Why do I get an error about a cloud object storage bucket when I create a cluster?

Infrastructure provider: VPC

When you create a cluster, you see an error message similar to the following.

Could not store the cloud object storage bucket and IAM service key.

Could not find the specified cloud object storage instance.

Could not create an IAM service key to access the cloud object storage bucket '{{.Name}}'.

Could not create a bucket in your cloud object storage instance.

Verify your user permissions and the API key permissions to Cloud Object Storage, or use a different instance that you have permissions to, and try again. For more information, see 'http://ibm.biz/roks_cos_ts'.

When you create a Red Hat OpenShift on IBM Cloud version 4 cluster on VPC generation 2 compute infrastructure, a bucket is automatically created in a standard IBM Cloud Object Storage instance that you select in your account.

However, the bucket might not create for several reasons such as:

• IBM Cloud Object Storage is temporarily unavailable.
• No standard IBM Cloud Object Storage instance exists in your account, or the person whose API key is set for the region and resource group does not have permissions to view the instance.
• The person who created your cluster did not have the Administrator platform access role to IBM Cloud Object Storage in IAM.
• The service failed to set up service key access to the object storage instance, such as if the API key lacks permissions or IBM Cloud IAM is unavailable.
• Other conflicts, such as naming conflicts that exhaust the preset number of retries or saving the bucket and service key data in the backend service.

Manually set up your cluster to back up the internal registry to an IBM Cloud Object Storage bucket.

1. Make sure that the API key for the region and resource group is set and that you have the required permissions to create a cluster.
2. If corporate network policies prevent access from your local system to public endpoints via proxies or firewalls, allow access to the IBM Cloud Object Storage subdomain.
3. Identify the IBM Cloud Object Storage instance to use. You can create an instance or use an existing one.
   • Create a standard IBM Cloud Object Storage service, at least one bucket, and HMAC service credentials.
   • To use an existing instance, make sure that you and the API key that is set for the region have permissions to the instance.
4. Create a cluster with your IBM Cloud Object Storage instance ID. For more information, see the CLI reference.

   ibmcloud oc cluster create vpc-gen2 --name NAME --zone ZONE --vpc-id VPC_ID --subnet-id VPC_SUBNET_ID --flavor WORKER_FLAVOR --cos-instance COS_CRN --workers 3
   

5. Verify that the internal registry images are backed up to IBM Cloud Object Storage.
   1. Build an image for your app and push it to IBM Cloud Container Registry.
   2. Import the image into your internal Red Hat OpenShift registry.
   3. Deploy an app that references your image.
   4. From the IBM Cloud console resource list, select your Cloud Object Storage instance.
   5. From the menu, click Buckets, then click the bucket that you used for your Red Hat OpenShift on IBM Cloud cluster.
   6. Review the recent Objects to see your backed up images from the internal registry of your Red Hat OpenShift on IBM Cloud cluster.