-
Story
-
Resolution: Done
-
Normal
-
None
-
Strategic Product Work
-
3
-
False
-
False
-
OCPSTRAT-292 - Support cluster-wide proxy on Windows Containers
-
Undefined
-
WINC - Sprint 239, WINC - Sprint 240
Cluster admins can provide custom certificates that are required to communicate through their man-in-the-middle egress proxy. These user-provided certs need to be imported onto Windows nodes so they can become fully proxy aware. This story is the first step in support custom CA certificates for cluster-wide proxy.
Description
This story covers copying over the trusted CA bundle containing all the additional certs onto each Windows instance. The trust bundle must be kept up to date with the data present in the trusted-ca ConfigMap.
Acceptance Criteria
- when a cluster wide proxy is in use, the cert bundle exists in a file on each Windows node
- When proxy certificates are changed/rotated, the cert bundle file on each Windows node is updated with the new cert bundle
- blocks
-
-
- Closed
-
- is blocked by
-
-
- Closed
-
-
-
- Closed
-
- is related to
-
-
- Closed
-
- is triggered by
-
OCPPLAN-7692 Setting proxy for windows node
-
- Closed
-
- links to
-
RHBA-2023:110725
Red Hat OpenShift support for Windows Containers 9.0.0 product release
- mentioned on
