[BUG] Hub certificates reset 24h after master nodes recycled

Question

[BUG] Hub certificates reset 24h after master nodes recycled

tosih opened this issue 4 years ago · 1 comments

Description

What happened:
When hub gets rolled (master nodes are replaced, one at a time), after 24 hours the certificate becomes invalid. When doing the same on a non-hub we never lose information, trusted cluster info sticks around and so on.

ツ kubectl get pods -n core-paas
Unable to connect to the server: x509: certificate is valid for ip-10-1-0-94.ec2.internal, leader.gravity.local, leader.telekube.local, apiserver, registry.local, kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster, kubernetes.default.svc.cluster.local, ip-10-1-0-94.ec2.internal, not opscenter.opscenter.cpdev.msap.io

What you expected to happen:
Certificate used by gravity should remain valid with signed certificate

How to reproduce it (as minimally and precisely as possible):

Environment

Gravity version [e.g. 7.0.11]: 7.0.26
OS [e.g. Redhat 7.4]: Centos 8.2
Platform [e.g. Vmware, AWS]: AWS

Answer 1 · 2020-12-08T19:47:09.000Z

Previous related ticket: #1295