K8s secret "vpa-tls-certs" not found

git clone https://github.com/kubernetes/autoscaler.git cd autoscaler/vertical-pod-autoscaler/ ./hack/vpa-up.sh

MountVolume.SetUp failed for volume "tls-certs" : secret "vpa-tls-certs" not found

#!/bin/bash # Generates the a CA cert, a server key, and a server cert signed by the CA. set -e CN_BASE="vpa_webhook" TMP_DIR="/tmp/vpa-certs" echo "Generating certs for the VPA Admission Controller in ${TMP_DIR}." mkdir -p ${TMP_DIR} cat > ${TMP_DIR}/server.conf << EOF [req] req_extensions = v3_req distinguished_name = req_distinguished_name [req_distinguished_name] [ v3_req ] basicConstraints = CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment extendedKeyUsage = clientAuth, serverAuth subjectAltName = @alt_names [alt_names] DNS.1 = vpa-webhook.kube-system.svc EOF # Create a certificate authority openssl genrsa -out ${TMP_DIR}/caKey.pem 2048 openssl req -x509 -new -nodes -key ${TMP_DIR}/caKey.pem -days 100000 -out ${TMP_DIR}/caCert.pem -subj "/CN=${CN_BASE}_ca" # Create a server certificate openssl genrsa -out ${TMP_DIR}/serverKey.pem 2048 # Note the CN is the DNS name of the service of the webhook. openssl req -new -key ${TMP_DIR}/serverKey.pem -out ${TMP_DIR}/server.csr -subj "/CN=vpa-webhook.kube-system.svc" -config ${TMP_DIR}/server.conf openssl x509 -req -in ${TMP_DIR}/server.csr -CA ${TMP_DIR}/caCert.pem -CAkey ${TMP_DIR}/caKey.pem -CAcreateserial -out ${TMP_DIR}/serverCert.pem -days 100000 -extensions v3_req -extfile ${TMP_DIR}/server.conf echo "Uploading certs to the cluster." kubectl create secret --namespace=kube-system generic vpa-tls-certs --from-file=${TMP_DIR}/caKey.pem --from-file=${TMP_DIR}/caCert.pem --from-file=${TMP_DIR}/serverKey.pem --from-file=${TMP_DIR}/serverCert.pem # Clean up after we're done. echo "Deleting ${TMP_DIR}." rm -rf ${TMP_DIR}

sudo chmod +x gencerts.sh ./gencerts.sh