Uploaded image for project: 'Agent-based Installer for OpenShift'
  1. Agent-based Installer for OpenShift
  2. AGENT-937

Check Authentication Token for Node Boot-Up on day2

XMLWordPrintable

    • 3
    • Installer Sprint 257

      User Story:

      As an ABI user responsible for day-2 operations, I want to be able to:

      • Verify the Status of the Authentication Token:
        • Quickly and easily check whether the authentication token used for booting up nodes with node.iso is currently valid or has expired. 
      • Receive Guidance on Expired Tokens:
        • If the authentication token has expired, receive clear and actionable instructions on the necessary steps to renew or replace the token. This includes understanding how to generate a new token by running the add-nodes command to create a new node ISO.
        • Display a status message on the boot-up screen where other status messages are shown. The message could be:
          • The auth token is expired. Re-run the add-nodes command to generate a new node ISO and boot it up to continue.
          • The auth token is valid up to AGENT_AUTH_TOKEN_EXPIRY

      so that I can

      • effectively manage the authentication aspect of booting up nodes using node.iso, ensuring that all operations run smoothly and securely. This will provide a clear path for corrective actions in the event of authentication issues.

      Additional Details:

      A new systemd service will be introduced to check and display the status of the authentication token—whether it is valid or expired. This service will run immediately after the agent-interactive-console systemd service. If the authentication token is expired, cluster installation or adding new nodes will be halted until a new node ISO is generated.

      Acceptance Criteria:

      Description of criteria:

      • A new systemd service 
      • Point 1
      • Point 2
      • Point 3

      (optional) Out of Scope:

      Detail about what is specifically not being delivered in the story

      Engineering Details:

      This requires/does not require a design proposal.
      This requires/does not require a feature gate.

            ppinjark@redhat.com pawan pinjarkar
            ppinjark@redhat.com pawan pinjarkar
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: