Why do I see a MetadataServiceNotEnabled error for File Storage for VPC?

Virtual Private Cloud

Your app that uses encryption in-transit File Storage for VPC fails with a MetadataServiceNotEnabled error.

You see an error message similar to the following.

Code: MetadataServiceNotEnabled, Description: Failed to mount target., BackendError: Response from mount-helper-container -> Exit Status Code: exit status 1 ,ResponseCode: 500, Action: Metadata service might not be enabled for worker node. Make sure to use IKS>=1.30 or OpenShift>=4.16 cluster.}

Encryption in-transit is not supported in clusters without public internet access. Cluster versions 1.30 and later are provisioned as Secure by Default. However, to use encryption in-transit, you must disable outbound traffic protection or add a security group rule that allows all outbound traffic.

To resolve this, you must allow all outbound access to your cluster by using the following command.

ibmcloud ks vpc outbound-traffic-protection disable --cluster CLUSTER [-f] [-q]