-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
unable to update route error #128
Comments
usually that error is transient, and it happens when two operators update an object at the same time. It's the optimistic locking mechanism inside the go-client. Retrying usually fixes the error, so I was going to ask if eventually the operator was able to put the certs in the secret. |
thanks for your quick response @raffaelespazzoli yes, the kubectl get routes wildcard-https -o yaml | kubectl neat
apiVersion: route.openshift.io/v1
kind: Route
metadata:
annotations:
cert-utils-operator.redhat-cop.io/certs-from-secret: wildcard-testing-local-tls-cert
cert-utils-operator.redhat-cop.io/inject-CA: "false"
route.openshift.io/termination: edge
labels:
app: hello-world
type: testing-local
name: wildcard-https
namespace: default
spec:
host: wildcard.testing.local
port:
targetPort: 8080-tcp
tls:
certificate: |
-----BEGIN CERTIFICATE-----
XXXX
-----END CERTIFICATE----
insecureEdgeTerminationPolicy: Redirect
key: |
-----BEGIN RSA PRIVATE KEY-----
xxxxx
-----END RSA PRIVATE KEY-----
termination: edge
to:
kind: Service
name: hello-world
weight: 100
wildcardPolicy: Subdomain I also can confirm that whenever I renew the certificate via For example: before $ curl -k -L -v https://b.testing.local 2>&1 >/dev/null | grep 'date:' | head -n2
* start date: Mar 28 18:46:39 2022 GMT
* expire date: Jun 26 18:46:39 2022 GMT refresh cert $ kubectl cert-manager renew -n default wildcard
Manually triggered issuance of Certificate default/wildcard after $ curl -k -L -v https://b.testing.local 2>&1 >/dev/null | grep 'date:' | head -n2
* start date: Mar 29 14:36:38 2022 GMT
* expire date: Jun 27 14:36:38 2022 GMT Upon refresh, the
So @raffaelespazzoli is it safe and expected then to assume the race condition error? |
Thanks, @raffaelespazzoli for your assistance. I'm closing this issue. |
I'm testing the
cert-utils-operator
on Openshift 4.9.21 and I'm hitting the error below:Some of the artifacts that I'm using:
custom domain
certificate
route
Running a
curl
command I can see the certificate without problems, but why is the operator throwing this error?Thanks
mmello
The text was updated successfully, but these errors were encountered: