progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/name: webhook
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: webhook
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: webhook
app.kubernetes.io/version: v1.9.1
helm.sh/chart: cert-manager-v1.9.1
spec:
containers:
- args:
- --v=2
- --secure-port=10250
- --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE)
- --dynamic-serving-ca-secret-name=cert-manager-webhook-ca
- --dynamic-serving-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.cert-manager.svc
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: quay.io/jetstack/cert-manager-webhook:v1.9.1
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /livez
port: 6080
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
name: cert-manager
ports:
- containerPort: 10250
name: https
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 6080
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 50m
memory: 32Mi
securityContext:
allowPrivilegeEscalation: false
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
nodeSelector:
kubernetes.io/os: linux
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: true
serviceAccount: cert-manager-webhook
serviceAccountName: cert-manager-webhook
terminationGracePeriodSeconds: 30
cert-manager-webhook
app: webhook
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: webhook
app.kubernetes.io/version: v1.9.1
helm.sh/chart: cert-manager-v1.9.1
deployment.kubernetes.io/revision: 2
kubectl.kubernetes.io/last-applied-configuration: {"apiVersion":"apps/v1","kind":"Deplo...
Spec
Status
availableReplicas: 1
conditions:
- lastTransitionTime: '2021-08-30T18:59:30Z'
lastUpdateTime: '2022-09-06T16:44:26Z'
message: ReplicaSet "cert-manager-webhook-6cb859d6d9" has successfully progressed.
reason: NewReplicaSetAvailable
status: 'True'
type: Progressing
- lastTransitionTime: '2025-10-19T10:16:47Z'
lastUpdateTime: '2025-10-19T10:16:47Z'
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: 'True'
type: Available
observedGeneration: 2
readyReplicas: 1
replicas: 1
updatedReplicas: 1
Pods
| Name | Ready | Status | Restarts | Age | IP | Node | Nominated Node | Readiness Gates | Created |
|---|---|---|---|---|---|---|---|---|---|
| cert-manager-webhook-6cb859d6d9-zj5n5 | 1/1 | Running | 14 | 545d | 172.18.117.237 | sed-infra-server-master-mcg58ax2-aa1e3892 | <none> | <none> | 2024-04-28 13:45:15 |
Events
| Type | Reason | Age | From | Message |
|---|---|---|---|---|
| No events found. | ||||