When users delete PVC in Kubernetes, the PV status stays on "Released". Users would like to recreate the PVC with the same PV but failed. new PVC status always stays on "Pending".
We need to manually clear the status to make it "Available" via below command
kubectl patch pv <pv name> -p '{"spec":{"claimRef": null}}'
* Trying 12.12.12.12:443...* TCP_NODELAY set* Connected to *** port 443 (#0)* ALPN, offering h2* ALPN, offering http/1.1* successfully set certificate verify locations:* CAfile: /etc/ssl/certs/ca-certificates.crtCApath: /etc/ssl/certs* TLSv1.3 (OUT), TLS handshake, Client hello (1):* TLSv1.3 (IN), TLS handshake, Server hello (2):* TLSv1.2 (IN), TLS handshake, Certificate (11):* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* Trying 12.12.12.12:443...* TCP_NODELAY set* Connected to *** port 443 (#0)* ALPN, offering h2* ALPN, offering http/1.1* successfully set certificate verify locations:* CAfile: /etc/ssl/certs/ca-certificates.crtCApath: /etc/ssl/certs* TLSv1.3 (OUT), TLS handshake, Client hello (1):* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to *** :443
From the output, we see 443 is open but the TLS handshake, Server hello is missing. We have mid-tiers to handle TLS certificates. So it is very likely that the network is interrupted between LB and mid-tiers where TLS is being handled. It would be a good approach to double-check firewall ports between them. :)
Another reason is ingress controller pods were stuck may bounce or scale up to workaround it
