You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
k logs -f -l app.kubernetes.io/instance=external-dns
{"level":"info","msg":"Instantiating new Kubernetes client","time":"2024-12-22T13:46:36Z"}
{"level":"debug","msg":"apiServerURL: ","time":"2024-12-22T13:46:36Z"}
{"level":"debug","msg":"kubeConfig: ","time":"2024-12-22T13:46:36Z"}
{"level":"info","msg":"Using inCluster-config based on serviceaccount-token","time":"2024-12-22T13:46:36Z"}
{"level":"info","msg":"Created Kubernetes client https://10.43.0.1:443","time":"2024-12-22T13:46:36Z"}
{"level":"debug","msg":"apiServerURL: ","time":"2024-12-22T13:46:36Z"}
{"level":"debug","msg":"kubeConfig: ","time":"2024-12-22T13:46:36Z"}
{"level":"info","msg":"Using inCluster-config based on serviceaccount-token","time":"2024-12-22T13:46:36Z"}
{"level":"info","msg":"Created Dynamic Kubernetes client https://10.43.0.1:443","time":"2024-12-22T13:46:36Z"}
{"level":"debug","msg":"no zoneIDFilter configured, looking at all zones","time":"2024-12-22T13:46:36Z"}
{"level":"fatal","msg":"Failed to do run once: HTTP request failed: Get \"https://api.cloudflare.com/client/v4/zones?per_page=50\": net/http: invalid header field value for \"Authorization\"","time":"2024-12-22T13:46:43Z"}
I've checked the secret multiple times.
If is use an ubuntu container in the external-dns namespace i can query the url successfully with curl, using the secret values as bearer token:
DNS updated, even if i would likely need to find a workaround for my loadbalancer service having a private external ip:
k get svc -n kube-system traefik
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
traefik LoadBalancer 10.43.84.213 172.18.0.2 80:30174/TCP,443:30715/TCP 3d19h
How to reproduce it (as minimally and precisely as possible):
External-DNS version (use external-dns --version): helm chart 1.15.0
DNS provider: cloudflare
Others: k3d running on a public cluster with haproxy running on port 80 and 443 which routes requests to port 8080 and 8443 on localhost, which are the k3s ingress ports.
The text was updated successfully, but these errors were encountered:
monotek
changed the title
cloudflare provider in k3d does not work
cloudflare provider in k3d does not work - invalid header field value for "Authorization"
Dec 22, 2024
I don't know if it's helpful, but I had this same issue and it turned out to be user error: I was echo'ing my token to base64 encode it e.g., echo $CLOUDFLARE_TOKEN | base64 and that would cause a trailing newline to be added to the base64-encoded value.
I switched to doing echo -n $CLOUDFLARE_TOKEN | base64 (note the -n) and the new secret value worked!
What happened:
Pod is crashlooping with:
I've checked the secret multiple times.
If is use an ubuntu container in the external-dns namespace i can query the url successfully with curl, using the secret values as bearer token:
What you expected to happen:
DNS updated, even if i would likely need to find a workaround for my loadbalancer service having a private external ip:
How to reproduce it (as minimally and precisely as possible):
helm install with the following values:
My secret looks like:
Anything else we need to know?:
Environment:
external-dns --version
): helm chart 1.15.0The text was updated successfully, but these errors were encountered: