question

GhoshSanu-8837 avatar image
0 Votes"
GhoshSanu-8837 asked AndrewMTrice-4718 published

Portworx Azure disk not getting deleted from when deployment fails for ARO

When we deploy Portworx storage cluster on Azure redhat Openshift, In the backend Azure disks get created
for reference
ARO-L92N0FQZ
Australia East
PX-DO-NOT-DELETE-00332d5b-54ee-4f47-baa1-86b12a53d17d
Premium SSD LRS
150

but portwox storage cluster and storage nodes fails

and when ever pod restarts it creates disks

now when we are trying to delete these disks we are not able to delete these disks

even owner and contributor can delete it
and getting below error

=============================================================

Failed to delete disk
Failed to delete disk 'PX-DO-NOT-DELETE-00332d5b-54ee-4f47-baa1-86b12a53d17d'. Error: The client 'sanu.ghosh@fujitsu.com' with object id '540e5759-b7b6-4d74-87f3-ce5e9cef150e' has permission to perform action 'Microsoft.Compute/disks/delete' on scope 'aro-l92n0fqz/providers/Microsoft.Compute/disks/PX-DO-NOT-DELETE-00332d5b-54ee-4f47-baa1-86b12a53d17d'>PX-DO-NOT-DELETE-00332d5b-54ee-4f47-baa1-86b12a53d17d'; however, the access is denied because of the deny assignment with name '5901f0c2-9094-59b4-9a77-c83ca3b768ca' and Id '5901f0c2909459b49a77c83ca3b768ca' at scope '/subscriptions/6ed90f42-1fd7-4b6f-a72e-ff059edc9e8b/resourcegroups/aro-l92n0fqz'.

================================================================

azure-rbacazure-redhat-openshift
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

karishmatiwari-msft avatar image
0 Votes"
karishmatiwari-msft answered karishmatiwari-msft edited

Which version of ARO are you using? Please try the latest version of ARO.
Documentation link for ARO cluster creation: https://docs.microsoft.com/en-us/azure/openshift/tutorial-create-cluster

ARO is a managed service and customer does not have full management right on the cluster so the RG is locked.

If this doesn't help, I saw that you have a support ticket open for the same issue. The support engineers can look at the backend and further investigate the issue. Once you have a resolution, I would post the answer here for others to reference.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndrewMTrice-4718 avatar image
0 Votes"
AndrewMTrice-4718 answered AndrewMTrice-4718 published

I am facing a similar permissions issue when I attempt to install Portworx into an ARO cluster. The pods within the StorageCluster never become available, and in the pod logs I see an error message almost identical to the one posted above. It looks like the permissions on the restricted resource group are preventing a successful Portworx deployment. Does anyone know what needs to be done to get Portworx to deploy successfully on the cluster?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.