search

vmware-tanzu / velero

Backup and migrate Kubernetes applications and their persistent volumes
https://velero.io
Apache License 2.0
8.4k stars 1.37k forks source link

The phase of BackupRepository is Ready but message contains errors #7810

Open ywk253100 opened 1 month ago

ywk253100 commented 1 month ago

Velero v1.13.2

- apiVersion: velero.io/v1
  kind: BackupRepository
  metadata:
    creationTimestamp: "2024-03-10T09:07:04Z"
    generateName: default-awsdartmouthtuckstorage-kopia-
    generation: 936
    labels:
      velero.io/repository-type: kopia
      velero.io/storage-location: awsdartmouthtuckstorage
      velero.io/volume-namespace: default
    name: default-awsdartmouthtuckstorage-kopia-h4w7l
    namespace: velero
    resourceVersion: "192814834"
    uid: 61bbd49d-4a57-4492-8566-c4c64ec53d28
  spec:
    backupStorageLocation: awsdartmouthtuckstorage
    maintenanceFrequency: 1h0m0s
    repositoryType: kopia
    resticIdentifier: s3:s3-us-east-2.amazonaws.com/vmware-tmc-dp-e48bff2d/01H1YQNQ0X0PGCG4FD6XYS1F1F/restic/default
    volumeNamespace: default
  status:
    lastMaintenanceTime: "2024-05-08T12:17:55Z"
    message: 'error to get repo options: error to get repo credentials: error get
      s3 credentials: failed to refresh cached credentials, no EC2 IMDS role found,
      operation error ec2imds: GetMetadata, exceeded maximum number of attempts, 3,
      request send failed, Get "http://xxx/latest/meta-data/iam/security-credentials/":
      dial tcp xxx:80: connect: no route to host'
    phase: Ready
ywk253100 commented 1 month ago

Seems the status.message is also set by repo maintenance, so it's possible that the repository is ready to use (status.phase: Ready) but the status.message contains error (set by maintenance).

reasonerjt commented 1 week ago

It may be solved if we leverage the conditions array in the status section.