Uploaded image for project: 'OpenShift Service Mesh'
  1. OpenShift Service Mesh
  2. OSSM-638

OSSM 2.1 error inserting data for namespace: error when creating configmap istio-ca-root-cert: configmaps "istio-ca-root-cert" already exists

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • None
    • OSSM 2.1.0
    • None
    • None
    • False
    • False

      OSSM 2.1 error inserting data for namespace: error when creating configmap istio-ca-root-cert: configmaps "istio-ca-root-cert" already exists

      When I tested the adding external cert configuration [1] using a sleep sample in foo ns,

      [1] https://docs.openshift.com/container-platform/4.8/service_mesh/v2x/ossm-security.html#ossm-cert-manage_ossm-security

      The existing configmaps "istio-ca-root-cert" doesn't get cleanup after I delete the sleep deployment.
      The configmaps "istio-ca-root-cert" blocks all future SMCP custom root or ca cert configurations.

      istiod error log

      error inserting data for namespace: error when creating configmap istio-ca-root-cert: configmaps "istio-ca-root-cert" already exists

      Expected behavior:
      User should be able to configure custom or external certs using SMCP spec configurations. An existing configmaps "istio-ca-root-cert" should be updated in member namespace instead of blocking a new cert insertion.

              yuaxu@redhat.com Yuanlin Xu
              yuaxu@redhat.com Yuanlin Xu
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: