Velero POD deployment is getting crashed in AKS

Boopathy, Elango 106 Reputation points
2020-09-23T06:03:32.867+00:00

Velero to Backup AKS cluster

We have deployed Velero in our kube cluster engine which is running in Azure stack environment. The Velero platform we installed : "velero-v1.4.2-linux-amd64". Later using the command velero install we deployed kube deployment which is getting crashed regularly.

We need Velero should be up & running and further we should take backup of the K8 cluster. Used below command to deploy velero in kube cluster.

velero install --provider azure --plugins velero/velero-plugin-for-microsoft-azure:v1.0.1 --bucket dxccnastorage --secret-file ./credentials-velero --backup-location-config resourceGroup="StorageRG",storageAccount="dxccnastorage0312" --snapshot-location-config resourceGroup="StorageRG"

Environment Used:

velero version
Client:
Version: v1.4.2
Git commit: 56a08a4

kubectl version --short
Client Version: v1.14.8
Server Version: v1.14.8

OS Release
NAME="Ubuntu"
VERSION="16.04.6 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.6 LTS"

Whats going wrong:

time="2020-09-21T13:49:18Z" level=info msg="registering plugin" command=/velero kind=RestoreItemAction logSource="pkg/plugin/clientmgmt/registry.go:100" name=velero.io/restic time="2020-09-21T13:49:18Z" level=info msg="registering plugin" command=/velero kind=RestoreItemAction logSource="pkg/plugin/clientmgmt/registry.go:100" name=velero.io/role-bindings time="2020-09-21T13:49:18Z" level=info msg="registering plugin" command=/velero kind=RestoreItemAction logSource="pkg/plugin/clientmgmt/registry.go:100" name=velero.io/service time="2020-09-21T13:49:18Z" level=info msg="registering plugin" command=/velero kind=RestoreItemAction logSource="pkg/plugin/clientmgmt/registry.go:100" name=velero.io/service-account time="2020-09-21T13:49:18Z" level=info msg="registering plugin" command=/plugins/velero-plugin-for-microsoft-azure kind=VolumeSnapshotter logSource="pkg/plugin/clientmgmt/registry.go:100" name=velero.io/azure time="2020-09-21T13:49:18Z" level=info msg="registering plugin" command=/plugins/velero-plugin-for-microsoft-azure kind=ObjectStore logSource="pkg/plugin/clientmgmt/registry.go:100" name=velero.io/azure time="2020-09-21T13:49:18Z" level=info msg="Checking existence of namespace" logSource="pkg/cmd/server/server.go:361" namespace=velero time="2020-09-21T13:49:18Z" level=info msg="Namespace exists" logSource="pkg/cmd/server/server.go:367" namespace=velero time="2020-09-21T13:49:21Z" level=info msg="Checking existence of Velero custom resource definitions" logSource="pkg/cmd/server/server.go:396" time="2020-09-21T13:49:21Z" level=info msg="All Velero custom resource definitions exist" logSource="pkg/cmd/server/server.go:430" time="2020-09-21T13:49:21Z" level=info msg="Checking that all backup storage locations are valid" logSource="pkg/cmd/server/server.go:437" An error occurred: some backup storage locations are invalid: error getting backup store for location "default": rpc error: code = Unknown desc = azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://management.azure.com/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxxx/resourceGroups/xxxx-nonprod-velero-backup-RG/providers/Microsoft.Storage/storageAccounts/xxxxnonprodvelerobackup/listKeys?api-version=2018-02-01: StatusCode=0 -- Original Error: adal: Failed to execute the refresh request. Error = 'Post https://login.microsoftonline.com/841b03e5-xxxxxxxxxxxxxxxx/oauth2/token?api-version=1.0: dial tcp: i/o timeout'

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,791 questions
{count} votes

1 answer

Sort by: Most helpful
  1. prmanhas-MSFT 17,876 Reputation points Microsoft Employee
    2020-09-24T07:44:08.753+00:00

    @Boopathy, Elango Firstly, apologies for the delay in responding on this and any inconvenience this issue may have caused.

    Mostly usually this indicates something in the credentials file is invalid - could you double-check all the values there?

    Moreover something similar is reported on this GitHub thread and can be helpful to you.

    You can refer to this article as well if already not to check pre-requisite and all the permissions needed.

    Hope it helps!!!

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics

    0 comments No comments