From 5c3da0d2a605e59593c92ad74d2aaf7c960bdb2e Mon Sep 17 00:00:00 2001 From: Patryk Strugacz Date: Wed, 10 Jan 2024 09:20:51 +0100 Subject: [PATCH 1/3] Add troubleshooting for missing certificates secret --- .../01-missing-certificate-secret.md | 17 +++++++++++++++++ .../troubleshooting/README.md | 1 + 2 files changed, 18 insertions(+) create mode 100644 docs/04-operation-guides/troubleshooting/01-missing-certificate-secret.md diff --git a/docs/04-operation-guides/troubleshooting/01-missing-certificate-secret.md b/docs/04-operation-guides/troubleshooting/01-missing-certificate-secret.md new file mode 100644 index 000000000000..568e5c8c2aa2 --- /dev/null +++ b/docs/04-operation-guides/troubleshooting/01-missing-certificate-secret.md @@ -0,0 +1,17 @@ +# Secret with certificates is missing + +## Symptom + +Secret `kyma-gateway-certs` is not found, + +```bash +kubectl get -n istio-system secrets +``` + +## Cause + +This can only be caused by a mistake, for example accidental removal of that secret. + +## Remedy + +The certificate will be restored automatically in next reconciliation loop. diff --git a/docs/04-operation-guides/troubleshooting/README.md b/docs/04-operation-guides/troubleshooting/README.md index cab9e31db731..25fcf2a01320 100644 --- a/docs/04-operation-guides/troubleshooting/README.md +++ b/docs/04-operation-guides/troubleshooting/README.md @@ -13,6 +13,7 @@ See the full list of Kyma troubleshooting guides: - [Provisioning k3d fails on a Linux machine](./01-k3d-fails-on-linux.md) - [Error for kubectl port forwarding](./01-kube-troubleshoot-kubectl-port-forward.md) - [Kyma domain is not resolvable](./01-kyma-domain-unresolvable.md) +- [Secret with certificates is missing](./01-missing-certificate-secret.md) - [Kyma resource is misconfigured](./01-resources-misconfigured.md) - [Cannot create a volume snapshot](./01-volume-backup.md) From 1984043d9f2a1abd5a20db078d8968b708459af2 Mon Sep 17 00:00:00 2001 From: Patryk Strugacz Date: Thu, 18 Jan 2024 14:03:14 +0100 Subject: [PATCH 2/3] Add manual reconciliation trigger --- .../troubleshooting/01-missing-certificate-secret.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/04-operation-guides/troubleshooting/01-missing-certificate-secret.md b/docs/04-operation-guides/troubleshooting/01-missing-certificate-secret.md index 568e5c8c2aa2..773c2ee52bc7 100644 --- a/docs/04-operation-guides/troubleshooting/01-missing-certificate-secret.md +++ b/docs/04-operation-guides/troubleshooting/01-missing-certificate-secret.md @@ -15,3 +15,8 @@ This can only be caused by a mistake, for example accidental removal of that sec ## Remedy The certificate will be restored automatically in next reconciliation loop. +If needed, you can also trigger the reconciliation by restarting the `api-gateway-controller-manager` deployment: + +```bash +kubectl -n kyma-system rollout restart deployment api-gateway-controller-manager +``` From cb09a201aed9557f10b6c4570668d9b9a8aa25ba Mon Sep 17 00:00:00 2001 From: Patryk Strugacz Date: Thu, 18 Jan 2024 14:07:43 +0100 Subject: [PATCH 3/3] Revert go.mod --- components/central-application-connectivity-validator/go.sum | 1 - 1 file changed, 1 deletion(-) diff --git a/components/central-application-connectivity-validator/go.sum b/components/central-application-connectivity-validator/go.sum index 878f7f8279ed..f5f9fd871d55 100644 --- a/components/central-application-connectivity-validator/go.sum +++ b/components/central-application-connectivity-validator/go.sum @@ -310,7 +310,6 @@ go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= golang.org/x/crypto v0.4.0/go.mod h1:3quD/ATkf6oY+rnes5c3ExXTbLc8mueNue5/DoinL80= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=