Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-1012

Support dynamic addition of external registry certs

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • OS
    • False
    • Hide

      None

      Show
      None
    • False
    • 50
    • 50% 50%
    • 0
    • 0

      Feature Overview (aka. Goal Summary)

      Customers using mTLS secured registries with changing endpoints can end up needing to add directories and files to /etc/containers/certs.d which causes a reboot of the cluster. 

      Because these certs are read on pull there is no need for a reboot for CRI-O to make use of them. No action required beyond the file copy.

      Requirements (aka. Acceptance Criteria):

      Allow machine configs to write files to /etc/containers/certs.d without node drain or reboot.

      Use Cases (Optional):

      This is to facilitate usage of mTLS secured registries.

            rhn-support-mrussell Mark Russell
            rhn-support-mrussell Mark Russell
            Ashley Hardin Ashley Hardin
            Derrick Ornelas Derrick Ornelas
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: