-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.14
-
No
-
False
-
Description of problem:
When adding new nodes to the cluster there are 2 csr per node for approval
Additional info:
When you add machines to a cluster, two pending certificate signing requests (CSRs) are generated for each machine that you added. We must confirm that these CSRs are approved or, if necessary, approve them yourself. The client requests must be approved first, followed by the server requests. AFAIK it should creates 2 CSR gets created (kube-apiserver-client-kubelet and kubelet-serving) but second one is created once the first one is approved But in customer case it creates two kube-apiserver-client-kubelet CSRs in one shot for one node.