Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

failed to call webhook #5521

Closed
diegoavitorino opened this issue Mar 26, 2024 · 6 comments
Closed

failed to call webhook #5521

diegoavitorino opened this issue Mar 26, 2024 · 6 comments
Labels
bug Something isn't working

Comments

@diegoavitorino
Copy link

diegoavitorino commented Mar 26, 2024
edited by negz
Loading

Hi, by trying to deploy any composition yaml, I'm facing the error bellow:

error occurred: failed calling webhook "compositions.apiextensions.crossplane.io": failed to call webhook: Post "https://crossplane-webhooks.crossplane-system.svc:9443/validate-apiextensions-crossplane-io-v1-composition?timeout=10s": context deadline exceeded

I Installed crossplane from the default way:

# helm install crossplane --namespace crossplane-system --create-namespace crossplane-stable/crossplane

Just to make sure endpoint is responding:

# curl https://crossplane-webhooks.crossplane-system:9443/validate-apiextensions-crossplane-io-v1-composition?
curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

# curl https://crossplane-webhooks.crossplane-system:9443/validate-apiextensions-crossplane-io-v1-composition? --insecure
{"response":{"uid":"","allowed":false,"status":{"metadata":{},"message":"contentType=, expected application/json","code":400}}}

image

I saw the links below but I don't know what I need to do to fix it?

#4732
#4748

thanks
@diegoavitorino diegoavitorino added the bug Something isn't working label Mar 26, 2024
@phisco
Copy link
Contributor

phisco commented Mar 26, 2024

Is it a managed Kubernetes cluster? EKS?

Is crossplane's pod running?

@diegoavitorino
Copy link
Author

Is it a managed Kubernetes cluster? EKS?

Is crossplane's pod running?

exactly, it is an EKS cluster

I'm to be able to deploy resources individually, just to deploy composition I'm facing the error.

image
image

@phisco
Copy link
Contributor

phisco commented Mar 26, 2024

EKS has some issues with webhooks, Have a look here: https://medium.com/@denisstortisilva/kubernetes-eks-calico-and-custom-admission-webhooks-a2956b49bd0d

@diegoavitorino
Copy link
Author

diegoavitorino commented Mar 26, 2024
edited
Loading

We are using VPC CNI instead Calico

I configured “hostNetwork: true” but still the same error

image

@negz
Copy link
Member

negz commented Mar 26, 2024

Is this the same issue as #5520?

@diegoavitorino
Copy link
Author

Just to share with all of you guys, the solution was to set 9443 port to ingress rule of Security group each node to source SG of EKS

@ravilr ravilr mentioned this issue Mar 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@negz @phisco @diegoavitorino