search

jetstack / kube-lego

DEPRECATED: Automatically request certificates for Kubernetes Ingress resources from Let's Encrypt
Apache License 2.0
2.16k stars 267 forks source link

GCE "Server misbehaving" #112

Open jaydensmith opened 7 years ago

jaydensmith commented 7 years ago

I've been trying to solve this issue for hours now, I am trying to request a cert for 2 domains. The services etc. for the two are set up identically, however one always fails:

http://webhooks.xx.xx.io/.well-known/acme-challenge/_selftest works perfectly externally. Any ideas?


time="2017-03-22T00:31:15Z" level=info msg="authorization successful" context=acme domain=api.xx.xx.io 
time="2017-03-22T00:32:34Z" level=warning msg="authorization failed after 1m0s: reachabily test failed: Get http://webhooks.xx.xx.io/.well-known/acme-challenge/_selftest: dial tcp: lookup webhooks.xx.xx.io on 10.35.240.10:53: server misbehaving" context=acme domain=webhooks.xx.xx.io 
time="2017-03-22T00:32:34Z" level=warning msg="authorization failed for some domains" context=acme failed_domains=[webhooks.xx.xx.io]
gianrubio commented 7 years ago

@jaydensmith looks like the kube-lego cannot talk with the dns server (10.35.240.10). Try to attach to the kube-lego shell and resolve the dns. Ex:

$host webhooks.xx.xx.io 10.35.240.10
jaydensmith commented 7 years ago

I came back a day or 2 later and the issue had resolved itself... oh well 😄