New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failed to get CSI client: driver name secrets-store.csi.k8s.io not found in the list of registered CSI drivers #798
Comments
Deleting the secrets store CSI driver pod doesn't have any impact on the problem. However, deploying the Helm chart and then deleting the secrets store CSI driver - and waiting for a new one to be automatically created - was found to be an effective temporary workaround. The logs for the
|
Hey @luckerby We are tracking an issue #639 for windows node. Basically node driver registrar on windows nodes is not working as expected. Meanwhile could you do couple things:
|
This issue is stale because it has been open 14 days with no activity. Please comment or this will be closed in 7 days. |
@nilekhc We've looked at using the managed add-on, but in terms of actual code it appears to be the same thing we're running now. |
Sure.. in terms of code they are same. But with managed add-on you get additional benefit like MS support, use of latest version etc. Nonetheless, did you try running with latest version of driver? Also issue kubernetes/kubernetes#104584 related to node driver registrar on windows is still being investigated in upstream k8s. |
@nilekhc As for #639, the liveness probe workaround referenced there isn't working for us - as in there's nothing restarting the As for upgrading, I've noticed |
No. For now there is no workaround other than liveness probe. |
This issue is stale because it has been open 14 days with no activity. Please comment or this will be closed in 7 days. |
It turns out that the liveness probe wasn't defined as we were using the wrong Helm chart version as per kubernetes-sigs/secrets-store-csi-driver#911. I'll close this as it doesn't add any value at this point. |
I faced the similar issue in linux nodes, but issue resolve after using the workaround suggested by luckerby #798 (comment). I think it must be in code to unregister the old driver and register the new one when we deploy the new version of the csi driver. Warning FailedMount 13s (x6 over 28s) kubelet MountVolume.SetUp failed for volume "secrets-store-inline01" : kubernetes.io/csi: mounter.SetUpAt failed to get CSI client: driver name secrets-store.csi.k8s.io not found in the list of registered CSI drivers |
What steps did you take and what happened:
We are having issues occasionally - once every few weeks - whereby pods on our single Windows node in an AKS cluster fail to start with
MountVolume.SetUp failed for volume "secrets-store-inline" : kubernetes.io/csi: mounter.SetUpAt failed to get CSI client: driver name secrets-store.csi.k8s.io not found in the list of registered CSI drivers
.What did you expect to happen:
Anything else you would like to add:
Following the troubleshooting guide the secrets store driver is successfully registered:
Logs for the 3 containers inside the CSI driver pod are below.
Logs for the Azure Key Vault provider pod:
Events for one of our pods that's using secrets from an Azure Key Vault is below. When the issue occurs, all the pods that need to be scheduled on Windows and need secrets injects from Azure KV are in the same state.
I did look into this and this issue but the problems there seem different.
Which access mode did you use to access the Azure Key Vault instance:
[e.g. Service Principal, Pod Identity, User Assigned Managed Identity, System Assigned Managed Identity]
Using the instructions here we can see the cluster is using the System Assigned Managed Identity:
Environment:
mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar:v2.3.0
mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v0.2.0
kubectl version
andkubectl get nodes -o wide
):1.21.2
AKS
The text was updated successfully, but these errors were encountered: