Traefik2.3: uses a non-existent resolver: default/ali

Hi, i am hiting the issue resolver cannot be found, and read all the topic related, but got no answer

ENV:

  • kubernetes v1.8
  • traefik: 2.3

args:

          args:
            - --configfile=/config/traefik.yaml
            - --certificatesresolvers.ali.acme.dnsChallenge=true
            - --certificatesResolvers.ali.acme.dnsChallenge.provider=alidns
            - --certificatesResolvers.ali.acme.email=xx@qq.com
            - --certificatesResolvers.ali.acme.storage=/etc/acme/acme.json
            - --certificatesresolvers.ali.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/director
         env:
          - name: ALICLOUD_ACCESS_KEY             
            value: xx
          - name: ALICLOUD_SECRET_KEY             
            value: xx

result:

no acme.json created in the desired location, and the tls certification generated by TRAFIK DEFAULT CERT

Logs:

time="2020-12-02T09:51:52Z" level=info msg="Configuration loaded from file: /config/traefik.yaml"
{"level":"info","msg":"Traefik version 2.3.4 built on 2020-11-24T16:16:43Z","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"Starting provider aggregator.ProviderAggregator {}","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"Starting provider *traefik.Provider {}","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"Starting provider *ingress.Provider {\"ingressClass\":\"traefik-v2.3\"}","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"ingress label selector is: \"\"","providerName":"kubernetes","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"Creating in-cluster Provider client","providerName":"kubernetes","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"Starting provider *crd.Provider {\"ingressClass\":\"traefik-v2.3\"}","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"label selector is: \"\"","providerName":"kubernetescrd","time":"2020-12-02T09:51:52Z"}
{"level":"info","msg":"Creating in-cluster Provider client","providerName":"kubernetescrd","time":"2020-12-02T09:51:52Z"}
{"level":"error","msg":"the router traefik-ingress-traefik-dashboard-0880a6d08e40a927e521@kubernetescrd uses a non-existent resolver: default","time":"2020-12-02T09:51:52Z"}
{"level":"error","msg":"the router test-ingressroutetls-06d0a8200e6b843781ef@kubernetescrd uses a non-existent resolver: ali","time":"2020-12-02T09:51:52Z"}
{"level":"error","msg":"the router traefik-ingress-traefik-dashboard-0880a6d08e40a927e521@kubernetescrd uses a non-existent resolver: default","time":"2020-12-02T09:51:53Z"}
{"level":"error","msg":"the router test-ingressroutetls-06d0a8200e6b843781ef@kubernetescrd uses a non-existent resolver: ali","time":"2020-12-02T09:51:53Z"}
{"level":"error","msg":"the router traefik-ingress-traefik-dashboard-0880a6d08e40a927e521@kubernetescrd uses a non-existent resolver: default","time":"2020-12-02T09:52:58Z"}
{"level":"error","msg":"the router test-ingressroutetls-06d0a8200e6b843781ef@kubernetescrd uses a non-existent resolver: ali","time":"2020-12-02T09:53:02Z"}
{"level":"error","msg":"the router traefik-ingress-traefik-dashboard-0880a6d08e40a927e521@kubernetescrd uses a non-existent resolver: default","time":"2020-12-02T09:53:02Z"}

ingressroute defination:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: ingressroutetls
  annotations:
    kubernetes.io/ingress.class: traefik-v2.3
spec:
  entryPoints:
    - websecure
  routes:
  - match: Host(`test.traefik.xx.com`) && PathPrefix(`/tls`)
    kind: Rule
    services:
    - name: whoami
      port: 80
  tls:
    certResolver: ali
    domains:
    - main: "*.xx.com"

thanks in advance~

Hello @refeiner,

Thanks for your interest in Traefik :slight_smile:

You can't mix ways to define a static configuration.

As the log mentioned, you loaded the configuration from file but you will not load the part in command line.

2 Likes

thanks a lot, with your help i finnally setup the pod.

btw, i get below error, does this means the pod 443 should be read from the remote caserver? actully, the host locates in a inner network which cannot be reached from outside.

i read the docs from https://doc.traefik.io/traefik/https/acme/, only tlsChallenge block mentions this requirement.

just realize that the txt record has added to my dns, but disapper after a while.

{"level":"error","msg":"Unable to obtain ACME certificate for domains \"*.refeiner.com\" : unable to generate a certificate for the domains [*.refeiner.com]: error: one or more domains had a problem:\n[*.refeiner.com] time limit exceeded: last error: read udp 10.0.0.10:47072-\u003e140.205.41.18:53: i/o timeout\n","providerName":"ali.acme","time":"2020-12-02T12:23:43Z"}

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.