Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No Certificates created by helm #2038

Closed
alexellis opened this issue Sep 6, 2019 · 1 comment · Fixed by #2045
Closed

No Certificates created by helm #2038

alexellis opened this issue Sep 6, 2019 · 1 comment · Fixed by #2045
Labels
area/deploy Indicates a PR modifies deployment configuration kind/bug Categorizes issue or PR as related to a bug. kind/documentation Categorizes issue or PR as related to documentation. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Milestone
v0.10

Comments

@alexellis
Copy link

alexellis commented Sep 6, 2019
edited

Bugs should be filed for issues encountered whilst operating cert-manager.
You should first attempt to resolve your issues through the community support
channels, e.g. Slack, in order to rule out individual configuration errors.
Please provide as much detail as possible.

Describe the bug:
A clear and concise description of what the bug is.

I'm seeing the following output which contains no Certificates, the docs imply that Certificates should be created during the helm installation.

Docs show:

==> v1alpha1/Certificate
cert-manager-webhook-webhook-tls  1s
cert-manager-webhook-ca           1s

I got:

Update Complete.
NAME:   cert-manager
LAST DEPLOYED: Fri Sep  6 12:32:05 2019
NAMESPACE: cert-manager
STATUS: DEPLOYED

RESOURCES:
==> v1/ClusterRole
NAME                                    AGE
cert-manager-edit                       1s
cert-manager-view                       1s
cert-manager-webhook:webhook-requester  1s

==> v1/Deployment
NAME                     READY  UP-TO-DATE  AVAILABLE  AGE
cert-manager             0/1    1           0          1s
cert-manager-cainjector  0/1    1           0          1s
cert-manager-webhook     0/1    1           0          1s

==> v1/Pod(related)
NAME                                      READY  STATUS             RESTARTS  AGE
cert-manager-7c49b7766d-pbrnr             0/1    ContainerCreating  0         1s
cert-manager-cainjector-57988f84f7-68dtf  0/1    ContainerCreating  0         1s
cert-manager-webhook-54b5f85648-dzk6s     0/1    ContainerCreating  0         1s

==> v1/Service
NAME                  TYPE       CLUSTER-IP     EXTERNAL-IP  PORT(S)   AGE
cert-manager          ClusterIP  10.100.10.171  <none>       9402/TCP  1s
cert-manager-webhook  ClusterIP  10.100.82.102  <none>       443/TCP   1s

==> v1/ServiceAccount
NAME                     SECRETS  AGE
cert-manager             1        1s
cert-manager-cainjector  1        1s
cert-manager-webhook     1        1s

==> v1beta1/APIService
NAME                                AGE
v1beta1.webhook.certmanager.k8s.io  1s

==> v1beta1/ClusterRole
NAME                                    AGE
cert-manager-cainjector                 1s
cert-manager-controller-certificates    1s
cert-manager-controller-challenges      1s
cert-manager-controller-clusterissuers  1s
cert-manager-controller-ingress-shim    1s
cert-manager-controller-issuers         1s
cert-manager-controller-orders          1s
cert-manager-leaderelection             1s

==> v1beta1/ClusterRoleBinding
NAME                                    AGE
cert-manager-cainjector                 1s
cert-manager-controller-certificates    1s
cert-manager-controller-challenges      1s
cert-manager-controller-clusterissuers  1s
cert-manager-controller-ingress-shim    1s
cert-manager-controller-issuers         1s
cert-manager-controller-orders          1s
cert-manager-leaderelection             1s
cert-manager-webhook:auth-delegator     1s

==> v1beta1/MutatingWebhookConfiguration
NAME                  AGE
cert-manager-webhook  1s

==> v1beta1/RoleBinding
NAME                                                AGE
cert-manager-webhook:webhook-authentication-reader  1s

==> v1beta1/ValidatingWebhookConfiguration
NAME                  AGE
cert-manager-webhook  1s


NOTES:
cert-manager has been deployed successfully!

In order to begin issuing certificates, you will need to set up a ClusterIssuer
or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer).

More information on the different types of issuers and how to configure them
can be found in our documentation:

https://docs.cert-manager.io/en/latest/reference/issuers.html

For information on how to configure cert-manager to automatically provision
Certificates for Ingress resources, take a look at the `ingress-shim`
documentation:

https://docs.cert-manager.io/en/latest/reference/ingress-shim.html

Additional:

kubectl get cert -A
NAMESPACE   NAME                                 READY   SECRET                               AGE

Steps to reproduce the bug:
Steps to reproduce the bug should be clear and easily reproducible to help people
gain an understanding of the problem.

I'm installing 0.10.0 on EKS, I used to have 0.6.0 running and am trying to migrate. I removed all traces of the previous version after my initial upgrade failed to work.

Anything else we need to know?:

Environment details::

  • Kubernetes version (e.g. v1.10.2):
Client Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.1", GitCommit:"b7394102d6ef778017f2ca4046abbaa23b88c290", GitTreeState:"clean", BuildDate:"2019-04-0
8T17:11:31Z", GoVersion:"go1.12.1", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"13+", GitVersion:"v1.13.10-eks-5ac0f1", GitCommit:"5ac0f1d9ab2c254ea2b0ce3534fd72932094c6e1", GitTreeState:"clean", BuildDa
te:"2019-08-20T22:39:46Z", GoVersion:"go1.11.13", Compiler:"gc", Platform:"linux/amd64"}
  • Cloud-provider/provisioner (e.g. GKE, kops AWS, etc):
    EKS
  • cert-manager version (e.g. v0.4.0):
    0.10.0
  • Install method (e.g. helm or static manifests):
    helm
    /kind bug
@jetstack-bot jetstack-bot added the kind/bug Categorizes issue or PR as related to a bug. label Sep 6, 2019
@munnerz munnerz added this to the v0.10 milestone Sep 7, 2019
@munnerz munnerz added the kind/documentation Categorizes issue or PR as related to documentation. label Sep 7, 2019
@munnerz
Copy link
Member

munnerz commented Sep 7, 2019

The docs need updating here - we now use the webhookbootstrap controller to manage TLS for the webhook.

Added to the v0.10 milestone 😄

@munnerz munnerz added area/deploy Indicates a PR modifies deployment configuration priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. labels Sep 7, 2019
@munnerz munnerz mentioned this issue Sep 7, 2019
Merged
@paddatrapper paddatrapper mentioned this issue Sep 9, 2019
Closed
@papanito papanito mentioned this issue Dec 21, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/deploy Indicates a PR modifies deployment configuration kind/bug Categorizes issue or PR as related to a bug. kind/documentation Categorizes issue or PR as related to documentation. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Projects
None yet
Milestone
v0.10
Development

Successfully merging a pull request may close this issue.

Update installation docs for latest release munnerz/cert-manager
3 participants
@munnerz @alexellis @jetstack-bot