kong icon indicating copy to clipboard operation
kong copied to clipboard
Published 1 week ago verified publisher icon Kong

Backoff Counter for Certificate Update Becomes Negative Instead of Counting Down

Open s-venger opened this issue 1 year ago • 1 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Kong version ($ kong version)

3.7.8

Current Behavior

When attempting to update the certificate for the host ***, the system logs the following error:

2024/10/11 11:42:54 [error] 1412#0: *30136 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847933 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:42:54 [error] 1415#0: *28022 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847933 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:42:55 [error] 1415#0: *28025 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847934 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:42:55 [error] 1412#0: *30145 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847934 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:42:55 [error] 1414#0: *30429 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847934 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:44:15 [error] 1413#0: *32890 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4890471 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:46:22 [error] 1415#0: *28183 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4890598 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:50:41 [error] 1414#0: *43631 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4890857 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:53:42 [error] 1413#0: *46724 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4891038 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer

Expected Behavior

The backoff counter should decrement towards zero, providing a positive countdown (e.g., "please try again in 300 seconds") after each failed attempt to update the certificate. This ensures that retry attempts are spaced appropriately and that error messages are accurate and meaningful.

Steps To Reproduce

Im not sure

Anything else?

No response

s-venger avatar Oct 11 '24 11:10 s-venger

@s-venger it will be nice if you could provided more details of your deployment, e.g. what plugin you use, how to reproduce, how you update the certificate, etc.

ProBrian avatar Oct 12 '24 01:10 ProBrian

@s-venger Could you please share your configuration about the acme plugin? Especially for the storage configuration. That counter relies on storage TTL policy so that would be a great help if you could provide more info about that.

Oyami-Srk avatar Oct 22 '24 04:10 Oyami-Srk

This issue is marked as stale because it has been open for 14 days with no activity.

github-actions[bot] avatar Nov 13 '24 02:11 github-actions[bot]

Dear contributor,

We are automatically closing this issue because it has not seen any activity for three weeks. We're sorry that your issue could not be resolved. If any new information comes up that could help resolving it, please feel free to reopen it.

Your contribution is greatly appreciated!

Please have a look our pledge to the community for more information.

Sincerely, Your Kong Gateway team

github-actions[bot] avatar Nov 20 '24 02:11 github-actions[bot]