Troubleshoot Installation Issues
When you begin installing Anypoint Service Mesh, you might encounter issues caused by incorrect credentials, insufficient space on pods, and so on. These texts provide possible causes for your installation issues and describe how to troubleshoot these errors:
Credentials Do Not Have the Necessary Permissions or Entitlements
When you start the Anypoint Service Mesh installation, the installer appears to be progressing with dependency checks but an the given credentials does not have the necessary permissions or entitlements error is displayed:
Invalid Credentials Provided
When you start the Anypoint Service Mesh installation, the installer appears to be progressing with performing dependency checks but an the given credentials are invalid error is displayed:
Causes
This error can occur due to the following reasons:
-
The client ID and client secret credentials you specified to the installer are incorrect.
-
You are using an incorrect control plane for the installation.
Solution
To resolve this error, perform the following steps:
-
If you are not using a US control plane, verify that you have exported the correct variable to point to the correct one. For example, you can provide the flag
--platformUri=https://eu1.anypoint.mulesoft.com -
Alternatively, modify the control plane by setting the
SERVICEMESH_PLATFORM_URIvariable:export `SERVICEMESH_PLATFORM_URI=https://eu1.anypoint.mulesoft.com -
Obtain the correct organization or environment credentials.
-
Restart the installer with the correct pair of client ID and client secret credentials.
Insufficient Pod Allocation
When you start the Anypoint Service Mesh installation, the installer times out.
Solution
To resolve this error, perform the following steps:
-
Before the installer actually fails, verify the status of the pods:
kubectl get pods --all-namespacesAll the pods in all namespaces are displayed with their status and additional details.
-
If a pod is
Pending, obtain additional information about the pod:kubectl describe pods pod_name -n service-meshIn the
Eventssection, the result of the command shows that the scheduling of the node has failed. -
Verify that node capacity is not exceeded:
kubectl describe nodes -
Increase the capacity of the node or add nodes.
Tip: If you are using Amazon EKS, this node capacity is calculated from the instance type. Therefore if you increase the instance type, the number of pods is increased.
-
Restart the Anypoint Service Mesh installer to complete the installation.
Service Mesh Not Found
When you start the Anypoint Service Mesh installation, the installer fails with the Service Mesh not found error.
Installation Failed Due to Failed WebHook Calling Error
When you start the Anypoint Service Mesh installation, the installer fails with the failed calling webhook error:
Error: release service-mesh failed, and has been uninstalled due to atomic being set: Internal error occurred: failed calling webhook "pilot.validation.istio.io": Post https://istio-galley.service-mesh.svc:443/admitpilot?timeout=30s: no endpoints available for service "istio-galley"
FATAL: Installing 'service-mesh' Helm Chart!!!Diagnose
To diagnose the issue:
-
Verify that the main nodes have access to port 443 in worker nodes.
-
Verify that no orphan resources remain from a previous installation or uninstallation:
kubectl get clusterservicebrokers,clusterrole,psp,clusterrolebinding,mutatingwebhookconfigurations,validatingwebhookconfigurations -oname | awk '/(service-mesh|istio|catalog)/'Any existing orphan resource are displayed.
Solution
To resolve this issue:
-
If your main node does not have access to port 442 in worker nodes, modify security groups based on the provider.
-
If you find orphan resources, delete them and then reinstall Anypoint Service Mesh. Depending on the resources, run one of the following commands:
-
$ kubectl delete ns service-mesh -
$ kubectl get clusterservicebrokers,clusterrole,psp,clusterrolebinding,mutatingwebhookconfigurations,validatingwebhookconfigurations -oname | awk '/(service-mesh|istio|catalog)/' | xargs kubectl delete
-