Hello,
We tried to disable/remove a pki secret engine, first using Terraform and then manually using vault secrets disable pki/<identifier>
. When we tried to do this, we received the error context deadline exceeded
.
When looking in the logs, we noticed;
{"@level":"debug","@message":"clearing view","@module":"core.secrets.deletion","@timestamp":"2020-12-01T11:36:04.756294Z","namespace":"root","path":"pki/<identifier/","total_keys":1461754}
{"@level":"error","@message":"failed to clear view for path being unmounted","@module":"core","@timestamp":"2020-12-01T11:37:32.709597Z","error":"http://<IP_ADDRESS:PORT>/v1/kv/HIDDEN/logical/1234-abcd-56ef-gh78-12345abcde/certs/1a-2b-3c-4d-5e-6f-7g-8h-9i-0j-1k-2l-3m-4n-5o-6p-7q-8r-9s-0t: context canceled","path":"pki/<IDENTIFIER>/"}
{"@level":"error","@message":"unmount failed","@module":"secrets.system.system_63b37468","@timestamp":"2020-12-01T11:37:32.709641Z","error":"Delete http://<IP_ADDRESS:PORT>/v1/kv/HIDDEN/logical/1234-abcd-56ef-gh78-12345abcde/certs/1a-2b-3c-4d-5e-6f-7g-8h-9i-0j-1k-2l-3m-4n-5o-6p-7q-8r-9s-0t: context canceled","path":"pki/<IDENTIFIER>/"}
We have a few questions;
- Why would our total_keys value would be so large and is there anyway to minimize this, as this could cause issues for other unmounting attempts.
- What is a view?
- What are these keys?
- Is there any documentation around this that I may have missed?
Thanks