Uploaded image for project: 'OpenShift API Server'
  1. OpenShift API Server
  2. API-1825 Document feasibility of KMS on OCP
  3. API-1692

Research how to detect KMS/plugins failures

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • None
    • None
    • None
    • None
    • None

      As part of the KMS v2 enhancement, there was a lot of improvements made to KMS debuggability. It would be great to look into it and see which information is surfaced depending on the failure scenarios and how it would be seen by the kube-apiserver.

      https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/3299-kms-v2-improvements#rollout-upgrade-and-rollback-planning
      https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/3130-kms-observability

      It is worth noting that on SNO we won't be able to rely on metrics, so we should make sure that there are other vectors via which we could surface problems to the customers.

              swghosh@redhat.com Swarup Ghosh
              dgrisonn@redhat.com Damien Grisonnet
              None
              Swarup Ghosh
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: