Uploaded image for project: 'Machine Config Operator'
  1. Machine Config Operator
  2. MCO-643

Implement a path in the controller to manage user-data secrets

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • None
    • 8
    • False
    • None
    • False
    • OCPSTRAT-1825 - TLS Registry contains required metadata
    • MCO Sprint 262, MCO Sprint 265
    • 0
    • 0.000

      The machinesets in the machine-api namespace reference a user-data secret (per pool and can be customized) which stores the initial ignition stub configuration pointing to the MCS, and the TLS cert. This today doesn't get updated after creation.

       

      The MCO now has the ability to manage some fields of the machineset object as part of the managed bootimage work. We should extend that to also sync in the updated user-data secrets for the ignition tls cert.

       

      The MCC should be able to parse both install-time-generated machinesets as well as user-created ones, so as to not break compatibility. One way users are using this today is to use a custom secret + machineset to do non-MCO compatible ignition fields, for example, to partition disks for different device types for nodes in the same pool. Extra care should be taken not to break this use case

              djoshy David Joshy
              jerzhang@redhat.com Yu Qi Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: