-
Feature
-
Resolution: Done
-
Major
-
None
-
openshift-4.13
-
BU Product Work
-
False
-
-
False
-
OCPSTRAT-714Provide Detailed Administrative Control of all OCP Certs and Keys
-
0% To Do, 0% In Progress, 100% Done
-
0
Goal:
- recover the cluster when certs expire while a nod is down
- should work for OpenShift (both HA and Single)
- Ideally, if possible, we want to make it an automated repair process.
- cover both rebooted node and suspended node
- Evaluate (during the research) effort to provide a mechanism to the admin so he/she can trigger a cert regeneration
Non Goal:
- change host name / node identity
- make rotation faster
- any existing cert we have today should not have modified expiration period
Acceptance Criteria:
- documentation with findings
- OpenShift KEP