Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

org status sometimes cant change to "Deployed" #79

Closed
Abirdcfly opened this issue Feb 6, 2023 · 0 comments · Fixed by #94
Closed

org status sometimes cant change to "Deployed" #79

Abirdcfly opened this issue Feb 6, 2023 · 0 comments · Fixed by #94

Comments

@Abirdcfly
Copy link
Member 

apiVersion: ibp.com/v1beta1
kind: Organization
metadata:
  creationTimestamp: "2023-02-06T08:00:50Z"
  generation: 1
  labels:
    bestchains.organization.admin: org2admin
  name: org2
  resourceVersion: "206172"
  uid: 85d6daa3-c3e0-4ee2-a8e5-ef91205ac96e
spec:
  admin: org2admin
  admintoken: eyJhbGciOiJSUzI1NiIsImtpZCI6IjI1MWNkMWRjZGRlM2Y5NGVhOTJjMmYzMzQ4YjdjNDk3NDdjMDc1M2YifQ.eyJpc3MiOiJodHRwczovL3BvcnRhbC4xNzIuMjAuMC4yLm5pcC5pby9vaWRjIiwic3ViIjoiQ2dsdmNtY3lZV1J0YVc0U0JtczRjMk55WkEiLCJhdWQiOiJiZmYtY2xpZW50IiwiZXhwIjoxNjc1NzU2ODUwLCJpYXQiOjE2NzU2NzA0NTAsImF0X2hhc2giOiJVQ05jU282MnktOFdieTBudUg1NXNRIiwiY19oYXNoIjoiNjJYeGxVeGdvb0VORXpEcWFIT1B4dyIsImVtYWlsIjoib3JnMmFkbWluQHRlbnhjbG91ZC5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZ3JvdXBzIjpbIm9ic2VydmFiaWxpdHkiLCJzeXN0ZW06bm9kZXMiLCJzeXN0ZW06bWFzdGVycyIsInJlc291cmNlLXJlYWRlciIsImlhbS50ZW54Y2xvdWQuY29tIiwib2JzZXJ2YWJpbGl0eSJdLCJuYW1lIjoib3JnMmFkbWluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoib3JnMmFkbWluIiwicGhvbmUiOiIiLCJ1c2VyaWQiOiJvcmcyYWRtaW4ifQ.Esjz5PIW69HCggvrcelOyYRv50pW6ctU23KWJFoQOQKFKHbaYWbOmDrFIpXqs53B8yfoBRmcYxUyA5zovCwtZzsxaMqXxcI9cqRwVAOWxiETgKdSwNfWWqQun3KoAfcv8JqbAW-VmDTaBzBuCV6npd0ryEQhMvlssoy_ku4B6vHLQZyQo4bu0-fUZ3PXqkgLTm1dyKe5G9-gnO7JGcNFWa_uoN2MaBCjpoGzFhDPYPivokxxhzeZNX344cAxr8ycccJ8JHfLEG0wEMI4BaLaTm4j0yJ91aan3GbXwkqQXKlZ5B18hSt_mh7lWnkN2gXWEaQIR39ol4FrEESOVnAAZQ
  caSpec:
    action:
      renew: {}
    customNames:
      pvc: {}
    images:
      caImage: hyperledgerk8s/fabric-ca
      caInitImage: hyperledgerk8s/ubi-minimal
      caInitTag: latest
      caTag: iam-20230131
    ingress:
      class: portal-ingress
    license:
      accept: true
    resources:
      ca:
        limits:
          cpu: 100m
          memory: 200M
        requests:
          cpu: 10m
          memory: 10M
      init:
        limits:
          cpu: 100m
          memory: 200M
        requests:
          cpu: 10m
          memory: 10M
    storage:
      ca:
        class: standard
        size: 100M
    version: 1.5.5
  clients:
  - client
  description: test org2
  displayName: test organization
  license:
    accept: true
status:
  lastHeartbeatTime: "2023-02-06T08:01:45Z"
  status: "True"
  type: Deploying
---
apiVersion: ibp.com/v1beta1
kind: IBPCA
metadata:
  creationTimestamp: "2023-02-06T08:00:50Z"
  generation: 2
  labels:
    app: org2
    app.kubernetes.io/instance: fabricorganization
    app.kubernetes.io/managed-by: fabric-operator
    app.kubernetes.io/name: fabric
    creator: fabric
    helm.sh/chart: ibm-fabric
    release: operator
  name: org2
  namespace: org2
  ownerReferences:
  - apiVersion: ibp.com/v1beta1
    blockOwnerDeletion: true
    controller: true
    kind: Organization
    name: org2
    uid: 85d6daa3-c3e0-4ee2-a8e5-ef91205ac96e
  resourceVersion: "206108"
  uid: 6e452c73-18ce-4cc5-a57f-19138b7ea097
spec:
  action:
    renew: {}
  configoverride:
    ca:
      ca: {}
      cfg:
        affiliations: {}
        identities: {}
      cors:
        enabled: null
        origins: null
      crl:
        expiry: 0s
      csr:
        cn: ""
      iam:
        enabled: true
        url: https://oidc-server.u4a-system.svc
      intermediate:
        enrollment:
          Type: ""
          name: ""
        parentserver: {}
        tls:
          client: {}
      ldap:
        attribute: {}
        tls:
          client: {}
      metrics: {}
      operations:
        metrics: {}
        tls: {}
      organization: org2
      registry: {}
      signing:
        default: null
        profiles: null
      tls:
        clientauth: {}
    tlsca:
      ca: {}
      cfg:
        affiliations: {}
        identities: {}
      cors:
        enabled: null
        origins: null
      crl:
        expiry: 0s
      csr:
        cn: ""
      iam:
        enabled: true
        url: https://oidc-server.u4a-system.svc
      intermediate:
        enrollment:
          Type: ""
          name: ""
        parentserver: {}
        tls:
          client: {}
      ldap:
        attribute: {}
        tls:
          client: {}
      metrics: {}
      operations:
        metrics: {}
        tls: {}
      organization: org2
      registry: {}
      signing:
        default: null
        profiles: null
      tls:
        clientauth: {}
  customNames:
    pvc: {}
  domain: 172.20.0.2.nip.io
  images:
    caImage: hyperledgerk8s/fabric-ca
    caInitImage: hyperledgerk8s/ubi-minimal
    caInitTag: latest
    caTag: iam-20230131
  ingress:
    class: portal-ingress
  license:
    accept: true
  replicas: 1
  resources:
    ca:
      limits:
        cpu: 100m
        memory: 200M
      requests:
        cpu: 10m
        memory: 10M
    init:
      limits:
        cpu: 100m
        memory: 200M
      requests:
        cpu: 10m
        memory: 10M
  storage:
    ca:
      class: standard
      size: 100M
  version: 1.5.5
status:
  lastHeartbeatTime: "2023-02-06T08:01:31Z"
  reason: allPodsDeployed
  status: "True"
  type: Deployed
  version: 1.0.0
  versions:
    reconciled: 1.5.5
---
apiVersion: v1
items:
- apiVersion: v1
  kind: Pod
  metadata:
    creationTimestamp: "2023-02-06T08:00:51Z"
    generateName: org2-6dbddc4d45-
    labels:
      app: org2
      app.kubernetes.io/instance: fabricca
      app.kubernetes.io/managed-by: fabric-operator
      app.kubernetes.io/name: fabric
      creator: fabric
      helm.sh/chart: ibm-fabric
      pod-template-hash: 6dbddc4d45
      release: operator
    name: org2-6dbddc4d45-v4ffp
    namespace: org2
    ownerReferences:
    - apiVersion: apps/v1
      blockOwnerDeletion: true
      controller: true
      kind: ReplicaSet
      name: org2-6dbddc4d45
      uid: a1c30152-72da-40ee-801f-0d791f641f7f
    resourceVersion: "206103"
    uid: d15412ed-d476-4729-b463-535069e05cf2
  spec:
    affinity:
      podAntiAffinity:
        preferredDuringSchedulingIgnoredDuringExecution:
        - podAffinityTerm:
            labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - org2
            topologyKey: topology.kubernetes.io/zone
          weight: 100
        - podAffinityTerm:
            labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - org2
            topologyKey: failure-domain.beta.kubernetes.io/zone
          weight: 100
    containers:
    - command:
      - sh
      - -c
      - mkdir -p /data/tlsca && cp /config/tlsca/fabric-ca-server-config.yaml /data/tlsca
        && mkdir -p /data/ca && cp /config/ca/fabric-ca-server-config.yaml /data/ca
        && fabric-ca-server start --home /data/ca
      env:
      - name: LICENSE
        value: accept
      - name: FABRIC_CA_HOME
        value: /data/ca
      - name: SERVICE_HOST
        value: ca
      - name: FABRIC_CA_SERVER_OPERATIONS_TLS_CERT_FILE
        value: /crypto/ca/operations-cert.pem
      - name: FABRIC_CA_SERVER_OPERATIONS_TLS_KEY_FILE
        value: /crypto/ca/operations-key.pem
      - name: HOST_IP
        valueFrom:
          fieldRef:
            apiVersion: v1
            fieldPath: status.hostIP
      image: hyperledgerk8s/fabric-ca:iam-20230131
      imagePullPolicy: Always
      livenessProbe:
        failureThreshold: 6
        httpGet:
          path: /healthz
          port: operations
          scheme: HTTPS
        initialDelaySeconds: 30
        periodSeconds: 10
        successThreshold: 1
        timeoutSeconds: 5
      name: ca
      ports:
      - containerPort: 7054
        name: ca
        protocol: TCP
      - containerPort: 9443
        name: operations
        protocol: TCP
      readinessProbe:
        failureThreshold: 3
        httpGet:
          path: /healthz
          port: operations
          scheme: HTTPS
        initialDelaySeconds: 26
        periodSeconds: 5
        successThreshold: 1
        timeoutSeconds: 5
      resources:
        limits:
          cpu: 100m
          ephemeral-storage: 1G
          memory: 200M
        requests:
          cpu: 10m
          ephemeral-storage: 100M
          memory: 10M
      securityContext:
        allowPrivilegeEscalation: false
        capabilities:
          add:
          - NET_BIND_SERVICE
          drop:
          - ALL
        privileged: false
        readOnlyRootFilesystem: false
        runAsNonRoot: true
        runAsUser: 7051
      terminationMessagePath: /dev/termination-log
      terminationMessagePolicy: File
      volumeMounts:
      - mountPath: /crypto/ca
        name: ca-crypto
      - mountPath: /crypto/tlsca
        name: tlsca-crypto
      - mountPath: /config/ca
        name: ca-config
      - mountPath: /config/tlsca
        name: tlsca-config
      - mountPath: /data
        name: fabric-ca
        subPath: fabric-ca-server
      - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
        name: kube-api-access-4k7q7
        readOnly: true
    dnsPolicy: ClusterFirst
    enableServiceLinks: true
    imagePullSecrets:
    - name: ibm-entitlement-key
    initContainers:
    - command:
      - sh
      - -c
      - mkdir -p /data/db && chmod -R 775 /data/ && chown -R -H 7051:7051 /data/
      env:
      - name: LICENSE
        value: accept
      image: hyperledgerk8s/ubi-minimal:latest
      imagePullPolicy: Always
      name: init
      resources:
        limits:
          cpu: 100m
          ephemeral-storage: 1G
          memory: 200M
        requests:
          cpu: 10m
          ephemeral-storage: 100M
          memory: 10M
      securityContext:
        allowPrivilegeEscalation: false
        capabilities:
          add:
          - CHOWN
          - FOWNER
          drop:
          - ALL
        privileged: false
        readOnlyRootFilesystem: false
        runAsNonRoot: false
        runAsUser: 0
      terminationMessagePath: /dev/termination-log
      terminationMessagePolicy: File
      volumeMounts:
      - mountPath: /data
        name: fabric-ca
        subPath: fabric-ca-server
      - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
        name: kube-api-access-4k7q7
        readOnly: true
    nodeName: kind-worker2
    preemptionPolicy: PreemptLowerPriority
    priority: 0
    restartPolicy: Always
    schedulerName: default-scheduler
    securityContext:
      fsGroup: 7051
      runAsNonRoot: true
      runAsUser: 7051
    serviceAccount: org2
    serviceAccountName: org2
    terminationGracePeriodSeconds: 30
    tolerations:
    - effect: NoExecute
      key: node.kubernetes.io/not-ready
      operator: Exists
      tolerationSeconds: 300
    - effect: NoExecute
      key: node.kubernetes.io/unreachable
      operator: Exists
      tolerationSeconds: 300
    volumes:
    - emptyDir:
        medium: Memory
      name: shared
    - name: fabric-ca
      persistentVolumeClaim:
        claimName: org2-pvc
    - name: ca-crypto
      secret:
        defaultMode: 420
        secretName: org2-ca-crypto
    - name: tlsca-crypto
      secret:
        defaultMode: 420
        secretName: org2-tlsca-crypto
    - configMap:
        defaultMode: 420
        name: org2-ca-config
      name: ca-config
    - configMap:
        defaultMode: 420
        name: org2-tlsca-config
      name: tlsca-config
    - name: kube-api-access-4k7q7
      projected:
        defaultMode: 420
        sources:
        - serviceAccountToken:
            expirationSeconds: 3607
            path: token
        - configMap:
            items:
            - key: ca.crt
              path: ca.crt
            name: kube-root-ca.crt
        - downwardAPI:
            items:
            - fieldRef:
                apiVersion: v1
                fieldPath: metadata.namespace
              path: namespace
  status:
    conditions:
    - lastProbeTime: null
      lastTransitionTime: "2023-02-06T08:01:00Z"
      status: "True"
      type: Initialized
    - lastProbeTime: null
      lastTransitionTime: "2023-02-06T08:01:31Z"
      status: "True"
      type: Ready
    - lastProbeTime: null
      lastTransitionTime: "2023-02-06T08:01:31Z"
      status: "True"
      type: ContainersReady
    - lastProbeTime: null
      lastTransitionTime: "2023-02-06T08:00:56Z"
      status: "True"
      type: PodScheduled
    containerStatuses:
    - containerID: containerd://9a44c50ae702ac78788e139b7fa6ca5c0018ba4d94be0483c91937a918060c39
      image: docker.io/hyperledgerk8s/fabric-ca:iam-20230131
      imageID: docker.io/hyperledgerk8s/fabric-ca@sha256:9bcb3c75b55a148f718fb11c2dfa7eb27ec676a781a230922428df0d3e967e58
      lastState: {}
      name: ca
      ready: true
      restartCount: 0
      started: true
      state:
        running:
          startedAt: "2023-02-06T08:01:03Z"
    hostIP: 172.20.0.3
    initContainerStatuses:
    - containerID: containerd://8847ef66994baac770676bc4d3bb465a9ce005b8d82e6db4a689233d309baeeb
      image: docker.io/hyperledgerk8s/ubi-minimal:latest
      imageID: docker.io/hyperledgerk8s/ubi-minimal@sha256:37b1bbdc042d32573738c72e4e0f0592b4198a5de1c3a3f32515d29ba4605488
      lastState: {}
      name: init
      ready: true
      restartCount: 0
      state:
        terminated:
          containerID: containerd://8847ef66994baac770676bc4d3bb465a9ce005b8d82e6db4a689233d309baeeb
          exitCode: 0
          finishedAt: "2023-02-06T08:00:59Z"
          reason: Completed
          startedAt: "2023-02-06T08:00:59Z"
    phase: Running
    podIP: 10.244.2.9
    podIPs:
    - ip: 10.244.2.9
    qosClass: Burstable
    startTime: "2023-02-06T08:00:56Z"
kind: List
metadata:
  resourceVersion: ""
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: org status sometimes cannot be changed to Deployed Abirdcfly/fabric-operator
1 participant
@Abirdcfly