Skip to content
This repository has been archived by the owner on Mar 16, 2024. It is now read-only.

Custom domain TLS creation failing due to missing IngressClass #1135

Closed
iwilltry42 opened this issue Jan 26, 2023 · 1 comment
Closed

Custom domain TLS creation failing due to missing IngressClass #1135

iwilltry42 opened this issue Jan 26, 2023 · 1 comment
Assignees
@iwilltry42
Labels
kind/bug Something isn't working
Milestone
v0.5.1

Comments

@iwilltry42
Copy link
Contributor

Acorn Install Command:

acorn install\                                      
  --ingress-class-name nginx \
  --cluster-domain <REDACTED our domain> \
  --acorn-dns disabled \
  --lets-encrypt=enabled \
  --lets-encrypt-tos-agree=true \
  --lets-encrypt-email=<REDACTED our email>

Used Acornfile:

containers: {
  nginx: {
    image: "nginx"
    ports: publish: "80/http"
    files: {
      "/usr/share/nginx/html/index.html": "<h1>Hi mom!</h1>"
    }
  }
}

Symptom: No https endpoint being provisioned for the app.

Error Log from Controller: Error getting cert for nginx-demo-<...>: terminating watch: context deadline exceeded

Further Information:

  • single ingressclass in cluster: nginx
  • LE Challenge ingress didn't have class field filled
  • nginx ingress class not set as default

Workaround:

Deploying nginx ingressClass as default ingressClass
@iwilltry42 iwilltry42 self-assigned this Jan 26, 2023
@iwilltry42 iwilltry42 mentioned this issue Jan 26, 2023
Merged
@cjellick cjellick added this to the v0.5.1 milestone Jan 27, 2023
@cjellick cjellick added the kind/bug Something isn't working label Jan 27, 2023
@cjellick cjellick mentioned this issue Jan 28, 2023
Closed
@sangee2004
Copy link
Contributor

sangee2004 commented Jan 30, 2023
edited
Loading

Cluster configuration:

Ingress class deployed with no default provider.

root@santest1:~/test1# kubectl get ingressclass -oyaml
apiVersion: v1
items:
- apiVersion: networking.k8s.io/v1
  kind: IngressClass
  metadata:
    annotations:
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"networking.k8s.io/v1","kind":"IngressClass","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/version":"1.2.0"},"name":"nginx"},"spec":{"controller":"k8s.io/ingress-nginx"}}
    creationTimestamp: "2023-01-28T02:27:46Z"
    generation: 1
    labels:
      app.kubernetes.io/component: controller
      app.kubernetes.io/instance: ingress-nginx
      app.kubernetes.io/name: ingress-nginx
      app.kubernetes.io/version: 1.2.0
    name: nginx
    resourceVersion: "656"
    uid: 6ccd17aa-a0ea-4902-8460-b3c869605a84
  spec:
    controller: k8s.io/ingress-nginx
kind: List
metadata:
  resourceVersion: ""

Ingress controller deployed with watch-ingress-without-class set to false

      containers:
      - args:
        - /nginx-ingress-controller
        - --election-id=ingress-controller-leader
        - --controller-class=k8s.io/ingress-nginx
        - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
        - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
        - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
        - --validating-webhook=:8443
        - --validating-webhook-certificate=/usr/local/certificates/cert
        - --validating-webhook-key=/usr/local/certificates/key
        - --watch-ingress-without-class=false

Able to reproduce the issue.
Tested with acorn version - acorn version v0.5.0+7a4904c

acorn install\
--ingress-class-name nginx
--cluster-domain
--lets-encrypt=enabled
--lets-encrypt-tos-agree=true
--lets-encrypt-email=

Used Acornfile with publish port to launch app.

App get a http:// endpoints as expected.

Controller logs shows the following:

I0130 16:46:02.788723       6 store.go:395] "Ignoring ingress because of error while validating ingress class" ingress="acorn-system/nginx1-test1-acorn-acorn-test-domain-xyz-le-challenge" error="ingress does not contain a valid IngressClass"

Tested witth acorn version v0.5.0-35-g0f895e7+0f895e74 :

acorn install\
--ingress-class-name nginx
--cluster-domain
--lets-encrypt=enabled
--lets-encrypt-tos-agree=true
--lets-encrypt-email=

Used Acornfile with publish port to launch app.

App gets a https:// endpoints as expected.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@iwilltry42 iwilltry42

Labels
kind/bug Something isn't working
Projects
None yet
Milestone
v0.5.1
Development

No branches or pull requests
3 participants
@cjellick @iwilltry42 @sangee2004