Challenges, resolutions, and lessons learned.

  • Technical challenges faced and strategies employed to overcome them.

    • Issues while accessing the domain names could be because proxy-protocol is not enabled in the target groups or routing is not correct and LB listeners configurations also not correct.

    • When accessing istio-system from terminal it should show DNS name of load balancer in EXTERNAL-IP section or else not able to access endpoints. It causes because of multiple security-groups attached to your nodes. Make sure only one security-group attached to each node.
      If you are facing any issues while accessing the domain names that could be because proxy-protocol is not enabled in the target groups. or routing is not correct and LB listeners configurations also not correct.

    • When accessing istio-system from the terminal it should show DNS name of load balancer in EXTERNAL-IP section or else not able to access endpoints. It causes because of multiple security-groups attached to your nodes. Make sure only one security-group attached to each node.

    • If facing intermittent connectivity issues while login esignet then please disable istio layer from softhsm namespace run below command.
      kubectl label ns softhsm istio-injection=disabled --overwrite

    • Facing issues in accessing endpoints, need to make services publicly via VirtualServices/Gateways.

    • And make changes on configuration side as api-internal where your using api.sandbox as a domain name

    • And if you facing issues related to resources the services won't come up because
      of a lack of resource consumption, so you need to increase the node RAM and ROM, and need to decrease the resource consumption for particular services.

    • Facing issues while building INJI application, so that can be resolved by
      Inji Troubleshooting

      CARD DOWNLOAD AND ACTIVATION ISSUE:(card keep on loading/ not downloading)

      Updated mimoto default properties

      idp.binding.base.url=https://api-internal.tfgovidbb.sandbox-playground.com/v1/esignet/binding

      BINDING_OTP=https://api-internal.tfgovidbb.sandbox-playground.com/binding-otp
      WALLET_BINDING=https://api-internal.tfgovidbb.sandbox-playground.com/wallet-binding

      LOGIN WITH ESIGNET ISSUE (unable to recocnize the face)

      Updated inji default properties

      mosip.inji.faceSdkModelUrl=https://${mosip.api.internal.host}/inji
      mosip.inji.warningDomainName=https://${mosip.api.internal.host}

    • Facing issues in accessing endpoints, need to make services publicly via VirtualServices/Gateways.

    • And make changes on configuration side as api-internal where your using api.sandbox as a domain name

  • Renew MISP licence key :

  1. Login to Postgres and move go inside mosip_ida -->misp_license_data--> Here modify the misp_expires_on column for misp_id mpartner-default-esignet entry.

  2. Login to Postgres and move go inside mosip_pms -->misp_license--> Here modify the valid_to_date column for misp_id mpartner-default-esignet entry.

Restart ida and pms namespace pods.