Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backoff Counter for Certificate Update Becomes Negative Instead of Counting Down #13743

Open
1 task done
s-venger opened this issue Oct 11, 2024 · 2 comments
Open
1 task done
Labels
pending author feedback Waiting for the issue author to get back to a maintainer with findings, more details, etc...

Comments

@s-venger
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Kong version ($ kong version)

3.7.8

Current Behavior

When attempting to update the certificate for the host ***, the system logs the following error:

2024/10/11 11:42:54 [error] 1412#0: *30136 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847933 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:42:54 [error] 1415#0: *28022 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847933 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:42:55 [error] 1415#0: *28025 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847934 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:42:55 [error] 1412#0: *30145 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847934 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:42:55 [error] 1414#0: *30429 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4847934 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:44:15 [error] 1413#0: *32890 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4890471 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:46:22 [error] 1415#0: *28183 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4890598 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:50:41 [error] 1414#0: *43631 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4890857 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer
2024/10/11 11:53:42 [error] 1413#0: *46724 [kong] handler.lua:175 failed to update certificate for host: www.***.com err:please try again in -4891038 seconds for host www.***.com because of previous failure; this is configurable with config.fail_backoff_minutes, context: ngx.timer

Expected Behavior

The backoff counter should decrement towards zero, providing a positive countdown (e.g., "please try again in 300 seconds") after each failed attempt to update the certificate. This ensures that retry attempts are spaced appropriately and that error messages are accurate and meaningful.

Steps To Reproduce

Im not sure

Anything else?

No response

@ProBrian
Copy link
Contributor

@s-venger it will be nice if you could provided more details of your deployment, e.g. what plugin you use, how to reproduce, how you update the certificate, etc.

@ProBrian ProBrian added the pending author feedback Waiting for the issue author to get back to a maintainer with findings, more details, etc... label Oct 12, 2024
@Oyami-Srk
Copy link
Member

@s-venger Could you please share your configuration about the acme plugin? Especially for the storage configuration. That counter relies on storage TTL policy so that would be a great help if you could provide more info about that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
pending author feedback Waiting for the issue author to get back to a maintainer with findings, more details, etc...
Projects
None yet
Development

No branches or pull requests

4 participants
@Oyami-Srk @ProBrian @s-venger and others