Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-1012

Support dynamic addition of external registry certs

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Won't Do
    • Icon: Undefined Undefined
    • None
    • None
    • OS
    • BU Product Work
    • False
    • Hide

      None

      Show
      None
    • False
    • 0% To Do, 0% In Progress, 100% Done
    • 0
    • Program Call

      Feature Overview (aka. Goal Summary)

      Customers using mTLS secured registries with changing endpoints can end up needing to add directories and files to /etc/containers/certs.d which causes a reboot of the cluster. 

      Because these certs are read on pull there is no need for a reboot for CRI-O to make use of them. No action required beyond the file copy.

      Requirements (aka. Acceptance Criteria):

      Allow machine configs to write files to /etc/containers/certs.d without node drain or reboot.

      Use Cases (Optional):

      This is to facilitate usage of mTLS secured registries.

              rhn-support-mrussell Mark Russell
              rhn-support-mrussell Mark Russell
              Ashley Hardin Ashley Hardin
              Derrick Ornelas Derrick Ornelas
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: