daviftorres commented on issue #11020: URL: https://github.com/apache/cloudstack/issues/11020#issuecomment-3019388438
Moreover, In our current setup, we rotate the edge certificate without restarting the SSVM, CPVM, or Management service to avoid downtime. Since NGINX doesn’t validate backend certificates by default (though it can), clients aren’t affected when a new certificate is applied (aside from possible cert caching or possible re-login, which haven’t been reported. Ideally, SysVMs should be updated using a RollingUpdate strategy (starting a new one before stopping the old) to avoid the ~1 minute of downtime across all zones. For Management, a multi-instance setup with a reverse proxy makes staggered updates easy. In short, this proposed feature would bring more benefits than expected. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
