Skip to content

http validation fails in namespace with resource quota #233

Closed
#408
Closed
http validation fails in namespace with resource quota#233
#408
Assignees
kragniz
Labels
area/acmeIndicates a PR directly modifies the ACME Issuer codegood first issueDenotes an issue ready for a new contributor, according to the "help wanted" guidelines.kind/bugCategorizes issue or PR as related to a bug.
Milestone
v0.3
@markns

Description

@markns
markns
opened on Jan 5, 2018

/kind bug

What happened:

When attempting to provision a secret to a namespace that has a quota enabled, I run into the following error:

error presenting acme authorization for domain "apiserver.myco.io": error ensuring http01 challenge pod: pods "cm-apiserver-proxy-ecjpz" is forbidden: failed quota: myco-quota: must specify limits.cpu,limits.memory]

The HTTP validation pod fails to create because the resource limits are not set in the http.go issuer pkg/issuer/acme/http/http.go:326

What you expected to happen:

A certificate is provisioned successfully in a namespace with a quota enabled

How to reproduce it (as minimally and precisely as possible):

Attempt to use http validation in a namespace with quota enabled

Environment:
quay.io/jetstack/cert-manager-controller:v0.2.2
quay.io/jetstack/cert-manager-ingress-shim:v0.2.2

Metadata

Metadata

Assignees

Labels

area/acmeIndicates a PR directly modifies the ACME Issuer codegood first issueDenotes an issue ready for a new contributor, according to the "help wanted" guidelines.kind/bugCategorizes issue or PR as related to a bug.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions