This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 53%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
Hi,
For one of my projects, I am using the sidecar injection feature from dapr on a AKS cluster. If I try to restart an AKS cluster, all of the pods get de-ployed correctly after the cluster restarted, but these pods do not have sidecars injected.
I have reached out to the dapr team and they believed that this is a issue related to the mutating admission webhooks. They do not seem to trigger on a cluster restart.
I am wondering if the AKS team can indeed confirm this is an issue (that mutating admissions webhooks do not trigger on a cluster restart)? Thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 98%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
@Ruokun Niu I have reached out to the product team to confirm this. Please feel free to ping me offline and I can share the internal contacts with you as well. Thanks.
@Ruokun Niu Can you try checking the admissions controller logs and also verify that they are highly available ?
Reference doc: https://learn.microsoft.com/en-us/azure/architecture/operator-guides/aks/aks-triage-controllers
@Ruokun Niu Checking in to see if there is an update on this. Let me know the requested details. Thanks.
Hi @Anonymous , sorry for the late response. The link you provided is not working. However, I did find a workaround solution in my scenario.
Thanks
@Ruokun Niu Thanks for sharing the update. If possible, do share the workaround here for others in the community to reference.
Looks like the Url was changed. I have updated the link in the comment above.
https://learn.microsoft.com/en-us/azure/architecture/operator-guides/aks/aks-triage-controllers
@Ruokun Niu I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this!
Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer. Accepted answers show up at the top, resulting in improved discoverability for others.
Issue: Customer shared - "AKS Cluster - Mutating admissions webhook does not trigger after a cluster restart. I was working with Dapr (https://dapr.io/) sidecars in a kubernetes cluster, where some of my pods have a sidecar injection. However, when I restart an AKS cluster, sometimes sidecar injection would fail, and I had to manually restart the pods to get it working again.
I talked to folks in Dapr and they suspected that it might be due to Mutating admissions webhooks and suggested me to ask here."
Solution: Cx shared - "My alternative solution is to use to the dapr injection watchdog (https://docs.dapr.io/concepts/dapr-services/operator/#injector-watchdog). It regularly checks the conditions of the sidecar and automatically triggers a restart if needed."
If your issue remains unresolved or have further questions, please let us know in the comments how we can assist.
Hi,
For my scenario, I was working with Dapr (https://dapr.io/) sidecars in a kubernetes cluster, where some of my pods have a sidecar injection. However, when I restart a AKS cluster, sometimes sidecar injection would fail and I had to manually restart the pods to get it working again.
I talked to folks in Dapr and they suspected that it might be something that is due to Mutating admissions webhooks and suggested me to ask here.
My alternative solution is to use to the dapr injection watchdog (https://docs.dapr.io/concepts/dapr-services/operator/#injector-watchdog). It regularly checks the conditions of the sidecar and automatically trigger a restart if needed.
@Ruokun Niu Thanks for sharing the update and resolution with others.