Creation of cert objects such as a certificate or issue are intermittently failing with error messages such as:
Internal error occurred: failed calling webhook "webhook.cert-manager.io": failed to call webhook: Post "https://cert-manager-webhook.cert-manager.svc:443/validate?timeout=10s": dial tcp 10.129.2.30:10250: connect: connection refused
When viewing the cert-manager-webhook service, it appears that the cert-manager-webhook is selecting all three cert-manger pods and not just the cert-manager-webhook pod. This is causing any object creation requests to be round robined to all three pods and only one out of every three object creations succeed.
The original selectors on the service object are as follows:
The inclusion of the common labels causes the original name and component to be overwritten for all pods in this kustomization file making it unable to correctly select the right pod.
Creation of cert objects such as a certificate or issue are intermittently failing with error messages such as:
When viewing the cert-manager-webhook service, it appears that the cert-manager-webhook is selecting all three cert-manger pods and not just the
cert-manager-webhookpod. This is causing any object creation requests to be round robined to all three pods and only one out of every three object creations succeed.The original selectors on the service object are as follows:
The original deployment/pod labels are as follows:
The kustomization.yaml file located here includes the following:
The service after being rendered through kustomize appears as follows:
The deployment after being redned through kustomize appears as follows:
The inclusion of the common labels causes the original name and component to be overwritten for all pods in this kustomization file making it unable to correctly select the right pod.