Hi Team, I have started seeing below error for par...
# ask-the-communitym
Mohd Shahid Khan Afridi
02/04/2024, 5:45 AMHi Team, I have started seeing below error for particular task in flyte propeller. Any guidance which certificate should be updated and how?
Copy code
RuntimeExecutionError: failed during plugin execution, caused by: failed to execute handle for plugin [container]: [InternalError] failed to create resource, caused by: Internal error occurred: failed calling webhook "<http://flyte-pod-webhook.flyte.org|flyte-pod-webhook.flyte.org>": failed to call webhook: Post "<https://flyte-pod-webhook.flyte.svc:443/mutate--v1-pod?timeout=10s>": tls: failed to verify certificate: x509: certificate has expired or is not yet valid: current time 2024-02-04T02:21:19Z is after 2024-02-03T07:14:25ZMohd Shahid Khan Afridi
02/04/2024, 5:48 AMI see in propeller volumes there is one certificate metioned,
kube-root-ca.crt<http://kubernetes.io/description=Contains|kubernetes.io/description=Contains> a CA bundle that can be used to verify the kube-apiserver when using internal endpoints such as the internal service IP or kubernetes.default.svc. No other usage is guaranteed across distributions of Kubernetes clusters. Copy code
Not Before: Jan 18 13:38:02 2023 GMT
Not After : Jan 10 14:38:02 2053 GMTk
Ketan (kumare3)
02/04/2024, 5:51 AM
Update cert
m
Mohd Shahid Khan Afridi
02/04/2024, 5:51 AMyeah I see webhook cert seem expired
d
Dan Rammer (hamersaw)
02/05/2024, 1:12 PMthe propeller webhook creates a cert where the previous solution had a 1 year expiration, we have since increased this to 99 years. restarting the propeller webhook should generate a new cert.