17 Mar 2022 01:46 AM - last edited on 10 May 2022 08:40 AM by MaciejNeumann
Hi, we are setting up the Dynatrace Openshift monitoring (classicFullstack).
After we applied the token and apply classicFullStack.yaml, dynakube pods are not shown
Solved! Go to Solution.
17 Mar 2022 04:22 AM
Hi @Starhut
Thanks for your question.
Looking at the error, I can see that PaaS or API token you are passing is not valid. Kindly check the right permissions while creating the token and apply the yaml file once again.
17 Mar 2022 05:18 AM - edited 17 Mar 2022 05:20 AM
Hi @theharithsa ,
I checked on the token permission don't find anything wrong on it.
API v1 - Access problem and event feed, metrics, and topology,
PaaS integration - Installer download
follow according to prerequisite mentioned here:
I think the token is not valid is because of the prior error there " error making Post request" that reject it.
Thanks.
17 Mar 2022 09:11 AM
Hi @Starhut
Wonder if the message regarding the certificate (x509: certificate relies on legacy Common Name field, use SANs instead) is info or error one ....
I would try to skip cert here
HTH
Yos
17 Mar 2022 11:55 AM
Hi @Yosi_Neuman
I get the statement from:
oc -n dynatrace logs -f deployment/dynatrace-operator.
Since I am using immutable image, I don't think skipcertcheck is possible. Correct me if I am wrong.
Thanks
17 Mar 2022 12:46 PM
Hi @Starhut ,
Please try to set skipCertCheck to true as explained in documentation
Update if the issue persist
All the best and stay safe
Yos
17 Mar 2022 01:21 PM
Hi @Yosi_Neuman ,
Please check this.
When using the immutable image, fields such as proxy, trustedCAs, and skipCertCheck are ignored
I am following this due to my environment is isolated from Internet.
Thanks.
17 Mar 2022 01:38 PM
Hi @Starhut
Stand corrected.
One of our prospects had the similar issue and was able to over come it by adding the DT cluster to the allowed list in OpenShift. It was something that the OpenShift guys made and we didn't get any details how this was set.
If that will not work open a support ticket and support will be able to give you internal domain of your dynatrace cluster that can help to solve this issue.
HTH
Yos
10 May 2022 07:39 AM - edited 10 May 2022 07:40 AM
All,
We were receiving a similar issue in GKE deployment using the v.0.5.0 & v.0.5.1 operators.
│ Last Transition Time: 2022-05-10T02:51:26Z │
│ Message: error when querying token on secret dynatrace:dynakube: error making post request to dynatrace api: Post "https://<ActiveGate URL> :9999/e/<env>/api/v1/token ││ ns/lookup": EOF │
│ Reason: TokenError ││ Status: False │
│ Type: APIToken
There seems (or is) an issue where the Service entries for Istio were not added despite being enabled in the CRD (Resource), which caused the resulting errors to occur.
We resolved the issue by manually adding the ServiceEntry and VirtualService objects
Configure Istio for OneAgent traffic in Kubernetes | Dynatrace Docs
Might help someone
10 May 2022 09:40 AM
In the end, we generated a certificate with san.cnf, reload into the server and able to resolve the issue.