Why does the Ingress status show an ESSSMG error?
Virtual Private Cloud Classic infrastructure Satellite
When you check the status of your cluster's Ingress components by running the ibmcloud oc ingress status-report get
command, you see an error similar to the following example.
Could not the secret group (ESSSMG).
Red Hat OpenShift on IBM Cloud is unable to access the secret group that was registered with the cluster to upload the default Ingress certificates.
Review your service-to-service authorization policies and verify that communication between Red Hat OpenShift on IBM Cloud and Secrets Manager is enabled.
-
Follow the steps to ensure there is a service-to-service authorization policy configured to enable communication between Red Hat OpenShift on IBM Cloud and Secrets Manager.
-
If the policy exists, verify that the secret group registered with the cluster exists in the instance.
- To view the instance registration details for your cluster run the
ibmcloud oc ingress instance ls
command. - To view and modify the secret groups available in your instance, see Organizing your secrets.
- To update the secret group for your cluster, run the
ibmcloud oc ingress instance default set
command and specify the--secret-group
option.
- To view the instance registration details for your cluster run the
-
If the issue persists, contact support. Open a support case. In the case details, be sure to include any relevant log files, error messages, or command outputs.