Uploaded image for project: 'OpenShift Windows Containers'
  1. OpenShift Windows Containers
  2. WINC-687

Update node certs on the Windows nodes when they are rotated

    XMLWordPrintable

Details

    • 5
    • False
    • False
    • WinC - Sprint 216, WinC - Sprint 217, WinC - Sprint 218

    Description

      As an OpenShift admin, I want to  update node certificates on the Windows nodes when they are rotated( on a yearly basis or whenever it has been requested). 

      Description

      Node certificates are signed by the cluster; they come from a certificate authority (CA) that is generated by the bootstrap process. After the cluster is installed, the node certificates are auto-rotated.

      Currently we do not update certificates in WMCO when rotation happens.  whenever we rotate certificates, that need to be updated in the windows node.  This has been already taken care for Linux nodes in MCO. As part of this story we need to handle it in WMCO.

      If this isnt done then Windows nodes will stop functioning, in the case that the certs are rotated.

      Acceptance Criteria

      When certificate rotation happens , windows nodes need to be updated with latest one.

       

      QE Notes 

      Reference to integration test from MCO counterpart. https://github.com/openshift/openshift-tests-private/blob/4ed7a02a8408a7aa2428dc9cc31aa7a1ff7dd984/test/extended/mco/mco.go#L575

      Attachments

        Activity

          People

            jvaldes@redhat.com Jose Valdes
            esiva@redhat.com Elango Sivanandam (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: