-
Bug
-
Resolution: Done
-
Normal
-
None
-
4.14
-
Quality / Stability / Reliability
-
False
-
-
2
-
Moderate
-
None
-
None
-
None
-
None
-
OSDOCS Sprint 265
-
1
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
Add a note about replacing custom certificates: about secret that contains the wildcard certificate chain and key
Version-Release number of selected component (if applicable):
from 4.13
Documentation Reference: https://docs.openshift.com/container-platform/4.14/security/certificates/replacing-default-ingress-certificate.html Add a note specifying that when custom ingress certificates needs to be updated, it is not required to rollout the router deployment unless the secret is renamed. Something like: NOTE:"In case of modification or renewal of wildcard certificate chain and key: the router pod deployment will perform a rolling update of the router pods if the secret's name changes. However, it will not trigger a rolling update for just updating the secret's contents as kubelet automatically propagates changes to the secret to the volume mount." In case of issues reference to KCS https://access.redhat.com/solutions/4542531 should be pointed.
Actual results:
missing information about update of the certificates
Expected results:
note with the reference
Additional info:
- links to
(3 links to)
