Why do I see a MetadataServiceNotEnabled
error for File Storage for VPC?
Virtual Private Cloud
Your app that uses encryption in-transit File Storage for VPC fails with a MetadataServiceNotEnabled
error.
You see an error message similar to the following.
Code: MetadataServiceNotEnabled, Description: Failed to mount target., BackendError: Response from mount-helper-container -> Exit Status Code: exit status 1 ,ResponseCode: 500, Action: Metadata service might not be enabled for worker node. Make sure to use IKS>=1.30 or OpenShift>=4.16 cluster.}
Encryption in-transit is not supported in clusters without public internet access. Cluster versions 1.30 and later are provisioned as Secure by Default. However, to use encryption in-transit, you must disable outbound traffic protection or add a security group rule that allows all outbound traffic.
To resolve this, you must allow all outbound access to your cluster by using the following command.
ibmcloud ks vpc outbound-traffic-protection disable --cluster CLUSTER [-f] [-q]