timed out waiting for the resource to come to a ready/completed stateDeployment is not ready: kube-system/akvsecretsprovider-arc-monitoring. 0 out of 1 expected pods are ready : Recommendation Please contact Microsoft support for further inquiries : InnerError [release akvsecretsprovider failed, and has been uninstalled due to atomic being set: timed out waiting for the condition]]] occurred while doing the operation : [Create] on the config.\",\"additionalInfo\":[]}]}}"

    Kubernetes version:1.26.3

Was able to install other extensions such as azuremonitor-metrics azuremonitor-containers flux azurepolicy