IBM Private cloud community edition not able to integrate with powerVC

Question

I have single node installation of ICP 3.1.2 Community Edition and also working PowerVC. I am trying to create the create a deafult PersistentVolumeClaim through the ICP which is failing with error :

"Normal persistentvolume-controller 1654 ExternalProvisioning waiting for a volume to be created, either by external provisioner "ibm/powervc-k8s-volume-provisioner" or manually created by system administrator"

My installation of ibm-powervc-k8s-volume-driver V 1.0.1 was successful as images shown

The details error I am getting is for open-stack authentication,where as I have checked my Secret key which is created in default namespace

{
    "log": "I0301 04:17:46.210919       1 provision.go:199] StorageClass parameter, type, is empty\n",
    "stream": "stderr",
    "time": "2019-03-01T04:17:46.210996663Z"
} {
    "log": "I0301 04:17:46.210924       1 provision.go:202] StorageClass parameter, availability, is empty\n",
    "stream": "stderr",
    "time": "2019-03-01T04:17:46.211001206Z"
} {
    "log": "E0301 04:17:49.811950       1 provision.go:90] Failed to construct / authenticate OpenStack : Error while authenticating from openstack Authentication failed\n",
    "stream": "stderr",
    "time": "2019-03-01T04:17:49.812057607Z"
} {
    "log": "E0301 04:17:49.811987       1 controller.go:895] Failed to provision volume for claim \"default/mypvc1\" with StorageClass \"ibm-powervc-k8s-volume-default\": Error while authenticating from openstack Authentication failed\n",
    "stream": "stderr",
    "time": "2019-03-01T04:17:49.812091733Z"
}

Answer 1

You need to make sure your deployment.yaml (see the env settings below) calls your secret to get into openstack to create the volumes I would think from the error messages.... theres a command to shove the secret in the "default" secret for your namespace to avoid having to use it in your yaml file... for the life of me, my google-fu cant find it LOL

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: sample-app
  namespace: default
spec:
  replicas: 1
  template:
    metadata:
      labels:
      app: sample-app
    spec
      containers:
      - name: sample-app
        image: gcr.io/google_containers/defaultbackend:1.0
        ports:
        - containerPort: 8080
        volumeMounts:
        - name: service-key
          mountPath: /root/key.json
          subPath: key.json
        env:
        - name: "AUTH_TOKEN"
          valueFrom:
            secretKeyRef:
              name: my-secret
              key: webhook_token
        - name: "SLACK_TOKEN"
          valueFrom:
            secretKeyRef:
              name: my-secret
              key: slack_token
      volumes:
      - name: service-key
        secret:
          secretName: my-secret
          items:
          - key: service-account-key
            path: key.json

Answer 2

I had the same problem as you, but in my case was in the password of the user to connect to powervc, my password included special characters, I changed to new one with only letters and numbers on now flex-volume-driver it's working fine!!

I hope this can help you.