Skip to content

Help needed - tls secret took long to discover(ingress version: 1.10, kubernetes version: 1.20) #1448

New issue
New issue
Closed
#1654
Closed
Help needed - tls secret took long to discover(ingress version: 1.10, kubernetes version: 1.20)#1448
#1654
Labels
bugAn issue reporting a potential bug
@kongdewen

Description

@kongdewen
kongdewen
opened on Mar 11, 2021

we are seeing a weird problem when upgrade to latest ingress,

when the k8s ingress pods start, it takes couple minutes for actually find the tls for the ingresses. It would first report secret missing or invalid type(we did have to switch tls type to kubernetes.io/tls lately to prepare of the upgrade) until sometime later came back to normal:

error sample:

W0311 14:30:31.734196       7 controller.go:1983] Error trying to get the secret  for Ingress xxx: secret doesn't exist or of an unsupported type
W0311 14:30:31.734212       7 controller.go:1983] Error trying to get the secret tls-wildcard-xxx for Ingress xxx: secret doesn't exist or of an unsupported type

secret sample:

 kubectl -n xxx describe secret/tls-wildcard-xxx
Name:         tls-wildcard-xxx
Namespace:    xxx
Labels:     
Annotations:  <none>

Type:  kubernetes.io/tls

Data
====
tls.crt:  3420 bytes
tls.key:  1704 bytes

ingress sample:

#
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: "xxx"
  namespace: "xxx"
  annotations:
    ingress.kubernetes.io/rewrite-target: "/"
    nginx.org/redirect-to-https: "true"
    kubernetes.io/ingress.class: "nginx"
  labels:
    app: "xxx"
    track: "prod"
spec:
  tls:
    - hosts:
        - "xxx.default"
    - hosts:
        - "xxx"
      secretName: tls-wildcard-xxx
  rules:
    - host: "xxx.default"
      http:
        paths:
          - path: /
            backend:
              serviceName: xxx
              servicePort: xx
    - host: xxx
      http:
        paths:
          - backend:
              serviceName: xxx
              servicePort: xx
            path: /

Any ideas what might happened?

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugAn issue reporting a potential bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions