I am in the process of deploying MOSIP in a testing environment (sandbox/dev) and I am encountering a blocking issue with the Docker images of the kernel (e.g., mosipid/kernel-auditmanager-service:1.2.0.1).
All the kernel pods are in CrashLoopBackOff with the following error in the logs: java.util.zip.ZipException: zip file is empty.
Upon checking, it seems that the MOSIP Docker images for the kernel on Docker Hub are corrupted or incomplete.
I would like to build the Docker images for the kernel locally from the source code, but I cannot find a public repository containing the Java source code or the Dockerfiles for these services.
Questions:
Where can I find the source code for the MOSIP kernel (and other backend modules) as well as the Dockerfiles to build the images locally?
Is there official documentation or a procedure for building and publishing these images?
Is it possible to obtain access (even temporary) to the source repository for sandbox/dev use?
Keycloak: mosip-keycloak-0 - Running (2d5h uptime, some restarts due to resource constraints)
Kafka: 3 controller pods running (2d5h uptime)
MinIO: mosip-minio-* pods running (2d5h uptime)
Helm releases: All external services show “deployed” status
5. Config Server and Artifactory Status
Config Server: NOT WORKING - Main issue we’re facing
Status: Pod stuck in CreateContainerConfigError
Problem: Missing keys in various secrets/configmaps (softhsm-kernel, softhsm-ida, activemq-host, etc.)
Helm release: Currently uninstalled due to troubleshooting
Artifactory: NOT DEPLOYED
Namespace exists but no pods deployed
This might be part of the issue
6. Artifactory Version
Status: Artifactory is not currently deployed
Question: Should Artifactory be deployed before Config Server? We may have missed this step.
Current Issue Summary
The main blocker is the Config Server failing to start due to missing configuration keys in secrets and configmaps. We’ve been iteratively fixing missing keys, but new ones keep appearing, suggesting we might be missing a fundamental setup step.
Questions for your team:
Is Artifactory deployment mandatory before Config Server?
Do you have a script or method to initialize all required secrets/configmaps at once?
Should we follow a different sequence for development/non-DNS environments?
We would appreciate guidance on the correct deployment sequence and any missing prerequisites.
Thank you for reaching out with your questions. Please find our responses below:
Is Artifactory deployment mandatory before Config Server?
No, Artifactory deployment should follow Config Server deployment. Please refer to the deployment sequence outlined in the README of the respective repositories (links provided below).
Do you have a script or method to initialize all required secrets/configmaps at once?
There is no consolidated script at the moment. It is crucial to follow the sequence mentioned in the documentation to ensure that all required secrets and config maps are initialized correctly.
Should we follow a different sequence for development/non-DNS environments?
No, the deployment sequence remains the same across all environments. Any deviation, especially in the external modules, may result in missing secrets/config maps, which can cause issues such as CrashLoopBackOff or CreateContainerConfigError during Config Server deployment.
Once all external dependencies are in place, proceed with MOSIP modules, starting from conf-secrets, followed by config-server, artifactory, and so on, as per this guide: MOSIP Modules Deployment Guide
Following this order is essential for a successful and stable deployment.
Just checking in - hope the issue has been resolved after following the guidance provided in our previous response.
Could you please confirm if everything is working as expected now?