Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: 4.15.z
Affects Version/s: 4.14.z, 4.15.z, 4.17.z, 4.16.z, 4.18.z, 4.19.0
Component/s: kube-apiserver
Labels:
- feature-team-cert
- pre-merge-tested

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
Important
Regression:
None

Target Backport Versions:

4.14.z, 4.15.z, 4.17.z, 4.16.z, 4.18.z
Target Version:

4.15.z
Release Blocker:
None
Sprint:
None

RH Private Keywords:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Release Note Status:
Done
Release Note Type:
Enhancement
Release Note Text:

Hide
Previously, the self-signed loopback certificate for the Kubernetes API Server expired after one year. With this release, the expiration date of the certificate is extended to three years.

Show
Previously, the self-signed loopback certificate for the Kubernetes API Server expired after one year. With this release, the expiration date of the certificate is extended to three years.

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

This is a clone of issue ~~OCPBUGS-58054~~. The following is the description of the original issue:
—
This is a clone of issue ~~OCPBUGS-57196~~. The following is the description of the original issue:
—
This is a clone of issue ~~OCPBUGS-56835~~. The following is the description of the original issue:
—
This is a clone of issue ~~OCPBUGS-56082~~. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-54208. The following is the description of the original issue:
—
Description of problem:

    In order to avoid self-signed loopback certificate in every apiserver from expiring we should cherrypick https://github.com/kubernetes/kubernetes/pull/130047 and backport it to 4.16.z

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

    1.
    2.
    3.

Actual results:

Expected results:

Additional info:

blocks

OCPBUGS-59473 [release-4.14]Backport UPSTREAM: 130047: adjusting loopback certificate validity in kube-apiserver

OCPBUGS-59474 [release-4.15]Backport UPSTREAM: 130047: adjusting loopback certificate validity in kube-apiserver

POST

clones

OCPBUGS-58054 [release-4.16]Backport UPSTREAM: 130047: adjusting loopback certificate validity in kube-apiserver

Closed

is blocked by

OCPBUGS-58054 [release-4.16]Backport UPSTREAM: 130047: adjusting loopback certificate validity in kube-apiserver

Closed

is cloned by

OCPBUGS-59473 [release-4.14]Backport UPSTREAM: 130047: adjusting loopback certificate validity in kube-apiserver

OCPBUGS-59474 [release-4.15]Backport UPSTREAM: 130047: adjusting loopback certificate validity in kube-apiserver

POST

links to

openshift/kubernetes#2358: [release-4.15] OCPBUGS-59147: UPSTREAM: 130047: adjusting loopback certificate validity in kube-apiserver

openshift/kubernetes#2359: [release-4.15] OCPBUGS-59147: UPSTREAM: <carry>: disable some legacy cloud provider Azure tests

RHBA-2025:12370 OpenShift Container Platform 4.15.56 bug fix update

(1 is cloned by, 3 links to)

Assignee:: Vadim Rutkovsky

Reporter:: OpenShift Prow Bot

Need Info From:: None

Contributors:: None

QA Contact:: Ke Wang

Doc Contact:: Alexandra Molnar (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2025/07/09 4:12 PM

Updated:: 2025/09/24 8:46 PM

Resolved:: 2025/08/07 12:34 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates