Uploaded image for project: 'AMQ Streams'
  1. AMQ Streams
  2. ENTMQST-1596

Pods need to be rolled when the certificates change

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • Major
    • 1.4.0.GA
    • None
    • None
    • None
    • 2019.15, 2020.1

    Description

      The custom certificates are currently loaded by the brokers when the pod starst and that is it. When the certificate in the secret changes, we do nothing.

      This PR is monitoring the secret every reconciliation and takes a thumbprint of the certificate (SHA-256 hash of the DER encoded binary certificate). The thumbprint is used as annotation in the Pods of the Kafka stateful set and when it changes, the pod will be rolled.

      Attachments

        Activity

          People

            Unassigned Unassigned
            scholzj JAkub Scholz
            Jakub Stejskal Jakub Stejskal
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: