kubernetes - 创建资源 cert-manager/letsencrypt 失败,因为 Kubernetes API 服务器报告此资源的 apiVersion 不存在
问题描述
我在安装cert-managerHelm 图表和在我们的 Azure Kubernetes 集群中使用 Pulumi 设置 LetsEncrypt 集群颁发者时遇到问题。我们使用的是 Kubernetes 版本 1.21.2 和 cert-manager。1.5.3。
在任何资源存在之前运行时pulumi up,我收到以下错误:
kubernetes:cert-manager.io/v1:ClusterIssuer (cert-manager-letsencrypt):
error: creation of resource cert-manager/letsencrypt failed because the Kubernetes API server reported that the apiVersion for this resource does not exist. Verify that any required CRDs have been created: no matches for kind "ClusterIssuer" in version "cert-manager.io/v1"
error: update failedaToolsCertManager cert-manager
我可以通过运行确认没有创建集群颁发者kubectl get clusterissuer。
pulumi up再次运行时,它成功并且正确创建了letsencrypt ClusterIssuer。
我不想pulumi up连续运行多次才能成功部署。谁能看到这里有什么问题?
C#堆栈定义:
// Create new namespace
var certManagerNamespace = new Namespace("cert-manager",
new NamespaceArgs()
{
Metadata = new ObjectMetaArgs
{
Name = "cert-manager"
}
},
options);
// Install cert-manager using Helm
var certManagerChart = new Chart("cert-manager",
new ChartArgs
{
Chart = "cert-manager",
Version = "1.5.3",
Namespace = certManagerNamespace.Metadata.Apply(m => m.Name),
Values =
{
["installCRDs"] = "true"
},
FetchOptions = new ChartFetchArgs
{
Repo = "https://charts.jetstack.io"
}
},
options);
// Create ClusterIssuer using LetsEncrypt
var clusterIssuer = new ClusterIssuer($"{name}-letsencrypt",
new ClusterIssuerArgs()
{
ApiVersion = "cert-manager.io/v1",
Kind = "ClusterIssuer",
Metadata = new ObjectMetaArgs()
{
Name = "letsencrypt",
Namespace = "cert-manager",
},
Spec = new ClusterIssuerSpecArgs()
{
Acme = new ClusterIssuerSpecAcmeArgs()
{
Email = "administrator@blahblah.com",
Server = "https://acme-v02.api.letsencrypt.org/directory",
PrivateKeySecretRef = new ClusterIssuerSpecAcmePrivateKeySecretRefArgs()
{
Name = "letsencrypt"
},
Solvers =
{
new ClusterIssuerSpecAcmeSolversArgs()
{
Http01 = new ClusterIssuerSpecAcmeSolversHttp01Args()
{
Ingress = new ClusterIssuerSpecAcmeSolversHttp01IngressArgs()
{
Class = "nginx"
}
}
}
}
}
}
},
new CustomResourceOptions()
{
DependsOn = certManagerChart,
Provider = options.Provider
});
Pulumi 的集群发行者定义:
+ kubernetes:cert-manager.io/v1:ClusterIssuer: (create)
[urn=urn:pulumi:preprod::MyAks::kubernetes:cert-manager.io/v1:ClusterIssuer::cert-manager-letsencrypt]
[provider=urn:pulumi:preprod::MyAks::k8sx:service:MyAks$pulumi:providers:kubernetes::k8s-provider::5191350f-c03b-4796-bc48-053584e2c996]
apiVersion: "cert-manager.io/v1"
kind : "ClusterIssuer"
metadata : {
labels : {
app.kubernetes.io/managed-by: "pulumi"
}
name : "letsencrypt"
namespace: "cert-manager"
}
spec : {
acme: {
email : "administrator@blahblah.com"
privateKeySecretRef: {
name: "letsencrypt"
}
server : "https://acme-v02.api.letsencrypt.org/directory"
solvers : [
[0]: {
http01: {
ingress: {
class: "nginx"
}
}
}
]
}
}
解决方案
推荐阅读
- python - 在 Python 和 PANDAS 中进行值校正的内部排序
- c# - C# 中的多个 MongoDb 过滤器
- javascript - promise.all 渲染两次并返回 undefined
- c# - 如何将 2 个对象类型添加到一个对象中?
- reactjs - 在 React-Bootstrap 或 Bootstrap col 到 col (无行)是否允许?
- postgresql - Docker Postgres PGAdmin4 MacOS - pgadmin4 重启后不显示 docker Postgres 卷数据
- python - 如何使用seaborn,python中的彩色气泡图设置数值变量的色调范围?
- woocommerce - 当没有可用的运输选项时隐藏“下订单”按钮
- python - 如何使用 opencv 使用 LAN 电缆在没有互联网的情况下流式传输 IP 摄像机
- inno-setup - 使用 VCL 视觉样式和许可 RTF 文件文本颜色错误