Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

defaulting.webhook.karpenter.sh not being cleaned after the upgrade from v0.27.0 t0 v0.27.1 #3673

Closed
nalshamaajc opened this issue Mar 31, 2023 · 5 comments
Closed

defaulting.webhook.karpenter.sh not being cleaned after the upgrade from v0.27.0 t0 v0.27.1 #3673

nalshamaajc opened this issue Mar 31, 2023 · 5 comments

Comments

@nalshamaajc
Copy link

https://github.com/aws/karpenter/blob/2692257998f9b8daec819e13e5d2e886e6c3cd03/charts/karpenter/templates/clusterrole-core.yaml#

I don't see defaulting.webhook.karpenter.sh being created anywhere but it still exists in the clusterrole-core.yaml template, is it there for compatibility?

It is not being cleaned after the upgrade and it's causing errors.

image

2023-03-30T14:48:31.074Z	ERROR	controller	Reconciler error	{"commit": "7131be2-dirty", "controller": "counter", "controllerGroup": "karpenter.sh", "controllerKind": "Provisioner", "Provisioner": {"name":"default"}, "namespace": "", "name": "default", "reconcileID": "0d9fe71a-effe-450d-a3c3-2ce144c39f77", "error": "Internal error occurred: failed calling webhook \"defaulting.webhook.karpenter.sh\": failed to call webhook: the server rejected our request for an unknown reason"}
2023-03-30T14:48:31.140Z	ERROR	controller	Reconciler error	{"commit": "7131be2-dirty", "controller": "counter", "controllerGroup": "karpenter.sh", "controllerKind": "Provisioner", "Provisioner": {"name":"default"}, "namespace": "", "name": "default", "reconcileID": "3bf2940a-ce39-47a1-b864-09fec9e09aaa", "error": "Internal error occurred: failed calling webhook \"defaulting.webhook.karpenter.sh\": failed to call webhook: the server rejected our request for an unknown reason"}

Solution
kubectl delete mutatingwebhookconfiguration.admissionregistration.k8s.io/defaulting.webhook.karpenter.sh

Redeploy the Karpenter deployment
This was referenced Mar 31, 2023
Merged
Merged
@bwagner5
Copy link
Contributor

The permission definitely shouldn't still be in the chart. I've created a PR to remove that. I'm not sure why defaulting.webhook.karpenter.sh didn't get removed when you performed the upgrade.

Are you doing a helm upgrade or are you generating the template and applying it another way?

@nalshamaajc
Copy link
Author

no I rely on ArgoCD to do so, and I had the same issue on 2 other clusters I was performing the same operation on where I had to do the same workaround

@jonathan-innis
Copy link
Contributor

no I rely on ArgoCD to do so

Does Argo have functionality to apply through helm upgrade or are you just templating the manifests and applying them through GitOps with Argo?

@nalshamaajc
Copy link
Author

In my case it's the latter, not quite sure if there is a feature to force argo to use helm upgrade.

@ellistarn
Copy link
Contributor

Reading this thread, seems like we're good to close. Feel free to reopen if I got this wrong.

@nalshamaajc nalshamaajc mentioned this issue Apr 4, 2023
Closed
@bwagner5 bwagner5 mentioned this issue Jun 10, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ellistarn @bwagner5 @jonathan-innis @nalshamaajc