kubectl describe pod -n gooddata-cn gooddata-cn-metadata-api-5b66bb77f8-4d8b7 Name: gooddata-cn-metadata-api-5b66bb77f8-4d8b7 Namespace: gooddata-cn Priority: 0 Node: ip-10-162-98-127.us-west-2.compute.internal/10.162.98.127 Start Time: Thu, 17 Aug 2023 15:00:01 +0000 Labels: app.kubernetes.io/component=metadataApi app.kubernetes.io/instance=gooddata-cn app.kubernetes.io/name=gooddata-cn pod-template-hash=5b66bb77f8 Annotations: checksum/config: be1614da7e4a58b1dc4e7cf16482b07ae5ea97cf95f4638f5920eea8c2fa91c4 kubernetes.io/psp: eks.privileged prometheus.io/path: /actuator/prometheus prometheus.io/port: 9008 prometheus.io/scrape: true Status: Pending IP: IPs: Controlled By: ReplicaSet/gooddata-cn-metadata-api-5b66bb77f8 Init Containers: check-postgres-db: Container ID: Image: artifactory.cwantools.io:5000/gooddata/tools:2.4.0 Image ID: Port: Host Port: Command: /bin/bash -c Args: until pg_isready; do sleep 2; done; if [ "$(psql -Atq -c "select 1 from pg_database where datname = 'md'")" != "1" ] ; then createdb md || exit 1 ; fi ; if [ "$(psql -Atq -c "select 1 from pg_roles where rolname = 'md_exporter'")" != "1" ] ; then psql -c "create role md_exporter with login password '$MD_EXPORTER_PGPASSWORD';" || true ; fi ; State: Waiting Reason: PodInitializing Ready: False Restart Count: 0 Limits: cpu: 1250m memory: 1280Mi Requests: cpu: 100m memory: 800Mi Environment: PGHOST: gooddata-cn-pg.cluster-c7vquahp3alv.us-west-2.rds.amazonaws.com PGPORT: 5432 PGUSER: postgres PGDATABASE: postgres PGPASSWORD: Optional: false MD_PGPASSWORD: Optional: false MD_EXPORTER_PGPASSWORD: Optional: false AWS_STS_REGIONAL_ENDPOINTS: regional AWS_DEFAULT_REGION: us-west-2 AWS_REGION: us-west-2 AWS_ROLE_ARN: arn:aws:iam::337189743676:role/tf-instance-iam-role-gooddata-cn AWS_WEB_IDENTITY_TOKEN_FILE: /var/run/secrets/eks.amazonaws.com/serviceaccount/token Mounts: /mnt/secrets-store from aws-secret-store (ro) /var/run/secrets/eks.amazonaws.com/serviceaccount from aws-iam-token (ro) Containers: metadata-api: Container ID: Image: artifactory.cwantools.io:5000/gooddata/metadata-api:2.4.0 Image ID: Ports: 9007/TCP, 9008/TCP, 6572/TCP Host Ports: 0/TCP, 0/TCP, 0/TCP State: Waiting Reason: PodInitializing Ready: False Restart Count: 0 Limits: cpu: 1250m memory: 1280Mi Requests: cpu: 100m memory: 800Mi Liveness: http-get http://:9008/actuator/health/liveness delay=30s timeout=5s period=10s #success=1 #failure=5 Readiness: http-get http://:9008/actuator/health/readiness delay=30s timeout=10s period=10s #success=1 #failure=5 Startup: http-get http://:9008/actuator/health/liveness delay=30s timeout=5s period=10s #success=1 #failure=12 Environment: JDK_JAVA_OPTIONS: -XX:+ExitOnOutOfMemoryError -XX:+UseG1GC -Xss384k -XX:+UseStringDeduplication -XX:MinHeapFreeRatio=15 -XX:MaxHeapFreeRatio=25 -XX:AdaptiveSizePolicyWeight=50 -XX:InitiatingHeapOccupancyPercent=25 -XX:GCTimeRatio=25 -XX:CompressedClassSpaceSize=25M -XX:ReservedCodeCacheSize=140M -Xms400m -Xmx400m -XX:MaxMetaspaceSize=190M NODE_IP: (v1:status.hostIP) POD_NAME: gooddata-cn-metadata-api-5b66bb77f8-4d8b7 (v1:metadata.name) NAMESPACE: gooddata-cn (v1:metadata.namespace) LOGGING_APPENDER: json SPRING_MAIN_BANNER_MODE: off SPRING_CONFIG_ADDITIONAL_LOCATION: classpath:git.properties SPRING_ZIPKIN_ENABLED: false ZIPKIN_HOST: jaeger-collector.monitoring ZIPKIN_PORT: 9411 SPRING_LIFECYCLE_TIMEOUT_PER_SHUTDOWN_PHASE: 60s SPRING_CONFIG_LOCATION: classpath:/,/app-config/application-cspConfig.yaml GDC_FEATURES_VALUES_ENABLE_ANALYTICAL_DASHBOARD_PERMISSIONS: true PULSAR_SERVICEURL: pulsar://pulsar-broker.pulsar:6650 PULSAR_ADMINURL: http://pulsar-broker.pulsar:8080 PULSAR_PRODUCERS_MODEL_UPDATE_TOPIC: gooddata-cn/gooddata-cn/metadata.model PULSAR_PRODUCERS_MODEL_UPDATE_MESSAGE_TTL: 300 PULSAR_PRODUCERS_DATA_SOURCE_CHANGE_TOPIC: gooddata-cn/gooddata-cn/data-source.change PULSAR_PRODUCERS_DATA_SOURCE_CHANGE_MESSAGE_TTL: 300 PULSAR_PRODUCERS_CACHE_COMMAND_TOPIC: gooddata-cn/gooddata-cn/metadata.cache-command PULSAR_PRODUCERS_CACHE_COMMAND_MESSAGE_TTL: 300 PULSAR_CONSUMERS_CACHE_COMMAND_TOPIC: gooddata-cn/gooddata-cn/metadata.cache-command SPRING_DATASOURCE_URL: jdbc:postgresql://gooddata-cn-pg.cluster-c7vquahp3alv.us-west-2.rds.amazonaws.com:5432/md?reWriteBatchedInserts=true SPRING_DATASOURCE_USERNAME: postgres SPRING_DATASOURCE_PASSWORD: Optional: false GRPC_DATASOURCEMETADATA_HOST: gooddata-cn-sql-executor-headless GRPC_DATASOURCEMETADATA_PORT: 6570 GRPC_LICENSE_HOST: gooddata-cn-auth-service-headless GRPC_LICENSE_PORT: 6573 LOG4J_ASYNC_LOGGER_RING_BUFFER_SIZE: 262144 BOOTSTRAP_USER: Optional: false BOOTSTRAP_PASSWORD: Optional: false SPRING_SECURITY_OAUTH2_CLIENT_COOKIES_SAMESITE: Lax SPRING_PROFILES_ACTIVE: default GDC_TELEMETRY_ENABLED: false GDC_TELEMETRY_SITE_ID: 2 GRPC_SERVER_MAX_CONNECTION_AGE: 300 GRPC_SERVER_PERMIT_KEEP_ALIVE_TIME: 25 GRPC_SERVER_PERMIT_KEEP_ALIVE_WITHOUT_CALLS: true GDC_EXTRA_CACHE: GDC_CACHE_STRATEGY: AWS_STS_REGIONAL_ENDPOINTS: regional AWS_DEFAULT_REGION: us-west-2 AWS_REGION: us-west-2 AWS_ROLE_ARN: arn:aws:iam::337189743676:role/tf-instance-iam-role-gooddata-cn AWS_WEB_IDENTITY_TOKEN_FILE: /var/run/secrets/eks.amazonaws.com/serviceaccount/token Mounts: /app-config/ from app-config (rw) /mnt/secrets-store from aws-secret-store (ro) /var/run/secrets/eks.amazonaws.com/serviceaccount from aws-iam-token (ro) Conditions: Type Status Initialized False Ready False ContainersReady False PodScheduled True Volumes: aws-iam-token: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 86400 app-config: Type: ConfigMap (a volume populated by a ConfigMap) Name: gooddata-cn-metadata-api-config Optional: false aws-secret-store: Type: CSI (a Container Storage Interface (CSI) volume source) Driver: secrets-store.csi.k8s.io FSType: ReadOnly: true VolumeAttributes: secretProviderClass=gooddata-cn-postgres-password-aws QoS Class: Burstable Node-Selectors: Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 15m default-scheduler Successfully assigned gooddata-cn/gooddata-cn-metadata-api-5b66bb77f8-4d8b7 to ip-10-162-98-127.us-west-2.compute.internal Warning FailedMount 118s (x6 over 13m) kubelet Unable to attach or mount volumes: unmounted volumes=[aws-secret-store], unattached volumes=[aws-secret-store aws-iam-token app-config]: timed out waiting for the condition Warning FailedMount 61s (x15 over 15m) kubelet MountVolume.SetUp failed for volume "aws-secret-store" : rpc error: code = Unknown desc = failed to get secretproviderclass gooddata-cn/gooddata-cn-postgres-password-aws, error: SecretProviderClass.secrets-store.csi.x-k8s.io "gooddata-cn-postgres-password-aws" not found