Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hangs on "Obtaining bundled SAN certificate" #41

Closed
AlecTroemel opened this issue Feb 6, 2017 · 1 comment
Closed

hangs on "Obtaining bundled SAN certificate" #41

AlecTroemel opened this issue Feb 6, 2017 · 1 comment

Comments

@AlecTroemel
Copy link

kube-cert-manager hangs on obtaining bundled SAN cert while trying to create a secret for an ingress

logs

2017/02/06 00:01:29 [INFO][site.name.com] acme: Obtaining bundled SAN certificate
2017/02/06 00:01:59 [INFO][site.name.com] acme: Obtaining bundled SAN certificate
2017/02/06 00:02:29 [INFO][site.name.com] acme: Obtaining bundled SAN certificate
... repeats forever...

my deployment looks like this

---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: kube-cert-manager
  name: kube-cert-manager
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: kube-cert-manager
      name: kube-cert-manager
    spec:
      containers:
        - image: palmstonegames/kube-cert-manager:0.3.1
          name: kube-cert-manager
          args:
            - "-data-dir=/var/lib/cert-manager"
            - "-acme-url=https://acme-v01.api.letsencrypt.org/directory"
          env:
            - name: DNSMADEEASY_API_KEY
              valueFrom:
                secretKeyRef:
                  name: dns-made-easy
                  key: api_key
            - name: DNSMADEEASY_API_SECRET
              valueFrom:
                secretKeyRef:
                  name: dns-made-easy
                  key: api_secret
          volumeMounts:
            - name: data
              mountPath: /var/lib/cert-manager
        - image: palmstonegames/kubectl-proxy:1.4.0
          name: kubectl
      volumes:
        - name: "data"
          gcePersistentDisk:
            pdName: kube-cert-manager
            fsType: ext4

and the ingress looks like this

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: nameHere
  annotations:
    kubernetes.io/ingress.class: "nginx" 
    stable.k8s.psg.io/kcm.enabled: "true"
    stable.k8s.psg.io/kcm.provider: "dnsmadeeasy"
    stable.k8s.psg.io/kcm.email: "me@myemail.com"
spec:
  tls:
  - hosts:
    - site.name.com
    secretName: site.name.com
  rules:
  - host: site.name.com
    http:
      paths:
      - backend:
          serviceName: nameHere
          servicePort: 443

Strangely, It ran correctly while using lets encrypt's staging environment. Any help would be greatly appreciated!
@AlecTroemel
Copy link
Author

the docker image I was using was outdated. An image that reflects the current codebase resolves the issue. Closing this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AlecTroemel