Operational Defect Database
BugZero updated this defect 54 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
VMware | 96842
"dial tcp: lookup TMC_DNS_ZONE on DNS_IP:53: no such host" and "secret <SECRET_NAME> not found" errors causing pod failures when installing an instance of VMware Cloud Director Extension for VMware Tanzu Mission Control
Last update date:
3/26/2024
Affected products:
Cloud Director
Affected releases:
10.x
Fixed releases:
No fixed releases provided.
Description:
Symptoms
Installing VMware Cloud Director Extension for VMware Tanzu Mission Control through Cloud Director Solution Add-On Management.Pods in the tmc-local namespace on the target Kubernetes cluster have a CreateContainerConfigError status, for example: NAMESPACE NAME READY STATUS tmc-local audit-service-consumer-<POD_ID> 0/1 CreateContainerConfigErrortmc-local audit-service-consumer-<POD_ID> 0/1 CreateContainerConfigErrortmc-local audit-service-server-<POD_ID> 0/1 CreateContainerConfigErrortmc-local audit-service-server-<POD_ID> 0/1 CreateContainerConfigErrortmc-local dataprotection-server-<POD_ID> 0/1 CreateContainerConfigErrortmc-local dataprotection-server-<POD_ID> 0/1 CreateContainerConfigErrortmc-local inspection-server-<POD_ID> 0/2 CreateContainerConfigErrortmc-local inspection-server-<POD_ID> 0/2 CreateContainerConfigError Pods in the tmc-local namespace on the target Kubernetes cluster have a CreateContainerConfigError status and show events regarding missing secrets, for example the audit-service-consumer-<POD_ID> pods show events similar to the following: Type Reason Age From Message---- ------ ---- ---- -------Warning FailedMount <AGE> kubelet MountVolume.SetUp failed for volume "kafka-root-ca" : secret "audit-server-kafka-creds" not foundWarning FailedMount <AGE> kubelet MountVolume.SetUp failed for volume "consumer-tls" : secret "audit-consumer-tls" not foundWarning Failed <AGE> kubelet Error: secret "audit-s3-creds" not found The container logs on the s3-access-operator-<POD_ID> pod in the tmc-local namespace has errors of the form: <TIME_STAMP> [30mERROR[0m Reconciler error {"controller": "s3accesspolicy", "controllerGroup": "infra.tmc.eng.vmware.com", "controllerKind": "S3AccessPolicy", "S3AccessPolicy": {"name":"inspection-inspection-s3","namespace":"tmc-local"}, "namespace": "tmc-local", "name": "inspection-inspection-s3", "reconcileID": "<RECONCILE_ID>", "error": "error in retrieving credentials value: RequestError: send request failed\ncaused by: Post \"https://<TMC_DNS_ZONE>/\": dial tcp: lookup <TMC_DNS_ZONE> on <DNS_IP>:53: no such host"}
Cause
This issue can occur if the DNS records for the DNS zone and the sub domains for Tanzu Mission Control have not been configured correctly before installing VMware Cloud Director Extension for VMware Tanzu Mission Control.
Resolution
Ensure that the DNS records for the DNS zone and all the sub domains for Tanzu Mission Control have been configured and DNS resolution is working for each.Ensure DNS resolution is working on the Routed Organization VDC Network to which the target kubernetes cluster is connected.Details of the list of DNS records required are in the VMware Cloud Director Extension for VMware Tanzu Mission Control documentation, Before you begin.
