search

ForgeRock / forgeops

ForgeRock platform assets for Kubernetes deployment. Contains the files you need to build your own Docker images and to deploy the ForgeRock Identity Platform on Kubernetes clusters.
Other
169 stars 248 forks source link

Error deploying release 7.5 #681

Open sunshiva opened 3 months ago

sunshiva commented 3 months ago

I'm seeing issues with the amster pod and the following error with the identity-platform install. I'm trying this on my Macbook

helm upgrade --install identity-platform \ oci://us-docker.pkg.dev/forgeops-public/charts/identity-platform \ --version 7.5 --namespace sunshiva-namespace \ --set 'ds_idrepo.volumeClaimSpec.storageClassName=standard' \ --set 'ds_cts.volumeClaimSpec.storageClassName=standard' \ --set 'platform.ingress.hosts={forgeops.sunshiva.com}'

Release "identity-platform" does not exist. Installing it now. Pulled: us-docker.pkg.dev/forgeops-public/charts/identity-platform:7.5 Digest: sha256:fc36535c440de49d928530c5aa15771dd952c25a518d38de5a23b94cc7bbf95d Error: failed post-install: 1 error occurred:

kubectl get pods

NAME READY STATUS RESTARTS AGE admin-ui-68f7dc5645-gh5c2 1/1 Running 0 10m am-7964654977-652g9 0/1 Running 1 (80s ago) 10m amster-nfw7c 0/1 Init:0/1 0 10m ds-cts-0 1/1 Running 0 10m ds-idrepo-0 1/1 Running 0 10m end-user-ui-5cf87588ff-hwgk4 1/1 Running 0 10m idm-84c8d9ff8f-dmtgr 1/1 Running 0 10m ldif-importer-c7d6x 0/1 Completed 0 10m login-ui-fc7945c65-6spvx 1/1 Running 0 10m

sunshiva commented 3 months ago

log.html.zip

lee-baines commented 2 months ago

Apologies @sunshiva for the delay in getting back to you. I'll test this tomorrow morning and let you know what I find

lee-baines commented 2 months ago

So amster is ok, its AM that hasn't come up. amster waits for AM to come up before it runs. Are you using a custom AM image? What changes have you made?

sunshiva commented 2 weeks ago

There were no changes. I'm trying to deploy release/7.5-20240618 as is

lee-baines commented 2 weeks ago

Looking at the logs agains, seems like there is some kind of networking/env issue affecting the startup probes. See below from the pod events: AM: Warning Unhealthy 6m34s (x16 over 9m4s) kubelet Startup probe failed: Get "http://10.244.0.47:8080/am/json/health/live": dial tcp 10.244.0.47:8080: connect: connection refused Warning Unhealthy 93s (x27 over 6m3s) kubelet Startup probe failed: Get "http://10.244.0.47:8080/am/json/health/live": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

DS Warning Unhealthy 7m2s (x3 over 7m22s) kubelet Startup probe failed: Get "http://10.244.0.42:8080/healthy": dial tcp 10.244.0.42:8080: connect: connection refused Warning Unhealthy 6m51s kubelet Startup probe failed: Get "http://10.244.0.42:8080/healthy": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

IDM:

Warning Unhealthy 6m38s (x15 over 8m58s) kubelet Startup probe failed: Get "http://10.244.0.45:8080/openidm/info/ping": dial tcp 10.244.0.45:8080: connect: connection refused

You say you're deploying on a mac. How areyou deploying? minikube, Kind? It works ok in a cluster so could be the environment you're working on