Digital Ocean Kubernetes Let's Encrypt Waiting for HTTP-01 challenge propagation:执行自检失败
Digital Ocean Kubernetes Let's Encrypt Waiting for HTTP-01 challenge propagation: failed to perform self check
我一直在尝试在 Digital Ocean 中部署 Kubernetes 集群。除了我尝试应用 tls 证书时,一切似乎都有效。我一直在按照这些步骤操作,但是 Nginx Ingress Controller v1.0.0 和 cert-manager v1.5.0.
我有两个网址,比方说 api.example.com 和 www.example.com
查看我看到的挑战Waiting for HTTP-01 challenge propagation: failed to perform self check GET request...
我尝试将以下注释添加到入口:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: "letsencrypt-prod"
或使用此服务作为解决方法:
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
namespace: ingress-nginx
annotations:
service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true"
service.beta.kubernetes.io/do-loadbalancer-hostname: "www.example.com"
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
#CHANGE/ADD THIS
externalTrafficPolicy: Cluster
type: LoadBalancer
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port: 80
targetPort: http
- name: https
port: 443
targetPort: https
如果我参加 URL 挑战,我可以看到哈希,但我卡住了,我不确定失败的原因或解决此问题的步骤。
正如agusgambina在评论中提到的,问题已解决:
I was able to make this work, first I need to get the load balancer id executing k describe svc ingress-nginx-controller --namespace=ingress-nginx and then pasting in the annotation kubernetes.digitalocean.com/load-balancer-id: “xxxx-xxxx-xxxx-xxxx-xxxxx” thanks for your comments, it helped me to solve the issue.
这个问题也有描述here并且还有教程
How to Set Up an Nginx Ingress with Cert-Manager on DigitalOcean Kubernetes.
我一直在尝试在 Digital Ocean 中部署 Kubernetes 集群。除了我尝试应用 tls 证书时,一切似乎都有效。我一直在按照这些步骤操作,但是 Nginx Ingress Controller v1.0.0 和 cert-manager v1.5.0.
我有两个网址,比方说 api.example.com 和 www.example.com
查看我看到的挑战Waiting for HTTP-01 challenge propagation: failed to perform self check GET request...
我尝试将以下注释添加到入口:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: "letsencrypt-prod"
或使用此服务作为解决方法:
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
namespace: ingress-nginx
annotations:
service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true"
service.beta.kubernetes.io/do-loadbalancer-hostname: "www.example.com"
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
#CHANGE/ADD THIS
externalTrafficPolicy: Cluster
type: LoadBalancer
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port: 80
targetPort: http
- name: https
port: 443
targetPort: https
如果我参加 URL 挑战,我可以看到哈希,但我卡住了,我不确定失败的原因或解决此问题的步骤。
正如agusgambina在评论中提到的,问题已解决:
I was able to make this work, first I need to get the load balancer id executing
k describe svc ingress-nginx-controller --namespace=ingress-nginxand then pasting in the annotationkubernetes.digitalocean.com/load-balancer-id: “xxxx-xxxx-xxxx-xxxx-xxxxx”thanks for your comments, it helped me to solve the issue.
这个问题也有描述here并且还有教程
How to Set Up an Nginx Ingress with Cert-Manager on DigitalOcean Kubernetes.