Certificate didn't auto update


#1

I still can create new certificate, and workaround for this issue is to create the certificate manually, assign it to voyager’s ingress (and optional, delete old certificate)

So far, I’ve done:

  • searching stackdriver logs for certificate name at operator’s logs, but return no rows
  • search logs for keywords Certificate, found some warning logs: textPayload: "github.com/appscode/voyager/client/informers/externalversions/factory.go:74: Failed to list *v1beta1.Certificate: the server could not find the requested resource (get certificates.voyager.appscode.com)" `

didn’t see any missing certificate though

$ kubectl get clusterrole | grep appscode
appscode:voyager:edit                                                  35d
appscode:voyager:view                                                  35d

voyager’s helm chart values

##
## Voyager chart configuration
##
replicaCount: 1
# Docker registry containing Voyager & HAProxy images
voyager:
  registry: appscode
  repository: voyager
  tag: 7.4.0
haproxy:
  registry: appscode
  repository: haproxy
  tag: 1.8.12-7.4.0-alpine
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
##
# imagePullSecrets:
#   - name: myRegistryKeySecretName
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
imagePullPolicy: IfNotPresent
## Use cloud provider here.
cloudProvider: gke
## The path to the cloud provider configuration file. Empty string for no configuration file.
## ie. for azure use /etc/kubernetes/azure.json
cloudConfig: ''
## Installs voyager operator as critical addon
## https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/
criticalAddon: false
## Log level for voyager
logLevel: 3
persistence:
  enabled: false
  hostPath: /etc/kubernetes

## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: 
  lifecycle: stable

## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: {}

## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

## Install Default RBAC roles and bindings
rbac:
  # Specifies whether RBAC resources should be created
  create: true

serviceAccount:
  # Specifies whether a ServiceAccount should be created
  create: true
  # The name of the ServiceAccount to use.
  # If not set and create is true, a name is generated using the fullname template
  name: 

# this flag can be set to 'voyager' to handle only ingress
# with annotation kubernetes.io/ingress.class=voyager.
ingressClass: voyager

apiserver:
  # groupPriorityMinimum is the minimum priority the group should have. Please see
  # https://github.com/kubernetes/kube-aggregator/blob/release-1.9/pkg/apis/apiregistration/v1beta1/types.go#L58-L64
  # for more information on proper values of this field.
  groupPriorityMinimum: 10000
  # versionPriority is the ordering of this API inside of the group. Please see
  # https://github.com/kubernetes/kube-aggregator/blob/release-1.9/pkg/apis/apiregistration/v1beta1/types.go#L66-L70
  # for more information on proper values of this field
  versionPriority: 15
  # enableValidatingWebhook is used to configure apiserver as ValidationWebhook for Voyager CRDs
  enableValidatingWebhook: false
  # CA certificate used by main Kubernetes api server
  ca:
  # If true, uses status sub resource for Voyager crds.
  enableStatusSubresource: false

# Send usage events to Google Analytics
enableAnalytics: true