Secret "org1-msp-crypto" not found

[Abirdcfly]

sometimes, we cant create msp-crypto secret
org:

apiVersion: ibp.com/v1beta1
kind: Organization
metadata:
  creationTimestamp: "2023-02-07T07:30:32Z"
  generation: 1
  labels:
    bestchains.organization.admin: org1admin
  name: org1
  resourceVersion: "3240"
  uid: e953a900-3a98-4de3-9a3a-05a6df6b47dd
spec:
  admin: org1admin
  admintoken: eyJhbGciOiJSUzI1NiIsImtpZCI6IjVhNDgwNjc5OWYxNDk4ZTIwZmVjYzZiODFiZTIxNmM3ODU3YTc4ZTAifQ.eyJpc3MiOiJodHRwczovL3BvcnRhbC4xNzIuMjAuMC4zLm5pcC5pby9vaWRjIiwic3ViIjoiQ2dsdmNtY3hZV1J0YVc0U0JtczRjMk55WkEiLCJhdWQiOiJiZmYtY2xpZW50IiwiZXhwIjoxNjc1ODQxNDMwLCJpYXQiOjE2NzU3NTUwMzAsImF0X2hhc2giOiJ6WTh4MmszTTY3a0lwNzBySnpEZFN3IiwiY19oYXNoIjoidHN2bGJEc29UN2VNWUh1eTNKczRaQSIsImVtYWlsIjoib3JnMWFkbWluQHRlbnhjbG91ZC5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZ3JvdXBzIjpbIm9ic2VydmFiaWxpdHkiLCJzeXN0ZW06bm9kZXMiLCJzeXN0ZW06bWFzdGVycyIsInJlc291cmNlLXJlYWRlciIsImlhbS50ZW54Y2xvdWQuY29tIiwib2JzZXJ2YWJpbGl0eSJdLCJuYW1lIjoib3JnMWFkbWluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoib3JnMWFkbWluIiwicGhvbmUiOiIiLCJ1c2VyaWQiOiJvcmcxYWRtaW4ifQ.GOlHhXP4Tlq8UOUaZSrrmW2uT-Gx-3iZnN3Oo4ydVkg3aaTEOx-C6fJCS9CbR1hFdnRyowWxIML5Qvgi-oj0GArbSVvH7GVb4UVYCAkugp3VyuHwEYWlYqANVJfXopgJzFLpsviaBwR0gdOx3zUf2dtGIpXbiiFI0bI1itI9DOlKYtz2EtGrKpIkBmO2Rxs3W7W4ssWyGVeYQMS79kjieelHcye1MCVnVRAbpwHY1fnao8xy_F_CN3rcPUjBevnb0n6q-HFDfZ_E8iv3YX1ka_ifhUhfpMVdQpjNruBpGW5ZwxxuCcU_W-O-Eg4oeky359KXBmv-b8g8czM51shHhQ
  caSpec:
    action:
      renew: {}
    customNames:
      pvc: {}
    images:
      caImage: hyperledgerk8s/fabric-ca
      caInitImage: hyperledgerk8s/ubi-minimal
      caInitTag: latest
      caTag: iam-20230131
    ingress:
      class: u4a-component-ingress
    license:
      accept: true
    resources:
      ca:
        limits:
          cpu: 100m
          memory: 200M
        requests:
          cpu: 10m
          memory: 10M
      init:
        limits:
          cpu: 100m
          memory: 200M
        requests:
          cpu: 10m
          memory: 10M
    storage:
      ca:
        class: standard
        size: 100M
    version: 1.5.5
  clients:
  - client
  description: test org1
  displayName: test organization
  license:
    accept: true
status:
  federations:
  - name: federation-sample
  lastHeartbeatTime: "2023-02-07T07:32:18Z"
  reason: allPodsDeployed
  status: "True"
  type: Deployed

org1 ca log

Defaulted container "ca" out of: ca, init (init)
2023/02/07 07:31:50 [INFO] Configuration file location: /data/ca/fabric-ca-server-config.yaml
2023/02/07 07:31:50 [INFO] Starting server in home directory: /data/ca
2023/02/07 07:31:50 [INFO] Server Version: 1.5.6
2023/02/07 07:31:50 [INFO] Server Levels: &{Identity:2 Affiliation:1 Certificate:1 Credential:1 RAInfo:1 Nonce:1}
2023/02/07 07:31:50 [INFO] Loading CA from /data/tlsca/fabric-ca-server-config.yaml
2023/02/07 07:31:50 [INFO] The CA key and certificate files already exist
2023/02/07 07:31:50 [INFO] Key file location: /crypto/tlsca/key.pem
2023/02/07 07:31:50 [INFO] Certificate file location: /crypto/tlsca/cert.pem
2023/02/07 07:31:50 [INFO] Successfylly initialized IAM client
2023/02/07 07:31:50 [INFO] Initialized sqlite3 database at /data/db/ca.db
2023/02/07 07:31:50 [INFO] The issuer key was successfully stored. The public key is at: /data/tlsca/IssuerPublicKey, secret key is at: /data/tlsca/msp/keystore/IssuerSecretKey
2023/02/07 07:31:50 [INFO] Idemix issuer revocation public and secret keys were generated for CA 'tlsca'
2023/02/07 07:31:50 [INFO] The revocation key was successfully stored. The public key is at: /data/tlsca/IssuerRevocationPublicKey, private key is at: /data/tlsca/msp/keystore/IssuerRevocationPrivateKey
2023/02/07 07:31:50 [INFO] The CA key and certificate files already exist
2023/02/07 07:31:50 [INFO] Key file location: /crypto/ca/key.pem
2023/02/07 07:31:50 [INFO] Certificate file location: /crypto/ca/cert.pem
2023/02/07 07:31:50 [INFO] Successfylly initialized IAM client
2023/02/07 07:31:50 [INFO] Initialized sqlite3 database at /data/db/ca.db
2023/02/07 07:31:51 [INFO] The issuer key was successfully stored. The public key is at: /data/ca/IssuerPublicKey, secret key is at: /data/ca/msp/keystore/IssuerSecretKey
2023/02/07 07:31:51 [INFO] Idemix issuer revocation public and secret keys were generated for CA 'ca'
2023/02/07 07:31:51 [INFO] The revocation key was successfully stored. The public key is at: /data/ca/IssuerRevocationPublicKey, private key is at: /data/ca/msp/keystore/IssuerRevocationPrivateKey
2023/02/07 07:31:51 [INFO] Home directory for default CA: /data/ca
2023/02/07 07:31:51 [INFO] Operation Server Listening on [::]:9443
2023/02/07 07:31:51 [INFO] Listening on https://0.0.0.0:7054
2023/02/07 07:34:06 [INFO] 10.244.2.3:36762 GET /cainfo 200 0 "OK"
2023/02/07 07:34:07 [INFO] 10.244.2.3:36764 POST /enroll 401 23 "Failed to get user: can't find user network-sample0 from ids"
2023/02/07 07:34:07 [INFO] 10.244.2.3:36776 GET /cainfo 200 0 "OK"
2023/02/07 07:34:07 [INFO] signed certificate with serial number 177462363924121609706368214320515335745393540757
2023/02/07 07:34:07 [INFO] 10.244.2.3:36790 POST /enroll 201 0 "OK"
2023/02/07 07:34:07 [INFO] 10.244.2.3:36798 GET /cainfo 200 0 "OK"
2023/02/07 07:34:07 [INFO] signed certificate with serial number 570557528679314692134388958953466075067648725299
2023/02/07 07:34:07 [INFO] 10.244.2.3:36808 POST /enroll 201 0 "OK"
2023/02/07 07:34:08 [INFO] 10.244.2.3:36810 GET /cainfo 200 0 "OK"
2023/02/07 07:34:08 [INFO] signed certificate with serial number 252057504616855919178438756163732096712189918741
2023/02/07 07:34:08 [INFO] 10.244.2.3:36818 POST /enroll 201 0 "OK"
2023/02/07 07:34:08 [INFO] 10.244.2.3:36828 GET /cainfo 200 0 "OK"
2023/02/07 07:34:08 [INFO] signed certificate with serial number 324647554206841076762610030972607884450956500395
2023/02/07 07:34:08 [INFO] 10.244.2.3:36840 POST /enroll 201 0 "OK"
2023/02/07 07:34:08 [INFO] 10.244.2.3:36848 GET /cainfo 200 0 "OK"
2023/02/07 07:34:08 [INFO] signed certificate with serial number 252252138605232582157785200668926221340079658085
2023/02/07 07:34:08 [INFO] 10.244.2.3:36850 POST /enroll 201 0 "OK"
2023/02/07 07:34:08 [INFO] 10.244.2.3:36858 GET /cainfo 200 0 "OK"
2023/02/07 07:34:09 [INFO] signed certificate with serial number 242197167647513926909039357645028420094235584116
2023/02/07 07:34:09 [INFO] 10.244.2.3:36874 POST /enroll 201 0 "OK"

operator log
operator-log.log

[bjwswang]

@Abirdcfly check ca status. most probably it took too much time on pulling image

[Abirdcfly]

One possible reason is that it took too much time on pulling image.

In local test there may trigger another reason. The pull time of the following image is not too long...

"Successfully pulled image \"hub.tenxcloud.com/u4a-component/bff-server:v0.1.0-20221223\" in 1m8.253531475s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/capsule:v0.1.2-20221122\" in 1m26.683960885s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/cert-manager-cainjector:v1.8.0\" in 51.586788227s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/cert-manager-controller:v1.8.0\" in 1m9.70810772s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/cert-manager-webhook:v1.8.0\" in 58.537515016s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/iam-provider:v0.1.0-20221223\" in 22.156470994s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/ingress-nginx-controller:v1.3.0\" in 1m1.517984838s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/kube-oidc-proxy:v0.3.0-20221008\" in 17.411147568s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/oidc-server:v0.1.0-20220923\" in 1m6.740135374s"
"Successfully pulled image \"hub.tenxcloud.com/u4a-component/resource-viewer:v0.1.0-20221024\" in 8.324246263s"
"Successfully pulled image \"hyperledgerk8s/fabric-ca:iam-20230131\" in 31.555210343s"
"Successfully pulled image \"hyperledgerk8s/fabric-ca:iam-20230131\" in 32.879149587s"
"Successfully pulled image \"hyperledgerk8s/fabric-ca:iam-20230131\" in 7.424359703s"
"Successfully pulled image \"hyperledgerk8s/fabric-orderer:2.4.7\" in 1.892604297s"
"Successfully pulled image \"hyperledgerk8s/fabric-orderer:2.4.7\" in 18.928304737s"
"Successfully pulled image \"hyperledgerk8s/fabric-orderer:2.4.7\" in 1m31.41861643s"
"Successfully pulled image \"hyperledgerk8s/fabric-orderer:2.4.7\" in 30.371704319s"
"Successfully pulled image \"hyperledgerk8s/grpc-web:latest\" in 1.841436782s"
"Successfully pulled image \"hyperledgerk8s/grpc-web:latest\" in 1.916302883s"
"Successfully pulled image \"hyperledgerk8s/grpc-web:latest\" in 1m15.674570039s"
"Successfully pulled image \"hyperledgerk8s/grpc-web:latest\" in 1m32.13604183s"
"Successfully pulled image \"hyperledgerk8s/iam-provider:fabric\" in 23.055525242s"
"Successfully pulled image \"hyperledgerk8s/ubi-minimal:latest\" in 1.822674163s"
"Successfully pulled image \"hyperledgerk8s/ubi-minimal:latest\" in 1.85105156s"
"Successfully pulled image \"hyperledgerk8s/ubi-minimal:latest\" in 1.880725516s"
"Successfully pulled image \"hyperledgerk8s/ubi-minimal:latest\" in 1.892004186s"
"Successfully pulled image \"hyperledgerk8s/ubi-minimal:latest\" in 28.981166252s"
"Successfully pulled image \"hyperledgerk8s/ubi-minimal:latest\" in 30.921652345s"
"Successfully pulled image \"hyperledgerk8s/ubi-minimal:latest\" in 37.97291039s"