Service Binding did not create resources
Closed this issue · 2 comments
toabi commented
Describe the bug
We tried to use the couchbase example with the Cloud Foundry Marketplace. Creating and deleting services works like a charm, but somehow the Resources created during the "Binding"-Phase are not created in the cluster.
To Reproduce
Steps to reproduce the behavior (very cloudfoundry specific but for the record)
cf create-service couchbase-developer couchbase-developer-private couchbase-test -c '{"password": "mypassword"}'cf bind-service cf-demo couchbase-testcf restage cf-democf env cf-demo
In the environment variables of the app we can now see the created binding credentials (see below: CF ENV) and the log of the broker also looks reasonable.
But I cannot find the created CRDs in the cluster. If I connect to the UI of one of the pods I also don't see the bucket it the operator should have created.
❯ kubectl get couchbasebuckets.couchbase.com -A
No resources found
CF ENV:
"VCAP_SERVICES": {
"couchbase-developer": [
{
"binding_name": null,
"credentials": {
"bucket": "binding-efb3737b-319a-4a52-acb4-20da58fc0034",
"ca.pem": "-----BEGIN CERTIFICATE-----\nMIIDCDCCAfCgAwIBAgIQUgmcllW3h6jBxRUWbvOCRzANBgkqhkiG9w0BAQsFADAe\nMRwwGgYDVQQDExNDb3VjaGJhc2UgU2VydmVyIENBMB4XDTIwMDYyMzA5NDE0M1oX\nDTMwMDYyMTA5NDE0M1owHjEcMBoGA1UEAxMTQ291Y2hiYXNlIFNlcnZlciBDQTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6f2sJZzyufWSQI6xLyNBGD\nKNw1JPBjwYbkdcAWHShWtc8Or1cgRrRRvQ78aje94r3JuORQCGDeiJaLku/4r1tq\nXmzkJ67goO6TQsxP7rwQ2tb9Eyvw++AorpY1qKi6xUEpnRxKZ/Hdr6A9W0TU9k0c\nNlGYv8rWZb0ZodEIfy1iukXms3g2EFMmnZLjooZCgz+4vqCqD9u20yzc5mzgtjqW\n9RxSb2ulqSOrJGHkBGLuyrrW1B4rxohSkh8XlVkiU8sf9alQBJnWTkDww7E2cC7p\nd1L1TDj+auuKya8NamP/QVWEr8+xQIWKbH+Zer/InHsJnou3BiMXyPW/I064w/EC\nAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O\nBBYEFJbwrwox/phL4KgMlJIZ/01JU0yGMA0GCSqGSIb3DQEBCwUAA4IBAQCqFlT1\nO7VJ1TRQg+CJj1J8YCGs6iL17ydyx2E6kSnAkph+vYKjJF4YDXUKHLepJ2CFZO+b\nmvF8XohLWS+3LSBUShCep9b5wjEiNXw/Blk1y5eE4LID0uWrJmmf05rARXjm+GD4\nPemHX45obHZTIwCnsRSVHnWCB0UMStsWY4B8jmk8Oe/Ac7U/HH03X4djkQqJ0vK6\nAeE7e6K/YWhZr0xgmZhSE0jlEQSrlHMh9ylkPR1OS37AqaCOhFSIuj7V+roRSQoK\nsVC3dd4GELd7aHd/xpyhhhRZHn+6jye55UBrezDjjkX7j5zvs07Yxahvq5+BdoP5\nu1ZufHrov/nRQlPQ\n-----END CERTIFICATE-----\n",
"connection-string": "couchbases://instance-6goyzhyu-srv.couchbase",
"password": "iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5"
},
"instance_name": "couchbase-test",
"label": "couchbase-developer",
"name": "couchbase-test",
"plan": "couchbase-developer-private",
"provider": null,
"syslog_drain_url": null,
"tags": [
"database",
"nosql"
],
"volume_mounts": []
}
]
}
Expected behavior
Creating a service binding via cf cli creates credentials and things in the cluster.
Workaround
Environment (please complete the following information):
- Kubernetes Version: 1.16
- Service Broker Version: Cloud Foundry (not the most recent but also not very old)
Additional context
Log Output
I0623 09:44:29.244053 1 broker.go:214] HTTP req: "PUT /v2/service_instances/437467d0-f574-4a10-964f-6044c327e0f1/service_bindings/efb3737b-319a-4a52-acb4-20da58fc0034?accepts_incomplete=true HTTP/1.1" 10.1.4.106:52218
I0623 09:44:29.264905 1 handlers.go:999] provisioning new service binding: efb3737b-319a-4a52-acb4-20da58fc0034
I0623 09:44:29.265196 1 create.go:210] looking up bindings for service 8522e991-07bc-4225-a859-1eec1e333153, plan ec0f2c9b-0277-46d7-985f-ba1fbf3b068d
I0623 09:44:29.265295 1 create.go:220] rendering parameters for binding
I0623 09:44:29.268676 1 registry.go:389] setting registry entry binding-name to binding-efb3737b-319a-4a52-acb4-20da58fc0034
I0623 09:44:29.268905 1 registry.go:389] setting registry entry password to iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5
I0623 09:44:29.269330 1 util.go:103] rendering template credentials
I0623 09:44:29.269592 1 util.go:132] rendered template {"bucket":"binding-efb3737b-319a-4a52-acb4-20da58fc0034","ca.pem":"-----BEGIN CERTIFICATE-----\nMIIDCDCCAfCgAwIBAgIQUgmcllW3h6jBxRUWbvOCRzANBgkqhkiG9w0BAQsFADAe\nMRwwGgYDVQQDExNDb3VjaGJhc2UgU2VydmVyIENBMB4XDTIwMDYyMzA5NDE0M1oX\nDTMwMDYyMTA5NDE0M1owHjEcMBoGA1UEAxMTQ291Y2hiYXNlIFNlcnZlciBDQTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6f2sJZzyufWSQI6xLyNBGD\nKNw1JPBjwYbkdcAWHShWtc8Or1cgRrRRvQ78aje94r3JuORQCGDeiJaLku/4r1tq\nXmzkJ67goO6TQsxP7rwQ2tb9Eyvw++AorpY1qKi6xUEpnRxKZ/Hdr6A9W0TU9k0c\nNlGYv8rWZb0ZodEIfy1iukXms3g2EFMmnZLjooZCgz+4vqCqD9u20yzc5mzgtjqW\n9RxSb2ulqSOrJGHkBGLuyrrW1B4rxohSkh8XlVkiU8sf9alQBJnWTkDww7E2cC7p\nd1L1TDj+auuKya8NamP/QVWEr8+xQIWKbH+Zer/InHsJnou3BiMXyPW/I064w/EC\nAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O\nBBYEFJbwrwox/phL4KgMlJIZ/01JU0yGMA0GCSqGSIb3DQEBCwUAA4IBAQCqFlT1\nO7VJ1TRQg+CJj1J8YCGs6iL17ydyx2E6kSnAkph+vYKjJF4YDXUKHLepJ2CFZO+b\nmvF8XohLWS+3LSBUShCep9b5wjEiNXw/Blk1y5eE4LID0uWrJmmf05rARXjm+GD4\nPemHX45obHZTIwCnsRSVHnWCB0UMStsWY4B8jmk8Oe/Ac7U/HH03X4djkQqJ0vK6\nAeE7e6K/YWhZr0xgmZhSE0jlEQSrlHMh9ylkPR1OS37AqaCOhFSIuj7V+roRSQoK\nsVC3dd4GELd7aHd/xpyhhhRZHn+6jye55UBrezDjjkX7j5zvs07Yxahvq5+BdoP5\nu1ZufHrov/nRQlPQ\n-----END CERTIFICATE-----\n","connection-string":"couchbases://instance-6goyzhyu-srv.couchbase","password":"iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5"}
I0623 09:44:29.269735 1 registry.go:389] setting registry entry credentials to map[bucket:binding-efb3737b-319a-4a52-acb4-20da58fc0034 ca.pem:-----BEGIN CERTIFICATE-----
MIIDCDCCAfCgAwIBAgIQUgmcllW3h6jBxRUWbvOCRzANBgkqhkiG9w0BAQsFADAe
MRwwGgYDVQQDExNDb3VjaGJhc2UgU2VydmVyIENBMB4XDTIwMDYyMzA5NDE0M1oX
DTMwMDYyMTA5NDE0M1owHjEcMBoGA1UEAxMTQ291Y2hiYXNlIFNlcnZlciBDQTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6f2sJZzyufWSQI6xLyNBGD
KNw1JPBjwYbkdcAWHShWtc8Or1cgRrRRvQ78aje94r3JuORQCGDeiJaLku/4r1tq
XmzkJ67goO6TQsxP7rwQ2tb9Eyvw++AorpY1qKi6xUEpnRxKZ/Hdr6A9W0TU9k0c
NlGYv8rWZb0ZodEIfy1iukXms3g2EFMmnZLjooZCgz+4vqCqD9u20yzc5mzgtjqW
9RxSb2ulqSOrJGHkBGLuyrrW1B4rxohSkh8XlVkiU8sf9alQBJnWTkDww7E2cC7p
d1L1TDj+auuKya8NamP/QVWEr8+xQIWKbH+Zer/InHsJnou3BiMXyPW/I064w/EC
AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O
BBYEFJbwrwox/phL4KgMlJIZ/01JU0yGMA0GCSqGSIb3DQEBCwUAA4IBAQCqFlT1
O7VJ1TRQg+CJj1J8YCGs6iL17ydyx2E6kSnAkph+vYKjJF4YDXUKHLepJ2CFZO+b
mvF8XohLWS+3LSBUShCep9b5wjEiNXw/Blk1y5eE4LID0uWrJmmf05rARXjm+GD4
PemHX45obHZTIwCnsRSVHnWCB0UMStsWY4B8jmk8Oe/Ac7U/HH03X4djkQqJ0vK6
AeE7e6K/YWhZr0xgmZhSE0jlEQSrlHMh9ylkPR1OS37AqaCOhFSIuj7V+roRSQoK
sVC3dd4GELd7aHd/xpyhhhRZHn+6jye55UBrezDjjkX7j5zvs07Yxahvq5+BdoP5
u1ZufHrov/nRQlPQ
-----END CERTIFICATE-----
connection-string:couchbases://instance-6goyzhyu-srv.couchbase password:iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5]
I0623 09:44:29.270253 1 create.go:237] rendering templates for binding
I0623 09:44:29.270266 1 util.go:103] rendering template couchbase-bucket
I0623 09:44:29.270328 1 util.go:103] rendering template selector-snippet
I0623 09:44:29.270402 1 util.go:132] rendered template {"matchLabels":{"cluster":"instance-6goyzhyu"}}
I0623 09:44:29.270465 1 util.go:132] rendered template {"apiVersion":"couchbase.com/v2","kind":"CouchbaseBucket","metadata":{"labels":{"matchLabels":{"cluster":"instance-6goyzhyu"}},"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"}}
I0623 09:44:29.270472 1 util.go:103] rendering template couchbase-group
I0623 09:44:29.270510 1 util.go:103] rendering template selector-snippet
I0623 09:44:29.270582 1 util.go:132] rendered template {"matchLabels":{"cluster":"instance-6goyzhyu"}}
I0623 09:44:29.270677 1 util.go:132] rendered template {"apiVersion":"couchbase.com/v2","kind":"CouchbaseGroup","metadata":{"labels":{"matchLabels":{"cluster":"instance-6goyzhyu"}},"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"},"spec":{"roles":[{"bucket":"binding-efb3737b-319a-4a52-acb4-20da58fc0034","name":"bucket_admin"}]}}
I0623 09:44:29.270684 1 util.go:103] rendering template couchbase-role-binding
I0623 09:44:29.270951 1 util.go:103] rendering template selector-snippet
I0623 09:44:29.271043 1 util.go:132] rendered template {"matchLabels":{"cluster":"instance-6goyzhyu"}}
I0623 09:44:29.271665 1 util.go:132] rendered template {"apiVersion":"couchbase.com/v2","kind":"CouchbaseRoleBinding","metadata":{"labels":{"matchLabels":{"cluster":"instance-6goyzhyu"}},"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"},"spec":{"roleRef":{"kind":"CouchbaseGroup","name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"},"subjects":[{"kind":"CouchbaseUser","name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"}]}}
I0623 09:44:29.271677 1 util.go:103] rendering template couchbase-user-secret
I0623 09:44:29.271810 1 util.go:132] rendered template {"apiVersion":"v1","data":{"password":"iLRiWTsq0w2y2Sa3PnzfiusLwCvayih5"},"kind":"Secret","metadata":{"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"}}
I0623 09:44:29.271820 1 util.go:103] rendering template couchbase-user
I0623 09:44:29.271902 1 util.go:103] rendering template selector-snippet
I0623 09:44:29.271949 1 util.go:132] rendered template {"matchLabels":{"cluster":"instance-6goyzhyu"}}
I0623 09:44:29.272035 1 util.go:132] rendered template {"apiVersion":"couchbase.com/v2","kind":"CouchbaseUser","metadata":{"labels":{"matchLabels":{"cluster":"instance-6goyzhyu"}},"name":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"},"spec":{"authDomain":"local","authSecret":"binding-efb3737b-319a-4a52-acb4-20da58fc0034"}}
I0623 09:44:29.278841 1 create.go:255] creating resources
I0623 09:44:29.278887 1 create.go:79] creating resource couchbase.com/v2/CouchbaseBucket binding-efb3737b-319a-4a52-acb4-20da58fc0034
I0623 09:44:29.278962 1 create.go:134] using namespace couchbase
I0623 09:44:29.287470 1 broker.go:223] HTTP rsp: "201 Created" 43.418711ms
spjmurray commented
Damn, proper bug :D Yes, the create operation return status is not being checked, it shouldn't be returning a 201. I'll get this unit tested and fixed tomorrow.
spjmurray commented
Okay! Check out master, while it won't work, it should tell you why it isn't working when you do kubectl describe servicebindings