22 Sep 2022 02:53 PM - last edited on 23 Sep 2022 08:52 AM by MaciejNeumann
Hi all,
I am doing Dynatrace installation on the Kubernetes but at the last step I am getting the below error,
If anyone faces the below error previously kindly guide me.
[root@ip-source-ip Dynatrace]# kubectl apply -f CR.yaml
Error from server (InternalError): error when creating "CR.yaml": Internal error occurred: failed calling webhook "webhook.dynatrace.com": Post "https://dynatrace-webhook.dynatrace.svc:443/validate?timeout=2s": dial tcp destination-ip:8443: connect: connection refused
also will describing the log get below details,
kubectl logs -f dynatrace-webhook-74578d556-w7hjk -n dynatrace --previous
{"level":"info","ts":"2022-09-22T11:58:23.831Z","logger":"dynatrace-operator.version","msg":"Dynatrace Operator","version":"v0.3.0","gitCommit":"883392d56f46393692fdc5c7e6ee898985d50333","buildDate":"2021-11-25 13:40:40+00:00","goVersion":"go1.16.10","platform":"linux/amd64"}
I0922 11:58:24.882318 1 request.go:665] Waited for 1.035751229s due to client-side throttling, not priority and fairness, request: GET:https://172.20.0.1:443/apis/certificates.k8s.io/v1?timeout=32s
{"level":"info","ts":"2022-09-22T11:58:25.235Z","logger":"controller-runtime.metrics","msg":"metrics server is starting to listen","addr":":8383"}
{"level":"info","ts":"2022-09-22T11:58:25.235Z","msg":"SSL certificates configured","dir":"/tmp/webhook/certs","key":"tls.key","cert":"tls.crt"}
{"level":"info","ts":"2022-09-22T11:58:25.240Z","msg":"Waiting for certificate secret to be available."}
{"level":"info","ts":"2022-09-22T11:58:35.248Z","msg":"Failed to update certificates","error":"could not create cert directory: mkdir /tmp/webhook: read-only file system"}
{"level":"info","ts":"2022-09-22T11:58:45.257Z","msg":"Failed to update certificates","error":"could not create cert directory: mkdir /tmp/webhook: read-only file system"}
{"level":"info","ts":"2022-09-22T11:58:55.264Z","msg":"Failed to update certificates","error":"could not create cert directory: mkdir /tmp/webhook: read-only file system"}
{"level":"info","ts":"2022-09-22T11:59:05.274Z","msg":"Failed to update certificates","error":"could not create cert directory: mkdir /tmp/webhook: read-only file system"}
Solved! Go to Solution.
23 Sep 2022 02:36 PM
Hi @Sanket_Molavade,
Have you tried the latest dynatrace operator v0.8.2. instead of v0.3.0?
Has your kubernetes cluster access the github image repo? dynatrace operator (previous was oneagent operator)?
One of our client at openshift we have to create a cutom resoucre imagecontentsourcepolicy becasue any external resource access was disabled for the cluster (in this case radhat image repo instead of github image repo). Without this we had an error when applied the cr.yaml, webhook pods can't be created, last mirror was missing. Maybe it can be use only openshift not at a "pure" kubernetes cluster.
spec:
repositoryDigestMirror:
- mirrors:
- docker-proxy.xxxxx/dynatrace/dynatrace-oneagent-operator
source: registry.connect.redhat.com/dynatrace/dynatrace-oneagent-operator
- mirrors:s
- docker-proxy.xxxxx/dynatrace/oneagent
source: registry.connect.redhat.com/dynatrace/oneagent
- mirrors:
- docker-proxy.xxxxx/dynatrace/dynatrace-operator
source: registry.connect.redhat.com/dynatrace/dynatrace-operator
- mirrors:
- docker-proxy.xxxxx/dynatrace/dynatrace-operator-bundle
source: registry.connect.redhat.com/dynatrace/dynatrace-operator-bundle
Maybe it is not the same issue, but I hope it helps for you.
Br, Mizső