Volume mount error during cluster installation

If you enabled audit-logging during cluster installation, you might see a volume mount error. The installation completes, but the cert-manager-webhook does not pick the audit logging certificates during installation.

Symptoms

You might see the following error message:

Warning FailedMount 127m (x2 over 127m) kubelet, ip-10-0-128-196.ec2.internal MountVolume.SetUp failed for volume "certs" : secrets "audit-certs" not found

Causes

The audit logging certificates refresh during cluster installation. However, the cert-manager-webhook and other API servers do not pick the certificates.

Resolving the problem

Complete the following steps to resolve the issue:

1. Install kubectl. For more information, see Installing the Kubernetes CLI (kubectl).

2. Get the cert-manager-webhook pod name.

   kubectl get pod -n cert-manager | grep webhook | grep -v cainjector
   

3. Restart the cert-manager-webhook pod.

   kubectl delete pod -n cert-manager <webhook pod name>
   

4. Restart fluentd daemonset.

   kubectl delete ds fluentd