-
Feature
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
False
-
-
False
-
50
-
50%
-
0
-
0
Feature Overview (aka. Goal Summary)
Customers using mTLS secured registries with changing endpoints can end up needing to add directories and files to /etc/containers/certs.d which causes a reboot of the cluster.
Because these certs are read on pull there is no need for a reboot for CRI-O to make use of them. No action required beyond the file copy.
Requirements (aka. Acceptance Criteria):
Allow machine configs to write files to /etc/containers/certs.d without node drain or reboot.
Use Cases (Optional):
This is to facilitate usage of mTLS secured registries.