1

Recently, we changed uninstalled our cert manager and reinstalled it into a new namespace.

There were no issues with the uninstall / reinstall of the cert manager. When we tried to create a new certificate issuer, the cert manager is unable to handle the request as it has a reference to the previous web hook service.

kubectl apply -f c:\temp\clusterissuereus.yaml -n cert-manager

Error from server (InternalError): error when creating "c:\\temp\\clusterissuereus.yaml": Internal error occurred: failed calling webhook "webhook.cert-manager.io": Post https://cert-manager-1617928457-webhook.cert-manager.svc:443/mutate?timeout=10s: service "cert-manager-1617928457-webhook" not found

cert-manager-1617928457-webhook is the previous webhook pod / service.

This is similar issue as described on the Cert Manager Github site.

We did try to install cert manager via helm with the --set installCRDs=true param but it did not work.

Any suggestions on removing the previous webhook reference ?

Brennan Mann
  • 133
  • 1
  • 3
  • 2
    There are some ideas behind it. You need to remove all traces from old installations. Try to remove `cert-manager` itself with `kubectl delete -f ***.yaml` or `helm uninstall cert-manager -n %name_space%`. There are `configMaps` which are used for `cert-manager`. Try to find everything with `kubectl get cm --all-namespaces` and delete manually everything related to `cert-manager`. Also there may be `mutatingwebhookconfigurations` and `validatingwebhookconfigurations` left. Delete them as well. After it's done perform a clean install. – moonkotte May 26 '21 at 13:33

0 Answers0