DEVHIDE
Login Or Sign up

EFS EKS pv provisioning issue

120 Views Asked by At

Im trying to provision a pv dynamically using efs drivers. I have the installed the drivers using helm

kube-system            efs-csi-controller-757959b8f5-hlgwc             3/3     Running   0              42m
kube-system            efs-csi-controller-757959b8f5-zjt54             3/3     Running   0              42m
kube-system            efs-csi-node-kgpwm                              3/3     Running   0              42m
kube-system            efs-csi-node-md6dk                              3/3     Running   0              42m
kube-system            efs-csi-node-st62t                              3/3     Running   0              42m
kube-system            efs-csi-node-w6rjm

and added the service account

justine@Justines-MacBook-Pro Downloads % Kubectl get sa -A | grep efs
kube-system            efs-csi-controller-sa                0         71m
kube-system            efs-csi-node-sa                      0         60m

and the iam policy attached is below and the role have required webidentitiy with federated access to the cluster

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "elasticfilesystem:DescribeAccessPoints",
        "elasticfilesystem:DescribeFileSystems",
        "elasticfilesystem:DescribeMountTargets",
        "ec2:DescribeAvailabilityZones"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "elasticfilesystem:CreateAccessPoint"
      ],
      "Resource": "*",
      "Condition": {
        "StringLike": {
          "aws:RequestTag/efs.csi.aws.com/cluster": "true"
        }
      }
    },
    {
      "Effect": "Allow",
      "Action": [
        "elasticfilesystem:TagResource"
      ],
      "Resource": "*",
      "Condition": {
        "StringLike": {
          "aws:ResourceTag/efs.csi.aws.com/cluster": "true"
        }
      }
    },
    {
      "Effect": "Allow",
      "Action": "elasticfilesystem:DeleteAccessPoint",
      "Resource": "*",
      "Condition": {
        "StringEquals": {
          "aws:ResourceTag/efs.csi.aws.com/cluster": "true"
        }
      }
    }
  ]
}

When trying to provision pvc, getting the below error.

 Type     Reason              Age   From                                                                                      Message
  ----     ------              ----  ----                                                                                      -------
  Warning  ProvisioningFailed  2m6s  efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  failed to provision volume with StorageClass "efs-sc": rpc error: code = Internal desc = Failed to fetch File System info: Describe File System failed: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
           status code: 400, request id: cb7229b2-740b-4a11-912d-c106cfc667c9
  Warning  ProvisioningFailed  2m5s  efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  failed to provision volume with StorageClass "efs-sc": rpc error: code = Internal desc = Failed to fetch File System info: Describe File System failed: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
           status code: 400, request id: aa17fc2d-9098-44cb-8f97-de26ac83d3da
  Warning  ProvisioningFailed  2m3s  efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  failed to provision volume with StorageClass "efs-sc": rpc error: code = Internal desc = Failed to fetch File System info: Describe File System failed: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
           status code: 400, request id: 0af559e4-a907-4aa3-9715-12060ff346a5
  Warning  ProvisioningFailed  119s  efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  failed to provision volume with StorageClass "efs-sc": rpc error: code = Internal desc = Failed to fetch File System info: Describe File System failed: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
           status code: 400, request id: cca693a7-1c02-4492-b824-0d94e8d306aa
  Warning  ProvisioningFailed  110s  efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  failed to provision volume with StorageClass "efs-sc": rpc error: code = Internal desc = Failed to fetch File System info: Describe File System failed: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
           status code: 400, request id: ea01f838-178e-4bf6-b750-e3d6d3674bc6
  Warning  ProvisioningFailed  94s  efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  failed to provision volume with StorageClass "efs-sc": rpc error: code = Internal desc = Failed to fetch File System info: Describe File System failed: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
           status code: 400, request id: 64e46389-9bcd-455b-b75e-05f68420c22a
  Warning  ProvisioningFailed  62s  efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  failed to provision volume with StorageClass "efs-sc": rpc error: code = Internal desc = Failed to fetch File System info: Describe File System failed: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
           status code: 400, request id: a84143ed-e117-4911-89bc-429425bfa8be
  Normal   Provisioning        22s (x8 over 2m6s)  efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  External provisioner is provisioning volume for claim "default/efs-claim01"
  Warning  ProvisioningFailed  22s                 efs.csi.aws.com_efs-csi-controller-757959b8f5-hlgwc_4ed626c4-bdd3-4447-a9ab-4170003be1b3  failed to provision volume with StorageClass "efs-sc": rpc error: code = Internal desc = Failed to fetch File System info: Describe File System failed: WebIdentityErr: failed to retrieve credentials
caused by: ValidationError: Request ARN is invalid
          status code: 400, request id: a3a1837c-c4e4-40c3-be6c-3c4fc666ef45
  Normal  ExternalProvisioning  13s (x10 over 2m6s)  persistentvolume-controller  waiting for a volume to be created, either by external provisioner "efs.csi.aws.com" or manually created by system administrator

Pv provisioned with dynamically.

kubernetes amazon-eks persistent-volumes amazon-efs kubernetes-pvc
Original Q&A
0

There are 0 best solutions below

Related Questions in KUBERNETES

Related Questions in AMAZON-EKS

Related Questions in PERSISTENT-VOLUMES

Related Questions in AMAZON-EFS

Related Questions in KUBERNETES-PVC

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.