kubernetes cert-manager https 尝试传播检查失败

kubernetes cert-manager https 尝试传播检查失败

我正在尝试在本地裸机 kubernetes 集群上设置 https。我得到了一个

cert-manager/challenges "msg"="propagation check failed" "error"="wrong status code '404', expected '200'" 错误。

我认为我设置节点端口的方式是问题所在,但不确定如何修复。我唯一能想到的就是添加 http://.com/.well-known/acme-challenge/ 作为路由,但显然这不是一个长期的解决方案。

入口服务.yaml-

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-service
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/use-regex: "true"
    # nginx.ingress.kubernetes.io/rewrite-target: /$1
    cert-manager.io/cluster-issuer: letsencrypt-prod # tell ingress to use https
    # nginx.ingress.kubernetes.io/ssl-redirect: 'true' # redirect from http to https
spec:
  tls:
    - hosts:
        - <domain>.com
        - www.<domain>.com
      secretName: secret-redacted-com
  rules:
    - host: <domain>.com
      http:
        paths:
          - path: /?(.*)
            pathType: ImplementationSpecific
            backend:
              service:
                name: server-cluster-ip-service
                port:
                  number: 8888
    - host: www.<domain>.com
      http:
        paths:
          - path: /?(.*)
            pathType: ImplementationSpecific
            backend:
              service:
                name: server-cluster-ip-service
                port:
                  number: 8888

cluster-issuer.yaml-

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    # Let's Encrypt will use this to contact you about expiring
    # certificates, and issues related to your account.
    email: [email protected]
    server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      # Secret resource that will be used to store the account's private key.
      name: letsencrypt-redacted-prod
    # Add a single challenge solver, HTTP01 using nginx
    solvers:
    - http01:
        ingress:
         # class: nginx
          ingressTemplate:
            metadata:
              annotations:
                kubernetes.io/ingress.class: nginx

服务器集群-ip-服务.yaml-

apiVersion: v1
kind: Service
metadata:
  name: server-cluster-ip-service
spec:
  type: ClusterIP
  selector:
    component: server
  ports:
    - port: 8888
      targetPort: 8888

服务器部署.yaml-

apiVersion: apps/v1
kind: Deployment
metadata:
  name: server-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      component: server
  template:
    metadata:
      labels:
        component: server
    spec:
      containers:
        - name: server
          image: spoonobi/multi-server-arm
          ports:
            - containerPort: 8888

服务节点端口.yaml-

apiVersion: v1
kind: Service
metadata:
  name: server-nodeports
spec:
  type: NodePort
  selector:
    component: server
  ports:
    - name: http
      port: 80
      targetPort: 8888
      nodePort: 30602
    - name: https   
      port: 443
      targetPort: 8888
      nodePort: 30824

日志-

kubectl logs cert-manager-7fb78674d7-8l8v4 -n cert-manager

kubectl logs cert-manager-7fb78674d7-8l8v4 -n cert-manager
I0109 14:21:46.934907       1 start.go:75] cert-manager "msg"="starting controller" "git-commit"="a96bae172ddb1fcd4b57f1859ab9d1a9e94f7451" "version"="v1.10.1"
I0109 14:21:46.935260       1 controller.go:242] cert-manager/controller/build-context "msg"="configured acme dns01 nameservers" "nameservers"=["10.96.0.10:53"]
W0109 14:21:46.942385       1 client_config.go:617] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
I0109 14:21:47.020721       1 controller.go:70] cert-manager/controller "msg"="enabled controllers: [certificaterequests-approver certificaterequests-issuer-acme certificaterequests-issuer-ca certificaterequests-issuer-selfsigned certificaterequests-issuer-vault certificaterequests-issuer-venafi certificates-issuing certificates-key-manager certificates-metrics certificates-readiness certificates-request-manager certificates-revision-manager certificates-trigger challenges clusterissuers ingress-shim issuers orders]" 
I0109 14:21:47.026062       1 controller.go:134] cert-manager/controller "msg"="starting leader election" 
I0109 14:21:47.028151       1 leaderelection.go:248] attempting to acquire leader lease kube-system/cert-manager-controller...
I0109 14:21:47.029212       1 controller.go:91] cert-manager/controller "msg"="starting metrics server" "address"={"IP":"::","Port":9402,"Zone":""}
I0109 14:21:47.164717       1 leaderelection.go:258] successfully acquired lease kube-system/cert-manager-controller
I0109 14:21:47.189500       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificaterequests-issuer-ca"
I0109 14:21:47.190713       1 controller.go:182] cert-manager/controller "msg"="not starting controller as it's disabled" "controller"="certificatesigningrequests-issuer-venafi"
I0109 14:21:47.192837       1 controller.go:182] cert-manager/controller "msg"="not starting controller as it's disabled" "controller"="gateway-shim"
I0109 14:21:47.193391       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="orders"
I0109 14:21:47.193503       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificates-request-manager"
I0109 14:21:47.205713       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificaterequests-approver"
I0109 14:21:47.208892       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificaterequests-issuer-venafi"
I0109 14:21:47.213435       1 controller.go:182] cert-manager/controller "msg"="not starting controller as it's disabled" "controller"="certificatesigningrequests-issuer-ca"
I0109 14:21:47.213533       1 controller.go:182] cert-manager/controller "msg"="not starting controller as it's disabled" "controller"="certificatesigningrequests-issuer-selfsigned"
I0109 14:21:47.216346       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificates-readiness"
I0109 14:21:47.218932       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="ingress-shim"
I0109 14:21:47.221861       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificaterequests-issuer-acme"
I0109 14:21:47.234795       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificates-revision-manager"
I0109 14:21:47.241310       1 controller.go:182] cert-manager/controller "msg"="not starting controller as it's disabled" "controller"="certificatesigningrequests-issuer-acme"
I0109 14:21:47.242004       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificates-trigger"
I0109 14:21:47.256862       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="issuers"
I0109 14:21:47.257295       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificaterequests-issuer-selfsigned"
I0109 14:21:47.257529       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificates-issuing"
I0109 14:21:47.266041       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificates-key-manager"
I0109 14:21:47.267554       1 controller.go:182] cert-manager/controller "msg"="not starting controller as it's disabled" "controller"="certificatesigningrequests-issuer-vault"
I0109 14:21:47.267654       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificates-metrics"
I0109 14:21:47.269328       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="clusterissuers"
I0109 14:21:47.385919       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="challenges"
I0109 14:21:47.393223       1 controller.go:205] cert-manager/controller "msg"="starting controller" "controller"="certificaterequests-issuer-vault"
I0109 14:21:47.470499       1 setup.go:202] cert-manager/clusterissuers "msg"="skipping re-verifying ACME account as cached registration details look sufficient" "related_resource_kind"="Secret" "related_resource_name"="letsencrypt-secret-prod" "related_resource_namespace"="cert-manager" "resource_kind"="ClusterIssuer" "resource_name"="letsencrypt-prod" "resource_namespace"="" "resource_version"="v1"
I0109 14:21:47.490596       1 pod.go:59] cert-manager/challenges/http01/selfCheck/http01/ensurePod "msg"="found one existing HTTP01 solver pod" "dnsName"="ecmatrials.com" "related_resource_kind"="Pod" "related_resource_name"="cm-acme-http-solver-2rzhm" "related_resource_namespace"="default" "related_resource_version"="v1" "resource_kind"="Challenge" "resource_name"="secret-ecmatrials-com-pxg88-96326727-78145582" "resource_namespace"="default" "resource_version"="v1" "type"="HTTP-01"
I0109 14:21:47.490592       1 pod.go:59] cert-manager/challenges/http01/selfCheck/http01/ensurePod "msg"="found one existing HTTP01 solver pod" "dnsName"="www.ecmatrials.com" "related_resource_kind"="Pod" "related_resource_name"="cm-acme-http-solver-prw2b" "related_resource_namespace"="default" "related_resource_version"="v1" "resource_kind"="Challenge" "resource_name"="secret-ecmatrials-com-pxg88-96326727-665678090" "resource_namespace"="default" "resource_version"="v1" "type"="HTTP-01"
I0109 14:21:47.491386       1 service.go:43] cert-manager/challenges/http01/selfCheck/http01/ensureService "msg"="found one existing HTTP01 solver Service for challenge resource" "dnsName"="www.ecmatrials.com" "related_resource_kind"="Service" "related_resource_name"="cm-acme-http-solver-ctsfv" "related_resource_namespace"="default" "related_resource_version"="v1" "resource_kind"="Challenge" "resource_name"="secret-ecmatrials-com-pxg88-96326727-665678090" "resource_namespace"="default" "resource_version"="v1" "type"="HTTP-01"
I0109 14:21:47.491727       1 ingress.go:99] cert-manager/challenges/http01/selfCheck/http01/ensureIngress "msg"="found one existing HTTP01 solver ingress" "dnsName"="www.ecmatrials.com" "related_resource_kind"="Ingress" "related_resource_name"="cm-acme-http-solver-mhrwj" "related_resource_namespace"="default" "related_resource_version"="v1" "resource_kind"="Challenge" "resource_name"="secret-ecmatrials-com-pxg88-96326727-665678090" "resource_namespace"="default" "resource_version"="v1" "type"="HTTP-01"
I0109 14:21:47.491392       1 service.go:43] cert-manager/challenges/http01/selfCheck/http01/ensureService "msg"="found one existing HTTP01 solver Service for challenge resource" "dnsName"="ecmatrials.com" "related_resource_kind"="Service" "related_resource_name"="cm-acme-http-solver-q29l7" "related_resource_namespace"="default" "related_resource_version"="v1" "resource_kind"="Challenge" "resource_name"="secret-ecmatrials-com-pxg88-96326727-78145582" "resource_namespace"="default" "resource_version"="v1" "type"="HTTP-01"
I0109 14:21:47.493451       1 ingress.go:99] cert-manager/challenges/http01/selfCheck/http01/ensureIngress "msg"="found one existing HTTP01 solver ingress" "dnsName"="ecmatrials.com" "related_resource_kind"="Ingress" "related_resource_name"="cm-acme-http-solver-chbv4" "related_resource_namespace"="default" "related_resource_version"="v1" "resource_kind"="Challenge" "resource_name"="secret-ecmatrials-com-pxg88-96326727-78145582" "resource_namespace"="default" "resource_version"="v1" "type"="HTTP-01"
E0109 14:21:48.011116       1 sync.go:190] cert-manager/challenges "msg"="propagation check failed" "error"="failed to perform self check GET request 'http://ecmatrials.com/.well-known/acme-challenge/hjygDO-DEv4upt89EGUSa4GrYVvf5489zsN21aXITv4': Get \"http://ecmatrials.com/.well-known/acme-challenge/hjygDO-DEv4upt89EGUSa4GrYVvf5489zsN21aXITv4\": dial tcp 88.98.208.82:80: connect: connection refused" "dnsName"="ecmatrials.com" "resource_kind"="Challenge" "resource_name"="secret-ecmatrials-com-pxg88-96326727-78145582" "resource_namespace"="default" "resource_version"="v1" "type"="HTTP-01"
kubectl logs cert-manager-cainjector-5dfc946d84-scg8x -n cert-manager
I0109 14:21:42.567868       1 start.go:126] "starting" version="v1.10.1" revision="a96bae172ddb1fcd4b57f1859ab9d1a9e94f7451"
I0109 14:21:42.876693       1 leaderelection.go:248] attempting to acquire leader lease kube-system/cert-manager-cainjector-leader-election...
I0109 14:22:56.469583       1 leaderelection.go:258] successfully acquired lease kube-system/cert-manager-cainjector-leader-election
I0109 14:22:56.470249       1 recorder.go:103] cert-manager/events "msg"="cert-manager-cainjector-5dfc946d84-scg8x_9520c889-77e0-4bcb-9786-c018eaa01ea8 became leader" "object"={"kind":"Lease","namespace":"kube-system","name":"cert-manager-cainjector-leader-election","uid":"230a9367-b459-444f-b54c-4cfba19c00c2","apiVersion":"coordination.k8s.io/v1","resourceVersion":"26612"} "reason"="LeaderElection" "type"="Normal"
I0109 14:22:56.674060       1 controller.go:185] cert-manager/certificate/mutatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.MutatingWebhookConfiguration=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} []}) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.674053       1 controller.go:185] cert-manager/certificate/validatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.ValidatingWebhookConfiguration=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} []}) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.674107       1 controller.go:185] cert-manager/certificate/apiservice "msg"="Starting EventSource" "source"="&{{%!s(*v1.APIService=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} {<nil>   false [] 0 0} {[]}}) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.675248       1 controller.go:185] cert-manager/certificate/apiservice "msg"="Starting EventSource" "source"="&{{%!s(*v1.Certificate=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} {<nil>   <nil> <nil> [] [] [] []  <nil> <nil> {  } false [] <nil> <nil> <nil> []} {[] <nil> <nil> <nil> <nil> <nil> <nil> <nil>}}) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.675321       1 controller.go:185] cert-manager/certificate/apiservice "msg"="Starting EventSource" "source"="&{{%!s(*v1.Secret=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} <nil> map[] map[] }) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.675363       1 controller.go:193] cert-manager/certificate/apiservice "msg"="Starting Controller" 
I0109 14:22:56.675447       1 controller.go:185] cert-manager/certificate/validatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.Certificate=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} {<nil>   <nil> <nil> [] [] [] []  <nil> <nil> {  } false [] <nil> <nil> <nil> []} {[] <nil> <nil> <nil> <nil> <nil> <nil> <nil>}}) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.675664       1 controller.go:185] cert-manager/certificate/validatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.Secret=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} <nil> map[] map[] }) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.674419       1 controller.go:185] cert-manager/secret/customresourcedefinition "msg"="Starting EventSource" "source"="&{{%!s(*v1.CustomResourceDefinition=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} { {  []   []}  [] <nil> false} {[] {  []   []} []}}) %!s(*cache.informerCache=&{0x400011c260}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.675947       1 controller.go:185] cert-manager/secret/customresourcedefinition "msg"="Starting EventSource" "source"="&{{%!s(*v1.Secret=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} <nil> map[] map[] }) %!s(*cache.informerCache=&{0x400011c260}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.675981       1 controller.go:193] cert-manager/secret/customresourcedefinition "msg"="Starting Controller" 
I0109 14:22:56.675837       1 controller.go:193] cert-manager/certificate/validatingwebhookconfiguration "msg"="Starting Controller" 
I0109 14:22:56.674858       1 controller.go:185] cert-manager/certificate/mutatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.Certificate=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} {<nil>   <nil> <nil> [] [] [] []  <nil> <nil> {  } false [] <nil> <nil> <nil> []} {[] <nil> <nil> <nil> <nil> <nil> <nil> <nil>}}) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.677760       1 controller.go:185] cert-manager/certificate/mutatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.Secret=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} <nil> map[] map[] }) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.677828       1 controller.go:193] cert-manager/certificate/mutatingwebhookconfiguration "msg"="Starting Controller" 
I0109 14:22:56.679318       1 controller.go:185] cert-manager/certificate/customresourcedefinition "msg"="Starting EventSource" "source"="&{{%!s(*v1.CustomResourceDefinition=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} { {  []   []}  [] <nil> false} {[] {  []   []} []}}) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.680910       1 controller.go:185] cert-manager/certificate/customresourcedefinition "msg"="Starting EventSource" "source"="&{{%!s(*v1.Certificate=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} {<nil>   <nil> <nil> [] [] [] []  <nil> <nil> {  } false [] <nil> <nil> <nil> []} {[] <nil> <nil> <nil> <nil> <nil> <nil> <nil>}}) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.679983       1 controller.go:185] cert-manager/secret/apiservice "msg"="Starting EventSource" "source"="&{{%!s(*v1.APIService=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} {<nil>   false [] 0 0} {[]}}) %!s(*cache.informerCache=&{0x400011c260}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.680215       1 controller.go:185] cert-manager/secret/validatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.ValidatingWebhookConfiguration=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} []}) %!s(*cache.informerCache=&{0x400011c260}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.680453       1 controller.go:185] cert-manager/secret/mutatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.MutatingWebhookConfiguration=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} []}) %!s(*cache.informerCache=&{0x400011c260}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.682127       1 controller.go:185] cert-manager/certificate/customresourcedefinition "msg"="Starting EventSource" "source"="&{{%!s(*v1.Secret=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} <nil> map[] map[] }) %!s(*cache.informerCache=&{0x4000110460}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.682880       1 controller.go:185] cert-manager/secret/apiservice "msg"="Starting EventSource" "source"="&{{%!s(*v1.Secret=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} <nil> map[] map[] }) %!s(*cache.informerCache=&{0x400011c260}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.683512       1 controller.go:193] cert-manager/secret/apiservice "msg"="Starting Controller" 
I0109 14:22:56.683766       1 controller.go:185] cert-manager/secret/validatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.Secret=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} <nil> map[] map[] }) %!s(*cache.informerCache=&{0x400011c260}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.683829       1 controller.go:193] cert-manager/secret/validatingwebhookconfiguration "msg"="Starting Controller" 
I0109 14:22:56.683996       1 controller.go:185] cert-manager/secret/mutatingwebhookconfiguration "msg"="Starting EventSource" "source"="&{{%!s(*v1.Secret=&{{ } {      0 {{0 0 <nil>}} <nil> <nil> map[] map[] [] [] []} <nil> map[] map[] }) %!s(*cache.informerCache=&{0x400011c260}) %!s(chan error=<nil>) %!s(func()=<nil>)}}"
I0109 14:22:56.684046       1 controller.go:193] cert-manager/secret/mutatingwebhookconfiguration "msg"="Starting Controller" 
I0109 14:22:56.684144       1 controller.go:193] cert-manager/certificate/customresourcedefinition "msg"="Starting Controller" 
I0109 14:22:56.778634       1 controller.go:227] cert-manager/secret/customresourcedefinition "msg"="Starting workers" "worker count"=1
I0109 14:22:56.779696       1 controller.go:227] cert-manager/certificate/apiservice "msg"="Starting workers" "worker count"=1
I0109 14:22:56.780597       1 controller.go:227] cert-manager/certificate/validatingwebhookconfiguration "msg"="Starting workers" "worker count"=1
I0109 14:22:56.781039       1 controller.go:227] cert-manager/certificate/mutatingwebhookconfiguration "msg"="Starting workers" "worker count"=1
I0109 14:22:56.785983       1 controller.go:227] cert-manager/secret/apiservice "msg"="Starting workers" "worker count"=1
I0109 14:22:56.786830       1 controller.go:227] cert-manager/secret/mutatingwebhookconfiguration "msg"="Starting workers" "worker count"=1
I0109 14:22:56.789745       1 controller.go:227] cert-manager/certificate/customresourcedefinition "msg"="Starting workers" "worker count"=1
I0109 14:22:56.793102       1 controller.go:227] cert-manager/secret/validatingwebhookconfiguration "msg"="Starting workers" "worker count"=1
I0109 14:22:56.810090       1 controller.go:178] cert-manager/secret/mutatingwebhookconfiguration/generic-inject-reconciler "msg"="updated object" "resource_kind"="MutatingWebhookConfiguration" "resource_name"="cert-manager-webhook" "resource_namespace"="" "resource_version"="v1"
I0109 14:22:56.813377       1 controller.go:178] cert-manager/secret/validatingwebhookconfiguration/generic-inject-reconciler "msg"="updated object" "resource_kind"="ValidatingWebhookConfiguration" "resource_name"="cert-manager-webhook" "resource_namespace"="" "resource_version"="v1"
I0109 14:22:56.821140       1 controller.go:178] cert-manager/secret/mutatingwebhookconfiguration/generic-inject-reconciler "msg"="updated object" "resource_kind"="MutatingWebhookConfiguration" "resource_name"="cert-manager-webhook" "resource_namespace"="" "resource_version"="v1"
I0109 14:22:56.823988       1 controller.go:178] cert-manager/secret/validatingwebhookconfiguration/generic-inject-reconciler "msg"="updated object" "resource_kind"="ValidatingWebhookConfiguration" "resource_name"="cert-manager-webhook" "resource_namespace"="" "resource_version"="v1"
kubectl logs cert-manager-webhook-8744b7588-sgq6p -n cert-manager
I0109 14:21:44.799137       1 feature_gate.go:245] feature gates: &{map[]}
W0109 14:21:44.800367       1 client_config.go:617] Neither --kubeconfig nor --master was specified.  Using the inClusterConfig.  This might not work.
I0109 14:21:45.252258       1 webhook.go:129] cert-manager "msg"="using dynamic certificate generating using CA stored in Secret resource" "secret_name"="cert-manager-webhook-ca" "secret_namespace"="cert-manager"
I0109 14:21:45.255076       1 server.go:133] cert-manager/webhook "msg"="listening for insecure healthz connections" "address"=":6080"
I0109 14:21:45.268500       1 server.go:197] cert-manager/webhook "msg"="listening for secure connections" "address"=":10250"
I0109 14:21:46.298072       1 dynamic_source.go:266] cert-manager/webhook "msg"="Updated cert-manager webhook TLS certificate" "DNSNames"=["cert-manager-webhook","cert-manager-webhook.cert-manager","cert-manager-webhook.cert-manager.svc"]

相关内容