cluster-api: clusterctl init missing capi-webhook-service-cert
What steps did you take and what happened: run cluster init
What did you expect to happen: complete install.
Anything else you would like to add:
$ clusterctl init
Fetching providers
Installing Provider="cluster-api" Version="v0.3.0" TargetNamespace="capi-system"
Error: action failed after 3 attempts: failed to create provider object cert-manager.io/v1alpha2, Kind=Certificate, capi-webhook-system/capi-serving-cert: Internal error occurred: failed calling webhook "webhook.cert-manager.io": Post https://kubernetes.default.svc:443/apis/webhook.cert-manager.io/v1beta1/mutations?timeout=30s: Forbidden
Warning FailedMount 74s (x4 over 8m3s) kubelet Unable to attach or mount volumes: unmounted volumes=[cert], unattached volumes=[default-token-wz8ws cert]: timed out waiting for the condition
Warning FailedMount 19s (x15 over 14m) kubelet MountVolume.SetUp failed for volume "cert" : secret "capi-webhook-service-cert" not found
$ clusterctl version
clusterctl version: &version.Info{Major:"0", Minor:"3", GitVersion:"v0.3.0-dirty", GitCommit:"b6aad253dfcdafc263e8b399d3a97732006b3069", GitTreeState:"dirty", BuildDate:"2020-03-10T20:48:54Z", GoVersion:"go1.13.8", Compiler:"gc", Platform:"linux/amd64"}
/kind bug
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 15 (8 by maintainers)
I’m leaning toward a communication error, but in this case, it is the kube-API server calling https://kubernetes.default.svc:443/apis/webhook.cert-manager.io, not clusterctl (clustetrctl only bubbles up the error)
so checking https://kind.sigs.k8s.io/docs/user/quick-start/#configure-kind-to-use-a-proxy, kind respect proxy vars, but in that case you have to
no_proxy=kubernetes.default.svc kind create cluster