Emissary can't find tlsSecret for Ingress resource
See original GitHub issueDescribe the bug Hello, when I’m trying to create Ingress resource with TLS enables using the manifest below:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: kubia-ambassador-ingress
annotations:
kubernetes.io/ingress.class: ambassador
spec:
tls:
- hosts:
- host.example.com
secretName: example-tls-secret
rules:
- host: host.example.com
http:
paths:
- path: /kubia
pathType: Prefix
backend:
service:
name: kubia-service
port:
number: 80
I’m getting the following error:
2021-12-02 16:50:31 diagd 2.0.5 [P21TAEW] ERROR: Secret example-tls-secret.default unknown
2021-12-02 16:50:31 diagd 2.0.5 [P21TAEW] ERROR: Host kubia-ambassador-ingress-0-0: invalid TLS secret example-tls-secret, marking inactive
At the same time if I will use native emissary resources then all is Ok with the same secret:
apiVersion: getambassador.io/v3alpha1
kind: Host
metadata:
name: minimal-host
spec:
tlsSecret:
name: example-tls-secret
hostname: host.example.com
mappingSelector:
matchLabels:
examplehost: host
requestPolicy:
insecure:
action: Route
---
apiVersion: getambassador.io/v3alpha1
kind: Mapping
metadata:
name: quote-backend
spec:
hostname: "*"
prefix: /backend/
service: kubia-service:80
Also I’ve tried to obtain TLS certificate automatically using cert-manager and in such case I’m getting the absolutely same error.
I have a bunch of my test resources in namespace default and emissary-ingress in a separate one. Do I miss something or may this be a bug? Can you please help to understand.
To Reproduce Steps to reproduce the behavior: Deploy Ingress resource with TLS secret presented.
Expected behavior Ingress resource works absolutely the same way as Host + Mapping resources.
Versions (please complete the following information):
- Ambassador: 2.0.5
- Azure Kubernetes Service
- Version v1.19.11
- Helm Chart version emissary-ingress-7.1.10
Issue Analytics
- State:
- Created 2 years ago
- Reactions:2
- Comments:6 (4 by maintainers)
Closing to prioritize issues without available workarounds.
Let’s not just close issues because they have a workaround. Closing means we’re not going to do anything about the issue. Not the same as de-prioritizing it over other items.