Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pod in CrashLoopBackOff but no error messages in the logs #252

Open
jagraj opened this issue Oct 18, 2021 · 1 comment
Open

Pod in CrashLoopBackOff but no error messages in the logs #252

jagraj opened this issue Oct 18, 2021 · 1 comment

Comments

@jagraj
Copy link

jagraj commented Oct 18, 2021

Bug Report

What did you do?

I installed Open Liberty operator in OpenShift 4.6.x cluster and I created sample app (pet store) CR. I also installed Jetstack cert-manager operator to consume certificates in liberty application.

The Certificate CR had missing common name and keytool reporting it as not a valid certificate and this error message has been missing in the logs when the pod is in crash loop. I was getting following information and this did not help us to debug the problem.

oc logs certs-demo-d59b6565b-9smq9
Found mounted TLS certificates, generating keystore
Found mounted TLS CA certificate, adding to truststore

A clear and concise description of the steps you took (or insert a code snippet).

  1. Installed latest OpenLiberty operator.
  2. Created default Pet store app CR with cert-manager certificate.

Here is the CR for Certificate

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: demo-app-cert
spec:
  secretName: demo-app-cert-secret
  duration: 2160h0m0s # 90d
  renewBefore: 360h0m0s # 15d
  organization:
  - "ibm"
  keySize: 2048
  keyAlgorithm: rsa
  keyEncoding: pkcs1
  usages:
    - server auth
    - client auth
  # At least one of a DNS Name, URI, or IP address is required.
  dnsNames:
  - '<YOUR_ROUTE>'
  issuerRef:
    name: selfsigned-cluster-issuer
    kind: ClusterIssuer

What did you expect to see?

We need proper error message in the logs when the keytool fails to import the certificate.

A clear and concise description of what you expected to happen (or insert a code snippet). If possible, add OpenLibertyApplication CR.

What did you see instead?

A clear and concise description of what you expected to happen (or insert a code snippet).

We need proper error message in the logs to debug actual problem.

Environment

  • Kubernetes version information:
  • OpenShift version information (if applicable):
oc version
Client Version: 4.6.16
Server Version: 4.6.42
  • Appsody CLI version (if applicable):
  • Appsody Stack (if applicable):

Possible solution

Additional context

Add any other context about the problem here.
@jagraj jagraj changed the title Pod in CrashLoopBackOff but missing proper error message Pod in CrashLoopBackOff but no error messages in the logs Oct 18, 2021
@leochr
Copy link
Member

leochr commented Oct 18, 2021

@jagraj I believe this should be opened against the Liberty container repo: https://github.com/OpenLiberty/ci.docker

If you agree, we can use the Move issue or Transfer issue option provided by GitHub (on the right-side, very bottom)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jagraj @leochr