Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

metal3 - BMO pod not restarted on certificate expiry #178

Open
hardys opened this issue Jan 14, 2025 · 0 comments
Open

metal3 - BMO pod not restarted on certificate expiry #178

hardys opened this issue Jan 14, 2025 · 0 comments
Labels
bug Something isn't working

Comments

@hardys
Copy link
Contributor

hardys commented Jan 14, 2025

When cert-manager updates the Ironic certs, the Ironic container has logic to force a restart when RESTART_CONTAINER_CERTIFICATE_UPDATED is specified in the environment (which it is by default in the metal3 chart)

The baremetal-operator pod however lacks similar logic, so when the cert rotation happens, it continues using the old cert and fails to connect to Ironic, requiring a manual pod restart to fix.

We should investigate adding similar logic to the BMO container so that it can correctly restart when the Ironic cert is updated.

@hardys hardys added the bug Something isn't working label Jan 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant