GKE Autopilot install errors installing webhooks

GKE released Autopilot today which is a fully managed GKE cluster (think AWS Fargate). The problem is you can't seem to install webhooks. Is there another way to install cert-manager that may work?

I ran this command:
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version 1.2.0 --set installCRDs=true

It produced this output:
Error from server (Forbidden): error when retrieving current configuration of:
Resource: "admissionregistration.k8s.io/v1, Resource=mutatingwebhookconfigurations", GroupVersionKind: "admissionregistration.k8s.io/v1, Kind=MutatingWebhookConfiguration"
Name: "cert-manager-webhook", Namespace: ""
from server for: "https://github.com/jetstack/cert-manager/releases/download/v1.2.0-alpha.2/cert-manager.yaml": mutatingwebhookconfigurations.admissionregistration.k8s.io "cert-manager-webhook" is forbidden: User "[myemail@mydomain.com]" cannot get resource "mutatingwebhookconfigurations" in API group "admissionregistration.k8s.io" at the cluster scope: GKEAutopilot authz: cluster scoped resource "mutatingwebhookconfigurations/" is managed and access is denied
My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:
Google Cloud
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):See above

1 Like

Welcome to the Let's Encrypt Community, Bob :slightly_smiling_face:


Perhaps not and if that is the case feel free to delete my post. It's specifically around certbot which from your response I'd have to assume isn't supported on this forum?

1 Like

I just took a look at cert-manager. It appears that it is an ACME client. I have no familiarity with it and so am unable to help. There may be others here who are familiar though.

Thank you, I thought they were both supported under the same umbrella as that's always the client I've seen recommended. I'll check other places.

1 Like

Yeah, according to the certbot page: https://certbot.eff.org/support/
For most questions about Certbot, and all questions about Let’s Encrypt, it’s best to start with the Let’s Encrypt Community Forums (these are hosted by Discourse).

1 Like

Keep in mind that cert-manager is NOT certbot.

1 Like

Ohhhh...Not quite sure how I missed that one. Apologies. Thanks for the clarification.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.