AWS servicebroker doesn't create classes/plans in service catalog

[TheKangaroo]

Describe the bug I installed service-catalog and aws-broker but there are no classes/plans. Maybe I did something wrong, but aws-broker seems to correctly publish its service th the catalog.

# svcat get broker
         NAME          NAMESPACE                                URL                                 STATUS
+--------------------+-----------+----------------------------------------------------------------+--------+
  aws-service-broker               https://aws-servicebroker.aws-service-broker.svc.cluster.local   Ready
# svcat describe broker aws-service-broker
  Name:     aws-service-broker
  URL:      https://aws-servicebroker.aws-service-broker.svc.cluster.local
  Status:   Ready - Successfully fetched catalog entries from broker @ 2018-10-05 14:02:51 +0000 UTC

But listing the classes/plans doesn't provide any output and a test serviceinstance give me a ReferencesNonexistentServiceClass

# svcat get plan
  NAME   CLASS   DESCRIPTION
+------+-------+-------------+
# svcat get classes
  NAME   NAMESPACE   DESCRIPTION
+------+-----------+-------------+
# svcat get instance
            NAME              NAMESPACE   CLASS    PLAN                 STATUS
+---------------------------+-----------+-------+--------+-----------------------------------+
  s3-custom-minimal-example   test-ns     dh-s3   custom   ReferencesNonexistentServiceClass

Although the logs of my aws-broker indicates, that it successfuly fetched the classes/plans from the official s3 bucket. The only strange thing here is a bunch of TLS handshake errors (IP is the worker IP where the aws-broker pod is running).

I1005 14:10:32.602453       1 awsbroker.go:205] Listing objects bucket: awsservicebroker region: us-east-1 prefix: templates/latest
I1005 14:10:33.048215       1 awsbroker.go:224] Found 12 objects
I1005 14:10:33.048308       1 awsbroker.go:199] Updating listings cache with [{/athena true} {/dynamodb true} {/elasticache true} {/emr true} {/kinesis true} {/kms true} {/lex true} {/polly true} {/rdsmariadb true} {/rdsmysql true} {/rdspostgresql true} {/redshift true} {/rekognition true} {/route53 true} {/s3 true} {/sns true} {/sqs true} {/translate true}]
I1005 14:10:33.177337       1 awsbroker.go:246] converting service definition "athena"
I1005 14:10:33.177474       1 awsbroker.go:364] done converting service definition "athena"
I1005 14:10:33.177508       1 adapter.go:35] putting service definition "athena" into dynamdb
I1005 14:10:33.384367       1 adapter.go:59] done putting service definition "athena" into dynamdb
[...]
I1005 14:10:36.010234       1 main.go:115] Starting broker!
I1005 14:10:36.014092       1 main.go:128] Starting secure broker with file based TLS cert and key
I1005 14:10:36.014122       1 server.go:138] Starting server on :3199
2018/10/05 14:10:48 http: TLS handshake error from 172.22.253.31:27476: EOF
2018/10/05 14:10:58 http: TLS handshake error from 172.22.253.31:27542: EOF
2018/10/05 14:11:08 http: TLS handshake error from 172.22.253.31:27598: EOF
[...]
2018/10/05 14:20:08 http: TLS handshake error from 172.22.253.31:31206: EOF
2018/10/05 14:20:18 http: TLS handshake error from 172.22.253.31:31282: EOF
2018/10/05 14:20:28 http: TLS handshake error from 172.22.253.31:31368: EOF
I1005 14:20:36.010604       1 awsbroker.go:205] Listing objects bucket: awsservicebroker region: us-east-1 prefix: templates/latest
I1005 14:20:36.486759       1 awsbroker.go:224] Found 12 objects
I1005 14:20:36.487027       1 awsbroker.go:199] Updating listings cache with [{/athena false} {/dynamodb false} {/elasticache false} {/emr false} {/kinesis false} {/kms false} {/lex false} {/polly false} {/rdsmariadb false} {/rdsmysql false} {/rdspostgresql false} {/redshift false} {/rekognition false} {/route53 false} {/s3 false} {/sns false} {/sqs false} {/translate false}]
2018/10/05 14:20:38 http: TLS handshake error from 172.22.253.31:31444: EOF
2018/10/05 14:20:48 http: TLS handshake error from 172.22.253.31:31520: EOF

I'm not sure if the TLS errors are related to my problem. But it is the only strange thing I can see in my setup.

To Reproduce I just deployed the service-catalog and aws-broker from the helm charts (without tiller, though). I guess I'm missing something here, because the setup is pretty straight forward.

Expected behavior The service catalog should fetch the classes and plans from the aws-broker.

Environment (please complete the following information):

• Application Platform: Kubernetes on-prem, CoreOS
• Application Platform Version: k8s 1.10.4
• Broker Version: 1.0.0-beta.2

[kdihalas]

Change the class to s3 instead of dh-s3

[vsomayaji]

@TheKangaroo I'm not positive this is what you're running into, but I've observed that the catalog is sometimes out of sync with the broker. Can you try svcat sync broker aws-service-broker and see if that helps?

[vsomayaji]

It's also possible those TLS handshake errors are the issue. @jaymccon have you seen those before?

[jaymccon]

The tls errors are caused by the readinessProbe which attempts a tcp connection on the port. While this should be updated to use the /healthz http path, it's unlikely related

[TheKangaroo]

Hey guys, thanks for the replies, @kdihalas you are right, the dh-s3 was from my old aws broker attempts. I changed it to s3. @vsomayaji I guess you are right since the classes/plans were available when I came back the other day. I guess it started to sync at some point automatically. Now I get some aws credential issues, but this is totally unrelated and I will fix this tomorrow. Thanks, @jaymccon for explaining the tls errors. Is there a way I can fix this?

[jaymccon]

Great to hear you've gotten past this, a pr should come through soon with an updated helm chart, but in the meantime they are safe to ignore.