kubernetes-letsencrypt icon indicating copy to clipboard operation
kubernetes-letsencrypt copied to clipboard

Published 20 hours ago verified publisher icon tazjin

LetsencryptException: No matching zone found.

Open f-f opened this issue 6 years ago • 2 comments

We're getting this exception since some time (we're getting ~2k of them a day):

in.tazj.k8s.letsencrypt.util.LetsencryptException: No matching zone found.
	at in.tazj.k8s.letsencrypt.acme.CloudDnsResponder.updateCloudDnsRecord(CloudDnsResponder.kt:59)
	at in.tazj.k8s.letsencrypt.acme.CloudDnsResponder.addChallengeRecord(CloudDnsResponder.kt:26)
	at in.tazj.k8s.letsencrypt.acme.CertificateRequestHandler.prepareDnsChallenge(CertificateRequestHandler.kt:177)
	at in.tazj.k8s.letsencrypt.acme.CertificateRequestHandler.authorizeDomain(CertificateRequestHandler.kt:77)
	at in.tazj.k8s.letsencrypt.acme.CertificateRequestHandler.access$authorizeDomain(CertificateRequestHandler.kt:27)
	at in.tazj.k8s.letsencrypt.acme.CertificateRequestHandler$requestCertificate$1.accept(CertificateRequestHandler.kt:41)
	at in.tazj.k8s.letsencrypt.acme.CertificateRequestHandler$requestCertificate$1.accept(CertificateRequestHandler.kt:27)
	at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:184)
	at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1374)
	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:481)
	at java.util.stream.ForEachOps$ForEachTask.compute(ForEachOps.java:291)
	at java.util.concurrent.CountedCompleter.exec(CountedCompleter.java:731)
	at java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:289)
	at java.util.concurrent.ForkJoinTask.doInvoke(ForkJoinTask.java:401)
	at java.util.concurrent.ForkJoinTask.invoke(ForkJoinTask.java:734)
	at java.util.stream.ForEachOps$ForEachOp.evaluateParallel(ForEachOps.java:160)
	at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateParallel(ForEachOps.java:174)
	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:233)
	at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:418)
	at java.util.stream.ReferencePipeline$Head.forEach(ReferencePipeline.java:583)
	at in.tazj.k8s.letsencrypt.acme.CertificateRequestHandler.requestCertificate(CertificateRequestHandler.kt:41)
	at in.tazj.k8s.letsencrypt.kubernetes.ServiceManager.handleCertificateRequest(ServiceManager.kt:64)
	at in.tazj.k8s.letsencrypt.kubernetes.ServiceManager.access$handleCertificateRequest(ServiceManager.kt:20)
	at in.tazj.k8s.letsencrypt.kubernetes.ServiceManager$reconcileService$1.run(ServiceManager.kt:45)
	at java.lang.Thread.run(Thread.java:745)

This happened roughly since we moved the cluster to GCP's europe-north1 region, so I suspect it's just not finding the name of the zone in some list. There's no such list in the source, so I guess it comes from the Google Cloud DNS library. I wonder if just upgrading that dependency would fix this?

f-f avatar Nov 22 '18 12:11 f-f

I wonder if just upgrading that dependency would fix this?

That's a good bet! I don't actively maintain this at the moment, but if you'd like to try doing a dependency update (the compiler should scream at you for the things that no longer work) it shouldn't be too hard. I may find some time to look at it, too, but can't promise you when.

tazjin avatar Nov 22 '18 15:11 tazjin

Thanks! I tried upgrating and opened #90, code compiles fine but I didn't manage to get the tests to compile (I'm afraid I don't understand kotlin-mockito)

f-f avatar Nov 22 '18 16:11 f-f