[OAPE-61] Openshift Router to watch defaultDestinationCA file and reload on updates to CA bundle.

Type: Story
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Work Type:
Strategic Portfolio Work
Story Points:
3
Blocked:
True
Blocked Reason:

Hide

Blocked by https://issues.redhat.com/browse/NE-1479

Show
Blocked by https://issues.redhat.com/browse/NE-1479
Ready:
False
Epic Link:
NE-761
Flagged:

Impediment
Intelligence Requested:
Market:

Sprint:
CFE Sprint 245, CFE Sprint 246, CFE Sprint 247
sprint_count:
3

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

Openshift Router should create file watcher on `/var/run/configmaps/ca-trust/ca-bundle.crt` i.e. defaultDestinationCA and refresh haproxy.config and reload haproxy whenever the file is updated.

Acceptance Criteria:

Whenever a service is created with the certificates signed by a new CA, and route for the same is created without destinationCA and`admin-ca-bundle` is updated with the new CA, the traffic to new service should go through seamlessly.(Expect some delay in the CA bundle to be updated by router).

links to

openshift/router#537: CFE-986: Reload router when defaultDestinationCA is updated

There are no comments yet on this issue.

Assignee:: Bharath B

Reporter:: Bharath B

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/11/09 4:56 AM

Updated:: 2024/12/23 9:16 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

PagerDuty