Giters

gardener / gardener-extension-provider-azure

Gardener extension controller for the Azure cloud provider (https://azure.microsoft.com).

Home Page:https://gardener.cloud

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Seed deletion fails due to missing backupbucket secret

Diaphteiros opened this issue · comments

commented

How to categorize this issue?

/area robustness
/kind bug
/platform azure

What happened:
When deleting a seed resource, the deletion gets stuck. The seed object shows

  - lastTransitionTime: "2023-01-25T15:17:22Z"
    lastUpdateTime: "2023-01-25T15:16:15Z"
    message: |-
      The following BackupBuckets have issues:
      * Name: 8c8ddf37-878d-48c2-96e4-3b8ae84f2293, Error: Error deleting BackupBucket: Secret "generated-bucket-8c8ddf37-878d-48c2-96e4-3b8ae84f2293" not found
    reason: BackupBucketsError
    status: "False"
    type: BackupBucketsReady

The corresponding BackupBucket resource shows

status:
  generatedSecretRef:
    name: generated-bucket-8c8ddf37-878d-48c2-96e4-3b8ae84f2293
    namespace: garden
  lastError:
    description: 'Error deleting BackupBucket: Secret "generated-bucket-8c8ddf37-878d-48c2-96e4-3b8ae84f2293"
      not found'
    lastUpdateTime: "2023-01-25T15:32:46Z"
  lastOperation:
    description: Deletion of BackupBucket state initialized.
    lastUpdateTime: "2023-01-25T15:32:46Z"
    progress: 0
    state: Processing
    type: Delete
  observedGeneration: 2

On the infrastructure, the storage account which belongs to this backup bucket is already gone. It seems that the secret is removed after the infrastructure has been cleaned up, but before the BackupBucket is removed.

The error looks like it comes from here.

What you expected to happen:
Deleting a seed should work. The BackupBucket resource should not be stuck in deletion when the storage account on the infrastructure is already gone.

How to reproduce it (as minimally and precisely as possible):
Delete an Azure seed (by deleting the seed resource). I haven't done anything else to reproduce this bug.

Anything else we need to know?:

Environment:

  • Gardener version (if relevant): Seen with v1.60.3 and v1.61.5
  • Extension version: Seen with v1.32.0 and v1.33.0
  • Kubernetes version (use kubectl version): base cluster on v1.24.8, shooted seed on v1.24.2
  • Cloud provider or hardware configuration: Gardener and soil on AWS, shooted seeds on AWS, GCP, and Azure