ARO creation fails with "Internal Server Error" and no details

Czachs Rene 96 Reputation points
2021-10-25T09:06:10.89+00:00

Hi,

i am trying to create a ARO cluster from the commandline.

I basically followed the instructions from RedHat: https://cloud.redhat.com/blog/openshift-blog-aro-aad
The only things i skipped are creation of DNS Zone (since i can live with the defaults) and instead of /23 networks i used /27.

Command:
az aro create --resource-group $RESOURCEGROUP --name $CLUSTER --vnet aro-vnet --master-subnet master-subnet --worker-subnet worker-subnet --pull-secret @pull-secret --client-secret "XXXXX" --client-id "XXXXXX"

Response after ~20 minutes: (InternalServerError) Internal server error.

Now the ARO cluster is in a failed state without any details. When i open the cluster in the Azure portal i can see that the URL attributes in the overview are empty.

Of course i cannot open a ticket for that, since we only have basic support enabled.

Any ideas what may have happened in the background for the creation to fail? I tried to create it in a MSDN based subscription with 150 USD/month for testing deployment before i set up a prod instance.

Thanks,
Rene

Azure Red Hat OpenShift
Azure Red Hat OpenShift
An Azure service that provides a flexible, self-service deployment of fully managed OpenShift clusters.
84 questions
{count} votes

Accepted answer
  1. Czachs Rene 96 Reputation points
    2021-10-29T10:47:10.003+00:00

    nevermind, solved it myself

    And since i hate such answers, here a description on what actually was the issue :)

    A MSDN based subscription has a basic quota for regional vCPUs of 20, as well as for the DSv3 family VMs. as the default installation of ARO requests 36 vCPUs, this failed.
    After raising the limits everything worked without any problem.

    How did i get to that conclusion? I tried the same process of installation without a SP but directly with a domain admin and suddenly got the correct error message instead of "internal server error": (ResourceQuotaExceeded) Resource quota of standardDSv3Family exceeded. Maximum allowed: 20, Current in use: 0, Additional requested: 36.

    Also:

    1. since a month or so you no longer need to request quota increases through a ticket to support, but can do it yourself through "Limits and Quotas" in your subscription, and it takes a few minutes instead of days as before.
    2. In all documentations its referenced that your service principal needs to have "Azure Active Directory Graph" permissions. Though those are legacy now and no longer supported. I couldnt find a way to install with a manually created SP yet.

    Cheers,
    Rene


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.