Aria Automation UI Unavailable and Identity-service-app pods Continuously Restarting
search cancel

Aria Automation UI Unavailable and Identity-service-app pods Continuously Restarting

book

Article ID: 398038

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

  • The Aria Automation UI becomes inaccessible, and the identity-service-app pods in the Kubernetes cluster are observed to be restarting continuously.
  • This behavior is typically linked to a failure in communication between the identity-service-app and the VMware Identity Manager (vIDM).
  • The following error may be observed in the identity-service-app.log:

ERROR identity-service [host='identity-service-app-xxxxxxxxxx-xxxxx' thread='reactor-http-epoll- 4' user='' org='' trace='xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx'] c.v.i.common.util.HealthUtilComponent.onErrorMarkDown:70 - nested exception is java.nio.channels.UnresolvedAddressException

Environment

Aria Automation 8.18.x

Cause

This issue occurs when the identity-service-app pod fails to resolve or establish connectivity with the vIDM. This typically indicates a DNS resolution failure or network connectivity issue between the pod and the vIDM endpoint.

Resolution

Step 1: Validate Pod and Service Status

  1. SSH into one of the Aria Automation appliances as root.
  2. List the running pods:

    kubectl -n prelude get pods

Step 2: Access the Identity-service-app Pod

  1. Pick any identity-service-app pod and exec into it:

    kubectl -n prelude exec -it <identity-service-pod-name> -- bash

Step 3: Check Connectivity to vIDM

  1. From within the pod, run:

    curl -k https://<vIDM-url>/SAAS/API/1.0/REST/system/health/heartbeat

    Expected Result: OK
    Failure Result:
    curl: (6) Could not resolve host: <vIDM-url>

Step 4: Troubleshoot DNS/Network

  1. If the host cannot be resolved, check:
    • DNS resolution from within the pod.
    • Cluster DNS configurations (e.g., CoreDNS).
    • Routing/firewall rules between the pod and vIDM.
    • vIDM service availability and endpoint correctness.

If the issue persists after validating all the steps mentioned above, please proceed to re-register the Identity Manager in Suite Lifecycle Manager.

  1. Login to VMware Aria Suite Lifecycle using a local account.
  2. Navigate Environments > Automation  > click on ellipses(...) > Re-Register with Identity Manager.

 

Powered by Wolken Software