Error after starting Vormetric Encryption Agent on Openshift Container Platform 3
Issue
Failed to setup network for pod. Pod on a node is stuck in containercreating
state with the following errors:
At Events
log
45m45m 1{default-scheduler }NormalScheduledSuccessfully assigned cluster pod-name to node
45m45m 1{kubelet} Warning FailedSync Error syncing pod, skipping: failed to "SetupNetwork" for "pod-name" with SetupNetworkError: "Failed
At journal
logs, Docker errors show up right after secfs2 is started.
Aug 15 11:49:44systemd[1]: Reloading.
Aug 15 11:49:44systemd[1]: Reloading.
Aug 15 11:49:44systemd[1]: Reloading.
Aug 15 11:49:44systemd[1]: Starting Vormetric Encryption Agent secfs-init...
Aug 15 11:49:44secfs-init[98257]: Initializing the Vormetric Encryption Expert File System Agent.
atomic-openshift-node[47396]: I0815 11:49:45.00256147396 node_auth.go:143] Node request attributes: namespace=, user=&user.DefaultInfo{Name:"system:serviceaccount:openshift-infra:heapster", UID:"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", Groups:[]string{"system:serviceaccounts", "system:serviceaccounts:openshift-infra", "system:authenticated", "system:authenticated"}, Extra:map[string][]string{}}, attrs=authorizer.DefaultAuthorizationAttributes{Verb:"create", APIVersion:"v1", APIGroup:"", Resource:"nodes/stats", ResourceName:" .example.com", RequestAttributes:interface {}(nil), NonResourceURL:false, URL:"/stats/container/"}
atomic-openshift-node[47396]: I0815 11:49:45.12902647396 server.go:971] POST /stats/container/: (126.574041ms) 200 [[Go-http-client/1.1] :58648]
secfs-init[98257]: The kernel module is not loaded, loading...
(...)
atomic-openshift-node[47396]: I0815 11:49:46.90905447396 reconciler.go:299] MountVolume operation started for volume "kubernetes.io/secret/ XXXX-key-store-volume" (spec.Name: "key-store-volume") to pod " XXXX" (UID: " XXXX"). Volume is already mounted to pod, but remount was requested.
atomic-openshift-node[47396]: I0815 11:49:46.90911747396 reconciler.go:299] MountVolume operation started for volume "kubernetes.io/secret/ XXXX-default-token-vcy7i" (spec.Name: "default-token-vcy7i") to pod " XXXX" (UID: " XXXX"). Volume is already mounted to pod, but remount was requested.
atomic-openshift-node[47396]: I0815 11:49:46.91186347396 operation_executor.go:803] MountVolume.SetUp succeeded for volume "kubernetes.io/secret/ XXXX-key-store-volume" (spec.Name: "key-store-volume") pod " XXXX" (UID: " XXXX").
atomic-openshift-node[47396]: I0815 11:49:46.91267247396 operation_executor.go:803] MountVolume.SetUp succeeded for volume "kubernetes.io/secret/ XXXX-default-token-vcy7i" (spec.Name: "default-token-vcy7i") pod " XXXX" (UID: " XXXX").
kernel: vm_mds_init: finished MDS initialization, err 0
kernel: vm_tctl_thread has started
kernel: docker_container_readcfg: failed to open config file /var/lib/docker/containers/9dc08fa6e9aa9a36e274e16997235132cf9fb619fdf1460dd43413661a10c331/config.json rc -2
kernel: docker_container_discover: extract image id failed with -2 for task(java) pid(66559) container_id(9dc08fa6e9aa9a36e274e16997235132cf9fb619fdf1460dd43413661a10c331)
kernel: docker_container_readcfg: failed to open config file /var/lib/docker/containers/44cecfabcb91147b58add0fe0cee5a20d2b5970c81553f7345deb38afa686466/config.json rc -2
Environment
Red Hat Openshift Container Platform 3.4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.