HotelsDotCom · kylehodgetts · Mar 27, 2018 · Mar 22, 2018 · Mar 23, 2018 · Mar 27, 2018
diff --git a/docs/getting-started/step-4-update.md b/docs/getting-started/step-4-update.md
@@ -37,6 +37,9 @@ More concretely, steps should be taken in order to rotate your certs on nodes ar
   kube-aws update
   ```
 
+There are cases where the service account tokens used by the system pods become invalid after credentials update, and
+some of your system pods will break (especially `kube-dns`). Deleting the said secrets will solve the issue (see https://github.com/kubernetes-incubator/kube-aws/issues/1057).
+
 ## The etcd caveat
 
 There is no solution for hosting an etcd cluster in a way that is easily updateable in this fashion- so updates are automatically masked for the etcd instances. This means that, after the cluster is created, nothing about the etcd ec2 instances is allowed to be updated.

diff --git a/make/test b/make/test
@@ -10,7 +10,7 @@ default() {
 with-cover() {
   test -z "$(find . -path ./vendor -prune -type f -o -name '*.go' -exec gofmt -d {} + | tee /dev/stderr)"
   for d in $(go list ./... | grep -v '/vendor/' | grep -v '/hack'); do
-    go test -timeout 25m -v --race -coverprofile=profile.out -covermode=atomic $d
+    go test -timeout 30m -v --race -coverprofile=profile.out -covermode=atomic $d
     if [ -f profile.out ]; then
       cat profile.out >> coverage.txt
       rm profile.out