Closed jonaseck2 closed 7 years ago
There's nothing on the kube-lego end that can be done to stop this. Letsencrypt outline their rate limits here: https://letsencrypt.org/docs/rate-limits/.
Could this perhaps be due to your domain still point at the old ingress IP, and DNS propagation taking a while, thus Letsencrypt is still making requests to another address and causing invalid challenges?
I'm going to close this for now as it doesn't seem to be something that kube-lego can deal with. Feel free to reopen if you disagree!
I was asked to do a small presentation about kubernetes and and basically created a site containing a presentation how to set up itself using google container engine from scratch. I added kube-lego as per the GCE example (documented in the presentation too, of course) and it worked like a charm. After a couple of days i wanted to test reproducibility, tore down and recreated the cluster, and now requesting certificates fail and i hit the rate limiter whenever i start kube-lego.
Steps to reproduce are available at the host name mentioned in the logs below :)
logs from kube-lego from self test passing to rate limiter hit: