Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-778

Auto-reconfigure AUTH on cluster name or domain change

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • None
    • API & Datastore
    • Product / Portfolio Work
    • OCPSTRAT-620OCP reconfiguration
    • None
    • None
    • False
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Feature Overview (aka. Goal Summary)  

      OCP AUTH auto reconfiguration and certificate generation and rotation when clusterName and baseDomains attributes are updated in the Infrastructure CR as proposed by Feature https://issues.redhat.com/browse/OCPSTRAT-772 (Part 2).

      Goals

      Enable clusterName and baseDomain reconfiguration as a Day-2 operation

      Requirements 

      • OCP Auth should generate certificates for the new name+domain attributes
      • OCP Auth should start accepting request to with the new identity
      • OCP Auth should continue handling requests on the previous name+domain for some time to allow rotation and reconfiguration of other components
      • OCP Auth should continue handling request on the previous name+domain while the admin kubeconfig has not been regenerated

      Use Cases & Customer Considerations

      Refer to https://issues.redhat.com/browse/OCPSTRAT-620

              atelang@redhat.com Anjali Telang
              wcabanba@redhat.com William Caban
              None
              Daniel Fröhlich
              Geri Peterson Geri Peterson (Inactive)
              Wei Sun Wei Sun
              Andrea Hoffer Andrea Hoffer
              None
              Geri Peterson Geri Peterson (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: