Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: rhos-18.0.0
Affects Version/s: None
Component/s: data-plane-adoption
Labels:
- rhos-18-beta-waive

Story Points:
2
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Dev Approval:
?
Docs Approval:
?
PM Approval:
?
QE Approval:
?
Status Summary:

Hide

RHOSO18Beta waived:Upgrade: Adoption

Show
RHOSO18Beta waived: Upgrade: Adoption
Intelligence Requested:
Market:

Sprint:
DFG Security: UC Sprint 96, DFG Security: UC Sprint 97
Severity:
Critical

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Currently certmonger removal from data plane is documented as a step very early in the adoption procedure. Step 8 here:

https://openstack-k8s-operators.github.io/data-plane-adoption/user/#migrating-tls-everywhere_storage-requirements

The issue with this is that it prevents control plane rollback – once we change the data plane, it is considered to be the point of no return.

From discussion with Grzegorz, this could be moved later in the procedure to the point of adopting data plane. It was placed in the TLS doc to have it together with the rest of the TLS steps (to avoid another "if TLS" section in another doc), but technically it can be done later.

blocks

OSPRH-2301 As a cloud operator, i want Adoption without having to SSH into compute nodes.

Release Pending

links to

Remove section about stopping certmonger #473

Assignee:: Grzegorz Grasza

Reporter:: Jiri Stransky

Team:: rhos-dfg-security

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/05/14 1:49 PM

Updated:: 2024/06/17 12:18 PM

Resolved:: 2024/06/17 12:18 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates

PagerDuty