Secret watcher pod shows CrashLoopBackOff status
secret-watcher pod keeps crashing and shows a
There might be many Kubernetes secrets that are configured in the cluster. The current memory limit that is configured in the
secret-watcher pod is not sufficient to manage the Kubernetes secrets. Kubernetes killed the pod due to less
Resolving the problem
To resolve the issue, increase the resource memory limit to a value that is sufficient for the pod to manage all the Kubernetes secrets.
Log in to your boot node with the
Check the number of Kubernetes secrets that are in the cluster.
oc get secrets --all-namespaces | wc -l
oc -n ibm-common-services edit CommonService common-service
Add the following piece of configuration under the
spec.servicessection. Add the required memory limit in the
spec: services: - name: ibm-iam-operator spec: secretwatcher: resources: limits: memory: 220Mi
Save and exit the custom resource.
Wait for some time and then check the
secret-watcherpod status. The status must show as
1/1 Runningand the updated memory must show in the pod description.
secret-watcherpod status and name.
oc -n ibm-common-services get pods | grep secret-watcher
Check the pod description.
oc -n ibm-common-services describe pod <secret-watcher-pod-name>