When operating a Kubernetes cluster, you may encounter situations where deploying a new add-on or application fails because resources from a previous installation were not completely removed.
A common culprit is leftover Webhook resources such as MutatingWebhookConfiguration or ValidatingWebhookConfiguration. Since these components intercept API requests to validate or mutate resources, their presence can cause unexpected errors during new deployments.
Symptoms
- Helm chart or manifest installation fails.
kubectl applycannot create resources because an old webhook intercepts the request.- Webhook configurations from already removed add-ons (e.g., Istio, ArgoCD, Gatekeeper) remain in the cluster.
1. Check for Leftover Webhook Resources
Start by listing existing webhook configurations in the cluster:
# Check Mutating Webhooks
kubectl get mutatingwebhookconfiguration
# Check Validating Webhooks
kubectl get validatingwebhookconfiguration
Example output:
NAME WEBHOOKS AGE
istio-sidecar-injector 2 5d
argo-validate-config 1 10d
2. Remove Unnecessary Resources
If the add-on has already been uninstalled, these resources can safely be removed:
# Delete MutatingWebhookConfiguration
kubectl delete mutatingwebhookconfiguration <resource-name>
# Delete ValidatingWebhookConfiguration
kubectl delete validatingwebhookconfiguration <resource-name>
Example:
kubectl delete mutatingwebhookconfiguration istio-sidecar-injector
kubectl delete validatingwebhookconfiguration argo-validate-config
3. Additional Cleanup Targets
Besides webhooks, other leftover resources may also block deployments, including:
- CustomResourceDefinition (CRD)
- ValidatingAdmissionPolicy
- APIService
- Namespace stuck in a
Terminatingstate
You can remove them with:
kubectl get crd | grep <addon-name>
kubectl delete crd <crd-name>
kubectl get apiservice
kubectl delete apiservice <apiservice-name>
Conclusion
- Undeleted Kubernetes resources often cause conflicts when deploying new add-ons or applications.
- Webhook configurations (
MutatingWebhookConfiguration/ValidatingWebhookConfiguration) are among the most common causes of failed installations. - By identifying and cleaning up these leftover resources, you can ensure smooth reinstallation or upgrades.
🛠 마지막 수정일: 2025.09.22
ⓒ 2025 엉뚱한 녀석의 블로그 [quirky guy's Blog]. All rights reserved. Unauthorized copying or redistribution of the text and images is prohibited. When sharing, please include the original source link.
💡 도움이 필요하신가요?
Zabbix, Kubernetes, 그리고 다양한 오픈소스 인프라 환경에 대한 구축, 운영, 최적화, 장애 분석,
광고 및 협업 제안이 필요하다면 언제든 편하게 연락 주세요.
📧 Contact: jikimy75@gmail.com
💼 Service: 구축 대행 | 성능 튜닝 | 장애 분석 컨설팅
📖 E-BooK [PDF] 전자책 (Gumroad):
Zabbix 엔터프라이즈 최적화 핸드북
블로그에서 다룬 Zabbix 관련 글들을 기반으로 실무 중심의 지침서로 재구성했습니다.
운영 환경에서 바로 적용할 수 있는 최적화·트러블슈팅 노하우까지 모두 포함되어 있습니다.
💡 Need Professional Support?
If you need deployment, optimization, or troubleshooting support for Zabbix, Kubernetes,
or any other open-source infrastructure in your production environment, or if you are interested in
sponsorships, ads, or technical collaboration, feel free to contact me anytime.
📧 Email: jikimy75@gmail.com
💼 Services: Deployment Support | Performance Tuning | Incident Analysis Consulting
📖 PDF eBook (Gumroad):
Zabbix Enterprise Optimization Handbook
A single, production-ready PDF that compiles my in-depth Zabbix and Kubernetes monitoring guides.
답글 남기기
댓글을 달기 위해서는 로그인해야합니다.