search

cloudflare / cloudflared

Cloudflare Tunnel client (formerly Argo Tunnel)
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide
Apache License 2.0
9.3k stars 829 forks source link

🐛Cloudflare tunnel k8s ERR Cannot determine default origin certificate path #1331

Closed NicolasTobias closed 1 month ago

NicolasTobias commented 1 month ago

Describe the bug Downloaded latest version of cloudflare tunnel and is unable to start the tunnel

- cloudflare-cloudflare-tunnel-XXXXXX-gqs6n › cloudflare-tunnel
+ cloudflare-cloudflare-tunnel-XXXXXX-gqs6n › cloudflare-tunnel
cloudflare-cloudflare-tunnel-XXXXXX-gqs6n cloudflare-tunnel 2024-09-26T09:55:49Z ERR Cannot determine default origin certificate path. No file cert.pem in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp /etc/cloudflared /usr/local/etc/cloudflared]. You need to specify the origin certificate path by specifying the origincert option in the configuration file, or set TUNNEL_ORIGIN_CERT environment variable originCertPath=
cloudflare-cloudflare-tunnel-XXXXXXX-gqs6n cloudflare-tunnel error parsing tunnel ID: Error locating origin cert: client didn't specify origincert path
- cloudflare-cloudflare-tunnel-XXXXXXX-gqs6n › cloudflare-tunnel

To Reproduce Steps to reproduce the behavior:

  1. helm repo add cloudflare https://cloudflare.github.io/helm-charts
  2. helm repo update
  3. helm upgrade --install cloudflare cloudflare/cloudflare-tunnel --namespace cloudflare --values values.yaml --wait

Use this values file

cloudflare:
  2   tunnelName: "you-tunnel-name"
  3   tunnelId: "your-tunnelid"
  4   secretName: "tunnel-credentials"
  5   ingress:
  6     - hostname: "*.domain.tld"
  7       service: "haproxy-kubernetes-ingress.ingress-controller.svc.cluster.local:80"
  8 resources:
  9   limits:
 10     cpu: "100m"
 11     memory: "128Mi"
 12   requests:
 13     cpu: "100m"
 14     memory: "128Mi"
 15 
 16 replicaCount: 1

If it's an issue with Cloudflare Tunnel:

  1. Tunnel ID : 22480a22-c09b-42b3-b79a-07c8059227a6
  2. cloudflared config: (on above helm file)

Expected behavior Tunnel should work and get connected

Environment and versions

Logs and errors

- cloudflare-cloudflare-tunnel-XXXXXX-gqs6n › cloudflare-tunnel
+ cloudflare-cloudflare-tunnel-XXXXXX-gqs6n › cloudflare-tunnel
cloudflare-cloudflare-tunnel-XXXXXX-gqs6n cloudflare-tunnel 2024-09-26T09:55:49Z ERR Cannot determine default origin certificate path. No file cert.pem in [~/.cloudflared ~/.cloudflare-warp ~/cloudflare-warp /etc/cloudflared /usr/local/etc/cloudflared]. You need to specify the origin certificate path by specifying the origincert option in the configuration file, or set TUNNEL_ORIGIN_CERT environment variable originCertPath=
cloudflare-cloudflare-tunnel-XXXXXXX-gqs6n cloudflare-tunnel error parsing tunnel ID: Error locating origin cert: client didn't specify origincert path
- cloudflare-cloudflare-tunnel-XXXXXXX-gqs6n › cloudflare-tunnel

Additional context Tried used a deployment.yaml manifest and a helm one, no luck. Downgraded version and still affected. Deleted whole namespace, same behavior.

NicolasTobias commented 1 month ago

Forgot to add that i also added the credentials as secret

kubectl create secret generic tunnel-credentials -n cloudflare --from-file=/Users/me/.cloudflared/22480a22-c09b-42b3-b79a-07c8059227a6.json
NicolasTobias commented 1 month ago

Closing: Problem was not picking up credentials file, missing the credentials.json part:

kubectl create secret generic tunnel-credentials -n cloudflared --from-file=credentials.json=/Users/me/.cloudflared/22480a22-c09b-42b3-b79a-07c8059227a6.json