Loading...

XML

Word

Printable

Type: Feature
Resolution: Won't Do
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: OS
Labels:
- 4.16-candidate

Activity Type:
Product / Portfolio Work
Parent Link:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Size:
None

Target Version:
None
Release Blocker:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Review Complete:
None
PX Priority Data:
None
PX Impact Score:
None
PX Technical Impact:
None
PX Impact Range:
None
PX Scheduling Request:
None
PX Technical Impact Notes:
None

Intelligence Requested:
Market:

Feature Overview (aka. Goal Summary)

Customers using mTLS secured registries with changing endpoints can end up needing to add directories and files to /etc/containers/certs.d which causes a reboot of the cluster.

Because these certs are read on pull there is no need for a reboot for CRI-O to make use of them. No action required beyond the file copy.

Requirements (aka. Acceptance Criteria):

Allow machine configs to write files to /etc/containers/certs.d without node drain or reboot.

Use Cases (Optional):

This is to facilitate usage of mTLS secured registries.

is triggering

OCPSTRAT-1663 [Tech Debt] GCP Private Service Connect (Phase 2)

Assignee:: Mark Russell

Reporter:: Mark Russell

Need Info From:: None

Contributors:: None

Architect:: None

QA Contact:: None

Doc Contact:: Ashley Hardin

Product Operations Engineering Contact:: Derrick Ornelas

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2023/12/01 3:32 PM

Updated:: 2025/09/02 9:28 PM

Resolved:: 2024/06/05 11:41 PM

Details

Description

Feature Overview (aka. Goal Summary)

Requirements (aka. Acceptance Criteria):

Use Cases (Optional):

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates