Cert-manager: Cloudfare dns does not work anymore

Created on 28 Apr 2020  路  13Comments  路  Source: jetstack/cert-manager

Describe the bug:

Recently Cloudfare dns are not working anymore with error:

Warning PresentError 2m41s (x11 over 75m) cert-manager Error presenting challenge: Cloudflare API Error
Error: 9205: Per_Page must be a number between 5 and 100

Cloudfare now expect a maximun of 100 for Per_Page while cert-manager use 1000

Expected behaviour:

No error

Steps to reproduce the bug:

Just plug it to cloudfare today

Anything else we need to know?:

Environment details:: v1.14.9-eks-502bfb

  • Kubernetes version (e.g. v1.10.2): 1.15
  • Cloud-provider/provisioner (e.g. GKE, kops AWS, etc): AWS
  • cert-manager version (e.g. v0.4.0): 0.14.2
  • Install method (e.g. helm or static manifests): helm

/kind bug

areacmdns01 kinbug prioritcritical-urgent
Source
picture sileht
👍14

Most helpful comment

@meyskens would it be possible to also release a minor release for 0.14.x to include the bugfix for already existing clusters ?

picture esantoro on 28 Apr 2020
👍11

All 13 comments

For the record, the documentation about this behavior is here:

https://api.cloudflare.com/#dns-records-for-a-zone-properties

per_page number | Number of DNS records per page 20 | default value: 20 min value:5 max value:100

sileht picture sileht on 28 Apr 2020
👍3 🎉2

Thanks @sileht for such a fast reaction! I think this thing might become a show-stopper for most of us who use DNS01 challenge with CF. Maybe you have an idea how fast are new versions of cert-manager rolled out and built? We have installed it using helm in our k8s cluster, which uses quay.io/jetstack/cert-manager-controller:v0.14.0 image, and currently are blocked because of this "terribly huge" change.

vitalikaz picture vitalikaz on 28 Apr 2020

@sileht is so great! but is there some workaround for the temporary use?

sayhell picture sayhell on 28 Apr 2020

I currently trying to rebuild the 0.14.2 patched for my production cluster.

sileht picture sileht on 28 Apr 2020
👍3

We are hoping to get a new alpha of v0.15 out today, and v0.15 this week. Which will include this patch.

meyskens picture meyskens on 28 Apr 2020

@meyskens would it be possible to also release a minor release for 0.14.x to include the bugfix for already existing clusters ?

esantoro picture esantoro on 28 Apr 2020
👍11

Yes, this should be a part of v0.14.3.

munnerz picture munnerz on 28 Apr 2020

When the v0.14.3 will be released? Thx @meyskens

deimosfr picture deimosfr on 28 Apr 2020
👍2

For those who are in production and blocked like us waiting for the official release in v0.14.3, please find images we've built at Qovery https://hub.docker.com/repository/docker/qoveryrd/jetstack-cert-manager-controller-v2

You can use this image and tag: qoveryrd/jetstack-cert-manager-controller-v2:v0.14.2

Hope this will help

deimosfr picture deimosfr on 28 Apr 2020
👍2

Version v0.14.3 will be released today?

sayhell picture sayhell on 29 Apr 2020
👍1

We will release v0.14.3 today

meyskens picture meyskens on 29 Apr 2020
👍8

https://github.com/jetstack/cert-manager/releases/tag/v0.14.3 is released!

meyskens picture meyskens on 29 Apr 2020
🎉2

Thank you @meyskens !

esantoro picture esantoro on 30 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

f-f picture f-f  路  4Comments
jonathan-kosgei picture jonathan-kosgei  路  4Comments
timblakely picture timblakely  路  4Comments
jbartus picture jbartus  路  4Comments
munjal-patel picture munjal-patel  路  3Comments