Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

install cert-manager: Readiness probe failed: HTTP probe failed with statuscode: 500 #3653

Closed
Phaniharsha2908 opened this issue Feb 11, 2021 · 5 comments
Closed

install cert-manager: Readiness probe failed: HTTP probe failed with statuscode: 500 #3653

Phaniharsha2908 opened this issue Feb 11, 2021 · 5 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. triage/support Indicates an issue that is a support question.

Comments

@Phaniharsha2908
Copy link

when I try install cert-manager using following config yaml - everything created well except manager-webhook - when i check the events showing Readiness probe failed: HTTP probe failed with statuscode: 500

kubectl get pods -n cert-manager
NAME READY STATUS RESTARTS AGE
cert-manager-64887fb9d6-549vd 1/1 Running 0 29m
cert-manager-cainjector-99977ff45-85k64 1/1 Running 0 29m
cert-manager-webhook-64c5d4c9db-n296v 0/1 Running 0 21m

please find the following logs for the cert-manager-webhook pod

W0211 09:44:35.851864 1 client_config.go:608] Neither --kubeconfig nor --master was speci
fied. Using the inClusterConfig. This might not work.
I0211 09:44:35.852670 1 webhook.go:57] cert-manager/webhook "msg"="using dynamic certific
ate generating using CA stored in Secret resource" "secret_name"="cert-manager-webhook-ca" "se
cret_namespace"="cert-manager"
I0211 09:44:35.853889 1 server.go:146] cert-manager/webhook "msg"="listening for insecure
healthz connections" "address"=":6080"
I0211 09:44:35.854007 1 server.go:159] cert-manager/webhook "msg"="listening for secure c
onnections" "address"=":10250"
I0211 09:44:35.854039 1 server.go:185] cert-manager/webhook "msg"="registered pprof handl
ers"
I0211 09:44:35.859532 1 reflector.go:207] Starting reflector *v1.Secret (1m0s) from exter
nal/io_k8s_client_go/tools/cache/reflector.go:156
E0211 09:44:35.872089 1 reflector.go:127] external/io_k8s_client_go/tools/cache/reflector
.go:156: Failed to watch *v1.Secret: failed to list *v1.Secret: secrets "cert-manager-webhook-c
a" is forbidden: User "system:serviceaccount:cert-manager:cert-manager-webhook" cannot list res
ource "secrets" in API group "" in the namespace "cert-manager"
E0211 09:44:36.826302 1 reflector.go:127] external/io_k8s_client_go/tools/cache/reflector
.go:156: Failed to watch *v1.Secret: failed to list *v1.Secret: secrets "cert-manager-webhook-c
a" is forbidden: User "system:serviceaccount:cert-manager:cert-manager-webhook" cannot list res
ource "secrets" in API group "" in the namespace "cert-manager"
E0211 09:44:36.864222 1 dynamic_source.go:88] cert-manager/webhook "msg"="Failed to gener
ate initial serving certificate, retrying..." "error"="failed verifying CA keypair: tls: failed
to find any PEM data in certificate input" "interval"=1000000000
E0211 09:44:37.861486 1 dynamic_source.go:88] cert-manager/webhook "msg"="Failed to gener
ate initial serving certificate, retrying..." "error"="failed verifying CA keypair: tls: failed
to find any PEM data in certificate input" "interval"=1000000000

Environment details::

let me know if more info need, thanks

/kind bug
@jetstack-bot jetstack-bot added the kind/bug Categorizes issue or PR as related to a bug. label Feb 11, 2021
@JoshVanL JoshVanL added the triage/support Indicates an issue that is a support question. label Apr 15, 2021
@dalekurt
Copy link

I'm currently experiencing this exact issue

  • Kubernetes version v1.18
  • Cloud-provider/provisioner: EKS
  • cert-manager version: 1.3.1
  • Install method: Helm chart

@jetstack-bot
Copy link
Collaborator

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to jetstack.
/lifecycle stale

@jetstack-bot jetstack-bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Sep 16, 2021
@jetstack-bot
Copy link
Collaborator

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Send feedback to jetstack.
/lifecycle rotten
/remove-lifecycle stale

@jetstack-bot jetstack-bot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Oct 16, 2021
@jetstack-bot
Copy link
Collaborator

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.
Send feedback to jetstack.
/close

@jetstack-bot
Copy link
Collaborator

@jetstack-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.
Send feedback to jetstack.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. triage/support Indicates an issue that is a support question.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dalekurt @JoshVanL @jetstack-bot @Phaniharsha2908