Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-778

Auto-reconfigure AUTH on cluster name or domain change

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • None
    • API & Datastore
    • Strategic Product Work
    • False
    • OCPSTRAT-620OCP reconfiguration
    • 0% To Do, 0% In Progress, 100% Done
    • 0

      Feature Overview (aka. Goal Summary)  

      OCP AUTH auto reconfiguration and certificate generation and rotation when clusterName and baseDomains attributes are updated in the Infrastructure CR as proposed by Feature https://issues.redhat.com/browse/OCPSTRAT-772 (Part 2).

      Goals

      Enable clusterName and baseDomain reconfiguration as a Day-2 operation

      Requirements 

      • OCP Auth should generate certificates for the new name+domain attributes
      • OCP Auth should start accepting request to with the new identity
      • OCP Auth should continue handling requests on the previous name+domain for some time to allow rotation and reconfiguration of other components
      • OCP Auth should continue handling request on the previous name+domain while the admin kubeconfig has not been regenerated

      Use Cases & Customer Considerations

      Refer to https://issues.redhat.com/browse/OCPSTRAT-620

              atelang@redhat.com Anjali Telang
              wcabanba@redhat.com William Caban
              Daniel Fröhlich
              Wei Sun Wei Sun
              Andrea Hoffer Andrea Hoffer
              Jeremy Peterson Jeremy Peterson
              Jeremy Peterson Jeremy Peterson
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: