Pivotal Knowledge Base

Follow

"Error requesting access token" while creating or deleting instances in Spring Cloud Services

Environment

Product Version
Spring Cloud Services (SCS) 1.3

Symptom

When trying to create or delete an instance of configuration server backed by Spring Cloud Services, we get error messages that read:

status code: 502, error code: 10001, message: Service instance <config-server-name>: Service broker error: Error deleting service instance: Failed to delete app <instance-app>: Error requesting access token.

Cause

It is most likely that either an old or current version of SCS tile has been installed previously, but not completely cleaned up. It is probable that the "Remove Service Broker" errand for pre-delete was left unchecked while removing the tile or it failed during the uninstallation. This leaves the UAA records, the CC route, and the service apps at a dirty status and makes the next install refer to the previous credentials, routes, or services.

Resolution

The easiest way to overcome the issue, if possible, is to uninstall the tile with the "Remove Service Broker" errand checked and have a clean reinstall. Usually, this is a quick solution and confirms the issue. 

In case uninstall is not an option, or we need more detailed troubleshooting evidence, the following steps can be taken to clean up the credentials left in the UAA DB and just re-run the install errands manually.

1. Set up the UAAC CLI and log on to the UAA server by following the instructions in the article here.

2. Find the user record created by SCS: 

uaac users -a emails

Typically, the user name starts with "p-spring-cloud-services". Usually, there are 2 users: "p-spring-cloud-services" and "p-spring-cloud-services-worker"

3. (Optional Step) There is also the passwordlastmodified tag which can confirm whether the user was created in the previous install by checking the timestamp:

uaac user get p-spring-cloud-services
uaac user get p-spring-cloud-services-worker

4. Delete the user by running the following: 

uaac user delete p-spring-cloud-services
uaac user delete p-spring-cloud-services-worker

When it is completed, either run the errands from the Ops Manager or use BOSH by running the following:

bosh run errand deploy-service-broker

and

bosh run errand register-service-broker

Comments

Powered by Zendesk