aws-sigv4-proxy-admission-controller icon indicating copy to clipboard operation
aws-sigv4-proxy-admission-controller copied to clipboard

Published 20 hours ago verified publisher icon aws-observability

Spontaneous "Failed calling webhook error", occurs on cluster post-deployment, spontaneously

Open kittywitch opened this issue 1 year ago • 1 comments 

Internal error occurred: failed calling webhook “sigv4-aws-sigv4-proxy-admission-controller.k8s.aws”: failed to call webhook: Post “[https://sigv4-aws-sigv4-proxy-admission-controller-webhook-service.kube-system.svc:443/mutate?timeout=10s](https://sigv4-aws-sigv4-proxy-admission-controller-webhook-service.kube-system.svc/mutate?timeout=10s)”: no endpoints available for service “sigv4-aws-sigv4-proxy-admission-controller-webhook-service”

How to temporarily resolve if your cluster experiences this issue: https://github.com/aws/eks-charts/issues/795#issuecomment-1668082655

Similar to https://github.com/aws/eks-charts/issues/795#issue-1332538192

The cluster spontaneously bricks itself (no pods come back into the cluster, due to being unable to) sometimes when this admission controller is used because when the webhook is unavailable it has no fallback.

It is something to do with the certificate generation and management system within the chart.

kittywitch avatar Jan 13 '24 20:01 kittywitch

This bug was my greeting to trying out the chart. It bricked the cluster as described, with an attempt to even launch a simple unrelated pod throwing the error instead. Worked around by uninstalling the Helm chart and installing again.

insideClaw avatar Aug 12 '24 15:08 insideClaw