Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Initial GlusterFS native setup fails with Invalid JWT token: signature is invalid

See original GitHub issue

Description

On Gluster install into existing cluster, Verify Heketi fails with a “signature invalid” error.

Version

Please put the following version information in the code block indicated below.

Your ansible version per ansible --version

2.7.2

If you’re operating from a git clone:

The output of git describe

openshift-ansible-4.0.0-0.84.0

Steps To Reproduce

Create new OKD 3.11 cluster on Fedora 29 using deploy_cluster.yml
Attempt to add native glusterfs to this cluster using openshift_storage_glusterfs/config.yml

Expected Results

Install completed.

Observed Results

Install fails with the following error:

TASK [openshift_storage_glusterfs : Verify heketi service] ****************************************************************************************************************************************
Friday 07 December 2018  19:33:00 +0000 (0:00:00.127)       0:00:55.337 *******
fatal: [ip-172-31-1-111.us-west-2.compute.internal]: FAILED! => {"changed": false, "cmd": ["oc", "--config=/tmp/openshift-glusterfs-ansible-FOV42Y/admin.kubeconfig", "rsh", "--namespace=glusterfs", "deploy-heketi-storage-1-bknvx", "heketi-cli", "-s", "http://localhost:8080", "--user", "admin", "--secret", "q4CpOzGTKWT2IF9JKERYzI26ZwnKjnHnYDi6XBHqV3k=", "cluster", "list"], "delta": "0:00:00.327708", "end": "2018-12-07 19:33:00.906016", "msg": "non-zero return code", "rc": 255, "start": "2018-12-07 19:33:00.578308", "stderr": "Error: Invalid JWT token: signature is invalid (client and server secrets may not match)\ncommand terminated with exit code 255", "stderr_lines": ["Error: Invalid JWT token: signature is invalid (client and server secrets may not match)", "command terminated with exit code 255"], "stdout": "", "stdout_lines": []}

Additional Information

I tried the fix described for #10708 but it did not solve the issue.

I also tried adding import_task: get_heketi_key to the start of tasks/heketi_set_cli, and it also did not make a difference.

Issue Analytics

State:
Created 5 years ago
Comments:6

Top GitHub Comments

1reaction

giammacommented, Jan 11, 2019

@fmq delete the ‘app-storage’ project which contains the glusterfs pods:

oc delete project app-storage

0reactions

fmqcommented, Jan 13, 2019

@prasenforu What worked for me ( actually deleting the project app-storage as suggested by @giamma also works ) was to execute the GlusterFS uninstall playbook ( playbooks/openshift-glusterfs/uninstall.yml ) with openshift_storage_glusterfs_wipe=true (data WILL be lost).

one more thing check /etc/fstab for any Gluster created disk that where left behind after the uninstall since entires don’t get erased and this causes machine not to boot any more.

Top Results From Across the Web

JWT (JSON Web Tokens) Errors | Invalid JWT Signature

For Invalid JWT Signature, check if your service account key has expired. Go to your APIs & Services to add a new key...

signature is invalid (client and server secrets may not match)

Hello friends of OKD I have tried to install an OKD cluster with the following configuration: 3 masters, 3 infrastructure nodes, 6 GlusterFS...

Always getting invalid signature in jwt.io - Stack Overflow

When you paste the JWT in jwt.io, it does this: decodes the token, and show the header and the payload on the right;...

Chapter 4. APIcast policies Red Hat 3scale API Management 2.8

false : The call is rejected with the Authentication Failed error. The policy allows enabling caching of the tokens to avoid calling the...

Configuring Authentication and User Agent

It is a best practice to configure your identity provider during cluster installation, but you can configure it after installation. OpenShift Container Platform ......