Service Binding did not create resources
Closed this issue · 2 comments
Describe the bug
We tried to use the couchbase example with the Cloud Foundry Marketplace. Creating and deleting services works like a charm, but somehow the Resources created during the "Binding"-Phase are not created in the cluster.
To Reproduce
Steps to reproduce the behavior (very cloudfoundry specific but for the record)
cf create-service couchbase-developer couchbase-developer-private couchbase-test -c '{"password": "mypassword"}'
cf bind-service cf-demo couchbase-test
cf restage cf-demo
cf env cf-demo
In the environment variables of the app we can now see the created binding credentials (see below: CF ENV
) and the log of the broker also looks reasonable.
But I cannot find the created CRDs in the cluster. If I connect to the UI of one of the pods I also don't see the bucket it the operator should have created.
❯ kubectl get couchbasebuckets.couchbase.com -A
No resources found
CF ENV
:
"VCAP_SERVICES": {
"couchbase-developer": [
{
"binding_name": null,
"credentials": {
"bucket": "binding-efb3737b-319a-4a52-acb4-20da58fc0034",
"ca.pem": "-----BEGIN CERTIFICATE-----\nMIIDCDCCAfCgAwIBAgIQUgmcllW3h6jBxRUWbvOCRzANBgkqhkiG9w0BAQsFADAe\nMRwwGgYDVQQDExNDb3VjaGJhc2UgU2VydmVyIENBMB4XDTIwMDYyMzA5NDE0M1oX\nDTMwMDYyMTA5NDE0M1owHjEcMBoGA1UEAxMTQ291Y2hiYXNlIFNlcnZlciBDQTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6f2sJZzyufWSQI6xLyNBGD\nKNw1JPBjwYbkdcAWHShWtc8Or1cgRrRRvQ78aje94r3JuORQCGDeiJaLku/4r1tq\nXmzkJ67goO6TQsxP7rwQ2tb9Eyvw++AorpY1qKi6xUEpnRxKZ/Hdr6A9W0TU9k0c\nNlGYv8rWZb0ZodEIfy1iukXms3g2EFMmnZLjooZCgz+4vqCqD9u20yzc5mzgtjqW\n9RxSb2ulqSOrJGHkBGLuyrrW1B4rxohSkh8XlVkiU8sf9alQBJnWTkDww7E2cC7p\nd1L1TDj+auuKya8NamP/QVWEr8+xQIWKbH+Zer/InHsJnou3BiMXyPW/I064w/EC\nAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O\nBBYEFJbwrwox/phL4KgMlJIZ/01JU0yGMA0GCSqGSIb3DQEBCwUAA4IBAQCqFlT1\nO7VJ1TRQg+CJj1J8YCGs6iL17ydyx2E6kSnAkph+vYKjJF4YDXUKHLepJ2CFZO+b\nmvF8XohLWS+3LSBUShCep9b5wjEiNXw/Blk1y5eE4LID0uWrJmmf05rARXjm+GD4\nPemHX45obHZTIwCnsRSVHnWCB0UMStsWY4B8jmk8Oe/Ac7U/HH03X4djkQqJ0vK6\nAeE7e6K/YWhZr0xgmZhSE0jlEQSrlHMh9ylkPR1OS37AqaCOhFSIuj7V+roRSQoK\nsVC3dd4GELd7aHd/xpyhhhRZHn+6jye55UBrezDjjkX7j5zvs07Yxahvq5+BdoP5\nu1ZufHrov/nRQlPQ\n-----END CERTIFICATE-----\n",
"connection-string": "couchbases://instance-6goyzhyu-srv.couchbase",
"password": "iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5"
},
"instance_name": "couchbase-test",
"label": "couchbase-developer",
"name": "couchbase-test",
"plan": "couchbase-developer-private",
"provider": null,
"syslog_drain_url": null,
"tags": [
"database",
"nosql"
],
"volume_mounts": []
}
]
}
Expected behavior
Creating a service binding via cf cli creates credentials and things in the cluster.
Workaround
Environment (please complete the following information):
- Kubernetes Version: 1.16
- Service Broker Version: Cloud Foundry (not the most recent but also not very old)
Additional context
Log Output
I0623 09:44:29.244053 1 broker.go:214] HTTP req: "PUT /v2/service_instances/437467d0-f574-4a10-964f-6044c327e0f1/service_bindings/efb3737b-319a-4a52-acb4-20da58fc0034?accepts_incomplete=true HTTP/1.1" 10.1.4.106:52218
I0623 09:44:29.264905 1 handlers.go:999] provisioning new service binding: efb3737b-319a-4a52-acb4-20da58fc0034
I0623 09:44:29.265196 1 create.go:210] looking up bindings for service 8522e991-07bc-4225-a859-1eec1e333153, plan ec0f2c9b-0277-46d7-985f-ba1fbf3b068d
I0623 09:44:29.265295 1 create.go:220] rendering parameters for binding
I0623 09:44:29.268676 1 registry.go:389] setting registry entry binding-name to binding-efb3737b-319a-4a52-acb4-20da58fc0034
I0623 09:44:29.268905 1 registry.go:389] setting registry entry password to iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5
I0623 09:44:29.269330 1 util.go:103] rendering template credentials
I0623 09:44:29.269592 1 util.go:132] rendered template {"bucket":"binding-efb3737b-319a-4a52-acb4-20da58fc0034","ca.pem":"-----BEGIN CERTIFICATE-----\nMIIDCDCCAfCgAwIBAgIQUgmcllW3h6jBxRUWbvOCRzANBgkqhkiG9w0BAQsFADAe\nMRwwGgYDVQQDExNDb3VjaGJhc2UgU2VydmVyIENBMB4XDTIwMDYyMzA5NDE0M1oX\nDTMwMDYyMTA5NDE0M1owHjEcMBoGA1UEAxMTQ291Y2hiYXNlIFNlcnZlciBDQTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6f2sJZzyufWSQI6xLyNBGD\nKNw1JPBjwYbkdcAWHShWtc8Or1cgRrRRvQ78aje94r3JuORQCGDeiJaLku/4r1tq\nXmzkJ67goO6TQsxP7rwQ2tb9Eyvw++AorpY1qKi6xUEpnRxKZ/Hdr6A9W0TU9k0c\nNlGYv8rWZb0ZodEIfy1iukXms3g2EFMmnZLjooZCgz+4vqCqD9u20yzc5mzgtjqW\n9RxSb2ulqSOrJGHkBGLuyrrW1B4rxohSkh8XlVkiU8sf9alQBJnWTkDww7E2cC7p\nd1L1TDj+auuKya8NamP/QVWEr8+xQIWKbH+Zer/InHsJnou3BiMXyPW/I064w/EC\nAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O\nBBYEFJbwrwox/phL4KgMlJIZ/01JU0yGMA0GCSqGSIb3DQEBCwUAA4IBAQCqFlT1\nO7VJ1TRQg+CJj1J8YCGs6iL17ydyx2E6kSnAkph+vYKjJF4YDXUKHLepJ2CFZO+b\nmvF8XohLWS+3LSBUShCep9b5wjEiNXw/Blk1y5eE4LID0uWrJmmf05rARXjm+GD4\nPemHX45obHZTIwCnsRSVHnWCB0UMStsWY4B8jmk8Oe/Ac7U/HH03X4djkQqJ0vK6\nAeE7e6K/YWhZr0xgmZhSE0jlEQSrlHMh9ylkPR1OS37AqaCOhFSIuj7V+roRSQoK\nsVC3dd4GELd7aHd/xpyhhhRZHn+6jye55UBrezDjjkX7j5zvs07Yxahvq5+BdoP5\nu1ZufHrov/nRQlPQ\n-----END CERTIFICATE-----\n","connection-string":"couchbases://instance-6goyzhyu-srv.couchbase","password":"iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5"}
I0623 09:44:29.269735 1 registry.go:389] setting registry entry credentials to map[bucket:binding-efb3737b-319a-4a52-acb4-20da58fc0034 ca.pem:-----BEGIN CERTIFICATE-----
MIIDCDCCAfCgAwIBAgIQUgmcllW3h6jBxRUWbvOCRzANBgkqhkiG9w0BAQsFADAe
MRwwGgYDVQQDExNDb3VjaGJhc2UgU2VydmVyIENBMB4XDTIwMDYyMzA5NDE0M1oX
DTMwMDYyMTA5NDE0M1owHjEcMBoGA1UEAxMTQ291Y2hiYXNlIFNlcnZlciBDQTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6f2sJZzyufWSQI6xLyNBGD
KNw1JPBjwYbkdcAWHShWtc8Or1cgRrRRvQ78aje94r3JuORQCGDeiJaLku/4r1tq
XmzkJ67goO6TQsxP7rwQ2tb9Eyvw++AorpY1qKi6xUEpnRxKZ/Hdr6A9W0TU9k0c
NlGYv8rWZb0ZodEIfy1iukXms3g2EFMmnZLjooZCgz+4vqCqD9u20yzc5mzgtjqW
9RxSb2ulqSOrJGHkBGLuyrrW1B4rxohSkh8XlVkiU8sf9alQBJnWTkDww7E2cC7p
d1L1TDj+auuKya8NamP/QVWEr8+xQIWKbH+Zer/InHsJnou3BiMXyPW/I064w/EC
AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
BBYEFJbwrwox/phL4KgMlJIZ/01JU0yGMA0GCSqGSIb3DQEBCwUAA4IBAQCqFlT1
O7VJ1TRQg+CJj1J8YCGs6iL17ydyx2E6kSnAkph+vYKjJF4YDXUKHLepJ2CFZO+b
mvF8XohLWS+3LSBUShCep9b5wjEiNXw/Blk1y5eE4LID0uWrJmmf05rARXjm+GD4
PemHX45obHZTIwCnsRSVHnWCB0UMStsWY4B8jmk8Oe/Ac7U/HH03X4djkQqJ0vK6
AeE7e6K/YWhZr0xgmZhSE0jlEQSrlHMh9ylkPR1OS37AqaCOhFSIuj7V+roRSQoK
sVC3dd4GELd7aHd/xpyhhhRZHn+6jye55UBrezDjjkX7j5zvs07Yxahvq5+BdoP5
u1ZufHrov/nRQlPQ
-----END CERTIFICATE-----
connection-string:couchbases://instance-6goyzhyu-srv.couchbase password:iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5]
I0623 09:44:29.270253 1 create.go:237] rendering templates for binding
I0623 09:44:29.270266 1 util.go:103] rendering template couchbase-bucket
I0623 09:44:29.270328 1 util.go:103] rendering template selector-snippet
I0623 09:44:29.270402 1 util.go:132] rendered template {"matchLabels":{"cluster":"instance-6goyzhyu"}}
I0623 09:44:29.270465 1 util.go:132] rendered template {"apiVersion":"couchbase.com/v2","kind":"CouchbaseBucket","metadata":{"labels":{"matchLabels":{"cluster":"instance-6goyzhyu"}},"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"}}
I0623 09:44:29.270472 1 util.go:103] rendering template couchbase-group
I0623 09:44:29.270510 1 util.go:103] rendering template selector-snippet
I0623 09:44:29.270582 1 util.go:132] rendered template {"matchLabels":{"cluster":"instance-6goyzhyu"}}
I0623 09:44:29.270677 1 util.go:132] rendered template {"apiVersion":"couchbase.com/v2","kind":"CouchbaseGroup","metadata":{"labels":{"matchLabels":{"cluster":"instance-6goyzhyu"}},"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"},"spec":{"roles":[{"bucket":"binding-efb3737b-319a-4a52-acb4-20da58fc0034","name":"bucket_admin"}]}}
I0623 09:44:29.270684 1 util.go:103] rendering template couchbase-role-binding
I0623 09:44:29.270951 1 util.go:103] rendering template selector-snippet
I0623 09:44:29.271043 1 util.go:132] rendered template {"matchLabels":{"cluster":"instance-6goyzhyu"}}
I0623 09:44:29.271665 1 util.go:132] rendered template {"apiVersion":"couchbase.com/v2","kind":"CouchbaseRoleBinding","metadata":{"labels":{"matchLabels":{"cluster":"instance-6goyzhyu"}},"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"},"spec":{"roleRef":{"kind":"CouchbaseGroup","name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"},"subjects":[{"kind":"CouchbaseUser","name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"}]}}
I0623 09:44:29.271677 1 util.go:103] rendering template couchbase-user-secret
I0623 09:44:29.271810 1 util.go:132] rendered template {"apiVersion":"v1","data":{"password":"iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5"},"kind":"Secret","metadata":{"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"}}
I0623 09:44:29.271820 1 util.go:103] rendering template couchbase-user
I0623 09:44:29.271902 1 util.go:103] rendering template selector-snippet
I0623 09:44:29.271949 1 util.go:132] rendered template {"matchLabels":{"cluster":"instance-6goyzhyu"}}
I0623 09:44:29.272035 1 util.go:132] rendered template {"apiVersion":"couchbase.com/v2","kind":"CouchbaseUser","metadata":{"labels":{"matchLabels":{"cluster":"instance-6goyzhyu"}},"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"},"spec":{"authDomain":"local","authSecret":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"}}
I0623 09:44:29.278841 1 create.go:255] creating resources
I0623 09:44:29.278887 1 create.go:79] creating resource couchbase.com/v2/CouchbaseBucket binding-efb3737b-319a-4a52-acb4-20da58fc0034
I0623 09:44:29.278962 1 create.go:134] using namespace couchbase
I0623 09:44:29.287470 1 broker.go:223] HTTP rsp: "201 Created" 43.418711ms
Damn, proper bug :D Yes, the create operation return status is not being checked, it shouldn't be returning a 201. I'll get this unit tested and fixed tomorrow.
Okay! Check out master, while it won't work, it should tell you why it isn't working when you do kubectl describe servicebindings