Loading...

XML

Word

Printable

Type: Feature
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:

Work Type:
BU Product Work
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Hierarchy Progress Bar:

100% To Do, 0% In Progress, 0% Done

Risk Score:
0

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Intelligence Requested:
Market:

Feature Overview

OpenShift relies on internal certificates for communication between components, with automatic rotations ensuring security. For critical components like the API server, rotations occur via a rollout process, replacing certificates one instance at a time.

In clusters with high transaction rates and SNO, this can lead to transient errors for in-flight transactions during the transition.

This feature ensures seamless TLS certificate rotations in OpenShift, eliminating downtime for the Kubernetes API server during certificate updates, even under heavy loads or in SNO deployments.

is related to

API-1688 Dev branch rotation should be enabled by a FeatureGate

relates to

API-1579 Stability: Disruption resulting from cert rotation

Closed

OCPSTRAT-537 Improve API server certificate rotation [API-1579]

Closed

Assignee:: Ramon Acedo

Reporter:: Ramon Acedo

Developer:: Vadim Rutkovsky

Product Manager:: Ramon Acedo

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/11/18 9:32 AM

Updated:: 2024/11/21 6:36 AM

Details

Description

Feature Overview

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates