I’m attempting to deploy Rancher on a Kubernetes cluster managed by Gardener. I’ve encountered a problem with the validating webhook configurations installed by the rancher-webhook pod.
Specifically, the failurePolicy for rancher.cattle.io within the kube-system namespace is set to Fail. However, this configuration is not permissible within my Kubernetes setup.
As a temporary fix, I can manually edit the webhook to exclude the kube-system namespace, but this change is overwritten whenever the webhook pod restarts.
Does anyone have suggestions for a more permanent workaround that would prevent the kube-system namespace from being impacted by the failurePolicy of the Rancher webhook?