Closed gazal-k closed 2 years ago
@omidraha I had the same issue but solved it by using a k8s.helm.v3.Release
instead of a k8s.helm.v3.Chart
I am facing the same issue with aws-load-balancer-controller:v2.6.2
Looks like the caBundle
certificate is not updated at MutatingWebhookConfiguration
and ValidatingWebhookConfiguration
We are trying to migrate from
ingress-nginx
toaws-load-balancer-controller
. We are starting by just installing the controller chart. The plan is to template our applications to use the new ingress.classalb
and then migrate them.But after installing
aws-load-balancer-controller
, we are seeing errors on our existing applications like:cannot patch "app1-ingress" with kind Ingress: Internal error occurred: failed calling webhook "vingress.elbv2.k8s.aws": Post https://aws-load-balancer-webhook-service.kube-system.svc:443/validate-networking-v1beta1-ingress?timeout=10s: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "aws-load-balancer-controller-ca"): cannot patch "app1-ingress" with kind Ingress: Internal error occurred: failed calling webhook "vingress.elbv2.k8s.aws": Post https://aws-load-balancer-webhook-service.kube-system.svc:443/validate-networking-v1beta1-ingress?timeout=10s: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "aws-load-balancer-controller-ca")
app1-ingress
still useskubernetes.io/ingress.class: nginx
. Can we skip the webhook from modifying those?