My Oracle Support Banner

Oracle Advanced Authentication (OAA) Installation Times Out During Install With "Error: timed out waiting for the condition" (Doc ID 2801078.1)

Last updated on DECEMBER 08, 2022

Applies to:

Oracle Advanced Authentication - Version 12.2.1.4 and later
Information in this document applies to any platform.

Symptoms

 During the installation of Oracle Advanced Authentication (OAA), when running the OAA.sh script, it ends stating the install of OAA failed

Going to install OAA.
File is present. Reading : /u01/oracle/scripts/settings/installOAA.properties
File based vault is selected .
Map id is not present in configuration. Using Manifest Id : <VALUE>
Executing helm command : helm install --repository-config /u01/oracle/scripts/creds/helmconfig --kubeconfig /u01/oracle/scripts/creds/k8sconfig --set global.factorsapikey="factorapikeytobesetduringinstallation" --set spui.service.type="NodePort" --set global.uasapikey="apikeytobesetduringinstallation" --set totp.service.type="NodePort" --set global.image.tag="<TAG_VALUE>" --set global.oauth.host="<OAUTH_HOSTNAME>" --set push.service.type="NodePort" --set service.type="NodePort" --set oaa-admin-ui.service.type="NodePort" --set sms.service.type="NodePort" --set global.oauth.ip="<OUATH_IP>" --set yotp.service.type="NodePort" --set fido.service.type="NodePort" --set email.service.type="NodePort" --set global.oauth.logouturl="<OAUTH_LOGOUT_URL>" --set riskdb.service.type="ExternalName" --set oaa-policy.service.type="NodePort" --set global.policyapikey="polapikeytobesetduringinstallation" --set global.repo="<REPOSITORY_LOCATION>" --set global.dbhost="<DATABASE_HOSTNAME>" --set global.dbport="<DB_PORT>" --set global.dbservicename="<DB_SERVICE_NAME>" --set global.dscredentials="<HASHED_VALUE>" --set global.oauth.oidcaudience="<OAA_CLIENT_NAME>" --set global.oauth.oidcclientid="<OAA_CLIENT_NAME>" --set global.oauth.oidcidentityuri="<OAUTH_HOSTNAME>" --set global.vault.provider="fks" --set global.vault.fks.server="<FKS_IP>" --set global.vault.fks.path="<FKS_PATH>" --set global.vault.fks.key="<FKS_PASSWORD>" --set global.vault.fks.mountpath="/u01/oracle/service/store/oaa" --set global.vault.mapId="<HASH_VALUE>" <DEPLOYMENT_NAME> /u01/oracle/helmcharts/oaa
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /u01/oracle/scripts/creds/k8sconfig
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /u01/oracle/scripts/creds/k8sconfig
NAME: oaainstall
LAST DEPLOYED: Fri Aug 20 13:50:19 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
Get the Oracle Advance Authentication(OAA) Service URL by running these commands:
bash -c 'export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services oaainstall-oaa) && export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}") && echo "" && echo https://$NODE_IP:$NODE_PORT/health'
Waiting for OAA installation check : <DEPLOYMENT_NAME>
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /u01/oracle/scripts/creds/k8sconfig
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /u01/oracle/scripts/creds/k8sconfig
Error: timed out waiting for the condition
NAME: <DEPLOYMENT_NAME>
LAST DEPLOYED: Fri Aug 20 13:50:19 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: <DEPLOYMENT_NAME>-email-sanity-check
Last Started: Fri Aug 20 13:50:24 2021
Last Completed: Fri Aug 20 13:55:24 2021
Phase: Failed
NOTES:
Get the Oracle Advance Authentication(OAA) Service URL by running these commands:
bash -c 'export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services oaainstall-oaa) && export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}") && echo "" && echo https://$NODE_IP:$NODE_PORT/health'
Helm test failed
Fail to install OAA. Please check the log file

 However, if you check the status of the OAA pods in Kubernetes, all the pods are up and running with a 1/1 STATUS.

$ kubectl get pods
NAME READY STATUS RESTARTS AGE
<DEPLOYMENT_NAME>-cache-proxy-0 1/1 Running 0 27m
<DEPLOYMENT_NAME>-cache-rest-0 1/1 Running 0 27m
<DEPLOYMENT_NAME>-cache-storage-0 1/1 Running 0 27m
<DEPLOYMENT_NAME>-cache-storage-1 1/1 Running 0 27m
<DEPLOYMENT_NAME>-cache-storage-2 1/1 Running 0 27m
<DEPLOYMENT_NAME>-email-<VALUE> 1/1 Running 0 27m
<DEPLOYMENT_NAME>-fido-<VALUE> 1/1 Running 0 27m
<DEPLOYMENT_NAME>-oaa-admin-ui-<VALUE> 1/1 Running 0 27m
<DEPLOYMENT_NAME>-oaa-<VALUE> 1/1 Running 0 27m
<DEPLOYMENT_NAME>-oaa-policy-<VALUE> 1/1 Running 0 27m
<DEPLOYMENT_NAME>-sms-<VALUE> 1/1 Running 0 27m
<DEPLOYMENT_NAME>-spui-<VALUE> 1/1 Running 0 27m
<DEPLOYMENT_NAME>-totp-<VALUE> 1/1 Running 0 27m
<DEPLOYMENT_NAME>-yotp-<VALUE> 1/1 Running 0 27m

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.