「cert-manager」- 常见问题处理

  CREATED BY JENKINSBOT

… is forbidden … cannot create resource “alidns” in API group … at the cluster scope

问题描述:

alidns.acme.example.com is forbidden: User "system:serviceaccount:cert-manager:cert-manager" 
cannot create resource "alidns" in API group "acme.example.com" at the cluster scope

原因分析:./03-letsencrypt-clusterissuer.yamlgroupName: 未与 ./01-bundle.yamlgroup: 要保持一致

解决方案:保持 groupName:group: 一致。

Error presenting challenge: the server could not find the requested resource

Error presenting challenge: the server could not find the requested resource (post dnspod.acme.XXX.com) · Issue #1

问题描述:

# kubectl describe challenges.acme.cert-manager.io
...
Events:                                                                                                                                                                                                                                                                     
  Type     Reason        Age               From          Message                                                                                                                                                                                                            
  ----     ------        ----              ----          -------                                                                                                                                                                                                            
  Normal   Started       31s               cert-manager  Challenge scheduled for processing                                                                                                                                                                                 
  Warning  PresentError  4s (x4 over 29s)  cert-manager  Error presenting challenge: the server could not find the requested resource 

环境信息:
kubernetes v1.22.10-aliyun.1 / cert-manager 1.5.3

解决方案:
当 cert-manager 1.5.3 升级 cert-manager 1.7.3 后,问题得以解决;