Config Module Installation

Hi Team,

I am facing the below issue while deploying the config module of latest version(1.2.0.1).

Error: couldn’t find key mosip-signup-host in ConfigMap config-server/global

FYI…I have the key set in the global configmap of the config-server. Can I know what I am missing here? Waiting for your response.

Thanks
Naveen

Hi Naveen,

Please check if there are any typos in the key or try the command below:
kubectl patch configmap global -n default --type merge -p "{\"data\": {\"mosip-signup-host\": \"signup.xyz.mosip.net\"}}"

kubectl patch configmap global -n config-server --type merge -p "{\"data\": {\"mosip-signup-host\": \"signup.xyz.mosip.net\"}}"

Thanks,
Rakshith

Hi Rakshith,

Thanks for the response and the commands worked and now it has bypassed above error. But the pod is currently stuck in 1/2 state after changing the repo url in the values.yaml. This is the final state and pls find the logs screenshot below:

We also tried increasing the timeout but no luck. Any solution for this?

Thanks
Naveen

Hi @reddi3

Let us look into the logs in more detail!

Best Regards,
Team MOSIP

Hi Naveen,

Could you please describe the pods and share their logs?
kubectl describe pods <pods name> -n config-server
Also, consider increasing the startupProbe failureThreshold to 120 in the deployment.
kubectl edit deploy <deployment name> -n config-server
and share screenshot of values.yaml

Hi Rakshit,

Please find the describe pod logs below:

Name: config-server-5845df5544-qrw76
Namespace: config-server
Priority: 0
Service Account: config-server
Node: impiger-optiplex-7020/10.100.148.74
Start Time: Fri, 03 May 2024 12:42:58 +0530
Labels: app.kubernetes.io/instance=config-server
app.kubernetes.io/name=config-server
pod-template-hash=5845df5544
security.istio.io/tlsMode=istio
service.istio.io/canonical-name=config-server
service.istio.io/canonical-revision=latest
Annotations: cni.projectcalico.org/containerID: 3ce496d98600254386c7660738e029fa19d1378ff6cde4a73656763ffd5e0fae
cni.projectcalico.org/podIP: 10.42.0.10/32
cni.projectcalico.org/podIPs: 10.42.0.10/32
istio.io/rev: default
kubectl.kubernetes.io/default-container: config-server
kubectl.kubernetes.io/default-logs-container: config-server
prometheus.io/path: /stats/prometheus
prometheus.io/port: 15020
prometheus.io/scrape: true
sidecar.istio.io/status:
{“initContainers”:[“istio-init”],“containers”:[“istio-proxy”],“volumes”:[“workload-socket”,“credential-socket”,“workload-certs”,"istio-env…
Status: Running
IP: 10.42.0.10
IPs:
IP: 10.42.0.10
Controlled By: ReplicaSet/config-server-5845df5544
Init Containers:
istio-init:
Container ID: docker://ff660c67e24e7e0cd72a3ab46a23e28e5b8a1028424535e2ad347caab1d9bc07
Image: docker.io/istio/proxyv2:1.20.3
Image ID: docker-pullable://istio/proxyv2@sha256:18163bd4fdb641bdff1489e124a0b9f1059bb2cec9c8229161b73517db97c05a
Port:
Host Port:
Args:
istio-iptables
-p
15001
-z
15006
-u
1337
-m
REDIRECT
-i
*
-x

  -b
  *
  -d
  15090,15021,15020
  --log_output_level=default:info
State:          Terminated
  Reason:       Completed
  Exit Code:    0
  Started:      Fri, 03 May 2024 12:43:01 +0530
  Finished:     Fri, 03 May 2024 12:43:01 +0530
Ready:          True
Restart Count:  0
Limits:
  cpu:     2
  memory:  1Gi
Requests:
  cpu:     100m
  memory:  128Mi
Environment:
  ISTIO_META_IDLE_TIMEOUT:  0s
Mounts:
  /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-zfjzr (ro)

Containers:
istio-proxy:
Container ID: docker://25c81f5fd7a08b034e94c5a4dc0fafadc2c349446ebb841795f7510dca3680f2
Image: docker.io/istio/proxyv2:1.20.3
Image ID: docker-pullable://istio/proxyv2@sha256:18163bd4fdb641bdff1489e124a0b9f1059bb2cec9c8229161b73517db97c05a
Port: 15090/TCP
Host Port: 0/TCP
Args:
proxy
sidecar
–domain
$(POD_NAMESPACE).svc.cluster.local
–proxyLogLevel=warning
–proxyComponentLogLevel=misc:error
–log_output_level=default:info
State: Running
Started: Fri, 03 May 2024 12:43:02 +0530
Ready: True
Restart Count: 0
Limits:
cpu: 2
memory: 1Gi
Requests:
cpu: 100m
memory: 128Mi
Readiness: http-get http://:15021/healthz/ready delay=0s timeout=3s period=15s #success=1 #failure=4
Startup: http-get http://:15021/healthz/ready delay=0s timeout=3s period=1s #success=1 #failure=600
Environment:
JWT_POLICY: third-party-jwt
PILOT_CERT_PROVIDER: istiod
CA_ADDR: istiod.istio-system.svc:15012
POD_NAME: config-server-5845df5544-qrw76 (v1:metadata.name)
POD_NAMESPACE: config-server (v1:metadata.namespace)
INSTANCE_IP: (v1:status.podIP)
SERVICE_ACCOUNT: (v1:spec.serviceAccountName)
HOST_IP: (v1:status.hostIP)
ISTIO_CPU_LIMIT: 2 (limits.cpu)
PROXY_CONFIG: {“proxyMetadata”:{“ISTIO_META_IDLE_TIMEOUT”:“0s”},“gatewayTopology”:{“numTrustedProxies”:2},“holdApplicationUntilProxyStarts”:true}

  ISTIO_META_POD_PORTS:          [
                                     {"name":"http","containerPort":51000,"protocol":"TCP"}
                                 ]
  ISTIO_META_APP_CONTAINERS:     config-server
  GOMEMLIMIT:                    1073741824 (limits.memory)
  GOMAXPROCS:                    2 (limits.cpu)
  ISTIO_META_CLUSTER_ID:         Kubernetes
  ISTIO_META_NODE_NAME:           (v1:spec.nodeName)
  ISTIO_META_INTERCEPTION_MODE:  REDIRECT
  ISTIO_META_WORKLOAD_NAME:      config-server
  ISTIO_META_OWNER:              kubernetes://apis/apps/v1/namespaces/config-server/deployments/config-server
  ISTIO_META_MESH_ID:            cluster.local
  TRUST_DOMAIN:                  cluster.local
  ISTIO_META_IDLE_TIMEOUT:       0s
  ISTIO_KUBE_APP_PROBERS:        {"/app-health/config-server/livez":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5},"/app-health/config-server/readyz":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5},"/app-health/config-server/startupz":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5}}
Mounts:
  /etc/istio/pod from istio-podinfo (rw)
  /etc/istio/proxy from istio-envoy (rw)
  /var/lib/istio/data from istio-data (rw)
  /var/run/secrets/credential-uds from credential-socket (rw)
  /var/run/secrets/istio from istiod-ca-cert (rw)
  /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-zfjzr (ro)
  /var/run/secrets/tokens from istio-token (rw)
  /var/run/secrets/workload-spiffe-credentials from workload-certs (rw)
  /var/run/secrets/workload-spiffe-uds from workload-socket (rw)

config-server:
Container ID: docker://bc7298c82bc493770880f18330c3fbec2f2373620a802f1cacea2a8a3ca64fa8
Image: mosipid/config-server:1.1.2
Image ID: docker-pullable://mosipid/config-server@sha256:bc5ce50037d8988f807db45ee0fb19a750f6d0b17487155fca7edad0892e7eb0
Port: 51000/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 03 May 2024 12:43:04 +0530
Ready: False
Restart Count: 0
Limits:
cpu: 200m
memory: 1500Mi
Requests:
cpu: 50m
memory: 500Mi
Liveness: http-get http://:15020/app-health/config-server/livez delay=20s timeout=5s period=30s #success=1 #failure=6
Readiness: http-get http://:15020/app-health/config-server/readyz delay=0s timeout=5s period=10s #success=1 #failure=6
Startup: http-get http://:15020/app-health/config-server/startupz delay=0s timeout=5s period=10s #success=1 #failure=30
Environment Variables from:
config-server-env-vars ConfigMap Optional: false
Environment:
SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD: <set to the key ‘github-token’ in secret ‘config-server’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_PUBLIC_HOST: <set to the key ‘mosip-api-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_INTERNAL_HOST: <set to the key ‘mosip-api-internal-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_HOST: <set to the key ‘mosip-admin-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_HOST: <set to the key ‘mosip-prereg-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_HOST: <set to the key ‘mosip-resident-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMP_HOST: <set to the key ‘mosip-pmp-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_COMPLIANCE_HOST: <set to the key ‘mosip-compliance-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ESIGNET_HOST: <set to the key ‘mosip-esignet-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SIGNUP_HOST: <set to the key ‘mosip-signup-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_DBUSER_PASSWORD: <set to the key ‘db-dbuser-password’ in secret ‘db-common-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_URL: <set to the key ‘keycloak-internal-url’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_URL: <set to the key ‘keycloak-external-url’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_HOST: <set to the key ‘keycloak-internal-host’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_HOST: <set to the key ‘keycloak-external-host’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ABIS_CLIENT_SECRET: <set to the key ‘mosip_abis_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SYNCDATA_CLIENT_SECRET: <set to the key ‘mosip_syncdata_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_IDPASS_CLIENT_SECRET: <set to the key ‘mosip_creser_idpass_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_AUTH_SECRET: <set to the key ‘mpartner_default_auth_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDREPO_CLIENT_SECRET: <set to the key ‘mosip_idrepo_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_PRINT_SECRET: <set to the key ‘mpartner_default_print_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_DIGITALCARD_SECRET: <set to the key ‘mpartner_default_digitalcard_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_CLIENT_SECRET: <set to the key ‘mosip_admin_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_AUTH_CLIENT_SECRET: <set to the key ‘mosip_auth_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CREREQ_CLIENT_SECRET: <set to the key ‘mosip_crereq_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_CLIENT_SECRET: <set to the key ‘mosip_creser_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DATSHA_CLIENT_SECRET: <set to the key ‘mosip_datsha_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_CLIENT_SECRET: <set to the key ‘mosip_ida_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_MISP_CLIENT_SECRET: <set to the key ‘mosip_misp_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMS_CLIENT_SECRET: <set to the key ‘mosip_pms_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_POLICYMANAGER_CLIENT_SECRET: <set to the key ‘mosip_policymanager_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REG_CLIENT_SECRET: <set to the key ‘mosip_reg_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REGPROC_CLIENT_SECRET: <set to the key ‘mosip_regproc_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_CLIENT_SECRET: <set to the key ‘mosip_resident_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_CLIENT_SECRET: <set to the key ‘mosip_prereg_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_HOTLIST_CLIENT_SECRET: <set to the key ‘mosip_hotlist_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DIGITALCARD_CLIENT_SECRET: <set to the key ‘mosip_digitalcard_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_ADMIN_PASSWORD: <set to the key ‘admin-password’ in secret ‘keycloak’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_KERNEL_SECURITY_PIN: <set to the key ‘security-pin’ in secret ‘softhsm-kernel’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_IDA_SECURITY_PIN: <set to the key ‘security-pin’ in secret ‘softhsm-ida’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_HOST: <set to the key ‘activemq-host’ of config map ‘activemq-activemq-artemis-share’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_CORE_PORT: <set to the key ‘activemq-core-port’ of config map ‘activemq-activemq-artemis-share’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_PASSWORD: <set to the key ‘artemis-password’ in secret ‘activemq-activemq-artemis’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_AUTHTYPE_CALLBACK_SECRET: <set to the key ‘ida-websub-authtype-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CREDENTIAL_ISSUE_CALLBACK_SECRET: <set to the key ‘ida-websub-credential-issue-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_PARTNER_SERVICE_CALLBACK_SECRET: <set to the key ‘ida-websub-partner-service-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CA_CERTIFICATE_CALLBACK_SECRET: <set to the key ‘ida-websub-ca-certificate-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_HOTLIST_CALLBACK_SECRET: <set to the key ‘ida-websub-hotlist-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TEMPLATES_CALLBACK_SECRET: <set to the key ‘ida-websub-masterdata-templates-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TITLES_CALLBACK_SECRET: <set to the key ‘ida-websub-masterdata-titles-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDREPO_WEBSUB_VID_CREDENTIAL_UPDATE_SECRET: <set to the key ‘idrepo-websub-vid-credential-update-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_CREDENTIAL_STATUS_UPDATE_SECRET: <set to the key ‘resident-websub-credential-status-update-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_UIN_SALT: <set to the key ‘mosip-kernel-tokenid-uin-salt’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_PARTNERCODE_SALT: <set to the key ‘mosip-kernel-tokenid-partnercode-salt’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PRINT_WEBSUB_HUB_SECRET: <set to the key ‘print-websub-hub-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_HUB_SECRET_ENCRYPTION_KEY: <set to the key ‘hub-secret-encryption-key’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_ACCESSKEY: <set to the key ‘s3-user-key’ of config map ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_REGION: <set to the key ‘s3-region’ of config map ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_SECRETKEY: <set to the key ‘s3-user-secret’ in secret ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_HOST: <set to the key ‘smtp-host’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_HOST: <set to the key ‘sms-host’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_PORT: <set to the key ‘smtp-port’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_PORT: <set to the key ‘sms-port’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_USERNAME: <set to the key ‘smtp-username’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_USERNAME: <set to the key ‘sms-username’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_SECRET: <set to the key ‘smtp-secret’ in secret ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_SECRET: <set to the key ‘sms-secret’ in secret ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_AUTHKEY: <set to the key ‘sms-authkey’ in secret ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SITE_KEY: <set to the key ‘prereg-captcha-site-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SECRET_KEY: <set to the key ‘prereg-captcha-secret-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SITE_KEY: <set to the key ‘resident-captcha-site-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SECRET_KEY: <set to the key ‘resident-captcha-secret-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_PRETEXT_VALUE: <set to the key ‘s3-pretext-value’ in secret ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_MOBILE_SECRET: <set to the key ‘mpartner_default_mobile_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTHTYPE_STATUS_SECRET: <set to the key ‘resident-websub-authtype-status-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTH_TRANSACTION_STATUS_SECRET: <set to the key ‘resident-websub-auth-transaction-status-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_KYC_TOKEN_SECRET: <set to the key ‘mosip-ida-kyc-token-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PARTNER_CRYPTO_P12_PASSWORD: <set to the key ‘mosip-partner-crypto-p12-password’ in secret ‘conf-secrets-various’> Optional: false
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-zfjzr (ro)

Note: Due to character limitation sending the continuation of the logs in the next message.

Thanks
Naveen

Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
workload-socket:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
credential-socket:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
workload-certs:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
istio-envoy:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium: Memory
SizeLimit:
istio-data:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
istio-podinfo:
Type: DownwardAPI (a volume populated by information about the pod)
Items:
metadata.labels → labels
metadata.annotations → annotations
istio-token:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 43200
istiod-ca-cert:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: istio-ca-root-cert
Optional: false
kube-api-access-zfjzr:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional:
DownwardAPI: true
QoS Class: Burstable
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message


Normal Scheduled 103s default-scheduler Successfully assigned config-server/config-server-5845df5544-qrw76 to impiger-optiplex-7020
Normal Pulled 101s kubelet Container image “docker.io/istio/proxyv2:1.20.3” already present on machine
Normal Created 101s kubelet Created container istio-init
Normal Started 100s kubelet Started container istio-init
Normal Pulled 99s kubelet Container image “docker.io/istio/proxyv2:1.20.3” already present on machine
Normal Created 99s kubelet Created container istio-proxy
Normal Started 98s kubelet Started container istio-proxy
Normal Pulled 98s kubelet Container image “mosipid/config-server:1.1.2” already present on machine
Normal Created 97s kubelet Created container config-server
Normal Started 97s kubelet Started container config-server
Warning Unhealthy 3s (x10 over 93s) kubelet Startup probe failed: HTTP probe failed with statuscode: 500
root@impiger-OptiPlex-7020:~# kubectl -n config-server describe po config-server-5845df5544-qrw76
Name: config-server-5845df5544-qrw76
Namespace: config-server
Priority: 0
Service Account: config-server
Node: impiger-optiplex-7020/10.100.148.74
Start Time: Fri, 03 May 2024 12:42:58 +0530
Labels: app.kubernetes.io/instance=config-server
app.kubernetes.io/name=config-server
pod-template-hash=5845df5544
security.istio.io/tlsMode=istio
service.istio.io/canonical-name=config-server
service.istio.io/canonical-revision=latest
Annotations: cni.projectcalico.org/containerID: 3ce496d98600254386c7660738e029fa19d1378ff6cde4a73656763ffd5e0fae
cni.projectcalico.org/podIP: 10.42.0.10/32
cni.projectcalico.org/podIPs: 10.42.0.10/32
istio.io/rev: default
kubectl.kubernetes.io/default-container: config-server
kubectl.kubernetes.io/default-logs-container: config-server
prometheus.io/path: /stats/prometheus
prometheus.io/port: 15020
prometheus.io/scrape: true
sidecar.istio.io/status:
{“initContainers”:[“istio-init”],“containers”:[“istio-proxy”],“volumes”:[“workload-socket”,“credential-socket”,“workload-certs”,"istio-env…
Status: Running
IP: 10.42.0.10
IPs:
IP: 10.42.0.10
Controlled By: ReplicaSet/config-server-5845df5544
Init Containers:
istio-init:
Container ID: docker://ff660c67e24e7e0cd72a3ab46a23e28e5b8a1028424535e2ad347caab1d9bc07
Image: docker.io/istio/proxyv2:1.20.3
Image ID: docker-pullable://istio/proxyv2@sha256:18163bd4fdb641bdff1489e124a0b9f1059bb2cec9c8229161b73517db97c05a
Port:
Host Port:
Args:
istio-iptables
-p
15001
-z
15006
-u
1337
-m
REDIRECT
-i
*
-x

  -b
  *
  -d
  15090,15021,15020
  --log_output_level=default:info
State:          Terminated
  Reason:       Completed
  Exit Code:    0
  Started:      Fri, 03 May 2024 12:43:01 +0530
  Finished:     Fri, 03 May 2024 12:43:01 +0530
Ready:          True
Restart Count:  0
Limits:
  cpu:     2
  memory:  1Gi
Requests:
  cpu:     100m
  memory:  128Mi
Environment:
  ISTIO_META_IDLE_TIMEOUT:  0s
Mounts:
  /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-zfjzr (ro)

Containers:
istio-proxy:
Container ID: docker://25c81f5fd7a08b034e94c5a4dc0fafadc2c349446ebb841795f7510dca3680f2
Image: docker.io/istio/proxyv2:1.20.3
Image ID: docker-pullable://istio/proxyv2@sha256:18163bd4fdb641bdff1489e124a0b9f1059bb2cec9c8229161b73517db97c05a
Port: 15090/TCP
Host Port: 0/TCP
Args:
proxy
sidecar
–domain
$(POD_NAMESPACE).svc.cluster.local
–proxyLogLevel=warning
–proxyComponentLogLevel=misc:error
–log_output_level=default:info
State: Running
Started: Fri, 03 May 2024 12:43:02 +0530
Ready: True
Restart Count: 0
Limits:
cpu: 2
memory: 1Gi
Requests:
cpu: 100m
memory: 128Mi
Readiness: http-get http://:15021/healthz/ready delay=0s timeout=3s period=15s #success=1 #failure=4
Startup: http-get http://:15021/healthz/ready delay=0s timeout=3s period=1s #success=1 #failure=600
Environment:
JWT_POLICY: third-party-jwt
PILOT_CERT_PROVIDER: istiod
CA_ADDR: istiod.istio-system.svc:15012
POD_NAME: config-server-5845df5544-qrw76 (v1:metadata.name)
POD_NAMESPACE: config-server (v1:metadata.namespace)
INSTANCE_IP: (v1:status.podIP)
SERVICE_ACCOUNT: (v1:spec.serviceAccountName)
HOST_IP: (v1:status.hostIP)
ISTIO_CPU_LIMIT: 2 (limits.cpu)
PROXY_CONFIG: {“proxyMetadata”:{“ISTIO_META_IDLE_TIMEOUT”:“0s”},“gatewayTopology”:{“numTrustedProxies”:2},“holdApplicationUntilProxyStarts”:true}

  ISTIO_META_POD_PORTS:          [
                                     {"name":"http","containerPort":51000,"protocol":"TCP"}
                                 ]
  ISTIO_META_APP_CONTAINERS:     config-server
  GOMEMLIMIT:                    1073741824 (limits.memory)
  GOMAXPROCS:                    2 (limits.cpu)
  ISTIO_META_CLUSTER_ID:         Kubernetes
  ISTIO_META_NODE_NAME:           (v1:spec.nodeName)
  ISTIO_META_INTERCEPTION_MODE:  REDIRECT
  ISTIO_META_WORKLOAD_NAME:      config-server
  ISTIO_META_OWNER:              kubernetes://apis/apps/v1/namespaces/config-server/deployments/config-server
  ISTIO_META_MESH_ID:            cluster.local
  TRUST_DOMAIN:                  cluster.local
  ISTIO_META_IDLE_TIMEOUT:       0s
  ISTIO_KUBE_APP_PROBERS:        {"/app-health/config-server/livez":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5},"/app-health/config-server/readyz":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5},"/app-health/config-server/startupz":{"httpGet":{"path":"/config/*/*","port":51000,"scheme":"HTTP"},"timeoutSeconds":5}}
Mounts:
  /etc/istio/pod from istio-podinfo (rw)
  /etc/istio/proxy from istio-envoy (rw)
  /var/lib/istio/data from istio-data (rw)
  /var/run/secrets/credential-uds from credential-socket (rw)
  /var/run/secrets/istio from istiod-ca-cert (rw)
  /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-zfjzr (ro)
  /var/run/secrets/tokens from istio-token (rw)
  /var/run/secrets/workload-spiffe-credentials from workload-certs (rw)
  /var/run/secrets/workload-spiffe-uds from workload-socket (rw)

config-server:
Container ID: docker://bc7298c82bc493770880f18330c3fbec2f2373620a802f1cacea2a8a3ca64fa8
Image: mosipid/config-server:1.1.2
Image ID: docker-pullable://mosipid/config-server@sha256:bc5ce50037d8988f807db45ee0fb19a750f6d0b17487155fca7edad0892e7eb0
Port: 51000/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 03 May 2024 12:43:04 +0530
Ready: False
Restart Count: 0
Limits:
cpu: 200m
memory: 1500Mi
Requests:
cpu: 50m
memory: 500Mi
Liveness: http-get http://:15020/app-health/config-server/livez delay=20s timeout=5s period=30s #success=1 #failure=6
Readiness: http-get http://:15020/app-health/config-server/readyz delay=0s timeout=5s period=10s #success=1 #failure=6
Startup: http-get http://:15020/app-health/config-server/startupz delay=0s timeout=5s period=10s #success=1 #failure=30
Environment Variables from:
config-server-env-vars ConfigMap Optional: false
Environment:
SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD: <set to the key ‘github-token’ in secret ‘config-server’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_PUBLIC_HOST: <set to the key ‘mosip-api-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_INTERNAL_HOST: <set to the key ‘mosip-api-internal-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_HOST: <set to the key ‘mosip-admin-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_HOST: <set to the key ‘mosip-prereg-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_HOST: <set to the key ‘mosip-resident-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMP_HOST: <set to the key ‘mosip-pmp-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_COMPLIANCE_HOST: <set to the key ‘mosip-compliance-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ESIGNET_HOST: <set to the key ‘mosip-esignet-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SIGNUP_HOST: <set to the key ‘mosip-signup-host’ of config map ‘global’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_DBUSER_PASSWORD: <set to the key ‘db-dbuser-password’ in secret ‘db-common-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_URL: <set to the key ‘keycloak-internal-url’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_URL: <set to the key ‘keycloak-external-url’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_HOST: <set to the key ‘keycloak-internal-host’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_HOST: <set to the key ‘keycloak-external-host’ of config map ‘keycloak-host’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ABIS_CLIENT_SECRET: <set to the key ‘mosip_abis_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SYNCDATA_CLIENT_SECRET: <set to the key ‘mosip_syncdata_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_IDPASS_CLIENT_SECRET: <set to the key ‘mosip_creser_idpass_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_AUTH_SECRET: <set to the key ‘mpartner_default_auth_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDREPO_CLIENT_SECRET: <set to the key ‘mosip_idrepo_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_PRINT_SECRET: <set to the key ‘mpartner_default_print_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_DIGITALCARD_SECRET: <set to the key ‘mpartner_default_digitalcard_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_CLIENT_SECRET: <set to the key ‘mosip_admin_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_AUTH_CLIENT_SECRET: <set to the key ‘mosip_auth_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CREREQ_CLIENT_SECRET: <set to the key ‘mosip_crereq_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_CLIENT_SECRET: <set to the key ‘mosip_creser_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DATSHA_CLIENT_SECRET: <set to the key ‘mosip_datsha_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_CLIENT_SECRET: <set to the key ‘mosip_ida_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_MISP_CLIENT_SECRET: <set to the key ‘mosip_misp_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMS_CLIENT_SECRET: <set to the key ‘mosip_pms_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_POLICYMANAGER_CLIENT_SECRET: <set to the key ‘mosip_policymanager_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REG_CLIENT_SECRET: <set to the key ‘mosip_reg_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REGPROC_CLIENT_SECRET: <set to the key ‘mosip_regproc_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_CLIENT_SECRET: <set to the key ‘mosip_resident_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_CLIENT_SECRET: <set to the key ‘mosip_prereg_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_HOTLIST_CLIENT_SECRET: <set to the key ‘mosip_hotlist_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DIGITALCARD_CLIENT_SECRET: <set to the key ‘mosip_digitalcard_client_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_ADMIN_PASSWORD: <set to the key ‘admin-password’ in secret ‘keycloak’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_KERNEL_SECURITY_PIN: <set to the key ‘security-pin’ in secret ‘softhsm-kernel’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_IDA_SECURITY_PIN: <set to the key ‘security-pin’ in secret ‘softhsm-ida’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_HOST: <set to the key ‘activemq-host’ of config map ‘activemq-activemq-artemis-share’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_CORE_PORT: <set to the key ‘activemq-core-port’ of config map ‘activemq-activemq-artemis-share’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_PASSWORD: <set to the key ‘artemis-password’ in secret ‘activemq-activemq-artemis’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_AUTHTYPE_CALLBACK_SECRET: <set to the key ‘ida-websub-authtype-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CREDENTIAL_ISSUE_CALLBACK_SECRET: <set to the key ‘ida-websub-credential-issue-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_PARTNER_SERVICE_CALLBACK_SECRET: <set to the key ‘ida-websub-partner-service-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CA_CERTIFICATE_CALLBACK_SECRET: <set to the key ‘ida-websub-ca-certificate-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_HOTLIST_CALLBACK_SECRET: <set to the key ‘ida-websub-hotlist-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TEMPLATES_CALLBACK_SECRET: <set to the key ‘ida-websub-masterdata-templates-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TITLES_CALLBACK_SECRET: <set to the key ‘ida-websub-masterdata-titles-callback-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDREPO_WEBSUB_VID_CREDENTIAL_UPDATE_SECRET: <set to the key ‘idrepo-websub-vid-credential-update-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_CREDENTIAL_STATUS_UPDATE_SECRET: <set to the key ‘resident-websub-credential-status-update-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_UIN_SALT: <set to the key ‘mosip-kernel-tokenid-uin-salt’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_PARTNERCODE_SALT: <set to the key ‘mosip-kernel-tokenid-partnercode-salt’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PRINT_WEBSUB_HUB_SECRET: <set to the key ‘print-websub-hub-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_HUB_SECRET_ENCRYPTION_KEY: <set to the key ‘hub-secret-encryption-key’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_ACCESSKEY: <set to the key ‘s3-user-key’ of config map ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_REGION: <set to the key ‘s3-region’ of config map ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_SECRETKEY: <set to the key ‘s3-user-secret’ in secret ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_HOST: <set to the key ‘smtp-host’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_HOST: <set to the key ‘sms-host’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_PORT: <set to the key ‘smtp-port’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_PORT: <set to the key ‘sms-port’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_USERNAME: <set to the key ‘smtp-username’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_USERNAME: <set to the key ‘sms-username’ of config map ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_SECRET: <set to the key ‘smtp-secret’ in secret ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_SECRET: <set to the key ‘sms-secret’ in secret ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_AUTHKEY: <set to the key ‘sms-authkey’ in secret ‘msg-gateway’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SITE_KEY: <set to the key ‘prereg-captcha-site-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SECRET_KEY: <set to the key ‘prereg-captcha-secret-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SITE_KEY: <set to the key ‘resident-captcha-site-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SECRET_KEY: <set to the key ‘resident-captcha-secret-key’ in secret ‘mosip-captcha’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_PRETEXT_VALUE: <set to the key ‘s3-pretext-value’ in secret ‘s3’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_MOBILE_SECRET: <set to the key ‘mpartner_default_mobile_secret’ in secret ‘keycloak-client-secrets’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTHTYPE_STATUS_SECRET: <set to the key ‘resident-websub-authtype-status-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTH_TRANSACTION_STATUS_SECRET: <set to the key ‘resident-websub-auth-transaction-status-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_KYC_TOKEN_SECRET: <set to the key ‘mosip-ida-kyc-token-secret’ in secret ‘conf-secrets-various’> Optional: false
SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PARTNER_CRYPTO_P12_PASSWORD: <set to the key ‘mosip-partner-crypto-p12-password’ in secret ‘conf-secrets-various’> Optional: false
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-zfjzr (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
workload-socket:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
credential-socket:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
workload-certs:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
istio-envoy:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium: Memory
SizeLimit:
istio-data:
Type: EmptyDir (a temporary directory that shares a pod’s lifetime)
Medium:
SizeLimit:
istio-podinfo:
Type: DownwardAPI (a volume populated by information about the pod)
Items:
metadata.labels → labels
metadata.annotations → annotations
istio-token:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 43200
istiod-ca-cert:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: istio-ca-root-cert
Optional: false
kube-api-access-zfjzr:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional:
DownwardAPI: true
QoS Class: Burstable
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message


Normal Scheduled 2m30s default-scheduler Successfully assigned config-server/config-server-5845df5544-qrw76 to impiger-optiplex-7020
Normal Pulled 2m28s kubelet Container image “docker.io/istio/proxyv2:1.20.3” already present on machine
Normal Created 2m28s kubelet Created container istio-init
Normal Started 2m27s kubelet Started container istio-init
Normal Pulled 2m26s kubelet Container image “docker.io/istio/proxyv2:1.20.3” already present on machine
Normal Created 2m26s kubelet Created container istio-proxy
Normal Started 2m25s kubelet Started container istio-proxy
Normal Pulled 2m25s kubelet Container image “mosipid/config-server:1.1.2” already present on machine
Normal Created 2m24s kubelet Created container config-server
Normal Started 2m24s kubelet Started container config-server
Warning Unhealthy 40s (x11 over 2m20s) kubelet Startup probe failed: HTTP probe failed with statuscode: 500
Warning Unhealthy 25s kubelet Startup probe failed: Get “http://10.42.0.10:15020/app-health/config-server/startupz”: context deadline exceeded (Client.Timeout exceeded while awaiting headers)
Warning Unhealthy 7s (x2 over 17s) kubelet Startup probe failed: HTTP probe failed with statuscode: 404

Hi Rakshith,

FYI…This is the deployment yaml file

apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: “1”
meta.helm.sh/release-name: config-server
meta.helm.sh/release-namespace: config-server
creationTimestamp: “2024-05-03T07:12:58Z”
generation: 1
labels:
app.kubernetes.io/instance: config-server
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: config-server
app.kubernetes.io/version: 1.1.2
helm.sh/chart: config-server-12.0.1
name: config-server
namespace: config-server
resourceVersion: “17797172”
uid: 7cd6a311-dff6-47d5-bf16-b5132cf14525
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: config-server
app.kubernetes.io/name: config-server
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/instance: config-server
app.kubernetes.io/name: config-server
spec:
containers:
- env:
- name: SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD
valueFrom:
secretKeyRef:
key: github-token
name: config-server
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_PUBLIC_HOST
valueFrom:
configMapKeyRef:
key: mosip-api-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_API_INTERNAL_HOST
valueFrom:
configMapKeyRef:
key: mosip-api-internal-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_HOST
valueFrom:
configMapKeyRef:
key: mosip-admin-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_HOST
valueFrom:
configMapKeyRef:
key: mosip-prereg-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_HOST
valueFrom:
configMapKeyRef:
key: mosip-resident-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMP_HOST
valueFrom:
configMapKeyRef:
key: mosip-pmp-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_COMPLIANCE_HOST
valueFrom:
configMapKeyRef:
key: mosip-compliance-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ESIGNET_HOST
valueFrom:
configMapKeyRef:
key: mosip-esignet-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SIGNUP_HOST
valueFrom:
configMapKeyRef:
key: mosip-signup-host
name: global
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_DB_DBUSER_PASSWORD
valueFrom:
secretKeyRef:
key: db-dbuser-password
name: db-common-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_URL
valueFrom:
configMapKeyRef:
key: keycloak-internal-url
name: keycloak-host
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_URL
valueFrom:
configMapKeyRef:
key: keycloak-external-url
name: keycloak-host
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_INTERNAL_HOST
valueFrom:
configMapKeyRef:
key: keycloak-internal-host
name: keycloak-host
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_EXTERNAL_HOST
valueFrom:
configMapKeyRef:
key: keycloak-external-host
name: keycloak-host
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ABIS_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_abis_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_SYNCDATA_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_syncdata_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_IDPASS_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_creser_idpass_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_AUTH_SECRET
valueFrom:
secretKeyRef:
key: mpartner_default_auth_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDREPO_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_idrepo_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_PRINT_SECRET
valueFrom:
secretKeyRef:
key: mpartner_default_print_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_DIGITALCARD_SECRET
valueFrom:
secretKeyRef:
key: mpartner_default_digitalcard_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_ADMIN_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_admin_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_AUTH_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_auth_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CREREQ_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_crereq_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_CRESER_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_creser_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DATSHA_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_datsha_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_ida_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_MISP_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_misp_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PMS_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_pms_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_POLICYMANAGER_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_policymanager_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REG_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_reg_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_REGPROC_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_regproc_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_RESIDENT_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_resident_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PREREG_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_prereg_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_HOTLIST_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_hotlist_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_DIGITALCARD_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: mosip_digitalcard_client_secret
name: keycloak-client-secrets
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_KEYCLOAK_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: admin-password
name: keycloak
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_KERNEL_SECURITY_PIN
valueFrom:
secretKeyRef:
key: security-pin
name: softhsm-kernel
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SOFTHSM_IDA_SECURITY_PIN
valueFrom:
secretKeyRef:
key: security-pin
name: softhsm-ida
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_HOST
valueFrom:
configMapKeyRef:
key: activemq-host
name: activemq-activemq-artemis-share
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_CORE_PORT
valueFrom:
configMapKeyRef:
key: activemq-core-port
name: activemq-activemq-artemis-share
- name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_ACTIVEMQ_PASSWORD

      valueFrom:
        secretKeyRef:
          key: artemis-password
          name: activemq-activemq-artemis
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_AUTHTYPE_CALLBACK_SECRET
      valueFrom:
        secretKeyRef:
          key: ida-websub-authtype-callback-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CREDENTIAL_ISSUE_CALLBACK_SECRET
      valueFrom:
        secretKeyRef:
          key: ida-websub-credential-issue-callback-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_PARTNER_SERVICE_CALLBACK_SECRET
      valueFrom:
        secretKeyRef:
          key: ida-websub-partner-service-callback-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_CA_CERTIFICATE_CALLBACK_SECRET
      valueFrom:
        secretKeyRef:
          key: ida-websub-ca-certificate-callback-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_HOTLIST_CALLBACK_SECRET
      valueFrom:
        secretKeyRef:
          key: ida-websub-hotlist-callback-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TEMPLATES_CALLBACK_SECRET
      valueFrom:
        secretKeyRef:
          key: ida-websub-masterdata-templates-callback-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDA_WEBSUB_MASTERDATA_TITLES_CALLBACK_SECRET
      valueFrom:
        secretKeyRef:
          key: ida-websub-masterdata-titles-callback-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_IDREPO_WEBSUB_VID_CREDENTIAL_UPDATE_SECRET
      valueFrom:
        secretKeyRef:
          key: idrepo-websub-vid-credential-update-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_CREDENTIAL_STATUS_UPDATE_SECRET
      valueFrom:
        secretKeyRef:
          key: resident-websub-credential-status-update-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_UIN_SALT
      valueFrom:
        secretKeyRef:
          key: mosip-kernel-tokenid-uin-salt
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_KERNEL_TOKENID_PARTNERCODE_SALT
      valueFrom:
        secretKeyRef:
          key: mosip-kernel-tokenid-partnercode-salt
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PRINT_WEBSUB_HUB_SECRET
      valueFrom:
        secretKeyRef:
          key: print-websub-hub-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_HUB_SECRET_ENCRYPTION_KEY
      valueFrom:
        secretKeyRef:
          key: hub-secret-encryption-key
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_ACCESSKEY
      valueFrom:
        configMapKeyRef:
          key: s3-user-key
          name: s3
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_REGION
      valueFrom:
        configMapKeyRef:
          key: s3-region
          name: s3
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_SECRETKEY
      valueFrom:
        secretKeyRef:
          key: s3-user-secret
          name: s3
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_HOST
      valueFrom:
        configMapKeyRef:
          key: smtp-host
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_HOST
      valueFrom:
        configMapKeyRef:
          key: sms-host
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_PORT
      valueFrom:
        configMapKeyRef:
          key: smtp-port
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_PORT
      valueFrom:
        configMapKeyRef:
          key: sms-port
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_USERNAME
      valueFrom:
        configMapKeyRef:
          key: smtp-username
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_USERNAME
      valueFrom:
        configMapKeyRef:
          key: sms-username
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMTP_SECRET
      valueFrom:
        secretKeyRef:
          key: smtp-secret
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_SECRET
      valueFrom:
        secretKeyRef:
          key: sms-secret
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_SMS_AUTHKEY
      valueFrom:
        secretKeyRef:
          key: sms-authkey
          name: msg-gateway
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SITE_KEY
      valueFrom:
        secretKeyRef:
          key: prereg-captcha-site-key
          name: mosip-captcha
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_PREREG_CAPTCHA_SECRET_KEY
      valueFrom:
        secretKeyRef:
          key: prereg-captcha-secret-key
          name: mosip-captcha
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SITE_KEY
                                                                                                           valueFrom:
        secretKeyRef:
          key: resident-captcha-site-key
          name: mosip-captcha
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_CAPTCHA_SECRET_KEY
      valueFrom:
        secretKeyRef:
          key: resident-captcha-secret-key
          name: mosip-captcha
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_S3_PRETEXT_VALUE
      valueFrom:
        secretKeyRef:
          key: s3-pretext-value
          name: s3
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MPARTNER_DEFAULT_MOBILE_SECRET
      valueFrom:
        secretKeyRef:
          key: mpartner_default_mobile_secret
          name: keycloak-client-secrets
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTHTYPE_STATUS_SECRET
      valueFrom:
        secretKeyRef:
          key: resident-websub-authtype-status-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_RESIDENT_WEBSUB_AUTH_TRANSACTION_STATUS_SECRET
      valueFrom:
        secretKeyRef:
          key: resident-websub-auth-transaction-status-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_IDA_KYC_TOKEN_SECRET
      valueFrom:
        secretKeyRef:
          key: mosip-ida-kyc-token-secret
          name: conf-secrets-various
    - name: SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_MOSIP_PARTNER_CRYPTO_P12_PASSWORD
      valueFrom:
        secretKeyRef:
          key: mosip-partner-crypto-p12-password
          name: conf-secrets-various
    envFrom:
    - configMapRef:
        name: config-server-env-vars
    image: mosipid/config-server:1.1.2
    imagePullPolicy: IfNotPresent
    livenessProbe:
      failureThreshold: 6
      httpGet:
        path: /config/*/*
        port: 51000
        scheme: HTTP
      initialDelaySeconds: 20
      periodSeconds: 30
      successThreshold: 1
      timeoutSeconds: 5
    name: config-server
    ports:
    - containerPort: 51000
      name: http
      protocol: TCP
    readinessProbe:
      failureThreshold: 6
      httpGet:
        path: /config/*/*
        port: 51000
        scheme: HTTP
      periodSeconds: 10
      successThreshold: 1
      timeoutSeconds: 5
    resources:
      limits:
        cpu: 200m
        memory: 1500Mi
      requests:
        cpu: 50m
        memory: 500Mi

securityContext: {}
startupProbe:
failureThreshold: 30
httpGet:
path: /config//
port: 51000
scheme: HTTP
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: config-server
serviceAccountName: config-server
terminationGracePeriodSeconds: 30
status:
conditions:

  • lastTransitionTime: “2024-05-03T07:12:58Z”
    lastUpdateTime: “2024-05-03T07:12:58Z”
    message: Deployment does not have minimum availability.
    reason: MinimumReplicasUnavailable
    status: “False”
    type: Available
  • lastTransitionTime: “2024-05-03T07:12:58Z”
    lastUpdateTime: “2024-05-03T07:12:58Z”
    message: ReplicaSet “config-server-5845df5544” is progressing.
    reason: ReplicaSetUpdated
    status: “True”
    type: Progressing
    observedGeneration: 1
    replicas: 1
    unavailableReplicas: 1
    updatedReplicas: 1

Hi @Rakshith_B ,

I have already tried increasing the startupProbe failureThreshold to 120 in the deployment but still no luck.

Thanks
Naveen

Hi Naveen,

Could you please verify if the config-server is up and running without modifying the default values.yaml configuration?

Hi Rakshith,

Yes the config-server is up without any issues if we run with the default values.yaml configuration. The issue only occurs when we change the repo url in the values.yaml file.

Thanks
Naveen

Hi Naveen,

I suspect there’s an issue with configuring Bitbucket. I will look into it. For now, could you please use GitHub.

Hi Rakshith,

The same issue seems to be occurring even while using the Github repo. FYI…we have even tried deploying a public git repo of my account and still facing the same issue. We are getting error with all the repos except the MOSIP default repo URL. Kindly check the same from your end and let us know.

Thanks
Naveen

hi @reddi3

Do a fork of mosip-config
and create a branch out of required branch/tag

image

1 Like

Dear @Rakshith_B ,

Only when we fork the mosip-config repo and deploy it is working fine. But it is not working with the normal repositories. Kindly check and confirm if this is the expected behavior.

Thanks
Naveen