This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

[GKE] Troubleshoot Error SSL Certificate Provisioning - Failed Not Visible

Posted on 05-01-2024 03:33 PM
Marctrix14
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

 

Hi everyone,

I deployed a web application which is hosted both in Google Cloud and in another server. The website, imagine it is "www.example.enterprise.com", has the domain "enterprise.com" in a different server than the subdomain "www.example.enterprise.com", which is in Google Cloud. The website needs 2 ports opened, the 80 and the 3000 to control Google login. I use Google Kubernetes Engine to run the Docker image. 

I'm struggling to get the SSL certificate work properly as I still get the message that the certificate is provisioning and that the domain status is "Failed Not Visible". I need the website to be HTTPs as it requires Google authentication. 

I updated the DNS records today but it has already passed 5h since. How much should I need to wait?

I'd like to know if I have configured the DNS settings correctly, that's why I attach an image from Google Cloud DNS and I also attach the Kubernetes YAML files, which I suppose are correct as I followed the official documentation.

google cloud dns.png

SSL certificate  

 

apiVersion: networking.gke.io/v1
kind: ManagedCertificate
metadata:
  name: example-managed-cert
  namespace: production
spec:
  domains:
    - www.example.enterprise.com

 

Ingress

 

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: example-ingress
  annotations:
    kubernetes.io/ingress.global-static-ip-name: example-ip
    networking.gke.io/managed-certificates: example-managed-cert
    ingressClassName: "gce" # controladador de Ingress integrado de Google Kubernetes Engine
  namespace: production
spec: 
  rules:
  - host: www.example.enterprise.com
  - http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: example-service-general
            port:
              number: 80
      - path: /oauth2callback
        pathType: Prefix
        backend:
          service:
            name: example-service-auth
            port:
              number: 3000

 

 

Services

 

apiVersion: v1
kind: Service
metadata:
  name: example-service-auth
  labels:
    name: example-service-auth
    app: example
  namespace: production
spec:
  type: NodePort
  selector:
    name: example-pod
    app: example
  ports:
    - name: port-general
      port: 3000
      targetPort: 3000
      protocol: TCP
apiVersion: v1
kind: Service
metadata:
  name: example-service-general
  labels:
    name: example-service-general
    app: example
  namespace: production
spec:
  type: NodePort
  selector:
    name: example-pod
    app: example
  ports:
    - name: port-general
      port: 80
      targetPort: 80
      protocol: TCP

 

 

4 0 37
Topic Labels
0 REPLIES 0
Top Labels in this Space
Top Solution Authors
View all