Skip to main content

Certificates and cert-manager

< overview | troubleshooting scenarios

Wayfinder offers easy time-bound access to logs, enabling you to troubleshoot both Wayfinder and the pods/containers within the Kubernetes clusters that Wayfinder manages.

The following sections describe various troubleshooting steps. Unless otherwise noted, any user can perform these steps.


Installing Wayfinder

[Wayfinder administrator]

Certificates and cert-manager

If you are not using the installation options --api-tls-private-key-pem and --ui-tls-private-key-pem, Wayfinder installs and uses cert-manager to provision certificates. Occasionally, cert-manager can fail while requesting a certificate from LetsEncrypt and falls into an exponential backoff:

◉ Waiting for Cert Manager to successfully retrieve a certificate for API
Error: operation has been cancelled
OR
◉ Waiting for Cert Manager to successfully retrieve a certificate for UI
Error: operation has been cancelled

If you encounter this issue:

  1. Check the status of the certificate resource in the wayfinder namespace:

    kubectl -n wayfinder get certificate

  2. Try deleting the certificate request, and then re-run the non-interactive install:

    • kubectl -n wayfinder delete certificate NAME
    • wf install --non-interactive

    You can access the management cluster to perform the above via:

    # Google Cloud
    # Name: is the name of the management cluster we gave in the install
    # Region: is the region we created the management cluster in
    $ gcloud container clusters get-credentials NAME --zone REGION

    # Amazon AWS
    # Name: is the name of the management cluster we gave in the install
    $ aws eks update-kubeconfig --name NAME

    # Azure
    # Name: is the name of the management cluster we gave in the install
    # Region: is the location we placed the management cluster. The resource group created following the format wf-NAME-REGION
    $ az aks get-credentials --admin --name NAME --resource-group wf-NAME-REGION


What comes next?