[BUG][DEPLOY] Cert manager unable to issue certificates
stobias123 opened this issue · comments
Describe the bug
Cert manager is trying to issue certificates, but it appears to get errors when updating the certificate resource.
Error Detail.
E0731 22:10:10.006286 1 controller.go:131] cert-manager/controller/certificates "msg"="re-queuing item due to error processing" "error"="Certificate.certmanager.k8s.io \"multicloud-ca-cert\" is invalid: metadata.managedFields.fieldsType: Invalid value: \"\": must be `FieldsV1`" "key"="open-cluster-management/multicloud-ca-cert"
I think #99 is caused by this.
To Reproduce
Deploy 4.5 on vsphere (behind firewall)
Install ACM
Expected behavior
A clear and concise description of what you expected to happen.
Additional context
$ k describe po mcm-apiserver-c66554bf6-rdsmw
Warning FailedMount 7m30s (x13 over 17m) kubelet, mgmt-lzlbb-worker-7dvtj MountVolume.SetUp failed for volume "mongodb-ca-cert" : secret "multicloud-ca-cert" not found
Warning FailedMount 2m4s (x2 over 6m35s) kubelet, mgmt-lzlbb-worker-7dvtj Unable to attach or mount volumes: unmounted volumes=[mongodb-ca-cert mongodb-client-cert], unattached volumes=[hub-sa-token-tl2j7 apiserver-certs klusterlet-certs mongodb-ca-cert mongodb-client-cert]: timed out waiting for the condition
root $ k get certificate
NAME READY SECRET AGE EXPIRATION
grc-2f6b9-ca-cert False grc-2f6b9-grc-secrets 16m
kui-proxy False kui-proxy-secret 16m
management-ingress-31ccb-cert False management-ingress-31ccb-tls-secret 16m
multicloud-ca-cert False multicloud-ca-cert 16m
upgrading openshift and installing 2.0 fixed this issue.