-
Bug
-
Resolution: Unresolved
-
Blocker
-
None
-
None
-
2
-
False
-
-
False
-
?
-
octavia-operator-container-1.0.12-4
-
None
-
-
-
-
Critical
To Reproduce Steps to reproduce the behavior:
Octavia client certs are not being renewed. This already happened in few of our development environments. This causes issues with provisioning new amphoras, as octavia-worker is unable to establish tls connection to the vms.
❯ oc get secret octavia-certs-secret -o json | jq -r '.data."client.cert-and-key.pem"' | base64 -d | openssl x509 -noout -dates
notBefore=Apr 25 08:29:08 2025 GMT
notAfter=May 25 08:29:08 2025 GMT
❯ oc get openstackversions.core.openstack.org
NAME TARGET VERSION AVAILABLE VERSION DEPLOYED VERSION
openstack-control-plane 18.0.6-20250403.1 18.0.8-20250505.2 18.0.6-20250403.1
Expected behavior
Octavia client certs should be renewed
Bug impact
Octavia is unable to manage and create amphoras
Additional context
RHOSO FR2 Deployment with DCN/DZ architecture