ApiService: FailedDiscoveryCheck

[surnins]

After installation of helm chart I get error: kubectl --namespace cert-manager describe apiservice v1alpha1.acme.nsone.net

Status: Conditions: Last Transition Time: 2022-01-14T12:38:30Z Message: failing or missing response from https://10.129.2.12:8443/apis/acme.nsone.net/v1alpha1: Get "https://10.129.2.12:8443/apis/acme.nsone.net/v1alpha1": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) Reason: FailedDiscoveryCheck Status: False Type: Available Events:

kubectl --namespace cert-manager get po -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES cert-manager-74f46787b6-wkk4n 1/1 Running 0 60d 10.129.0.6 gke-zfx-uat-cluster-node-pool-1-1a0ba3f2-wqvz cert-manager-cainjector-748dc889c5-pxl2m 1/1 Running 0 60d 10.129.0.10 gke-zfx-uat-cluster-node-pool-1-1a0ba3f2-wqvz cert-manager-webhook-995c5c5b6-p9x69 1/1 Running 0 60d 10.129.0.5 gke-zfx-uat-cluster-node-pool-1-1a0ba3f2-wqvz cert-manager-webhook-ns1-64f58ccdcd-srxsc 1/1 Running 0 62m 10.129.2.12 gke-zfx-uat-cluster-node-pool-1-1a0ba3f2-fh80 sh 1/1 Running 1 22m 10.129.2.13 gke-zfx-uat-cluster-node-pool-1-1a0ba3f2-fh80

curl from pod in namespace "cert-manager"

curl -k https://10.129.2.12:8443/apis/acme.nsone.net/v1alpha1 { "kind": "Status", "apiVersion": "v1", "metadata": {

}, "status": "Failure", "message": "forbidden: User \"system:anonymous\" cannot get path \"/apis/acme.nsone.net/v1alpha1\"", "reason": "Forbidden", "details": {

}, "code": 403

GKE version: v1.20.11-gke.1300

[surnins]

Problem resolved https://cert-manager.io/docs/installation/compatibility/#gke