Config Module Deployment

Hi Team,

I need a small clarification in config-module deployment for MOSIP. Currently, this is the config url(MOSIP git url) which we deployed for our setup. Now, we need to customize it and so we need to map our repo and redeploy the module. If we need to redeploy the config-server module, other modules will be affected(go down) I believe. So, once this module is redeployed, restarting other services should be enough. Or need to redeploy all the modules again? kindly confirm this and let me know if any queries.

I have tried deploying the config-server module with the custom repo url hosted in bitbucket and provided the details in the values.yaml. I have entered the repo url,version details in the file and made private field as true. Then I have entered the username and token details. For token, I tried with both bitbucket app password and Repository Access Token, but still getting unauthorized error. Kindly check and let me know if I am missing anything.

Hi @reddi3

I understand you’re encountering an issue with deploying config-server. I’ve raised your request to our deployment team, who will be happy to assist you further. However, due to their current workload on high-priority tasks, their response may be slightly delayed. We apologize for any inconvenience this may cause and appreciate your patience.

Best Regards,
Team MOSIP

Hi @sanchi-singh24 ,

Thanks for the response. Waiting for the assistance from your team.
Current status is, we have deleted the deployed config server module and made the custom repo details changes in values.yaml and tried to redeploy. There is no error in the config-pod logs but it is stuck after this and finally it is stuck in the same stage and not coming up. Attaching the logs for your reference.Kindly check and let me know if the repo details need to be changed anywhere else.

Hi @reddi3

Could you kindly furnish the complete logs from the config-server, along with the repository URL, and the specific details provided in the values.yaml file for the config-server?

Hi @syed.salman ,

Kindly find the screenshots of the logs in the attachment. Since I could only attach upto max 5 files, I am sending you the screenshots of first 5 pages and then send it in the next reply.





Hi Syed,

Please find the last two Screenshots and screenshot of the repo configuration in the values.yaml file.



@reddi3

As per the logs shared, there are no errors in logs, and also noticed that the application has not started. Sometimes pod takes more time to start the application.
To fix this, increase the startup probe failure threshold to 60:

kubectl -n config-server edit deployment config-server
        startupProbe:
          failureThreshold: 60
          httpGet:
            path: /config/*/*
            port: 51000
            scheme: HTTP
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 5

Hi Syed,

Tried above setting like you suggested, but still stuck in same state.

Thanks
Naveen

Hi @reddi3

Let @syed.salman look into this and try helping you with a different approach.

Best Regards,
Team MOSIP

@reddi3

could you provide me the full logs of the config-server

kubectl -n config-server logs <pod-name> --previous

Describe the pod

kubectl -n config-server describe pod <pod-name>

Hi Team,

Thanks for the response. Please find the full logs of config-server in the attachment in form of PNG files.

FYI…Attaching the describe pod screenshots in next reply as the attachment limit is reached.





Thanks
Naveen

Hi Team,

I have described the config-module pod and attaching the output below:

root@impiger-OptiPlex-7020:~# kubectl -n config-server describe pod config-server-c8d9465c-kt4c8
Name: config-server-c8d9465c-kt4c8
Namespace: config-server
Priority: 0
Service Account: config-server
Node: impiger-optiplex-7020/10.100.148.74
Start Time: Fri, 08 Mar 2024 16:13:40 +0530
Labels: app.kubernetes.io/instance=config-server
app.kubernetes.io/name=config-server
pod-template-hash=c8d9465c
security.istio.io/tlsMode=istio
service.istio.io/canonical-name=config-server
service.istio.io/canonical-revision=latest
Annotations: cni.projectcalico.org/containerID: e7d6bb420e1b5ad25cd0d72181b5dd9d06e22ddf803826675a1241b434aa53ca
cni.projectcalico.org/podIP: 10.42.0.77/32
cni.projectcalico.org/podIPs: 10.42.0.77/32
istio.io/rev: default
kubectl.kubernetes.io/default-container: config-server
kubectl.kubernetes.io/default-logs-container: config-server
prometheus.io/path: /stats/prometheus
prometheus.io/port: 15020
prometheus.io/scrape: true
sidecar.istio.io/status:
{“initContainers”:[“istio-init”],“containers”:[“istio-proxy”],“volumes”:[“workload-socket”,“credential-socket”,“workload-certs”,"istio-env…
Status: Running
IP: 10.42.0.77
IPs:
IP: 10.42.0.77
Controlled By: ReplicaSet/config-server-c8d9465c
Init Containers:
istio-init:
Container ID: docker://5c5c30dbe84f7e459bb7a968103027ff7b72eb16d593f7ac210c780ab4bb9ae0
Image: docker.io/istio/proxyv2:1.20.3
Image ID: docker-pullable://istio/proxyv2@sha256:18163bd4fdb641bdff1489e124a0b9f1059bb2cec9c8229161b73517db97c05a
Port:
Host Port:
Args:
istio-iptables
-p
15001
-z
15006
-u
1337
-m
REDIRECT
-i
*
-x

  -b
  *
  -d
  15090,15021,15020
  --log_output_level=default:info
State:          Terminated
  Reason:       Completed
  Exit Code:    0
  Started:      Fri, 08 Mar 2024 16:13:43 +0530
  Finished:     Fri, 08 Mar 2024 16:13:44 +0530
Ready:          True
Restart Count:  0
Limits:
  cpu:     2
  memory:  1Gi
Requests:
  cpu:     100m
  memory:  128Mi
Environment:
  ISTIO_META_IDLE_TIMEOUT:  0s
Mounts:
  /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-bl8rj (ro)

Containers:
istio-proxy:
Container ID: docker://ca815c668e56dc9867207117010dd84d880ca0bcb52ab1cb26f143a7013bae7f
Image: docker.io/istio/proxyv2:1.20.3
Image ID: docker-pullable://istio/proxyv2@sha256:18163bd4fdb641bdff1489e124a0b9f1059bb2cec9c8229161b73517db97c05a
Port: 15090/TCP
Host Port: 0/TCP
Args:
proxy
sidecar
–domain
$(POD_NAMESPACE).svc.cluster.local
–proxyLogLevel=warning
–proxyComponentLogLevel=misc:error
–log_output_level=default:info
State: Running
Started: Fri, 08 Mar 2024 16:13:46 +0530
Ready: True
Restart Count: 0
Limits:
cpu: 2
memory: 1Gi
Requests:
cpu: 100m
memory: 128Mi
Readiness: http-get http://:15021/healthz/ready delay=0s timeout=3s period=15s #success=1 #failure=4
Startup: http-get http://:15021/healthz/ready delay=0s timeout=3s period=1s #success=1 #failure=600
Environment:
JWT_POLICY: third-party-jwt
PILOT_CERT_PROVIDER: istiod
CA_ADDR: istiod.istio-system.svc:15012
POD_NAME: config-server-c8d9465c-kt4c8 (v1:metadata.name)
POD_NAMESPACE: config-server (v1:metadata.namespace)
INSTANCE_IP: (v1:status.podIP)
SERVICE_ACCOUNT: (v1:spec.serviceAccountName)
HOST_IP: (v1:status.hostIP)
ISTIO_CPU_LIMIT: 2 (limits.cpu)
PROXY_CONFIG: {“proxyMetadata”:{“ISTIO_META_IDLE_TIMEOUT”:“0s”},“gatewayTopology”:{“numTrustedProxies”:2},“holdApplicationUntilProxyStarts”:true}

  ISTIO_META_POD_PORTS:          [
                                     {"name":"http","containerPort":51000,"protocol":"TCP"}
                                 ]
  ISTIO_META_APP_CONTAINERS:     config-server
  GOMEMLIMIT:                    1073741824 (limits.memory)
  GOMAXPROCS:                    2 (limits.cpu)
  ISTIO_META_CLUSTER_ID:         Kubernetes
  ISTIO_META_NODE_NAME:           (v1:spec.nodeName)
  ISTIO_META_INTERCEPTION_MODE:  REDIRECT
  ISTIO_META_WORKLOAD_NAME:      config-server
  ISTIO_META_OWNER:              kubernetes://apis/apps/v1/namespaces/config-server/deployments/config-server
  ISTIO_META_MESH_ID:            cluster.local
  TRUST_DOMAIN:                  cluster.local
  ISTIO_META_IDLE_TIMEOUT:       0s
  ISTIO_KUBE_APP_PROBERS:        {"/app-health/config-server/livez":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5},"/app-health/config-server/readyz":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5},"/app-health/config-server/startupz":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5}}
Mounts:
  /etc/istio/pod from istio-podinfo (rw)
  /etc/istio/proxy from istio-envoy (rw)
  /var/lib/istio/data from istio-data (rw)
  /var/run/secrets/credential-uds from credential-socket (rw)
  /var/run/secrets/istio from istiod-ca-cert (rw)
  /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-bl8rj (ro)
  /var/run/secrets/tokens from istio-token (rw)
  /var/run/secrets/workload-spiffe-credentials from workload-certs (rw)
  /var/run/secrets/workload-spiffe-uds from workload-socket (rw)

config-server:
Container ID: docker://071096e99bc128c392cd7296b493c78379371155f3597cdaa1a04ada7ad751c8
Image: mosipid/config-server:1.1.2
Image ID: docker-pullable://mosipid/config-server@sha256:bc5ce50037d8988f807db45ee0fb19a750f6d0b17487155fca7edad0892e7eb0
Port: 51000/TCP
Host Port: 0/TCP
State: Running
Started: Thu, 14 Mar 2024 11:26:16 +0530
Last State: Terminated
Reason: Error
Exit Code: 137
Started: Thu, 14 Mar 2024 11:20:44 +0530
Finished: Thu, 14 Mar 2024 11:26:15 +0530
Ready: False
Restart Count: 1519
Limits:
cpu: 200m
memory: 1500Mi
Requests:
cpu: 50m
memory: 500Mi
Liveness: http-get http://:15020/app-health/config-server/livez delay=20s timeout=5s period=30s #success=1 #failure=6
Readiness: http-get http://:15020/app-health/config-server/readyz delay=0s timeout=5s period=10s #success=1 #failure=6
Startup: http-get http://:15020/app-health/config-server/startupz delay=0s timeout=5s period=10s #success=1 #failure=30
Environment Variables from:
config-server-env-vars ConfigMap Optional: false
Environment:
SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD: <set to the key ‘github-token’ in secret ‘config-server’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_PUBLIC_HOST: <set to the key ‘mosip-api-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_INTERNAL_HOST: <set to the key ‘mosip-api-internal-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_HOST: <set to the key ‘mosip-admin-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMP_HOST: <set to the key ‘mosip-pmp-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_HOST: <set to the key ‘mosip-prereg-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_HOST: <set to the key ‘mosip-resident-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ESIGNET_HOST: <set to the key ‘mosip-esignet-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_COMPLIANCE_HOST: <set to the key ‘mosip-compliance-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_DBUSER_PASSWORD: <set to the key ‘db-dbuser-password’ in secret ‘db-common-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_URL: <set to the key ‘keycloak-internal-url’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_HOST: <set to the key ‘keycloak-external-host’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_HOST: <set to the key ‘keycloak-internal-host’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_URL: <set to the key ‘keycloak-external-url’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ABIS_CLIENT_SECRET: <set to the key ‘mosip_abis_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SYNCDATA_CLIENT_SECRET: <set to the key ‘mosip_syncdata_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_IDPASS_CLIENT_SECRET: <set to the key ‘mosip_creser_idpass_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_AUTH_SECRET: <set to the key ‘mpartner_default_auth_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDREPO_CLIENT_SECRET: <set to the key ‘mosip_idrepo_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_PRINT_SECRET: <set to the key ‘mpartner_default_print_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_CLIENT_SECRET: <set to the key ‘mosip_admin_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_AUTH_CLIENT_SECRET: <set to the key ‘mosip_auth_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_CLIENT_SECRET: <set to the key ‘mosip_creser_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DATSHA_CLIENT_SECRET: <set to the key ‘mosip_datsha_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_CLIENT_SECRET: <set to the key ‘mosip_ida_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_MISP_CLIENT_SECRET: <set to the key ‘mosip_misp_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PARTNER_CLIENT_SECRET: <set to the key ‘mosip_partner_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PARTNERMANAGER_CLIENT_SECRET: <set to the key ‘mosip_partnermanager_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMS_CLIENT_SECRET: <set to the key ‘mosip_pms_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_POLICYMANAGER_CLIENT_SECRET: <set to the key ‘mosip_policymanager_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REG_CLIENT_SECRET: <set to the key ‘mosip_reg_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REGPROC_CLIENT_SECRET: <set to the key ‘mosip_regproc_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CREREQ_CLIENT_SECRET: <set to the key ‘mosip_crereq_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_CLIENT_SECRET: <set to the key ‘mosip_resident_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_CLIENT_SECRET: <set to the key ‘mosip_prereg_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_HOTLIST_CLIENT_SECRET: <set to the key ‘mosip_hotlist_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_ADMIN_PASSWORD: <set to the key ‘admin-password’ in secret ‘keycloak’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_KERNEL_SECURITY_PIN: <set to the key ‘security-pin’ in secret ‘softhsm-kernel’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_IDA_SECURITY_PIN: <set to the key ‘security-pin’ in secret ‘softhsm-ida’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_HOST: <set to the key ‘activemq-host’ of config map ‘activemq-activemq-artemis-share’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_CORE_PORT: <set to the key ‘activemq-core-port’ of config map ‘activemq-activemq-artemis-share’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_PASSWORD: <set to the key ‘artemis-password’ in secret ‘activemq-activemq-artemis’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_AUTHTYPE_CALLBACK_SECRET: <set to the key ‘ida-websub-authtype-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CREDENTIAL_ISSUE_CALLBACK_SECRET: <set to the key ‘ida-websub-credential-issue-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_PARTNER_SERVICE_CALLBACK_SECRET: <set to the key ‘ida-websub-partner-service-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CA_CERTIFICATE_CALLBACK_SECRET: <set to the key ‘ida-websub-ca-certificate-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_HOTLIST_CALLBACK_SECRET: <set to the key ‘ida-websub-hotlist-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TEMPLATES_CALLBACK_SECRET: <set to the key ‘ida-websub-masterdata-templates-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TITLES_CALLBACK_SECRET: <set to the key ‘ida-websub-masterdata-titles-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDREPO_WEBSUB_VID_CREDENTIAL_UPDATE_SECRET: <set to the key ‘idrepo-websub-vid-credential-update-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_UIN_SALT: <set to the key ‘mosip-kernel-tokenid-uin-salt’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_PARTNERCODE_SALT: <set to the key ‘mosip-kernel-tokenid-partnercode-salt’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PRINT_WEBSUB_HUB_SECRET: <set to the key ‘print-websub-hub-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_ACCESSKEY: <set to the key ‘s3-user-key’ of config map ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_REGION: <set to the key ‘s3-region’ of config map ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_SECRETKEY: <set to the key ‘s3-user-secret’ in secret ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_PRETEXT_VALUE: <set to the key ‘s3-pretext-value’ in secret ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_EMAIL_SMTP_HOST: <set to the key ‘email-smtp-host’ of config map ‘email-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_EMAIL_SMTP_USERNAME: <set to the key ‘email-smtp-username’ of config map ‘email-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_EMAIL_SMTP_SECRET: <set to the key ‘email-smtp-secret’ in secret ‘email-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_EMAIL_SMTP_PORT: <set to the key ‘email-smtp-port’ of config map ‘email-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SITE_KEY: <set to the key ‘prereg-captcha-site-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SECRET_KEY: <set to the key ‘prereg-captcha-secret-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ESIGNET_CAPTCHA_SITE_KEY: <set to the key ‘esignet-captcha-site-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ESIGNET_CAPTCHA_SECRET_KEY: <set to the key ‘esignet-captcha-secret-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SITE_KEY: <set to the key ‘resident-captcha-site-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SECRET_KEY: <set to the key ‘resident-captcha-secret-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_MOBILE_SECRET: <set to the key ‘mpartner_default_mobile_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTHTYPE_STATUS_SECRET: <set to the key ‘resident-websub-authtype-status-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTH_TRANSACTION_STATUS_SECRET: <set to the key ‘resident-websub-auth-transaction-status-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_KYC_TOKEN_SECRET: <set to the key ‘mosip-ida-kyc-token-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PARTNER_CRYPTO_P12_PASSWORD: <set to the key ‘mosip-partner-crypto-p12-password’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_DIGITALCARD_SECRET: <set to the key ‘mpartner_default_digitalcard_secret’ in secret ‘keycloak-client-secrets’> Optional: false
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-bl8rj (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
workload-socket:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
credential-socket:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
workload-certs:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
istio-envoy:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium: Memory
SizeLimit:
istio-data:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
istio-podinfo:
Type: DownwardAPI (a volume populated by information about the pod)
Items:
metadata.labels → labels
metadata.annotations → annotations
istio-token:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 43200
istiod-ca-cert:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: istio-ca-root-cert
Optional: false
kube-api-access-bl8rj:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional:
DownwardAPI: true
QoS Class: Burstable
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message


Warning Unhealthy 35m (x17208 over 5d19h) kubelet Startup probe failed: HTTP probe failed with statuscode: 500
Normal Pulled 30m (x1514 over 5d19h) kubelet Container image “mosipid/config-server:1.1.2” already present on machine
Warning Unhealthy 10s (x27045 over 5d19h) kubelet Startup probe failed: HTTP probe failed with statuscode: 404

Thanks
Naveen

Hello @reddi3,

Could you kindly furnish the complete logs of the configuration server and compress them using 7z to alleviate the size of the log file?

Please utilize the following kubectl command to retrieve the previous pod logs of the config-server:

kubectl -n config-server logs <pod-name> --previous

Furthermore, it seems that I encountered difficulties accessing your mosip-config repository. If it is configured as private, could you please supply the username and token required for accessing the private repository? Additionally, if the repository has not been forked, kindly proceed to fork it from the mosip GitHub account.

Thank you.

Hi @syed.salman ,

Thanks for the response. These are the only allowed formats for the attachments.Kindly advise.

Thanks
Naveen

Hi @sanchi-singh24

Please consult the MOSIP Admin team regarding the authorization for uploading files with .zip, .7z, and .txt extensions.

Hi @syed.salman,

Authorization for uploading files in admin are:

bulkupload/masterdata: Master data upload supported format are csv, xls and xlsx files.
bulkupload/packet: packet upload supported format is only zip file.

Hi @syed.salman ,

I have already shared you the username and token along with my git repo details in the private chat. Hope you received it and let me know if you didn’t. FYI, the service is not coming up even with the public repo. So, basically from what I could see it is only working with the MOSIP git repo. Kindly check on this and revert back as this seems to be blocker for us since many days. Waiting for your response.

Thanks
Naveen