-
Bug
-
Resolution: Not a Bug
-
Normal
-
None
-
4.14.z
Description of problem:
Newly created immutable secret is not used by newly deployed pods when there was a deleted immutable secret with the same name before the new one created. The same happens for immutable configmaps.
Version-Release number of selected component (if applicable):
any version
How reproducible:
Always when the condition is met.
Steps to Reproduce:
1, create an immutable secret 2. deploy pods that mount the secret created in the first step 3. delete the immutable secret 4. create an immutable secret with the same name 5. deploy other pods that mount the newly created secret.
Actual results:
The newly create pods in the step 5) are mounting the already deleted secret in the nodes where the old pods were running on. But if there is no old pod deployed on the node, the new pods will mount the new secret.
Expected results:
The newly create pods should mount the newly created immutable secret regardless of node conditions. The same can be applied to the immutable configmap.
Additional info:
There was an upstream discussion: https://github.com/kubernetes/website/issues/42359 known workaround is to use different names when creating the new immutable resources.